otdamzadengi.ru/pischevoe_oborudovanie/1489.html
176.99.4.61200 OK 5.0 kB URL HTTP/1.1 otdamzadengi.ru/pischevoe_oborudovanie/1489.html
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1690), with CRLF, CR, LF line terminators
Hash d4b686c956397165c73ce40f22c53f1e
607109f1ce253c154eefc72d12bdc1fec4a0591b
2ea0a85c8122862c9aaa06f7bac7aebfcc927a763ac1cbd937a23c3e19dbe7c6
Analyzer Verdict Alert fortinet Malware
GET /pischevoe_oborudovanie/1489.html HTTP/1.1
Host: otdamzadengi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:02 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5030
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14584
Expires: Sat, 04 Feb 2023 09:46:06 GMT
Date: Sat, 04 Feb 2023 05:43:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12413
Expires: Sat, 04 Feb 2023 09:09:55 GMT
Date: Sat, 04 Feb 2023 05:43:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 04:43:35 GMT
content-type: application/json
age: 3567
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5310
Expires: Sat, 04 Feb 2023 07:11:32 GMT
Date: Sat, 04 Feb 2023 05:43:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 34Vpso3GjIz2oAjRhk9RtbNS6KLcaVjrDcWZRBxy4VoPBEGYvYJQBlq0OPmSVY5odnaGNFcBCOI=
x-amz-request-id: KQ2PBT8G40Z8Z0EP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 04:52:42 GMT
age: 3020
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:43:02 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
otdamzadengi.ru/images/logo.gif
176.99.4.61200 OK 5.4 kB URL HTTP/1.1 otdamzadengi.ru/images/logo.gif
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 237 x 51\012- data
Hash e3b7e933b31a7b459927ca5e3001fb31
dfa085bf1523627e66b0ba94457de50fdf5e3761
f68d29d61d93e5178afa722801bd1355bf2207590cded3a61710a0b1a1578990
GET /images/logo.gif HTTP/1.1
Host: otdamzadengi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/pischevoe_oborudovanie/1489.html
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:02 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Mon, 16 Dec 2019 13:17:08 GMT
ETag: "1503-599d2075134d5"
Accept-Ranges: bytes
Content-Length: 5379
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
pagead2.googlesyndication.com/pagead/show_ads.js
142.250.74.2200 OK 37 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP 142.250.74.2:0
File type ASCII text, with very long lines (4131)
Hash a6b64c04dbecc7f6fb139f2e43f23c66
b4b063cb3be4902dbd0817222c2e152e63a318b5
a8f98c946decc4807401300ca235df37ebde48e4c6f2a51322489992df78ed90
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Sat, 04 Feb 2023 05:43:02 GMT
Expires: Sat, 04 Feb 2023 05:43:02 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 3473559701865424945
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 36699
X-XSS-Protection: 0
otdamzadengi.ru/images/bg_verh.gif
176.99.4.61200 OK 68 B URL HTTP/1.1 otdamzadengi.ru/images/bg_verh.gif
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 1 x 35\012- data
Hash e9a421242d9d5793280ffbce2190cb84
94be2f89f751b4071c24b58bc25553b02cb74379
fcb8121a01557db07662b73c8d0e484b29a2b4860600eeeff77957ce84a43ddd
GET /images/bg_verh.gif HTTP/1.1
Host: otdamzadengi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/pischevoe_oborudovanie/1489.html
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:02 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Mon, 16 Dec 2019 13:17:08 GMT
ETag: "44-599d20750e6b5"
Accept-Ranges: bytes
Content-Length: 68
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
otdamzadengi.ru/pics/5959_small.jpg
176.99.4.61200 OK 11 kB URL HTTP/1.1 otdamzadengi.ru/pics/5959_small.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 208x156, components 3\012- data
Hash 962846d79374bebafe9a5c5223d407ca
b3ab6d89ef7bf11ca5580fbfd36efeab759e2123
dba9210519f5877bcd252c13cbb15f6c69b4aaef7099e3549d888c1c108c1419
GET /pics/5959_small.jpg HTTP/1.1
Host: otdamzadengi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/pischevoe_oborudovanie/1489.html
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:02 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Tue, 26 Jul 2022 12:22:07 GMT
ETag: "2a86-5e4b459545cfe"
Accept-Ranges: bytes
Content-Length: 10886
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
otdamzadengi.ru/pics/4965_small.jpg
176.99.4.61200 OK 10 kB URL HTTP/1.1 otdamzadengi.ru/pics/4965_small.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 208x156, components 3\012- data
Hash 2a36fe06d828b5f48334ffa65e0bbf4a
39a9d4f2b34e3cfd66c552aba66dd1dceef22432
b31e0d78f650d6c262645e586ea25333d8b1ea09f51bc4986a6d9e7787470828
GET /pics/4965_small.jpg HTTP/1.1
Host: otdamzadengi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/pischevoe_oborudovanie/1489.html
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:02 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Wed, 08 Jul 2020 10:06:50 GMT
ETag: "27a6-5a9eb44359331"
Accept-Ranges: bytes
Content-Length: 10150
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
otdamzadengi.ru/pics/5865_small.jpg
176.99.4.61200 OK 22 kB URL HTTP/1.1 otdamzadengi.ru/pics/5865_small.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 208x156, components 3\012- data
Hash 2e50d08cb57c445035f9c4537c014ce3
eefbf475988f1a68bb648f9b259295fde82de683
39d07d19f87fa583a79bd1f0a7fd8b93be58b9166e05c9461a2203587d08298e
GET /pics/5865_small.jpg HTTP/1.1
Host: otdamzadengi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/pischevoe_oborudovanie/1489.html
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:02 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Thu, 14 Apr 2022 07:05:59 GMT
ETag: "56b4-5dc97ed10bf1e"
Accept-Ranges: bytes
Content-Length: 22196
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
otdamzadengi.ru/pics/2729_small.jpg
176.99.4.61200 OK 4.9 kB URL HTTP/1.1 otdamzadengi.ru/pics/2729_small.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 60x45, components 3\012- data
Hash 690c2bee64159bece41bcad4d601ff0f
f61a258a46b8b560e94acb4691cf3e32026843f9
53f05ff001dbee9523b86927567a7deaa9884a84680210974280a8ed4ec2f0b6
GET /pics/2729_small.jpg HTTP/1.1
Host: otdamzadengi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/pischevoe_oborudovanie/1489.html
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:03 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Mon, 16 Dec 2019 13:17:10 GMT
ETag: "1330-599d2076a3b32"
Accept-Ranges: bytes
Content-Length: 4912
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
otdamzadengi.ru/pics/6110_small.jpg
176.99.4.61200 OK 9.9 kB URL HTTP/1.1 otdamzadengi.ru/pics/6110_small.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 208x156, components 3\012- data
Hash ccd48df4d8ddd1f51334476c95a53608
bce87c3b3c9ac930997369f53a68302b3174163e
01d7d0f183e2b1d15f99c8ff598a65bd8f00e17386fd5e7949b98b8f205b8465
GET /pics/6110_small.jpg HTTP/1.1
Host: otdamzadengi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/pischevoe_oborudovanie/1489.html
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:02 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Fri, 13 Jan 2023 18:16:39 GMT
ETag: "2688-5f2293c1d21f9"
Accept-Ranges: bytes
Content-Length: 9864
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
otdamzadengi.ru/pics/4837_small.jpg
176.99.4.61200 OK 16 kB URL HTTP/1.1 otdamzadengi.ru/pics/4837_small.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 208x156, components 3\012- data
Hash f17299950251ed9ae72d037ef164474f
001953f846c5a20a30dd80702e81ae6d8ed144a2
f80dcec536567498c8ab2d47b8a9e2465d22966918ed087d40203c3e8a0b6fd2
GET /pics/4837_small.jpg HTTP/1.1
Host: otdamzadengi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/pischevoe_oborudovanie/1489.html
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:02 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Tue, 24 Mar 2020 10:03:12 GMT
ETag: "3d09-5a196dc1348ce"
Accept-Ranges: bytes
Content-Length: 15625
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
otdamzadengi.ru/images/bg_logo.jpg
176.99.4.61200 OK 100 kB URL HTTP/1.1 otdamzadengi.ru/images/bg_logo.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1600x126, components 3\012- data
Size 100 kB (100232 bytes)
Hash 49ac72afa2cd9d44c8ce7e1016a6dbce
19f619dad88183bef3a20fba30215d542180b30b
dc4625e5e180ff7af9173734bd703014f78a670000bd6f5b6ebd4b41c027514a
GET /images/bg_logo.jpg HTTP/1.1
Host: otdamzadengi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/pischevoe_oborudovanie/1489.html
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:02 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Mon, 16 Dec 2019 13:17:08 GMT
ETag: "18788-599d207511595"
Accept-Ranges: bytes
Content-Length: 100232
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
otdamzadengi.ru/pics/1489.jpg
176.99.4.61200 OK 45 kB URL HTTP/1.1 otdamzadengi.ru/pics/1489.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 500x375, components 3\012- data
Hash 11a3cd9e6fdc88e0a02016c016fd477b
c430e0ecae01712c04d0802e0d5d63edf8fd3a1e
0ca2b93e187860d97959ddcfb0c64a055163c5d1a3c26fc335ffabc96de86a76
GET /pics/1489.jpg HTTP/1.1
Host: otdamzadengi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/pischevoe_oborudovanie/1489.html
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:03 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Mon, 16 Dec 2019 13:17:09 GMT
ETag: "b15e-599d2075af8e0"
Accept-Ranges: bytes
Content-Length: 45406
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
otdamzadengi.ru/images/bg_sred.gif
176.99.4.61200 OK 162 B URL HTTP/1.1 otdamzadengi.ru/images/bg_sred.gif
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 1 x 40\012- data
Hash 762f3db0a8c222371430ced1c98de4f8
e5cf1723ef4e94ce14da2ecf6ab2a8336b606d2a
86dee0b297587774314c2ecddd26fb749e0f72e6d9d2c7a505d990022117a21a
GET /images/bg_sred.gif HTTP/1.1
Host: otdamzadengi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/pischevoe_oborudovanie/1489.html
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:03 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Mon, 16 Dec 2019 13:17:08 GMT
ETag: "a2-599d207509894"
Accept-Ranges: bytes
Content-Length: 162
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
otdamzadengi.ru/images/bg_cat.gif
176.99.4.61200 OK 1.7 kB URL HTTP/1.1 otdamzadengi.ru/images/bg_cat.gif
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 250 x 43\012- data
Hash 7c20e5456190f16350bafd3116b23b93
e0dbcf59956b19e5a8478588ccdeb849056f8a14
3e33ace2cc93792257877f9d0ecb047d49c23065574f9ea51a0756ac667b6684
GET /images/bg_cat.gif HTTP/1.1
Host: otdamzadengi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/pischevoe_oborudovanie/1489.html
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:03 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Mon, 16 Dec 2019 13:17:08 GMT
ETag: "6c3-599d2074f9e93"
Accept-Ranges: bytes
Content-Length: 1731
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
otdamzadengi.ru/images/bg_cat2.gif
176.99.4.61404 Not Found 277 B URL HTTP/1.1 otdamzadengi.ru/images/bg_cat2.gif
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 26790af84f3e99087075103fa8adb405
e64ec1fd490c5143fffc8f958b154809c075f1d8
9ca758c1de5c89d2c6041a3a241ad684d1861b01f5c71604dacfb52517669b77
GET /images/bg_cat2.gif HTTP/1.1
Host: otdamzadengi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/pischevoe_oborudovanie/1489.html
HTTP/1.1 404 Not Found
Date: Sat, 04 Feb 2023 05:43:03 GMT
Server: Apache/2.4.25 (Debian)
Content-Length: 277
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
otdamzadengi.ru/images/bg_niz.gif
176.99.4.61200 OK 278 B URL HTTP/1.1 otdamzadengi.ru/images/bg_niz.gif
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 1 x 56\012- data
Hash 11fad9055adbcc964f9d5afc495ddab0
f732456d9a23fb9f4b91aa6d3ee44d64f728d691
e6546f25609de447b901727d24b0db3e0a748512636d8cf414801ef7f081f6e0
GET /images/bg_niz.gif HTTP/1.1
Host: otdamzadengi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/pischevoe_oborudovanie/1489.html
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:03 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Mon, 16 Dec 2019 13:17:08 GMT
ETag: "116-599d207502b34"
Accept-Ranges: bytes
Content-Length: 278
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 0c2deaac19cd35a26f4293d7b298a3e5
96712793a53953421aef328fe365e0faf24f72f1
804d4f16a5612031d5d73a1a5c2f1e4809b9de81eab693421be21a0c2b0ba30b
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 08 Feb 2023 02:06:33 GMT
ETag: "96712793a53953421aef328fe365e0faf24f72f1"
Last-Modified: Sat, 04 Feb 2023 02:06:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794116242f25b4ed-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d82139609e323e908fac5d93cc352a0
16464d86dbab5ffda5e66d870c5d139ee69f9422
dafce9d952b644da844563623a477eec073d696e74275b56b8329ed44b64aa57
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAFCE9D952B644DA844563623A477EEC073D696E74275B56B8329ED44B64AA57"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15671
Expires: Sat, 04 Feb 2023 10:04:14 GMT
Date: Sat, 04 Feb 2023 05:43:03 GMT
Connection: keep-alive
vse.doski.ru/top.gif?id=69048
185.10.63.173200 OK 2.3 kB URL HTTP/1.1 vse.doski.ru/top.gif?id=69048
IP 185.10.63.173:0
File type GIF image data, version 89a, 88 x 31\012- data
Hash bb668e5a17164c04c036cfeba2666748
2023e2503e73ae07b493aa5934b8bc8c7f9b49c6
ac237f3a6741dae13425b8fe8cd04a3d8ed3227e7f7c8bbde8f13860b2a7c9f1
GET /top.gif?id=69048 HTTP/1.1
Host: vse.doski.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otdamzadengi.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:03 GMT
Server: Apache/2.4.41 (Ubuntu)
Expires: Mon, 1 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Length: 2323
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
www.acint.net/aci.js
193.3.184.229200 OK 7.8 kB IP 193.3.184.229:0
File type ASCII text, with very long lines (1649)
Hash 777eef0db9280e74fe8d3e0e9561da9c
f8316623410b9735dd07b6e12a2f29352c0aa4cd
985dc8f4eb0a0b4629fa8e6d86f741ee8d22b7a0a1f64be2e9e9f2c96c9cf772
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otdamzadengi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 05:43:03 GMT
content-type: application/x-javascript
content-length: 7784
last-modified: Thu, 02 Feb 2023 13:54:08 GMT
etag: "63dbc080-1e68"
content-encoding: gzip
expires: Sat, 04 Feb 2023 17:43:03 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
otdamzadengi.ru/favicon.ico
176.99.4.61404 Not Found 277 B URL HTTP/1.1 otdamzadengi.ru/favicon.ico
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 26790af84f3e99087075103fa8adb405
e64ec1fd490c5143fffc8f958b154809c075f1d8
9ca758c1de5c89d2c6041a3a241ad684d1861b01f5c71604dacfb52517669b77
GET /favicon.ico HTTP/1.1
Host: otdamzadengi.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/pischevoe_oborudovanie/1489.html
HTTP/1.1 404 Not Found
Date: Sat, 04 Feb 2023 05:43:03 GMT
Server: Apache/2.4.25 (Debian)
Content-Length: 277
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 04:49:07 GMT
age: 3236
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
counter.yadro.ru/hit?t16.2;r;s1280*1024*24;uhttp%3A//otdamzadengi.ru/pischevoe_oborudovanie/1489.html;0.49510805014600734
88.212.201.198302 Moved Temporarily 32 B URL HTTP/1.1 counter.yadro.ru/hit?t16.2;r;s1280*1024*24;uhttp%3A//otdamzadengi.ru/pischevoe_oborudovanie/1489.html;0.49510805014600734
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type HTML document, ASCII text
Hash 3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
GET /hit?t16.2;r;s1280*1024*24;uhttp%3A//otdamzadengi.ru/pischevoe_oborudovanie/1489.html;0.49510805014600734 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/
HTTP/1.1 302 Moved Temporarily
Date: Sat, 04 Feb 2023 05:43:03 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit?t16.2;r;s1280*1024*24;uhttp%3A//otdamzadengi.ru/pischevoe_oborudovanie/1489.html;0.49510805014600734
Content-Length: 32
Expires: Thu, 03 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:43:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:43:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=158&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20No%20slot%20size%20for%20availableWidth%3D19%0AIf%40http%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fshow_ads.js%3A60%3A1070%0A%40show_ads.js%3A144%3A223%0AY%40show_ads.js%3A49%3A221%0AMf%40show_ads.js%3A61%3A17%0A%40show_ads.js%3A138%3A318%0A%40show_ads.js%3A146%3A4%0A&shv=r20230201&mjsv=m202301230101&eid=44759875%2C44759926%2C44759837%2C31071854%2C44774292&url=http%3A%2F%2Fotdamzadengi.ru%2Fpischevoe_oborudovanie%2F1489.html
142.250.74.2204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=158&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20No%20slot%20size%20for%20availableWidth%3D19%0AIf%40http%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fshow_ads.js%3A60%3A1070%0A%40show_ads.js%3A144%3A223%0AY%40show_ads.js%3A49%3A221%0AMf%40show_ads.js%3A61%3A17%0A%40show_ads.js%3A138%3A318%0A%40show_ads.js%3A146%3A4%0A&shv=r20230201&mjsv=m202301230101&eid=44759875%2C44759926%2C44759837%2C31071854%2C44774292&url=http%3A%2F%2Fotdamzadengi.ru%2Fpischevoe_oborudovanie%2F1489.html
IP 142.250.74.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/gen_204?id=puberror&context=158&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20No%20slot%20size%20for%20availableWidth%3D19%0AIf%40http%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fshow_ads.js%3A60%3A1070%0A%40show_ads.js%3A144%3A223%0AY%40show_ads.js%3A49%3A221%0AMf%40show_ads.js%3A61%3A17%0A%40show_ads.js%3A138%3A318%0A%40show_ads.js%3A146%3A4%0A&shv=r20230201&mjsv=m202301230101&eid=44759875%2C44759926%2C44759837%2C31071854%2C44774292&url=http%3A%2F%2Fotdamzadengi.ru%2Fpischevoe_oborudovanie%2F1489.html HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otdamzadengi.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 05:43:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.acint.net/oci.js?t=1675489417602
193.3.184.229302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/oci.js?t=1675489417602
IP 193.3.184.229:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /oci.js?t=1675489417602 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sat, 04 Feb 2023 05:43:03 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/oci.js?t=1675489417602
www.acint.net/mc/?dp=10
193.3.184.229302 Moved Temporarily 142 B IP 193.3.184.229:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sat, 04 Feb 2023 05:43:03 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10
www.acint.net/hit/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=82377532&u=http%3A%2F%2Fotdamzadengi.ru%2Fpischevoe_oborudovanie%2F1489.html&r=&rs=1280x1024&t=%D0%A1%D0%B5%D1%82%D0%BA%D0%B0%20%D0%BF%D0%BE%D0%B4%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BD%D0%B2%D0%B5%D0%B9%D0%B5%D1%80%D0%BD%D0%B0%D1%8F%20%D1%85%D0%BB%D0%B5%D0%B1%D0%BE%D0%BF%D0%B5%D0%BA%D0%B0%D1%80%D0%BD%D0%B0%D1%8F.%2C%20%D0%9F%D0%B8%D1%89%D0%B5%D0%B2%D0%BE%D0%B5%20%D0%BE%D0%B1%D0%BE%D1%80%D1%83%D0%B4%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20OtdamZaDengi.RU&oE=1&oP=1&dT=2023-02-04T05%3A43%3A37.599&fu=99b130ba-707c-4be6-ba1d-ba1d41df8fbe
193.3.184.229302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/hit/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=82377532&u=http%3A%2F%2Fotdamzadengi.ru%2Fpischevoe_oborudovanie%2F1489.html&r=&rs=1280x1024&t=%D0%A1%D0%B5%D1%82%D0%BA%D0%B0%20%D0%BF%D0%BE%D0%B4%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BD%D0%B2%D0%B5%D0%B9%D0%B5%D1%80%D0%BD%D0%B0%D1%8F%20%D1%85%D0%BB%D0%B5%D0%B1%D0%BE%D0%BF%D0%B5%D0%BA%D0%B0%D1%80%D0%BD%D0%B0%D1%8F.%2C%20%D0%9F%D0%B8%D1%89%D0%B5%D0%B2%D0%BE%D0%B5%20%D0%BE%D0%B1%D0%BE%D1%80%D1%83%D0%B4%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20OtdamZaDengi.RU&oE=1&oP=1&dT=2023-02-04T05%3A43%3A37.599&fu=99b130ba-707c-4be6-ba1d-ba1d41df8fbe
IP 193.3.184.229:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /hit/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=82377532&u=http%3A%2F%2Fotdamzadengi.ru%2Fpischevoe_oborudovanie%2F1489.html&r=&rs=1280x1024&t=%D0%A1%D0%B5%D1%82%D0%BA%D0%B0%20%D0%BF%D0%BE%D0%B4%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BD%D0%B2%D0%B5%D0%B9%D0%B5%D1%80%D0%BD%D0%B0%D1%8F%20%D1%85%D0%BB%D0%B5%D0%B1%D0%BE%D0%BF%D0%B5%D0%BA%D0%B0%D1%80%D0%BD%D0%B0%D1%8F.%2C%20%D0%9F%D0%B8%D1%89%D0%B5%D0%B2%D0%BE%D0%B5%20%D0%BE%D0%B1%D0%BE%D1%80%D1%83%D0%B4%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20OtdamZaDengi.RU&oE=1&oP=1&dT=2023-02-04T05%3A43%3A37.599&fu=99b130ba-707c-4be6-ba1d-ba1d41df8fbe HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sat, 04 Feb 2023 05:43:03 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=82377532&u=http%3A%2F%2Fotdamzadengi.ru%2Fpischevoe_oborudovanie%2F1489.html&r=&rs=1280x1024&t=%D0%A1%D0%B5%D1%82%D0%BA%D0%B0%20%D0%BF%D0%BE%D0%B4%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BD%D0%B2%D0%B5%D0%B9%D0%B5%D1%80%D0%BD%D0%B0%D1%8F%20%D1%85%D0%BB%D0%B5%D0%B1%D0%BE%D0%BF%D0%B5%D0%BA%D0%B0%D1%80%D0%BD%D0%B0%D1%8F.%2C%20%D0%9F%D0%B8%D1%89%D0%B5%D0%B2%D0%BE%D0%B5%20%D0%BE%D0%B1%D0%BE%D1%80%D1%83%D0%B4%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20OtdamZaDengi.RU&oE=1&oP=1&dT=2023-02-04T05%3A43%3A37.599&fu=99b130ba-707c-4be6-ba1d-ba1d41df8fbe
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:43:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=pub-1087108116253707&plah=otdamzadengi.ru&bust=31071854
142.250.74.2200 OK 121 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=pub-1087108116253707&plah=otdamzadengi.ru&bust=31071854
IP 142.250.74.2:0
File type ASCII text, with very long lines (4056)
Size 121 kB (121173 bytes)
Hash 4e5355ac203859ac370d79e63d834a83
c0493c1053c53e3c83588d6546fcc2df09c31479
053adbff3ebbaa0ea30d6f594dd86b111a7e0e451c7850200f5374e88fd84fa4
GET /pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=pub-1087108116253707&plah=otdamzadengi.ru&bust=31071854 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otdamzadengi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 04 Feb 2023 05:43:03 GMT
expires: Sat, 04 Feb 2023 05:43:03 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 16879725725579176387
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 121173
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10
193.3.184.229302 Found 154 B IP 193.3.184.229:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otdamzadengi.ru/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sat, 04 Feb 2023 05:43:03 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Sat, 04-Feb-23 05:53:03 GMT
aid=CkIDFWPd8GecvRRxMjdzAu500XAf8wctV4mF+Vop+rbpmHuL; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=82377532&u=http%3A%2F%2Fotdamzadengi.ru%2Fpischevoe_oborudovanie%2F1489.html&r=&rs=1280x1024&t=%D0%A1%D0%B5%D1%82%D0%BA%D0%B0%20%D0%BF%D0%BE%D0%B4%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BD%D0%B2%D0%B5%D0%B9%D0%B5%D1%80%D0%BD%D0%B0%D1%8F%20%D1%85%D0%BB%D0%B5%D0%B1%D0%BE%D0%BF%D0%B5%D0%BA%D0%B0%D1%80%D0%BD%D0%B0%D1%8F.%2C%20%D0%9F%D0%B8%D1%89%D0%B5%D0%B2%D0%BE%D0%B5%20%D0%BE%D0%B1%D0%BE%D1%80%D1%83%D0%B4%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20OtdamZaDengi.RU&oE=1&oP=1&dT=2023-02-04T05%3A43%3A37.599&fu=99b130ba-707c-4be6-ba1d-ba1d41df8fbe
193.3.184.229200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=82377532&u=http%3A%2F%2Fotdamzadengi.ru%2Fpischevoe_oborudovanie%2F1489.html&r=&rs=1280x1024&t=%D0%A1%D0%B5%D1%82%D0%BA%D0%B0%20%D0%BF%D0%BE%D0%B4%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BD%D0%B2%D0%B5%D0%B9%D0%B5%D1%80%D0%BD%D0%B0%D1%8F%20%D1%85%D0%BB%D0%B5%D0%B1%D0%BE%D0%BF%D0%B5%D0%BA%D0%B0%D1%80%D0%BD%D0%B0%D1%8F.%2C%20%D0%9F%D0%B8%D1%89%D0%B5%D0%B2%D0%BE%D0%B5%20%D0%BE%D0%B1%D0%BE%D1%80%D1%83%D0%B4%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20OtdamZaDengi.RU&oE=1&oP=1&dT=2023-02-04T05%3A43%3A37.599&fu=99b130ba-707c-4be6-ba1d-ba1d41df8fbe
IP 193.3.184.229:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=82377532&u=http%3A%2F%2Fotdamzadengi.ru%2Fpischevoe_oborudovanie%2F1489.html&r=&rs=1280x1024&t=%D0%A1%D0%B5%D1%82%D0%BA%D0%B0%20%D0%BF%D0%BE%D0%B4%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BD%D0%B2%D0%B5%D0%B9%D0%B5%D1%80%D0%BD%D0%B0%D1%8F%20%D1%85%D0%BB%D0%B5%D0%B1%D0%BE%D0%BF%D0%B5%D0%BA%D0%B0%D1%80%D0%BD%D0%B0%D1%8F.%2C%20%D0%9F%D0%B8%D1%89%D0%B5%D0%B2%D0%BE%D0%B5%20%D0%BE%D0%B1%D0%BE%D1%80%D1%83%D0%B4%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20OtdamZaDengi.RU&oE=1&oP=1&dT=2023-02-04T05%3A43%3A37.599&fu=99b130ba-707c-4be6-ba1d-ba1d41df8fbe HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otdamzadengi.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 05:43:03 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=CkIDFWPd8GedERRkrPHwAnY32KYaaSpkXwnvS3VspL+W2obS; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13169
Expires: Sat, 04 Feb 2023 09:22:32 GMT
Date: Sat, 04 Feb 2023 05:43:03 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 1c7289049ed658e0005b5f84ed0f1bd3
30aa40902e8500bdd2cf5ff632dde2d670b47ebb
56b2ae76bb4705fc57dd70c024beb3f09d75c71ce453b67ffba4da39639f90e9
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 08 Feb 2023 03:27:19 GMT
ETag: "30aa40902e8500bdd2cf5ff632dde2d670b47ebb"
Last-Modified: Sat, 04 Feb 2023 03:27:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2950
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79411628192bb4ed-OSL
www.acint.net/oci.js?t=1675489417602
193.3.184.229200 OK 15 kB URL HTTP/2 www.acint.net/oci.js?t=1675489417602
IP 193.3.184.229:0
Hash 520efffbc8b333b1704a0838f86f70c1
27ba650eedfa0f2be1a049143f82decf18db054e
63d546b8adcfc6e362e1c400fb486a703b828dd521b2fee00b5540a3a611466e
GET /oci.js?t=1675489417602 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otdamzadengi.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 05:43:03 GMT
content-type: application/x-javascript
last-modified: Mon, 09 Jan 2023 08:01:14 GMT
etag: W/"63bbc9ca-7dac"
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4869996247036dae2a82e2857fee1766
2418a61397554c71ae478679a98de688748a1b42
f680797aafc60f9a7800f73b5a139e5dd3df7d8bf10acb8a8f99e3cc2e312b05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:43:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:43:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:43:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=otdamzadengi.ru&callback=_gfp_s_&client=ca-pub-1087108116253707
216.58.207.226200 OK 256 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=otdamzadengi.ru&callback=_gfp_s_&client=ca-pub-1087108116253707
IP 216.58.207.226:0
File type ASCII text, with very long lines (397), with no line terminators
Hash bfb91b5b5027f302f26b05c5bf2b5c33
bb6288bb9b33dde303e174708b3a29e56bd51f53
7ef60489067cc387f5ba77a30a0f8a0cb30e3c7d876ff73bcc7b4f8ebc01b08c
GET /gampad/cookie.js?domain=otdamzadengi.ru&callback=_gfp_s_&client=ca-pub-1087108116253707 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otdamzadengi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 04 Feb 2023 05:43:03 GMT
server: cafe
cache-control: private
content-length: 256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=otdamzadengi.ru
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=otdamzadengi.ru
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=otdamzadengi.ru HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otdamzadengi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 04 Feb 2023 05:43:03 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=otdamzadengi.ru
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=otdamzadengi.ru
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=otdamzadengi.ru HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otdamzadengi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 04 Feb 2023 05:43:03 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 625db98ded64d33f3649378918788897
e48be419f8559bf38d62d48bb391251f40553fcf
934f40c7f5a20e2d2f241da3087d4166bcb2481a6ee6e3970c93b8ccfeddf543
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "934F40C7F5A20E2D2F241DA3087D4166BCB2481A6EE6E3970C93B8CCFEDDF543"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13691
Expires: Sat, 04 Feb 2023 09:31:14 GMT
Date: Sat, 04 Feb 2023 05:43:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a3632feca5df5b2c40b0ad391fbe4bf
c04c1d4fb995594cb2c7756dc17c2be25e744aae
2374bc532a51f297ac7ca9db60143908c0a2dcc3177f922a7e248cd73ae81241
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2374BC532A51F297AC7CA9DB60143908C0A2DCC3177F922A7E248CD73AE81241"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1745
Expires: Sat, 04 Feb 2023 06:12:08 GMT
Date: Sat, 04 Feb 2023 05:43:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 72ffec6ce01ac59744b196bb43992736
a397aae61c3b04a23ddc2168d68443dd9ad117d9
c5c1e579a7e5de9bbbae02977984a225f1130dacc44daae1d54742bfcfa11d95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5038
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:43:03 GMT
Last-Modified: Sat, 04 Feb 2023 04:19:06 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
dm-eu.hybrid.ai/match?id=106&vid=1503420A67F0DD636414119D02F0F1AC
37.18.103.21204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=1503420A67F0DD636414119D02F0F1AC
IP 37.18.103.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 04 Feb 2023 05:43:03 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=46f05b132118b7978145; Expires=Sun, 04 Feb 2024 05:43:02 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 503
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.acint.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
193.3.184.218302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP 193.3.184.218:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sat, 04 Feb 2023 05:43:03 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=3403420A67F0DD635000129A024C51CA
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDNGPd8GeaEgBQylFMAjzyeMxOzQoaUjuhYPZd8Mf+wbPp; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
push.services.mozilla.com/
44.233.250.150101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.233.250.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3R7QwVmThSY5n7AgHgvNvw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DFOS1TX7aja5IyrF4CY2FusKSKU=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5bc2a9d5fd3216e47b405a4181397181
04cdb983fd69c0a4605ce3d4c6d8593222411571
e972de61d850dff6463b38f51a57ad3d5b28b0fef2f83b41daa1463270a7da2b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E972DE61D850DFF6463B38F51A57AD3D5B28B0FEF2F83B41DAA1463270A7DA2B"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19134
Expires: Sat, 04 Feb 2023 11:01:57 GMT
Date: Sat, 04 Feb 2023 05:43:03 GMT
Connection: keep-alive
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
185.147.80.35302 Found 74 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP 185.147.80.35:0
File type HTML document, ASCII text
Hash 05acc311f38d9edaf9e442918c082858
658579ed73d89e397ad6a236f638dcfbc15311de
9ac835cb35d061a50faa861e962a27cc7ab21ff6e8c54412688f3cc82942cc48
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Sat, 04 Feb 2023 05:43:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 74
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=RPGZRVGP
Set-Cookie: uid=RPGZRVGP; Expires=Tue, 01 Feb 2033 05:43:03 GMT
a.utraff.com/sync?ssp=Sape
104.21.59.66204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=Sape
IP 104.21.59.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=Sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 04 Feb 2023 05:43:03 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Mon, 06 Mar 2023 08:43:03 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Mon, 06 Mar 2023 08:43:03 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BC50MxY%2FEy%2FusnGOkq5JjjsOaYHU5jhkWb2Lvv0kBO2xsERVjpBQg6COJ3V0CU9MvArOMVpQs7qddRxw8t0pPEPb40ZbXFWKXjDsuPxwu7qm01RMpXGc6ig4f9iz6TE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7941162998581c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.acint.net/match?dp=129&euid=2qkt54rxnf
193.3.184.229200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=2qkt54rxnf
IP 193.3.184.229:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=2qkt54rxnf HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPd8GedERRkrPHwAnY32KYaaSpkXwnvS3VspL+W2obS; cSyncDp7v2=1675489383; cSyncDp14v3=1675489383; cSyncDp17=1675489383; cSyncDp32=1675489383; cSyncDp45v3=1675489383; cSyncDp53v2=1675489383; cSyncDp62=1675489383; cSyncDp67v2=1675489383; cSyncDp68=1675489383; cSyncDp71=1675489383; cSyncDp85=1675489383; cSyncDp95v3=1675489383; cSyncDp98v2=1675489383; cSyncDp101=1675489383; cSyncDp104v2=1675489383; cSyncDp107=1675489383; cSyncDp110=1675489383; cSyncDp125v3=1675489383; cSyncDp126=1675489383; cSyncDp127=1675489383; cSyncDp129=1675489383; cSyncDp136v2=1675489383; cSyncDp146=1675489383; cSyncDp148=1675489383; cSyncDp149v2=1675489383; cSyncDp151=1675489383; cSyncDp178=1675489383; cSyncDp186=1675489383; cSyncDp221=1675489383; cSyncDp235=1675489383
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 05:43:03 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/oci/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=96995352&oid=39e8192718f4ed5a678fc273d654392b
193.3.184.229302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/oci/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=96995352&oid=39e8192718f4ed5a678fc273d654392b
IP 193.3.184.229:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /oci/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=96995352&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sat, 04 Feb 2023 05:43:03 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/oci/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=96995352&oid=39e8192718f4ed5a678fc273d654392b
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:43:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4869996247036dae2a82e2857fee1766
2418a61397554c71ae478679a98de688748a1b42
f680797aafc60f9a7800f73b5a139e5dd3df7d8bf10acb8a8f99e3cc2e312b05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:43:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:43:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 894948b5d268f1d2a21f7d915eb79138
5fe7d1a9c6301b317b73f4037b29856eac674931
cb23963aab51ebbb8c7626800a4b1df5222c068cecf4538511cb38dbbb0960d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB23963AAB51EBBB8C7626800A4B1DF5222C068CECF4538511CB38DBBB0960D5"
Last-Modified: Thu, 02 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18666
Expires: Sat, 04 Feb 2023 10:54:10 GMT
Date: Sat, 04 Feb 2023 05:43:04 GMT
Connection: keep-alive
www.acint.net/match?dp=95&euid=RPGZRVGP
193.3.184.229200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=RPGZRVGP
IP 193.3.184.229:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=RPGZRVGP HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPd8GedERRkrPHwAnY32KYaaSpkXwnvS3VspL+W2obS; cSyncDp7v2=1675489383; cSyncDp14v3=1675489383; cSyncDp17=1675489383; cSyncDp32=1675489383; cSyncDp45v3=1675489383; cSyncDp53v2=1675489383; cSyncDp62=1675489383; cSyncDp67v2=1675489383; cSyncDp68=1675489383; cSyncDp71=1675489383; cSyncDp85=1675489383; cSyncDp95v3=1675489383; cSyncDp98v2=1675489383; cSyncDp101=1675489383; cSyncDp104v2=1675489383; cSyncDp107=1675489383; cSyncDp110=1675489383; cSyncDp125v3=1675489383; cSyncDp126=1675489383; cSyncDp127=1675489383; cSyncDp129=1675489383; cSyncDp136v2=1675489383; cSyncDp146=1675489383; cSyncDp148=1675489383; cSyncDp149v2=1675489383; cSyncDp151=1675489383; cSyncDp178=1675489383; cSyncDp186=1675489383; cSyncDp221=1675489383; cSyncDp235=1675489383
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
acint.net/match?dp=14&euid=3403420A67F0DD635000129A024C51CA
193.3.184.229200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=3403420A67F0DD635000129A024C51CA
IP 193.3.184.229:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=3403420A67F0DD635000129A024C51CA HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPd8GedERRkrPHwAnY32KYaaSpkXwnvS3VspL+W2obS; cSyncDp7v2=1675489383; cSyncDp14v3=1675489383; cSyncDp17=1675489383; cSyncDp32=1675489383; cSyncDp45v3=1675489383; cSyncDp53v2=1675489383; cSyncDp62=1675489383; cSyncDp67v2=1675489383; cSyncDp68=1675489383; cSyncDp71=1675489383; cSyncDp85=1675489383; cSyncDp95v3=1675489383; cSyncDp98v2=1675489383; cSyncDp101=1675489383; cSyncDp104v2=1675489383; cSyncDp107=1675489383; cSyncDp110=1675489383; cSyncDp125v3=1675489383; cSyncDp126=1675489383; cSyncDp127=1675489383; cSyncDp129=1675489383; cSyncDp136v2=1675489383; cSyncDp146=1675489383; cSyncDp148=1675489383; cSyncDp149v2=1675489383; cSyncDp151=1675489383; cSyncDp178=1675489383; cSyncDp186=1675489383; cSyncDp221=1675489383; cSyncDp235=1675489383
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d5aa03d944374e364d4fdbb8f9cbf95e
43e3c5a8a5ff027de3c9ad9a41b572e4f33e72f9
483314668ec3c34108277a26d39a4282ce255e416cb5cec43e3d30d5340b8138
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "483314668EC3C34108277A26D39A4282CE255E416CB5CEC43E3D30D5340B8138"
Last-Modified: Wed, 01 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19288
Expires: Sat, 04 Feb 2023 11:04:32 GMT
Date: Sat, 04 Feb 2023 05:43:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2c26a5b2867f8f53d8b0c163fe24fdc9
a38fbf22fe7d65693c45ffd1f547871ba7321dd5
ecc618bb22bdf99f2c606fa48c65af2a2989141b4f9b7a6788bc4ccabdc04e49
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECC618BB22BDF99F2C606FA48C65AF2A2989141B4F9B7A6788BC4CCABDC04E49"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6910
Expires: Sat, 04 Feb 2023 07:38:14 GMT
Date: Sat, 04 Feb 2023 05:43:04 GMT
Connection: keep-alive
www.acint.net/oci/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=96995352&oid=39e8192718f4ed5a678fc273d654392b
193.3.184.229200 OK 43 B URL HTTP/2 www.acint.net/oci/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=96995352&oid=39e8192718f4ed5a678fc273d654392b
IP 193.3.184.229:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /oci/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=96995352&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otdamzadengi.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPd8GedERRkrPHwAnY32KYaaSpkXwnvS3VspL+W2obS; cSyncDp7v2=1675489383; cSyncDp14v3=1675489383; cSyncDp17=1675489383; cSyncDp32=1675489383; cSyncDp45v3=1675489383; cSyncDp53v2=1675489383; cSyncDp62=1675489383; cSyncDp67v2=1675489383; cSyncDp68=1675489383; cSyncDp71=1675489383; cSyncDp85=1675489383; cSyncDp95v3=1675489383; cSyncDp98v2=1675489383; cSyncDp101=1675489383; cSyncDp104v2=1675489383; cSyncDp107=1675489383; cSyncDp110=1675489383; cSyncDp125v3=1675489383; cSyncDp126=1675489383; cSyncDp127=1675489383; cSyncDp129=1675489383; cSyncDp136v2=1675489383; cSyncDp146=1675489383; cSyncDp148=1675489383; cSyncDp149v2=1675489383; cSyncDp151=1675489383; cSyncDp178=1675489383; cSyncDp186=1675489383; cSyncDp221=1675489383; cSyncDp235=1675489383
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
65.109.65.188302 Found 471 B URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP 65.109.65.188:0
ASN #24940 Hetzner Online GmbH
Hash dbb3fe4d8642c214cf6c1f4523abff84
595c46af4c12a911a209b5d4c6f12b5834b4cbc1
2193d8508d4538173a02bca99856f53dc4b1e4ad0c2bbd057b20d76349f25435
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Sat, 04 Feb 2023 05:43:03 GMT
x-request-id: 47cfcd08-9169-4d0d-9656-04f12fd461ee
set-cookie: bvuid=2qkt54rxnf; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=2qkt54rxnf; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=2qkt54rxnf
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2c26a5b2867f8f53d8b0c163fe24fdc9
a38fbf22fe7d65693c45ffd1f547871ba7321dd5
ecc618bb22bdf99f2c606fa48c65af2a2989141b4f9b7a6788bc4ccabdc04e49
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECC618BB22BDF99F2C606FA48C65AF2A2989141B4F9B7A6788BC4CCABDC04E49"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6910
Expires: Sat, 04 Feb 2023 07:38:14 GMT
Date: Sat, 04 Feb 2023 05:43:04 GMT
Connection: keep-alive
s.uuidksinc.net/match/396/?remote_uid=1503420A67F0DD636414119D02F0F1AC
31.220.27.135302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=1503420A67F0DD636414119D02F0F1AC
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Sat, 04 Feb 2023 05:43:04 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=xORppw0BR7DWeDyxZyif
set-cookie: jcsuuid=xORppw0BR7DWeDyxZyif; expires=Sun, 04 Feb 2024 05:43:04 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1503420A67F0DD636414119D02F0F1AC
87.242.89.90200 OK 12 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1503420A67F0DD636414119D02F0F1AC
IP 87.242.89.90:0
File type exported SGML document, ASCII text, with no line terminators
Hash d8932e1cb3ee147415fbf5591a7217ca
97da5b95fb7f60ecd8d9ed0e5a05d83ad5a9c070
c0327cbcde50f1ab8228334a550b947301123d6f6f7d625707cb6d08a1faec35
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: text/html
content-length: 12
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
etag: "63d8131e-c"
accept-ranges: bytes
server: elb
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3fd7da2b4e741b78de53d1c10701e627
2094d5dc57b8f3c5291eedf0fdf57ca5486b78e1
43d3642eab9b1aa4aa467075453a7eb84479425af207d9f1238951421f6cf0db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43D3642EAB9B1AA4AA467075453A7EB84479425AF207D9F1238951421F6CF0DB"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11817
Expires: Sat, 04 Feb 2023 09:00:01 GMT
Date: Sat, 04 Feb 2023 05:43:04 GMT
Connection: keep-alive
pix.bumlam.com/sync/sape/check?sspuid=1503420A67F0DD636414119D02F0F1AC
31.172.81.172302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/check?sspuid=1503420A67F0DD636414119D02F0F1AC
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/check?sspuid=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape
sync.bumlam.com/?src=sap1&uid=1503420A67F0DD636414119D02F0F1AC
31.172.81.158302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=1503420A67F0DD636414119D02F0F1AC
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRjYjI1YTU5Ni1hNDRlLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Fri, 30 Jan 2043 05:43:04 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjo4PeeBmIgMTUwMzQyMEE2N0YwREQ2MzY0MTQxMTlEMDJGMEYxQUOiARDLJaWWpE4R7YbgACWQwGR8
ETag: cb25a596-a44e-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
ocsp.globalsign.com/alphasslcasha256g4
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.20.226:0
Hash f359a5b087b7e94101fa6eb165475ffd
a177b54879a9bab79839829a8df42e5ae398683b
88d51431b37adce168db9fb5db2a890653089dd2f9534e9938d429ea66f35311
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Wed, 08 Feb 2023 03:57:55 GMT
ETag: "a177b54879a9bab79839829a8df42e5ae398683b"
Last-Modified: Sat, 04 Feb 2023 03:57:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3065
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7941162aaa9ab50f-OSL
nr.bidderstack.com/sape/cm?user_id=1503420A67F0DD636414119D02F0F1AC
23.88.12.13200 OK 44 B URL HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=1503420A67F0DD636414119D02F0F1AC
IP 23.88.12.13:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
GET /sape/cm?user_id=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Access-Control-Allow-Credentials: true
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 61c9b8887795eb7c6e31e23dba49d713
d92d31b3d8573a2dc26b79d4f45ff74b848260f8
b1ac918879f82de11e2f2a44d9c4acfd3c57ff7a37a58461785bfad7215bf23b
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 08 Feb 2023 03:13:04 GMT
ETag: "d92d31b3d8573a2dc26b79d4f45ff74b848260f8"
Last-Modified: Sat, 04 Feb 2023 03:13:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794116299a05b4ed-OSL
acint.net/match?dp=110&euid=b8486dadd4d9423788671289a880d2c3
193.3.184.229200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=b8486dadd4d9423788671289a880d2c3
IP 193.3.184.229:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=b8486dadd4d9423788671289a880d2c3 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPd8GedERRkrPHwAnY32KYaaSpkXwnvS3VspL+W2obS; cSyncDp7v2=1675489383; cSyncDp14v3=1675489383; cSyncDp17=1675489383; cSyncDp32=1675489383; cSyncDp45v3=1675489383; cSyncDp53v2=1675489383; cSyncDp62=1675489383; cSyncDp67v2=1675489383; cSyncDp68=1675489383; cSyncDp71=1675489383; cSyncDp85=1675489383; cSyncDp95v3=1675489383; cSyncDp98v2=1675489383; cSyncDp101=1675489383; cSyncDp104v2=1675489383; cSyncDp107=1675489383; cSyncDp110=1675489383; cSyncDp125v3=1675489383; cSyncDp126=1675489383; cSyncDp127=1675489383; cSyncDp129=1675489383; cSyncDp136v2=1675489383; cSyncDp146=1675489383; cSyncDp148=1675489383; cSyncDp149v2=1675489383; cSyncDp151=1675489383; cSyncDp178=1675489383; cSyncDp186=1675489383; cSyncDp221=1675489383; cSyncDp235=1675489383
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
176.9.79.218301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP 176.9.79.218:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash 870b1af6ce6f9bb8d4ee58cb27214baa
5b5ed065c6b0604fb1fc78baf1a32f856b54adcb
b5827f3a7c90b65d70e13127a21e3d83b79771ad49a3c09e94367a36514055e0
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=aba517c6-b6f6-4018-6afa-a8c895a26513
serverid: TODO
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync
88.198.16.238302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP 88.198.16.238:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1675489384116;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1675489384116;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
www.acint.net/match?dp=127&euid=xORppw0BR7DWeDyxZyif
193.3.184.229200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=xORppw0BR7DWeDyxZyif
IP 193.3.184.229:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=xORppw0BR7DWeDyxZyif HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPd8GedERRkrPHwAnY32KYaaSpkXwnvS3VspL+W2obS; cSyncDp7v2=1675489383; cSyncDp14v3=1675489383; cSyncDp17=1675489383; cSyncDp32=1675489383; cSyncDp45v3=1675489383; cSyncDp53v2=1675489383; cSyncDp62=1675489383; cSyncDp67v2=1675489383; cSyncDp68=1675489383; cSyncDp71=1675489383; cSyncDp85=1675489383; cSyncDp95v3=1675489383; cSyncDp98v2=1675489383; cSyncDp101=1675489383; cSyncDp104v2=1675489383; cSyncDp107=1675489383; cSyncDp110=1675489383; cSyncDp125v3=1675489383; cSyncDp126=1675489383; cSyncDp127=1675489383; cSyncDp129=1675489383; cSyncDp136v2=1675489383; cSyncDp146=1675489383; cSyncDp148=1675489383; cSyncDp149v2=1675489383; cSyncDp151=1675489383; cSyncDp178=1675489383; cSyncDp186=1675489383; cSyncDp221=1675489383; cSyncDp235=1675489383
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5431f65b9752265c73dfc20feb11c708
a02c33915a5a1d746fe3f0a0110780a4ecf16cf5
1ab127bb9135946104c60ec117163be6987288b63a642decc67cdbf2274597e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1AB127BB9135946104C60EC117163BE6987288B63A642DECC67CDBF2274597E2"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16793
Expires: Sat, 04 Feb 2023 10:22:57 GMT
Date: Sat, 04 Feb 2023 05:43:04 GMT
Connection: keep-alive
cs.agency2.ru/p?ssp=sp&uid=1503420A67F0DD636414119D02F0F1AC
23.111.107.44301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=1503420A67F0DD636414119D02F0F1AC
IP 23.111.107.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=38d1c772-b1cb-4194-9e1c-9815d2c24a17
Set-Cookie: uuid=38d1c772-b1cb-4194-9e1c-9815d2c24a17; expires=Fri, 26 Jan 2024 05:43:04 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 72ffec6ce01ac59744b196bb43992736
a397aae61c3b04a23ddc2168d68443dd9ad117d9
c5c1e579a7e5de9bbbae02977984a225f1130dacc44daae1d54742bfcfa11d95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5039
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:43:04 GMT
Last-Modified: Sat, 04 Feb 2023 04:19:06 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
sync.bumlam.com/?src=sape
31.172.81.158302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRjYjMyMzkwMC1hNDRlLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Fri, 30 Jan 2043 05:43:04 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sape&s_data=CAIQARjo4PeeBqIBEMsyOQCkThHtocQAJZDIJDc*
ETag: cb323900-a44e-11ed-a1c4-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
sync.dmp.otm-r.com/match/sape?id=1503420A67F0DD636414119D02F0F1AC
195.201.108.196204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=1503420A67F0DD636414119D02F0F1AC
IP 195.201.108.196:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.15.9
date: Sat, 04 Feb 2023 05:43:04 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
sync.programmatica.com/match/RTBSape?id=1503420A67F0DD636414119D02F0F1AC
167.235.117.42302 Found 0 B URL HTTP/2 sync.programmatica.com/match/RTBSape?id=1503420A67F0DD636414119D02F0F1AC
IP 167.235.117.42:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/RTBSape?id=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 05:43:04 GMT
content-length: 0
location: https://sync.programmatica.com/match/RTBSape?id=1503420A67F0DD636414119D02F0F1AC&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
www.acint.net/match?dp=126&euid=aba517c6-b6f6-4018-6afa-a8c895a26513
193.3.184.229200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=aba517c6-b6f6-4018-6afa-a8c895a26513
IP 193.3.184.229:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=aba517c6-b6f6-4018-6afa-a8c895a26513 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPd8GedERRkrPHwAnY32KYaaSpkXwnvS3VspL+W2obS; cSyncDp7v2=1675489383; cSyncDp14v3=1675489383; cSyncDp17=1675489383; cSyncDp32=1675489383; cSyncDp45v3=1675489383; cSyncDp53v2=1675489383; cSyncDp62=1675489383; cSyncDp67v2=1675489383; cSyncDp68=1675489383; cSyncDp71=1675489383; cSyncDp85=1675489383; cSyncDp95v3=1675489383; cSyncDp98v2=1675489383; cSyncDp101=1675489383; cSyncDp104v2=1675489383; cSyncDp107=1675489383; cSyncDp110=1675489383; cSyncDp125v3=1675489383; cSyncDp126=1675489383; cSyncDp127=1675489383; cSyncDp129=1675489383; cSyncDp136v2=1675489383; cSyncDp146=1675489383; cSyncDp148=1675489383; cSyncDp149v2=1675489383; cSyncDp151=1675489383; cSyncDp178=1675489383; cSyncDp186=1675489383; cSyncDp221=1675489383; cSyncDp235=1675489383
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
88.198.16.238302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP 88.198.16.238:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1675489384116
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=5928e8cd-309a-48c5-b609-f6f510c7f6b0;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=5928e8cd-309a-48c5-b609-f6f510c7f6b0;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=5928e8cd-309a-48c5-b609-f6f510c7f6b0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&s_data=CAIQARjo4PeeBmIgMTUwMzQyMEE2N0YwREQ2MzY0MTQxMTlEMDJGMEYxQUOiARDLJaWWpE4R7YbgACWQwGR8
31.172.81.158200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARjo4PeeBmIgMTUwMzQyMEE2N0YwREQ2MzY0MTQxMTlEMDJGMEYxQUOiARDLJaWWpE4R7YbgACWQwGR8
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARjo4PeeBmIgMTUwMzQyMEE2N0YwREQ2MzY0MTQxMTlEMDJGMEYxQUOiARDLJaWWpE4R7YbgACWQwGR8 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRjYjI1YTU5Ni1hNDRlLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRjYjI1YTU5Ni1hNDRlLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Fri, 30 Jan 2043 05:43:04 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 08ffbd617e3c4fe6363eac8207df7517
9e609b37c80b441d84d4bc50b28679f40bf87d2d
00f9131e6fd8f03c2f2a9bdf857c64a366587907d39826e6b7df365257de63e6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00F9131E6FD8F03C2F2A9BDF857C64A366587907D39826E6B7DF365257DE63E6"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5658
Expires: Sat, 04 Feb 2023 07:17:22 GMT
Date: Sat, 04 Feb 2023 05:43:04 GMT
Connection: keep-alive
www.acint.net/match?dp=186&euid=38d1c772-b1cb-4194-9e1c-9815d2c24a17
193.3.184.229200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=38d1c772-b1cb-4194-9e1c-9815d2c24a17
IP 193.3.184.229:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=38d1c772-b1cb-4194-9e1c-9815d2c24a17 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPd8GedERRkrPHwAnY32KYaaSpkXwnvS3VspL+W2obS; cSyncDp7v2=1675489383; cSyncDp14v3=1675489383; cSyncDp17=1675489383; cSyncDp32=1675489383; cSyncDp45v3=1675489383; cSyncDp53v2=1675489383; cSyncDp62=1675489383; cSyncDp67v2=1675489383; cSyncDp68=1675489383; cSyncDp71=1675489383; cSyncDp85=1675489383; cSyncDp95v3=1675489383; cSyncDp98v2=1675489383; cSyncDp101=1675489383; cSyncDp104v2=1675489383; cSyncDp107=1675489383; cSyncDp110=1675489383; cSyncDp125v3=1675489383; cSyncDp126=1675489383; cSyncDp127=1675489383; cSyncDp129=1675489383; cSyncDp136v2=1675489383; cSyncDp146=1675489383; cSyncDp148=1675489383; cSyncDp149v2=1675489383; cSyncDp151=1675489383; cSyncDp178=1675489383; cSyncDp186=1675489383; cSyncDp221=1675489383; cSyncDp235=1675489383
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sape&s_data=CAIQARjo4PeeBqIBEMsyOQCkThHtocQAJZDIJDc*
31.172.81.158302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape&s_data=CAIQARjo4PeeBqIBEMsyOQCkThHtocQAJZDIJDc*
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape&s_data=CAIQARjo4PeeBqIBEMsyOQCkThHtocQAJZDIJDc* HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRjYjMyMzkwMC1hNDRlLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRjYjMyMzkwMC1hNDRlLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Fri, 30 Jan 2043 05:43:04 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=cb323900-a44e-11ed-a1c4-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
sync.adspend.space/sape?uid=1503420A67F0DD636414119D02F0F1AC
212.76.129.181302 Found 149 B URL HTTP/2 sync.adspend.space/sape?uid=1503420A67F0DD636414119D02F0F1AC
IP 212.76.129.181:0
File type HTML document, ASCII text
Hash 08030bb464548af4c82f2122179e61e4
dcdb0212c5c7b456a8704a713020ddde19f0aca4
cde76b0abb5c9dc6df7afab5bf3d4239a25b139af76b2c75f2678028c8e3aec4
GET /sape?uid=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: text/html; charset=utf-8
content-length: 149
location: https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D9699a24b-220a-476d-bb3e-79ee7145eb89
set-cookie: as-user=9699a24b-220a-476d-bb3e-79ee7145eb89; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
sync.programmatica.com/match/RTBSape?id=1503420A67F0DD636414119D02F0F1AC&chk=1
167.235.117.42200 OK 43 B URL HTTP/2 sync.programmatica.com/match/RTBSape?id=1503420A67F0DD636414119D02F0F1AC&chk=1
IP 167.235.117.42:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/RTBSape?id=1503420A67F0DD636414119D02F0F1AC&chk=1 HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: image/gif
content-length: 43
set-cookie: pid=MWU3MjY4YTk4ZTdlOWQ2ZA; expires=Sun, 04 Aug 2024 05:43:04 GMT; domain=.programmatica.com; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1087108116253707&output=html&h=90&slotname=3140131371&adk=3886122598&adf=3387473867&pi=t.ma~as.3140131371&w=728&lmt=1675489418&url=http%3A%2F%2Fotdamzadengi.ru%2Fpischevoe_oborudovanie%2F1489.html&wgl=1&dt=1675489417325&bpp=32&bdt=323&idt=552&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D95c56bd5c1b5dce3-223771c6d0da004d%3AT%3D1675489383%3ART%3D1675489383%3AS%3DALNI_MZqBRR4_IhOq76IptoG8T4xFCvJiQ&gpic=UID%3D00000baf79c0106b%3AT%3D1675489383%3ART%3D1675489383%3AS%3DALNI_MbfIv6-majsr2DPVARiJn1NIuk6_w&correlator=2638672383637&frm=20&pv=2&ga_vid=1196794298.1675489418&ga_sid=1675489418&ga_hid=574804673&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=413&ady=70&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071854%2C44774292&oid=2&pvsid=4441486602431663&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7Cd%7CEe%7C&abl=NS&pfx=0&fu=1024&bc=23&ifi=1&uci=a!1&fsb=1&xpc=D6ogwGF2Qd&p=http%3A//otdamzadengi.ru&dtd=722
142.250.74.66200 OK 207 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1087108116253707&output=html&h=90&slotname=3140131371&adk=3886122598&adf=3387473867&pi=t.ma~as.3140131371&w=728&lmt=1675489418&url=http%3A%2F%2Fotdamzadengi.ru%2Fpischevoe_oborudovanie%2F1489.html&wgl=1&dt=1675489417325&bpp=32&bdt=323&idt=552&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D95c56bd5c1b5dce3-223771c6d0da004d%3AT%3D1675489383%3ART%3D1675489383%3AS%3DALNI_MZqBRR4_IhOq76IptoG8T4xFCvJiQ&gpic=UID%3D00000baf79c0106b%3AT%3D1675489383%3ART%3D1675489383%3AS%3DALNI_MbfIv6-majsr2DPVARiJn1NIuk6_w&correlator=2638672383637&frm=20&pv=2&ga_vid=1196794298.1675489418&ga_sid=1675489418&ga_hid=574804673&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=413&ady=70&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071854%2C44774292&oid=2&pvsid=4441486602431663&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7Cd%7CEe%7C&abl=NS&pfx=0&fu=1024&bc=23&ifi=1&uci=a!1&fsb=1&xpc=D6ogwGF2Qd&p=http%3A//otdamzadengi.ru&dtd=722
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (430), with no line terminators
Hash b9bf1f29b1b293df8266d45522c8800d
a3e8e4c3a7879e4d08e3d340c77dfe60e5be695b
7109eb310b7167edb2a286037b66c8bb5fc38c77ed9020a64a817fe4e675865b
GET /pagead/ads?client=ca-pub-1087108116253707&output=html&h=90&slotname=3140131371&adk=3886122598&adf=3387473867&pi=t.ma~as.3140131371&w=728&lmt=1675489418&url=http%3A%2F%2Fotdamzadengi.ru%2Fpischevoe_oborudovanie%2F1489.html&wgl=1&dt=1675489417325&bpp=32&bdt=323&idt=552&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D95c56bd5c1b5dce3-223771c6d0da004d%3AT%3D1675489383%3ART%3D1675489383%3AS%3DALNI_MZqBRR4_IhOq76IptoG8T4xFCvJiQ&gpic=UID%3D00000baf79c0106b%3AT%3D1675489383%3ART%3D1675489383%3AS%3DALNI_MbfIv6-majsr2DPVARiJn1NIuk6_w&correlator=2638672383637&frm=20&pv=2&ga_vid=1196794298.1675489418&ga_sid=1675489418&ga_hid=574804673&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=413&ady=70&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071854%2C44774292&oid=2&pvsid=4441486602431663&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7Cd%7CEe%7C&abl=NS&pfx=0&fu=1024&bc=23&ifi=1&uci=a!1&fsb=1&xpc=D6ogwGF2Qd&p=http%3A//otdamzadengi.ru&dtd=722 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otdamzadengi.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 04 Feb 2023 05:43:04 GMT
server: cafe
content-length: 207
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 05:58:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 04 Feb 2023 05:43:04 GMT
cache-control: private
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/sync_ok?guid=cb323900-a44e-11ed-a1c4-002590c82437
31.172.81.172302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/sync_ok?guid=cb323900-a44e-11ed-a1c4-002590c82437
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/sync_ok?guid=cb323900-a44e-11ed-a1c4-002590c82437 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRjYjMyMzkwMC1hNDRlLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://cb323900-a44e-11ed-a1c4-002590c82437.n4.sync.bumlam.com/?src=sape
www.acint.net/match?dp=71&euid=5928e8cd-309a-48c5-b609-f6f510c7f6b0
193.3.184.229200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=5928e8cd-309a-48c5-b609-f6f510c7f6b0
IP 193.3.184.229:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=5928e8cd-309a-48c5-b609-f6f510c7f6b0 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPd8GedERRkrPHwAnY32KYaaSpkXwnvS3VspL+W2obS; cSyncDp7v2=1675489383; cSyncDp14v3=1675489383; cSyncDp17=1675489383; cSyncDp32=1675489383; cSyncDp45v3=1675489383; cSyncDp53v2=1675489383; cSyncDp62=1675489383; cSyncDp67v2=1675489383; cSyncDp68=1675489383; cSyncDp71=1675489383; cSyncDp85=1675489383; cSyncDp95v3=1675489383; cSyncDp98v2=1675489383; cSyncDp101=1675489383; cSyncDp104v2=1675489383; cSyncDp107=1675489383; cSyncDp110=1675489383; cSyncDp125v3=1675489383; cSyncDp126=1675489383; cSyncDp127=1675489383; cSyncDp129=1675489383; cSyncDp136v2=1675489383; cSyncDp146=1675489383; cSyncDp148=1675489383; cSyncDp149v2=1675489383; cSyncDp151=1675489383; cSyncDp178=1675489383; cSyncDp186=1675489383; cSyncDp221=1675489383; cSyncDp235=1675489383
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1087108116253707&output=html&h=600&slotname=2458919559&adk=3351374675&adf=4094718428&pi=t.ma~as.2458919559&w=160&lmt=1675489418&url=http%3A%2F%2Fotdamzadengi.ru%2Fpischevoe_oborudovanie%2F1489.html&wgl=1&dt=1675489417325&bpp=6&bdt=323&idt=596&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D95c56bd5c1b5dce3-223771c6d0da004d%3AT%3D1675489383%3ART%3D1675489383%3AS%3DALNI_MZqBRR4_IhOq76IptoG8T4xFCvJiQ&gpic=UID%3D00000baf79c0106b%3AT%3D1675489383%3ART%3D1675489383%3AS%3DALNI_MbfIv6-majsr2DPVARiJn1NIuk6_w&prev_slotnames=3140131371&correlator=2638672383637&frm=20&pv=1&ga_vid=1196794298.1675489418&ga_sid=1675489418&ga_hid=574804673&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=12&ady=665&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071854%2C44774292&oid=2&pvsid=4441486602431663&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=JoaRWh9MDj&p=http%3A//otdamzadengi.ru&dtd=729
142.250.74.66200 OK 206 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1087108116253707&output=html&h=600&slotname=2458919559&adk=3351374675&adf=4094718428&pi=t.ma~as.2458919559&w=160&lmt=1675489418&url=http%3A%2F%2Fotdamzadengi.ru%2Fpischevoe_oborudovanie%2F1489.html&wgl=1&dt=1675489417325&bpp=6&bdt=323&idt=596&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D95c56bd5c1b5dce3-223771c6d0da004d%3AT%3D1675489383%3ART%3D1675489383%3AS%3DALNI_MZqBRR4_IhOq76IptoG8T4xFCvJiQ&gpic=UID%3D00000baf79c0106b%3AT%3D1675489383%3ART%3D1675489383%3AS%3DALNI_MbfIv6-majsr2DPVARiJn1NIuk6_w&prev_slotnames=3140131371&correlator=2638672383637&frm=20&pv=1&ga_vid=1196794298.1675489418&ga_sid=1675489418&ga_hid=574804673&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=12&ady=665&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071854%2C44774292&oid=2&pvsid=4441486602431663&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=JoaRWh9MDj&p=http%3A//otdamzadengi.ru&dtd=729
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (430), with no line terminators
Hash 73a71b9817dd3ed001842e3817e9079d
7ecb8cc91fcc2c2977081088b39f27681429ead0
7a3a60fe88b957cd8090c275b81dcd4eadce863573659350c6498f0fe04d0f51
GET /pagead/ads?client=ca-pub-1087108116253707&output=html&h=600&slotname=2458919559&adk=3351374675&adf=4094718428&pi=t.ma~as.2458919559&w=160&lmt=1675489418&url=http%3A%2F%2Fotdamzadengi.ru%2Fpischevoe_oborudovanie%2F1489.html&wgl=1&dt=1675489417325&bpp=6&bdt=323&idt=596&shv=r20230201&mjsv=m202301230101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D95c56bd5c1b5dce3-223771c6d0da004d%3AT%3D1675489383%3ART%3D1675489383%3AS%3DALNI_MZqBRR4_IhOq76IptoG8T4xFCvJiQ&gpic=UID%3D00000baf79c0106b%3AT%3D1675489383%3ART%3D1675489383%3AS%3DALNI_MbfIv6-majsr2DPVARiJn1NIuk6_w&prev_slotnames=3140131371&correlator=2638672383637&frm=20&pv=1&ga_vid=1196794298.1675489418&ga_sid=1675489418&ga_hid=574804673&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=12&ady=665&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071854%2C44774292&oid=2&pvsid=4441486602431663&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=JoaRWh9MDj&p=http%3A//otdamzadengi.ru&dtd=729 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otdamzadengi.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 04 Feb 2023 05:43:04 GMT
server: cafe
content-length: 206
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 05:58:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 04 Feb 2023 05:43:04 GMT
cache-control: private
X-Firefox-Spdy: h2
sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D9699a24b-220a-476d-bb3e-79ee7145eb89
212.76.129.181302 Found 102 B URL HTTP/2 sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D9699a24b-220a-476d-bb3e-79ee7145eb89
IP 212.76.129.181:0
File type HTML document, ASCII text
Hash 7b5409db7d207437acd908e96f7de96b
7f6a58df6f5ef403db16a4da2e538c935e98642d
b87c6c20820b4acd9ff64f6f95ba7be2887ecad9a0319db426eeb6c025385e02
GET /check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D9699a24b-220a-476d-bb3e-79ee7145eb89 HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: as-user=9699a24b-220a-476d-bb3e-79ee7145eb89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: text/html; charset=utf-8
content-length: 102
location: https://www.acint.net/match?dp=98&euid=9699a24b-220a-476d-bb3e-79ee7145eb89
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
match.new-programmatic.com/userbind?src=sape&id=1503420A67F0DD636414119D02F0F1AC
217.65.2.150204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=1503420A67F0DD636414119D02F0F1AC
IP 217.65.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
www.acint.net/match?dp=98&euid=9699a24b-220a-476d-bb3e-79ee7145eb89
193.3.184.229200 OK 43 B URL HTTP/2 www.acint.net/match?dp=98&euid=9699a24b-220a-476d-bb3e-79ee7145eb89
IP 193.3.184.229:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=98&euid=9699a24b-220a-476d-bb3e-79ee7145eb89 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPd8GedERRkrPHwAnY32KYaaSpkXwnvS3VspL+W2obS; cSyncDp7v2=1675489383; cSyncDp14v3=1675489383; cSyncDp17=1675489383; cSyncDp32=1675489383; cSyncDp45v3=1675489383; cSyncDp53v2=1675489383; cSyncDp62=1675489383; cSyncDp67v2=1675489383; cSyncDp68=1675489383; cSyncDp71=1675489383; cSyncDp85=1675489383; cSyncDp95v3=1675489383; cSyncDp98v2=1675489383; cSyncDp101=1675489383; cSyncDp104v2=1675489383; cSyncDp107=1675489383; cSyncDp110=1675489383; cSyncDp125v3=1675489383; cSyncDp126=1675489383; cSyncDp127=1675489383; cSyncDp129=1675489383; cSyncDp136v2=1675489383; cSyncDp146=1675489383; cSyncDp148=1675489383; cSyncDp149v2=1675489383; cSyncDp151=1675489383; cSyncDp178=1675489383; cSyncDp186=1675489383; cSyncDp221=1675489383; cSyncDp235=1675489383
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7ba071ec088ecb8d330ad083ff68a2e9
b6682d2b88e52d8ac6f6649b2e9bc2a63e865a33
5d4eb28ca0a67907f64054c49ceb88bea4c662450c5c45a0969b1f9e596deaf0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4EB28CA0A67907F64054C49CEB88BEA4C662450C5C45A0969B1F9E596DEAF0"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16818
Expires: Sat, 04 Feb 2023 10:23:22 GMT
Date: Sat, 04 Feb 2023 05:43:04 GMT
Connection: keep-alive
cb323900-a44e-11ed-a1c4-002590c82437.n4.sync.bumlam.com/?src=sape
62.109.24.241302 Found 0 B URL HTTP/2 cb323900-a44e-11ed-a1c4-002590c82437.n4.sync.bumlam.com/?src=sape
IP 62.109.24.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: cb323900-a44e-11ed-a1c4-002590c82437.n4.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRjYjMyMzkwMC1hNDRlLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.1
date: Sat, 04 Feb 2023 05:43:04 GMT
content-length: 0
location: https://pix.bumlam.com/sync/sape/done
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/done
31.172.81.172200 OK 43 B URL HTTP/1.1 pix.bumlam.com/sync/sape/done
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRjYjMyMzkwMC1hNDRlLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 1afd3517ebc844038700db8c82d69ae3
1327e511903b229cd36c1647fdb71c17d4ce7bdd
ff3430f1affa22881cd632c75d9f51cb97deb53a2cd76f3ee3be5e4b0518192a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 23:26:49 GMT
Expires: Wed, 08 Feb 2023 23:26:48 GMT
Etag: "1327e511903b229cd36c1647fdb71c17d4ce7bdd"
Cache-Control: max-age=408823,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7941162aebf21bfa-OSL
dmp.gotechnology.io/match/sape?id=1503420A67F0DD636414119D02F0F1AC
167.235.32.7302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=1503420A67F0DD636414119D02F0F1AC
IP 167.235.32.7:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 05:43:04 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=1503420A67F0DD636414119D02F0F1AC&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
dmp.gotechnology.io/match/sape?id=1503420A67F0DD636414119D02F0F1AC&chk=1
167.235.32.7302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=1503420A67F0DD636414119D02F0F1AC&chk=1
IP 167.235.32.7:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1503420A67F0DD636414119D02F0F1AC&chk=1 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 05:43:04 GMT
content-length: 0
location: https://an.yandex.ru/mapuid/gonetdspis/MzYzOGExYjllMTFlZmU1Mg
set-cookie: pid=MzYzOGExYjllMTFlZmU1Mg; expires=Sun, 04 Feb 2024 05:43:04 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash e401685023222077d3bf55e129ec0a82
505836c8d8c57191a9290ac2a3de4e58ba0578cc
357ca901923486bc543b5fcf899ae97713c34afd9172310c5ab5216d7fdc6cf0
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 08 Feb 2023 04:06:03 GMT
ETag: "505836c8d8c57191a9290ac2a3de4e58ba0578cc"
Last-Modified: Sat, 04 Feb 2023 04:06:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 387
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7941162dfc6ab50f-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash e401685023222077d3bf55e129ec0a82
505836c8d8c57191a9290ac2a3de4e58ba0578cc
357ca901923486bc543b5fcf899ae97713c34afd9172310c5ab5216d7fdc6cf0
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 08 Feb 2023 04:06:03 GMT
ETag: "505836c8d8c57191a9290ac2a3de4e58ba0578cc"
Last-Modified: Sat, 04 Feb 2023 04:06:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 387
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7941162e0c70b50f-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 9785eb534d461f99c62944103238f3f4
2f1f1856d1289f087755a547f01970b95d0ae631
8270c1c707b135442be3b6ac6b44d00177229e006d0e8bfcf03a4f9a76921ee1
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Wed, 08 Feb 2023 03:00:26 GMT
ETag: "2f1f1856d1289f087755a547f01970b95d0ae631"
Last-Modified: Sat, 04 Feb 2023 03:00:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 944
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7941162e2c77b50f-OSL
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
195.209.108.46302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP 195.209.108.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-4382862376; expires=Mon, 03 Feb 2025 05:43:04 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4382862376
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1503420A67F0DD636414119D02F0F1AC
81.222.128.216200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1503420A67F0DD636414119D02F0F1AC
IP 81.222.128.216:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 401d59a8e6b4176d20936fab7af0612c
a7e05aa19967840baa48ab51d9c9118cb4375c35
970e60b835859295354a4da84632cb4eb990ced4db96c77e5bd016ddbca5dfc4
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 08 Feb 2023 01:36:41 GMT
ETag: "a7e05aa19967840baa48ab51d9c9118cb4375c35"
Last-Modified: Sat, 04 Feb 2023 01:36:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3204
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7941162e5c8fb50f-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 84dec2e77380df6c2188d61f7295f4e7
e9cca558c93123a36d158e131c0222d8d797735d
9b80df42a016c949bb06cc49c21b12fa88a110001c7c13daa0dd7f2c4ec2f69a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 02:18:44 GMT
Expires: Sat, 11 Feb 2023 02:18:43 GMT
Etag: "e9cca558c93123a36d158e131c0222d8d797735d"
Cache-Control: max-age=591938,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7941162e2cf41bfa-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09905a9da2b8c534b2a2339f7ed3ea0f
c9757e32b8d0032fe15e166141f832a9133d575f
48f74cadddfc2aaa06f4831abb571ce1717243a159508098f25922762d694c15
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F74CADDDFC2AAA06F4831ABB571CE1717243A159508098F25922762D694C15"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2530
Expires: Sat, 04 Feb 2023 06:25:14 GMT
Date: Sat, 04 Feb 2023 05:43:04 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:03:25 GMT
Expires: Wed, 08 Feb 2023 02:03:24 GMT
Etag: "a9569ad568776c896099e2e7b4291dbe7101cb9b"
Cache-Control: max-age=331819,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7941162e5ace1c16-OSL
x01.aidata.io/0.gif?pid=9401454&id=1503420A67F0DD636414119D02F0F1AC
89.108.120.68302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=1503420A67F0DD636414119D02F0F1AC
IP 89.108.120.68:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 05:43:04 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=1503420A67F0DD636414119D02F0F1AC&bounce=1
expires: Sat, 04 Feb 2023 05:43:03 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Sat, 04 Feb 2023 05:43:03 GMT
set-cookie: __upin=g4/tZ99P81PuLmmJAliJfg;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675489384;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:03:25 GMT
Expires: Wed, 08 Feb 2023 02:03:24 GMT
Etag: "a9569ad568776c896099e2e7b4291dbe7101cb9b"
Cache-Control: max-age=331819,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7941162e6f9db524-OSL
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4382862376
195.209.108.46302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4382862376
IP 195.209.108.46:0
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4382862376 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Mon, 03 Feb 2025 05:43:04 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
ocsp.globalsign.com/alphasslcasha256g4
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.20.226:0
Hash 538758a346991867aea075daeb578c14
258ba1abd9867bba99b2398dc21e3c8b1f67a8d4
c5bcb55d59930f49ac44d9d0ada7f04154677efca8c8d507fba4d2c477415156
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Wed, 08 Feb 2023 03:06:46 GMT
ETag: "258ba1abd9867bba99b2398dc21e3c8b1f67a8d4"
Last-Modified: Sat, 04 Feb 2023 03:06:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 838
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7941162eacacb50f-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash eb5338e3532363856aee09616964e769
457d22e3d1ef758f53e00c1d96f262a8315d1dfe
6ca318905faa51e5d1facef07bd04ceb3ff7f653ab69195088c4f9b98930a5c7
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 04:24:52 GMT
ETag: "457d22e3d1ef758f53e00c1d96f262a8315d1dfe"
Last-Modified: Sat, 04 Feb 2023 04:24:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 979
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7941162ebcb5b50f-OSL
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
176.122.21.226302 Found 472 B URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP 176.122.21.226:0
ASN #48096 Enterprise Cloud Ltd.
Hash 51ab5a8626b70c7594e57366f659f93d
b306da2759928ddd7895083be1196fae9f634197
2eb603282049d073ffcd2928301736eb6d72e02c0ea9e4a884e103c73debd5de
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=b8486dadd4d9423788671289a880d2c3
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=b8486dadd4d9423788671289a880d2c3; expires=Sat, 03 Feb 2024 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Sat, 04 Feb 2023 05:43:03 GMT
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash cd0be67dfe5edbea36f5f901aee1e9d1
ba97b0d734aec0b62b5e853d1e9ab71290462a93
5c51225cb046b8a6da71b211eae2fab302a6c83bc891602f86ceb6718965bddd
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 04:22:47 GMT
ETag: "ba97b0d734aec0b62b5e853d1e9ab71290462a93"
Last-Modified: Sat, 04 Feb 2023 04:22:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2673
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7941162eccbcb50f-OSL
x01.aidata.io/0.gif?pid=9401454&id=1503420A67F0DD636414119D02F0F1AC&bounce=1
89.108.120.68204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=1503420A67F0DD636414119D02F0F1AC&bounce=1
IP 89.108.120.68:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=1503420A67F0DD636414119D02F0F1AC&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 04 Feb 2023 05:43:04 GMT
expires: Sat, 04 Feb 2023 05:43:03 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Sat, 04 Feb 2023 05:43:03 GMT
set-cookie: __upin=AapIHHRCK9oY8Ki5ahVFoA;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675489384;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
tag.digitaltarget.ru/adcm.js
185.15.175.130200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP 185.15.175.130:0
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Sat, 04 Feb 2023 05:34:32 GMT
Connection: keep-alive
ETag: "63ddee68-beb"
Accept-Ranges: bytes
ad.mail.ru/cm.gif?p=48&id=1503420A67F0DD636414119D02F0F1AC
95.163.41.56200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=1503420A67F0DD636414119D02F0F1AC
IP 95.163.41.56:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=3LrwN32DlI2F002F0v1zS4YF:::0-0-0-8f84928:CAASEEhGEMwgVlWY7LiB9MJZTasaYNgLMWq-Mg6-RpHA7URwegwbtbKSmKLp0nXjTv83grFajCdLXetoCyLf6AUt0hrCZpEvu8v2T8MOUnRFaco6SYbKSpSMtbFc6zFrOR0VyEOeR6B__nCRF1IKFPTmRcThig; path=/; expires=Mon, 05-Feb-24 05:43:04 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Sat, 04 Feb 2023 11:43:04 GMT
cache-control: max-age=21600
last-modified: Sat, 04 Feb 2023 05:43:04 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=1503420A67F0DD636414119D02F0F1AC
188.42.196.115302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=1503420A67F0DD636414119D02F0F1AC
IP 188.42.196.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=1503420A67F0DD636414119D02F0F1AC&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sun, 04 Feb 2024 05:43:04 GMT; Path=/; Domain=.betweendigital.com
tuuid=f111152a-332a-5223-b24e-8e88d1937ee0; Max-Age=31536000; Expires=Sun, 04 Feb 2024 05:43:04 GMT; Path=/; Domain=.betweendigital.com
ut=Y93waAALmMB_y7F6xASvlqdSQ_ct4Vi7aJ5RcA==; Max-Age=31536000; Expires=Sun, 04 Feb 2024 05:43:04 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
77.245.57.72400 Bad Request 22 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
File type ASCII text, with no line terminators
Hash b0b11e1c78b526b61477f8e9ee540be0
d5e73002987ff54626542b116d98a8f4aa9ee2eb
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 400 Bad Request
Server: nginx
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Length: 22
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
188.42.196.115302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP 188.42.196.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sun, 04 Feb 2024 05:43:04 GMT; Path=/; Domain=.betweendigital.com
tuuid=96cc1d1d-122d-5223-a09f-2f8bc342dfe3; Max-Age=31536000; Expires=Sun, 04 Feb 2024 05:43:04 GMT; Path=/; Domain=.betweendigital.com
ut=Y93waAALw7h0qYv6GE-8e22-tTNacv3lVnmHSA==; Max-Age=31536000; Expires=Sun, 04 Feb 2024 05:43:04 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
193.3.184.229302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP 193.3.184.229:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPd8GedERRkrPHwAnY32KYaaSpkXwnvS3VspL+W2obS; cSyncDp7v2=1675489383; cSyncDp14v3=1675489383; cSyncDp17=1675489383; cSyncDp32=1675489383; cSyncDp45v3=1675489383; cSyncDp53v2=1675489383; cSyncDp62=1675489383; cSyncDp67v2=1675489383; cSyncDp68=1675489383; cSyncDp71=1675489383; cSyncDp85=1675489383; cSyncDp95v3=1675489383; cSyncDp98v2=1675489383; cSyncDp101=1675489383; cSyncDp104v2=1675489383; cSyncDp107=1675489383; cSyncDp110=1675489383; cSyncDp125v3=1675489383; cSyncDp126=1675489383; cSyncDp127=1675489383; cSyncDp129=1675489383; cSyncDp136v2=1675489383; cSyncDp146=1675489383; cSyncDp148=1675489383; cSyncDp149v2=1675489383; cSyncDp151=1675489383; cSyncDp178=1675489383; cSyncDp186=1675489383; cSyncDp221=1675489383; cSyncDp235=1675489383
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1503420A67F0DD636414119D02F0F1AC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sape-sync.rutarget.ru/sync
188.72.109.103302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP 188.72.109.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=dXsRNxIrUDqX
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=dXsRNxIrUDqX; Path=/; Domain=.rutarget.ru; Expires=Thu, 03 Aug 2023 05:43:04 GMT; SameSite=None; Secure
an.yandex.ru/mapuid/gonetdspis/MzYzOGExYjllMTFlZmU1Mg?redir-setuniq=1
213.180.193.90200 OK 118 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/MzYzOGExYjllMTFlZmU1Mg?redir-setuniq=1
IP 213.180.193.90:0
Hash d72ffa9040183a53fee44adec3a16950
38e3187cccfb1ed41d47a98c15500f404cc43ac7
5b30c1484eb96b53cc6eb5c33f029c84deb3ec22aa1da45d5c0959922e17bc01
GET /mapuid/gonetdspis/MzYzOGExYjllMTFlZmU1Mg?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sat, 04 Feb 2023 05:43:04 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:43:04 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sat, 04 Feb 2023 05:43:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
188.42.196.115200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.196.115:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sun, 04 Feb 2024 05:43:04 GMT; Path=/; Domain=.betweendigital.com
tuuid=8eb67ee6-bf5f-5223-90d6-88e3f30b788b; Max-Age=31536000; Expires=Sun, 04 Feb 2024 05:43:04 GMT; Path=/; Domain=.betweendigital.com
ut=Y93waAAMXBAw11kRfkfU-5aM9MMH_4-MhToqqg==; Max-Age=31536000; Expires=Sun, 04 Feb 2024 05:43:04 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1503420A67F0DD636414119D02F0F1AC
81.222.128.216200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1503420A67F0DD636414119D02F0F1AC
IP 81.222.128.216:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
sm.rtb.mts.ru/p?ssp=sape&id=1503420A67F0DD636414119D02F0F1AC
217.66.147.42301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=1503420A67F0DD636414119D02F0F1AC
IP 217.66.147.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=1503420A67F0DD636414119D02F0F1AC
Set-Cookie: dspid=84c6a9f3-fdd0-4fd9-b6fc-080f552e27cf; expires=Fri, 26 Jan 2024 05:43:04 GMT; domain=.mts.ru; path=/; secure; SameSite=None
www.acint.net/match?dp=104&euid=dXsRNxIrUDqX
193.3.184.229200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=dXsRNxIrUDqX
IP 193.3.184.229:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=dXsRNxIrUDqX HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPd8GedERRkrPHwAnY32KYaaSpkXwnvS3VspL+W2obS; cSyncDp7v2=1675489383; cSyncDp14v3=1675489383; cSyncDp17=1675489383; cSyncDp32=1675489383; cSyncDp45v3=1675489383; cSyncDp53v2=1675489383; cSyncDp62=1675489383; cSyncDp67v2=1675489383; cSyncDp68=1675489383; cSyncDp71=1675489383; cSyncDp85=1675489383; cSyncDp95v3=1675489383; cSyncDp98v2=1675489383; cSyncDp101=1675489383; cSyncDp104v2=1675489383; cSyncDp107=1675489383; cSyncDp110=1675489383; cSyncDp125v3=1675489383; cSyncDp126=1675489383; cSyncDp127=1675489383; cSyncDp129=1675489383; cSyncDp136v2=1675489383; cSyncDp146=1675489383; cSyncDp148=1675489383; cSyncDp149v2=1675489383; cSyncDp151=1675489383; cSyncDp178=1675489383; cSyncDp186=1675489383; cSyncDp221=1675489383; cSyncDp235=1675489383
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sm.rtb.mts.ru/match/second?ssp=30&exu=1503420A67F0DD636414119D02F0F1AC
217.66.147.42200 OK 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=1503420A67F0DD636414119D02F0F1AC
IP 217.66.147.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=30&exu=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tag.digitaltarget.ru/processor.js?i=403270005513356
185.15.175.130200 OK 16 kB URL HTTP/1.1 tag.digitaltarget.ru/processor.js?i=403270005513356
IP 185.15.175.130:0
File type ASCII text, with very long lines (15892), with no line terminators
Hash 736e2fb1da94f3277e3f931048c1b9f3
196387db95a17da825b629de3542eff901b09905
4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc
GET /processor.js?i=403270005513356 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:43:04 GMT
Content-Type: application/javascript
Content-Length: 15892
Last-Modified: Sat, 04 Feb 2023 05:34:33 GMT
Connection: keep-alive
ETag: "63ddee69-3e14"
Accept-Ranges: bytes
px.adhigh.net/p/cm/sape?u=1503420A67F0DD636414119D02F0F1AC
193.232.150.69302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1503420A67F0DD636414119D02F0F1AC
IP 193.232.150.69:0
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 05:43:04 GMT
content-length: 0
x-backend-id: f13-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=e9dSPmUwXoO.AikABlGGGvMZyw;Path=/;Domain=.adhigh.net;Expires=Sun, 04-Feb-2024 05:43:04 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=1503420A67F0DD636414119D02F0F1AC&bounced=1
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=1503420A67F0DD636414119D02F0F1AC&bounced=1
193.232.150.69200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1503420A67F0DD636414119D02F0F1AC&bounced=1
IP 193.232.150.69:0
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=1503420A67F0DD636414119D02F0F1AC&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:43:04 GMT
content-type: image/gif
content-length: 49
x-backend-id: f13-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d132fc3241a2d974e0951cca93d9e828
74c9eb6072fc07ccf0eec7d78c30b58052b05dd8
28d6d764a99953f0d39d62c688594d0a0e8969d8d87a5fbe13917b90e23071ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28D6D764A99953F0D39D62C688594D0A0E8969D8D87A5FBE13917B90E23071CA"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15894
Expires: Sat, 04 Feb 2023 10:07:59 GMT
Date: Sat, 04 Feb 2023 05:43:05 GMT
Connection: keep-alive
dmg.digitaltarget.ru/1/1093/i/i?i=979399593597450.757576288201599&a=77&e=1503420A67F0DD636414119D02F0F1AC&pref=http%3A%2F%2Fotdamzadengi.ru%2F&c=ss:77.up:1503420A67F0DD636414119D02F0F1AC.sync:up.xdua:duuBi7Jd5BWQdrHJTY_CrHj9.xps:xpscYIkMjalegxoqSINYqVplM.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.130307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=979399593597450.757576288201599&a=77&e=1503420A67F0DD636414119D02F0F1AC&pref=http%3A%2F%2Fotdamzadengi.ru%2F&c=ss:77.up:1503420A67F0DD636414119D02F0F1AC.sync:up.xdua:duuBi7Jd5BWQdrHJTY_CrHj9.xps:xpscYIkMjalegxoqSINYqVplM.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=979399593597450.757576288201599&a=77&e=1503420A67F0DD636414119D02F0F1AC&pref=http%3A%2F%2Fotdamzadengi.ru%2F&c=ss:77.up:1503420A67F0DD636414119D02F0F1AC.sync:up.xdua:duuBi7Jd5BWQdrHJTY_CrHj9.xps:xpscYIkMjalegxoqSINYqVplM.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Sat, 04 Feb 2023 05:43:05 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675489385092&i=979399593597450.757576288201599&a=77&e=1503420A67F0DD636414119D02F0F1AC&pref=http%3A%2F%2Fotdamzadengi.ru%2F&c=ss:77.up:1503420A67F0DD636414119D02F0F1AC.sync:up.xdua:duuBi7Jd5BWQdrHJTY_CrHj9.xps:xpscYIkMjalegxoqSINYqVplM.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=IzVG2DdboRasPuk75HAh; Max-Age=93312000; Expires=Mon, 19 Jan 2026 05:43:05 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/1/1093/i/i?i=979399593597450.609584113555450&a=77&e=1503420A67F0DD636414119D02F0F1AC&pref=http%3A%2F%2Fotdamzadengi.ru%2F&c=ss:77.up:1503420A67F0DD636414119D02F0F1AC.sync:up.xdua:duuBi7Jd5BWQdrHJTY_CrHj9.xps:xpscYIkMjalegxoqSINYqVplM.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.130307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=979399593597450.609584113555450&a=77&e=1503420A67F0DD636414119D02F0F1AC&pref=http%3A%2F%2Fotdamzadengi.ru%2F&c=ss:77.up:1503420A67F0DD636414119D02F0F1AC.sync:up.xdua:duuBi7Jd5BWQdrHJTY_CrHj9.xps:xpscYIkMjalegxoqSINYqVplM.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=979399593597450.609584113555450&a=77&e=1503420A67F0DD636414119D02F0F1AC&pref=http%3A%2F%2Fotdamzadengi.ru%2F&c=ss:77.up:1503420A67F0DD636414119D02F0F1AC.sync:up.xdua:duuBi7Jd5BWQdrHJTY_CrHj9.xps:xpscYIkMjalegxoqSINYqVplM.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Sat, 04 Feb 2023 05:43:05 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675489385097&i=979399593597450.609584113555450&a=77&e=1503420A67F0DD636414119D02F0F1AC&pref=http%3A%2F%2Fotdamzadengi.ru%2F&c=ss:77.up:1503420A67F0DD636414119D02F0F1AC.sync:up.xdua:duuBi7Jd5BWQdrHJTY_CrHj9.xps:xpscYIkMjalegxoqSINYqVplM.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=gSFznmUbB6Rxez77ELGA; Max-Age=93312000; Expires=Mon, 19 Jan 2026 05:43:05 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4649
Expires: Sat, 04 Feb 2023 07:00:34 GMT
Date: Sat, 04 Feb 2023 05:43:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4649
Expires: Sat, 04 Feb 2023 07:00:34 GMT
Date: Sat, 04 Feb 2023 05:43:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4649
Expires: Sat, 04 Feb 2023 07:00:34 GMT
Date: Sat, 04 Feb 2023 05:43:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65cd12302c9ca5468dbc9a98155970e0
a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1
8463155faca74f13ec4500fed98289d8bfbdc4a989d1cb7580736018eadf1000
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7992
x-amzn-requestid: ba4f95d9-6081-4b34-955c-bbe8e7b2335c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEEjGsdIAMF84w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8083-7666baa66ccdec9b5fec8736;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A3c6sSs_b8KkREPa26a8X9NTEZpHGDjElR9hT-NXwg6dYpeuRNZXfA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
etag: "a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1"
content-type: image/jpeg
age: 27164
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 27164
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 27152
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75b9c67fbf2d207afec78eb14b95d7ec
c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8
42ddfef2fc1e0200a1ff3d615fd6da42fd8bdea4551344580c13af07092d401f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5917
x-amzn-requestid: 095185b4-b608-4ac8-9041-6e5fcf9033d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW_EA4IAMFxVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f9-1d780a2a58fcc30613bdfdab;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -4TwLeMENj7WdI_QQWKgwxTj9MldN5z7qmo7_OX_eXIVba9zjDEoaA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:42 GMT
age: 26723
etag: "c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b7r7phj8i49RMSuWufxF1L34K9udWa0mJ4dY12izM9ofwAuCFBGEZQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:05 GMT
age: 28500
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7afd5ce8fb9ec7b62e528bf97705e49
afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3
b2d93ba6c0ed2c858d91afba1c81251afbffa41c779be2e9203994dcfb7bbc9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7249
x-amzn-requestid: 007ce521-ed5c-4074-a314-684ad0df2e22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9GH5goAMF_ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8053-7060f02b767c90371991a190;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5fTV_e56nzjiXo4Guu67WXDDvp3nrjB0Yfyy6ByjcDSx23J-8r0fmQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 27164
etag: "afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675489385092&i=979399593597450.757576288201599&a=77&e=1503420A67F0DD636414119D02F0F1AC&pref=http%3A%2F%2Fotdamzadengi.ru%2F&c=ss:77.up:1503420A67F0DD636414119D02F0F1AC.sync:up.xdua:duuBi7Jd5BWQdrHJTY_CrHj9.xps:xpscYIkMjalegxoqSINYqVplM.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.130200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675489385092&i=979399593597450.757576288201599&a=77&e=1503420A67F0DD636414119D02F0F1AC&pref=http%3A%2F%2Fotdamzadengi.ru%2F&c=ss:77.up:1503420A67F0DD636414119D02F0F1AC.sync:up.xdua:duuBi7Jd5BWQdrHJTY_CrHj9.xps:xpscYIkMjalegxoqSINYqVplM.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1675489385092&i=979399593597450.757576288201599&a=77&e=1503420A67F0DD636414119D02F0F1AC&pref=http%3A%2F%2Fotdamzadengi.ru%2F&c=ss:77.up:1503420A67F0DD636414119D02F0F1AC.sync:up.xdua:duuBi7Jd5BWQdrHJTY_CrHj9.xps:xpscYIkMjalegxoqSINYqVplM.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:43:05 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675489385097&i=979399593597450.609584113555450&a=77&e=1503420A67F0DD636414119D02F0F1AC&pref=http%3A%2F%2Fotdamzadengi.ru%2F&c=ss:77.up:1503420A67F0DD636414119D02F0F1AC.sync:up.xdua:duuBi7Jd5BWQdrHJTY_CrHj9.xps:xpscYIkMjalegxoqSINYqVplM.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.130200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675489385097&i=979399593597450.609584113555450&a=77&e=1503420A67F0DD636414119D02F0F1AC&pref=http%3A%2F%2Fotdamzadengi.ru%2F&c=ss:77.up:1503420A67F0DD636414119D02F0F1AC.sync:up.xdua:duuBi7Jd5BWQdrHJTY_CrHj9.xps:xpscYIkMjalegxoqSINYqVplM.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1675489385097&i=979399593597450.609584113555450&a=77&e=1503420A67F0DD636414119D02F0F1AC&pref=http%3A%2F%2Fotdamzadengi.ru%2F&c=ss:77.up:1503420A67F0DD636414119D02F0F1AC.sync:up.xdua:duuBi7Jd5BWQdrHJTY_CrHj9.xps:xpscYIkMjalegxoqSINYqVplM.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:43:05 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 3
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 707bbc8a805b920528f43d3b19e9e41f
d33afb3c6b479050987b8ffa9ca64f574656af87
2e840eb2feba7a5a9c565c16c78c0c4ecbaa6273b9c77d97548b4d5c58ae2011
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:43:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.193200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otdamzadengi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 04 Feb 2023 05:43:05 GMT
expires: Sat, 04 Feb 2023 05:43:05 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:43:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash b8cdcaddaa8904e05f479004ed881954
17751e872f0779b7e41b7811741759ea41d4d5fb
0816cb9db19aef5ceec40438d4675a8dd720946cb0f47972b1e28b11849af688
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://otdamzadengi.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 04 Feb 2023 05:43:05 GMT
date: Sat, 04 Feb 2023 05:43:05 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-AESE56D0pbfkoKnEHxNU0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.acint.net/ping/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=78165580&dT=2023-02-04T05%3A43%3A40.602
193.3.184.229302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/ping/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=78165580&dT=2023-02-04T05%3A43%3A40.602
IP 193.3.184.229:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ping/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=78165580&dT=2023-02-04T05%3A43%3A40.602 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://otdamzadengi.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sat, 04 Feb 2023 05:43:06 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/ping/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=78165580&dT=2023-02-04T05%3A43%3A40.602
www.acint.net/ping/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=78165580&dT=2023-02-04T05%3A43%3A40.602
193.3.184.229200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=78165580&dT=2023-02-04T05%3A43%3A40.602
IP 193.3.184.229:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.5.1&uid=797de36e-2358-4473-b5e6-8c39cb3947cd&dp=10&tz=%2B00%3A00&nc=78165580&dT=2023-02-04T05%3A43%3A40.602 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otdamzadengi.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPd8GedERRkrPHwAnY32KYaaSpkXwnvS3VspL+W2obS; cSyncDp7v2=1675489383; cSyncDp14v3=1675489383; cSyncDp17=1675489383; cSyncDp32=1675489383; cSyncDp45v3=1675489383; cSyncDp53v2=1675489383; cSyncDp62=1675489383; cSyncDp67v2=1675489383; cSyncDp68=1675489383; cSyncDp71=1675489383; cSyncDp85=1675489383; cSyncDp95v3=1675489383; cSyncDp98v2=1675489383; cSyncDp101=1675489383; cSyncDp104v2=1675489383; cSyncDp107=1675489383; cSyncDp110=1675489383; cSyncDp125v3=1675489383; cSyncDp126=1675489383; cSyncDp127=1675489383; cSyncDp129=1675489383; cSyncDp136v2=1675489383; cSyncDp146=1675489383; cSyncDp148=1675489383; cSyncDp149v2=1675489383; cSyncDp151=1675489383; cSyncDp178=1675489383; cSyncDp186=1675489383; cSyncDp221=1675489383; cSyncDp235=1675489383
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 05:43:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/1503420A67F0DD636414119D02F0F1AC
213.180.193.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/1503420A67F0DD636414119D02F0F1AC
IP 213.180.193.90:0
GET /mapuid/sapeis/1503420A67F0DD636414119D02F0F1AC HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/1503420A67F0DD636414119D02F0F1AC?redir-setuniq=1
date: Sat, 04 Feb 2023 05:43:04 GMT
set-cookie: yandexuid=1844567261675489384; domain=.yandex.ru; path=/; expires=Tue, 01-Feb-2033 05:43:04 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:43:04 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sat, 04 Feb 2023 05:43:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10&tc=1
193.3.184.229200 OK 0 B URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP 193.3.184.229:0
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://otdamzadengi.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPd8GedERRkrPHwAnY32KYaaSpkXwnvS3VspL+W2obS
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 05:43:03 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1675489383; expires=Sun, 05-Feb-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53v2=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp98v2=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1675489383; expires=Sat, 18-Feb-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v3=1675489383; expires=Sun, 19-Feb-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp235=1675489383; expires=Mon, 06-Mar-23 05:43:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/MzYzOGExYjllMTFlZmU1Mg
213.180.193.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/MzYzOGExYjllMTFlZmU1Mg
IP 213.180.193.90:0
GET /mapuid/gonetdspis/MzYzOGExYjllMTFlZmU1Mg HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/gonetdspis/MzYzOGExYjllMTFlZmU1Mg?redir-setuniq=1
date: Sat, 04 Feb 2023 05:43:04 GMT
set-cookie: yandexuid=3876735381675489384; domain=.yandex.ru; path=/; expires=Tue, 01-Feb-2033 05:43:04 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:43:04 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sat, 04 Feb 2023 05:43:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/1503420A67F0DD636414119D02F0F1AC?redir-setuniq=1
213.180.193.90200 OK 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/1503420A67F0DD636414119D02F0F1AC?redir-setuniq=1
IP 213.180.193.90:0
GET /mapuid/sapeis/1503420A67F0DD636414119D02F0F1AC?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sat, 04 Feb 2023 05:43:04 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:43:04 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sat, 04 Feb 2023 05:43:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2