87.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=18339&utm_content=get-tune.net&utm_clickid=v4kc0o444kwg8cg8&aurl=https://done.7cord.com/done?data=SUhuckhqb0NGQ3I3L2RhckVjeWM4TlBsN2l4OG55c0NHUmpucTFHNXI4V05wVGJWTkFMSEpWWkJLWGptajBFRlhpR2pxSUdhSXVYemg5N3dSdlB4Q1g3aWdTeG1PcEJPMWhmRFVUY25TaHpmWnpOZCtIVzY5YTBLWFV2TEd3SytlYVE2ZnNES2VwelczN0hqS1VBS3BVS2ZJcVJKQ3diSG9nMGVaRzdOZlZoUStzOUEvbGcvTTVoY1NjTE5NcEdIcXREbWFnd2tsQTg0SGd5Wml6T1AwTU1odjc4SFhHSXpsZy9ncmlKa1VSbnJRN1h6UFVWN21WM0JmdVc2clhZVEVJZk9JZDBSWm5CbTlLNHB6VkYxcDlXSUV6dzdrOHhhRE5FYTFML21iZnBiRWhBUWt3d094YkIzNk1ERTdBOTVtUWxtK3pSUlEwVVJ1MmVIcnhYLzA0Q0w2azdBaDJ0S2VOSS9NckZjNS9oT3YxRlUrc2hWNXZMWlA1dU5tY2FpOE4yUkZ2ODk5elEvUFBHTlo5ZHNRaGhndEZ2bENnMnI2SnVETWl2Q2JIaTgwMERtUWY1SUhOMjNKcUUzZ1kvK2t1c2tRNTluSzIwN3BxYldVek9mcVRIMGNYQmlhYXdaaVNUSk4rdmlrODI0aXhTcWpTQjBCKzFYVnErUXlzMkF2cERGOVRnNmtFRTRuelE2QWlNVnRFbUg4ZS9XZWhKYTRRNGJPTkhZaElzZldwM2xoM3RuZmZ6REhsWkNzVWFXeUIvYjlKL3JiOWhna29vZWdsNFRXTDRXY1cxckpKaVBMdGZubVVHYStHbTJQOXUxTTh3eUgzVnlNalc1UGFpTW9lelNBNUtUSndITFRGcU9xN1FGMXlURWhDQytWaU1RT2UvUkhIYXB1K2tQOUU1c1N0WTM1NWY1K29pdnlCektnRnk1WmVvMDVKdEtHM0tYQVJUdjY3WGkwejlPWjB6ckdMR2FYZmJjSlEvME9PLzl5UkZpSnhFWHdYNGtUcnJFYlhRSEZOdjZ6cXp1a2dSdG9ONFB2UVJ6RmplSWZ4Yk13d2w1aVdJNzh4UjVFNElETnhPQTlvSVFvcXV2dlVMV2RmQkRiMkc2Nml3VTIxQWdwWWpXYUd2ckRkVHJMamZML0RMMVFTUGk1RCtaQVBLWWl3T0ZwVnNpem5iVklVcUVwajZod21hVXd5UVpOV3RYNTY1bnVGbk5mQnhnSzZSMjdIRGF1NW9vakZXSXg4TkhMeGZPTVV2MmVzTFNIeGkvMzVHSThlTGMyWU5qVTlGS2NOQVplRDdSNmsvN0lYYTQrVkIvM3VUaFN4UTF4RkpFUnlxa1d5Z0VlQzNzTUVtM1htSCt5N1ExdzNydmRKeHFnNkZyQ3o0THhvZForYzI3MCtsSndaSUZIeUJtUzFGVWlVNEFFY1hhaWlLS2tlOHV2Q0R6MkZWVWxDblpHcjBhVGdFcFF3bkY5dGJ3RmtkNDRpNUZCazhIalRzdEI4djF6YW5XU3U5K3lBWEZPSU5WRDF0OXB3UzdrN3Z2bldkQWdOcXF0bytHU3JzTEEzUDFhVlhtbFlid2hzWT0&an=go_12tnsot_19602700&utm_term=&site=&isubs=0
172.67.214.84200 OK 26 kB URL HTTP/1.1 87.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=18339&utm_content=get-tune.net&utm_clickid=v4kc0o444kwg8cg8&aurl=https://done.7cord.com/done?data=SUhuckhqb0NGQ3I3L2RhckVjeWM4TlBsN2l4OG55c0NHUmpucTFHNXI4V05wVGJWTkFMSEpWWkJLWGptajBFRlhpR2pxSUdhSXVYemg5N3dSdlB4Q1g3aWdTeG1PcEJPMWhmRFVUY25TaHpmWnpOZCtIVzY5YTBLWFV2TEd3SytlYVE2ZnNES2VwelczN0hqS1VBS3BVS2ZJcVJKQ3diSG9nMGVaRzdOZlZoUStzOUEvbGcvTTVoY1NjTE5NcEdIcXREbWFnd2tsQTg0SGd5Wml6T1AwTU1odjc4SFhHSXpsZy9ncmlKa1VSbnJRN1h6UFVWN21WM0JmdVc2clhZVEVJZk9JZDBSWm5CbTlLNHB6VkYxcDlXSUV6dzdrOHhhRE5FYTFML21iZnBiRWhBUWt3d094YkIzNk1ERTdBOTVtUWxtK3pSUlEwVVJ1MmVIcnhYLzA0Q0w2azdBaDJ0S2VOSS9NckZjNS9oT3YxRlUrc2hWNXZMWlA1dU5tY2FpOE4yUkZ2ODk5elEvUFBHTlo5ZHNRaGhndEZ2bENnMnI2SnVETWl2Q2JIaTgwMERtUWY1SUhOMjNKcUUzZ1kvK2t1c2tRNTluSzIwN3BxYldVek9mcVRIMGNYQmlhYXdaaVNUSk4rdmlrODI0aXhTcWpTQjBCKzFYVnErUXlzMkF2cERGOVRnNmtFRTRuelE2QWlNVnRFbUg4ZS9XZWhKYTRRNGJPTkhZaElzZldwM2xoM3RuZmZ6REhsWkNzVWFXeUIvYjlKL3JiOWhna29vZWdsNFRXTDRXY1cxckpKaVBMdGZubVVHYStHbTJQOXUxTTh3eUgzVnlNalc1UGFpTW9lelNBNUtUSndITFRGcU9xN1FGMXlURWhDQytWaU1RT2UvUkhIYXB1K2tQOUU1c1N0WTM1NWY1K29pdnlCektnRnk1WmVvMDVKdEtHM0tYQVJUdjY3WGkwejlPWjB6ckdMR2FYZmJjSlEvME9PLzl5UkZpSnhFWHdYNGtUcnJFYlhRSEZOdjZ6cXp1a2dSdG9ONFB2UVJ6RmplSWZ4Yk13d2w1aVdJNzh4UjVFNElETnhPQTlvSVFvcXV2dlVMV2RmQkRiMkc2Nml3VTIxQWdwWWpXYUd2ckRkVHJMamZML0RMMVFTUGk1RCtaQVBLWWl3T0ZwVnNpem5iVklVcUVwajZod21hVXd5UVpOV3RYNTY1bnVGbk5mQnhnSzZSMjdIRGF1NW9vakZXSXg4TkhMeGZPTVV2MmVzTFNIeGkvMzVHSThlTGMyWU5qVTlGS2NOQVplRDdSNmsvN0lYYTQrVkIvM3VUaFN4UTF4RkpFUnlxa1d5Z0VlQzNzTUVtM1htSCt5N1ExdzNydmRKeHFnNkZyQ3o0THhvZForYzI3MCtsSndaSUZIeUJtUzFGVWlVNEFFY1hhaWlLS2tlOHV2Q0R6MkZWVWxDblpHcjBhVGdFcFF3bkY5dGJ3RmtkNDRpNUZCazhIalRzdEI4djF6YW5XU3U5K3lBWEZPSU5WRDF0OXB3UzdrN3Z2bldkQWdOcXF0bytHU3JzTEEzUDFhVlhtbFlid2hzWT0&an=go_12tnsot_19602700&utm_term=&site=&isubs=0
IP 172.67.214.84:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12693), with CRLF, LF line terminators
Hash 017da66a3f329d03ce74097243a5fb87
31650415ae3a08fc13a78bf38591d32f621137b5
1665cddc489cae1e2ef334fa150809e2cc1628410cb88890cea79be3a4c3d67b
GET /index/m3?diff=0&utm_source=ogdd&utm_campaign=18339&utm_content=get-tune.net&utm_clickid=v4kc0o444kwg8cg8&aurl=https://done.7cord.com/done?data=SUhuckhqb0NGQ3I3L2RhckVjeWM4TlBsN2l4OG55c0NHUmpucTFHNXI4V05wVGJWTkFMSEpWWkJLWGptajBFRlhpR2pxSUdhSXVYemg5N3dSdlB4Q1g3aWdTeG1PcEJPMWhmRFVUY25TaHpmWnpOZCtIVzY5YTBLWFV2TEd3SytlYVE2ZnNES2VwelczN0hqS1VBS3BVS2ZJcVJKQ3diSG9nMGVaRzdOZlZoUStzOUEvbGcvTTVoY1NjTE5NcEdIcXREbWFnd2tsQTg0SGd5Wml6T1AwTU1odjc4SFhHSXpsZy9ncmlKa1VSbnJRN1h6UFVWN21WM0JmdVc2clhZVEVJZk9JZDBSWm5CbTlLNHB6VkYxcDlXSUV6dzdrOHhhRE5FYTFML21iZnBiRWhBUWt3d094YkIzNk1ERTdBOTVtUWxtK3pSUlEwVVJ1MmVIcnhYLzA0Q0w2azdBaDJ0S2VOSS9NckZjNS9oT3YxRlUrc2hWNXZMWlA1dU5tY2FpOE4yUkZ2ODk5elEvUFBHTlo5ZHNRaGhndEZ2bENnMnI2SnVETWl2Q2JIaTgwMERtUWY1SUhOMjNKcUUzZ1kvK2t1c2tRNTluSzIwN3BxYldVek9mcVRIMGNYQmlhYXdaaVNUSk4rdmlrODI0aXhTcWpTQjBCKzFYVnErUXlzMkF2cERGOVRnNmtFRTRuelE2QWlNVnRFbUg4ZS9XZWhKYTRRNGJPTkhZaElzZldwM2xoM3RuZmZ6REhsWkNzVWFXeUIvYjlKL3JiOWhna29vZWdsNFRXTDRXY1cxckpKaVBMdGZubVVHYStHbTJQOXUxTTh3eUgzVnlNalc1UGFpTW9lelNBNUtUSndITFRGcU9xN1FGMXlURWhDQytWaU1RT2UvUkhIYXB1K2tQOUU1c1N0WTM1NWY1K29pdnlCektnRnk1WmVvMDVKdEtHM0tYQVJUdjY3WGkwejlPWjB6ckdMR2FYZmJjSlEvME9PLzl5UkZpSnhFWHdYNGtUcnJFYlhRSEZOdjZ6cXp1a2dSdG9ONFB2UVJ6RmplSWZ4Yk13d2w1aVdJNzh4UjVFNElETnhPQTlvSVFvcXV2dlVMV2RmQkRiMkc2Nml3VTIxQWdwWWpXYUd2ckRkVHJMamZML0RMMVFTUGk1RCtaQVBLWWl3T0ZwVnNpem5iVklVcUVwajZod21hVXd5UVpOV3RYNTY1bnVGbk5mQnhnSzZSMjdIRGF1NW9vakZXSXg4TkhMeGZPTVV2MmVzTFNIeGkvMzVHSThlTGMyWU5qVTlGS2NOQVplRDdSNmsvN0lYYTQrVkIvM3VUaFN4UTF4RkpFUnlxa1d5Z0VlQzNzTUVtM1htSCt5N1ExdzNydmRKeHFnNkZyQ3o0THhvZForYzI3MCtsSndaSUZIeUJtUzFGVWlVNEFFY1hhaWlLS2tlOHV2Q0R6MkZWVWxDblpHcjBhVGdFcFF3bkY5dGJ3RmtkNDRpNUZCazhIalRzdEI4djF6YW5XU3U5K3lBWEZPSU5WRDF0OXB3UzdrN3Z2bldkQWdOcXF0bytHU3JzTEEzUDFhVlhtbFlid2hzWT0&an=go_12tnsot_19602700&utm_term=&site=&isubs=0 HTTP/1.1
Host: 87.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 13:19:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-transform
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZswjiJ%2BdoKm%2FPBTm%2FkJ2R89NhvUfoWjoPRCn1PfS47nfGcczm2gjQZrJXtx9nTj6kmXycCarVal%2FAGzPUAHy082lSPgmQ5qj6hgOJov0pkt5j6RyIyH%2FJ2HCd8ZUB%2Bn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793b752559cab511-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2991
Expires: Fri, 03 Feb 2023 14:09:11 GMT
Date: Fri, 03 Feb 2023 13:19:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14005
Expires: Fri, 03 Feb 2023 17:12:45 GMT
Date: Fri, 03 Feb 2023 13:19:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 12:43:35 GMT
content-type: application/json
age: 2145
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16372
Expires: Fri, 03 Feb 2023 17:52:12 GMT
Date: Fri, 03 Feb 2023 13:19:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /iEeH9LZXbZcRy8QPnq6wjIMIZkAzJtl8nfIkJlpXn2ZL44MeKGDeZOcFbPp7Crsr/7Tcgp78A8=
x-amz-request-id: D15VXANWMENQE0MN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 12:23:32 GMT
age: 3348
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
87.biqund.com/assets/styles/arrow.css?v1
172.67.214.84200 OK 2.1 kB URL HTTP/1.1 87.biqund.com/assets/styles/arrow.css?v1
IP 172.67.214.84:0
Hash 42f2eac8fc2d717d43b63c19404d009d
f160ecec8abed0763a70ab4c412697cb661bb9a7
2c64ecb52bdbe782356e6b4c2763127a375d1114c858011f73455cfd27232efc
GET /assets/styles/arrow.css?v1 HTTP/1.1
Host: 87.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://87.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=18339&utm_content=get-tune.net&utm_clickid=v4kc0o444kwg8cg8&aurl=https://done.7cord.com/done?data=SUhuckhqb0NGQ3I3L2RhckVjeWM4TlBsN2l4OG55c0NHUmpucTFHNXI4V05wVGJWTkFMSEpWWkJLWGptajBFRlhpR2pxSUdhSXVYemg5N3dSdlB4Q1g3aWdTeG1PcEJPMWhmRFVUY25TaHpmWnpOZCtIVzY5YTBLWFV2TEd3SytlYVE2ZnNES2VwelczN0hqS1VBS3BVS2ZJcVJKQ3diSG9nMGVaRzdOZlZoUStzOUEvbGcvTTVoY1NjTE5NcEdIcXREbWFnd2tsQTg0SGd5Wml6T1AwTU1odjc4SFhHSXpsZy9ncmlKa1VSbnJRN1h6UFVWN21WM0JmdVc2clhZVEVJZk9JZDBSWm5CbTlLNHB6VkYxcDlXSUV6dzdrOHhhRE5FYTFML21iZnBiRWhBUWt3d094YkIzNk1ERTdBOTVtUWxtK3pSUlEwVVJ1MmVIcnhYLzA0Q0w2azdBaDJ0S2VOSS9NckZjNS9oT3YxRlUrc2hWNXZMWlA1dU5tY2FpOE4yUkZ2ODk5elEvUFBHTlo5ZHNRaGhndEZ2bENnMnI2SnVETWl2Q2JIaTgwMERtUWY1SUhOMjNKcUUzZ1kvK2t1c2tRNTluSzIwN3BxYldVek9mcVRIMGNYQmlhYXdaaVNUSk4rdmlrODI0aXhTcWpTQjBCKzFYVnErUXlzMkF2cERGOVRnNmtFRTRuelE2QWlNVnRFbUg4ZS9XZWhKYTRRNGJPTkhZaElzZldwM2xoM3RuZmZ6REhsWkNzVWFXeUIvYjlKL3JiOWhna29vZWdsNFRXTDRXY1cxckpKaVBMdGZubVVHYStHbTJQOXUxTTh3eUgzVnlNalc1UGFpTW9lelNBNUtUSndITFRGcU9xN1FGMXlURWhDQytWaU1RT2UvUkhIYXB1K2tQOUU1c1N0WTM1NWY1K29pdnlCektnRnk1WmVvMDVKdEtHM0tYQVJUdjY3WGkwejlPWjB6ckdMR2FYZmJjSlEvME9PLzl5UkZpSnhFWHdYNGtUcnJFYlhRSEZOdjZ6cXp1a2dSdG9ONFB2UVJ6RmplSWZ4Yk13d2w1aVdJNzh4UjVFNElETnhPQTlvSVFvcXV2dlVMV2RmQkRiMkc2Nml3VTIxQWdwWWpXYUd2ckRkVHJMamZML0RMMVFTUGk1RCtaQVBLWWl3T0ZwVnNpem5iVklVcUVwajZod21hVXd5UVpOV3RYNTY1bnVGbk5mQnhnSzZSMjdIRGF1NW9vakZXSXg4TkhMeGZPTVV2MmVzTFNIeGkvMzVHSThlTGMyWU5qVTlGS2NOQVplRDdSNmsvN0lYYTQrVkIvM3VUaFN4UTF4RkpFUnlxa1d5Z0VlQzNzTUVtM1htSCt5N1ExdzNydmRKeHFnNkZyQ3o0THhvZForYzI3MCtsSndaSUZIeUJtUzFGVWlVNEFFY1hhaWlLS2tlOHV2Q0R6MkZWVWxDblpHcjBhVGdFcFF3bkY5dGJ3RmtkNDRpNUZCazhIalRzdEI4djF6YW5XU3U5K3lBWEZPSU5WRDF0OXB3UzdrN3Z2bldkQWdOcXF0bytHU3JzTEEzUDFhVlhtbFlid2hzWT0&an=go_12tnsot_19602700&utm_term=&site=&isubs=0
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 13:19:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 12:29:48 GMT
ETag: W/"636262bc-1a14"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 25
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5xoMRB2oT2lEhFKNnbrhgFbBWDMociDFDD00IOi9LTuBx5EbJAe%2F%2BoLsgBXA%2B%2Bk%2Bc1a4sSoYAAfZp6gntUI0UWqk4ujkzMuuA4KFspNqcC1nycr2rYUfbMb7KhHG2h2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b75274c83b511-OSL
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 13:19:20 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
87.biqund.com/199f8c6.php?utm_source=ogdd&utm_campaign=18339
172.67.214.84200 OK 17 kB URL HTTP/1.1 87.biqund.com/199f8c6.php?utm_source=ogdd&utm_campaign=18339
IP 172.67.214.84:0
File type Unicode text, UTF-8 text, with very long lines (42846), with no line terminators
Hash 671e8353a6488581dd408c2954905b90
113e8c5db5ff113d4eb0c4b7b1f8e516dd5997d0
13125afb040d05352412b5ca59e0da474941a6c5c8616c02301fb1fb5e90eb0b
GET /199f8c6.php?utm_source=ogdd&utm_campaign=18339 HTTP/1.1
Host: 87.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://87.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=18339&utm_content=get-tune.net&utm_clickid=v4kc0o444kwg8cg8&aurl=https://done.7cord.com/done?data=SUhuckhqb0NGQ3I3L2RhckVjeWM4TlBsN2l4OG55c0NHUmpucTFHNXI4V05wVGJWTkFMSEpWWkJLWGptajBFRlhpR2pxSUdhSXVYemg5N3dSdlB4Q1g3aWdTeG1PcEJPMWhmRFVUY25TaHpmWnpOZCtIVzY5YTBLWFV2TEd3SytlYVE2ZnNES2VwelczN0hqS1VBS3BVS2ZJcVJKQ3diSG9nMGVaRzdOZlZoUStzOUEvbGcvTTVoY1NjTE5NcEdIcXREbWFnd2tsQTg0SGd5Wml6T1AwTU1odjc4SFhHSXpsZy9ncmlKa1VSbnJRN1h6UFVWN21WM0JmdVc2clhZVEVJZk9JZDBSWm5CbTlLNHB6VkYxcDlXSUV6dzdrOHhhRE5FYTFML21iZnBiRWhBUWt3d094YkIzNk1ERTdBOTVtUWxtK3pSUlEwVVJ1MmVIcnhYLzA0Q0w2azdBaDJ0S2VOSS9NckZjNS9oT3YxRlUrc2hWNXZMWlA1dU5tY2FpOE4yUkZ2ODk5elEvUFBHTlo5ZHNRaGhndEZ2bENnMnI2SnVETWl2Q2JIaTgwMERtUWY1SUhOMjNKcUUzZ1kvK2t1c2tRNTluSzIwN3BxYldVek9mcVRIMGNYQmlhYXdaaVNUSk4rdmlrODI0aXhTcWpTQjBCKzFYVnErUXlzMkF2cERGOVRnNmtFRTRuelE2QWlNVnRFbUg4ZS9XZWhKYTRRNGJPTkhZaElzZldwM2xoM3RuZmZ6REhsWkNzVWFXeUIvYjlKL3JiOWhna29vZWdsNFRXTDRXY1cxckpKaVBMdGZubVVHYStHbTJQOXUxTTh3eUgzVnlNalc1UGFpTW9lelNBNUtUSndITFRGcU9xN1FGMXlURWhDQytWaU1RT2UvUkhIYXB1K2tQOUU1c1N0WTM1NWY1K29pdnlCektnRnk1WmVvMDVKdEtHM0tYQVJUdjY3WGkwejlPWjB6ckdMR2FYZmJjSlEvME9PLzl5UkZpSnhFWHdYNGtUcnJFYlhRSEZOdjZ6cXp1a2dSdG9ONFB2UVJ6RmplSWZ4Yk13d2w1aVdJNzh4UjVFNElETnhPQTlvSVFvcXV2dlVMV2RmQkRiMkc2Nml3VTIxQWdwWWpXYUd2ckRkVHJMamZML0RMMVFTUGk1RCtaQVBLWWl3T0ZwVnNpem5iVklVcUVwajZod21hVXd5UVpOV3RYNTY1bnVGbk5mQnhnSzZSMjdIRGF1NW9vakZXSXg4TkhMeGZPTVV2MmVzTFNIeGkvMzVHSThlTGMyWU5qVTlGS2NOQVplRDdSNmsvN0lYYTQrVkIvM3VUaFN4UTF4RkpFUnlxa1d5Z0VlQzNzTUVtM1htSCt5N1ExdzNydmRKeHFnNkZyQ3o0THhvZForYzI3MCtsSndaSUZIeUJtUzFGVWlVNEFFY1hhaWlLS2tlOHV2Q0R6MkZWVWxDblpHcjBhVGdFcFF3bkY5dGJ3RmtkNDRpNUZCazhIalRzdEI4djF6YW5XU3U5K3lBWEZPSU5WRDF0OXB3UzdrN3Z2bldkQWdOcXF0bytHU3JzTEEzUDFhVlhtbFlid2hzWT0&an=go_12tnsot_19602700&utm_term=&site=&isubs=0
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 13:19:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaMpBGJ3lpFWD%2FcQpBME8auE%2Fn7BHZgOCUjNEshrJD773iSCPpeMfy4TggQ4ZmK7oihpAXpxmPeVvmSHCmZQBKYAkiByYN3SNksBv5FgL3I1YPBVR6kVSmxEkGITIBsS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793b75275ca6b511-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 14672c54ecc880f0a3b0b3be8bb3aa8f
79d44e4380222773fb11678c58a0c4c470a46b57
41f3cbae3e0eaaeb020f29c665e4fcebad612839f6b467a17eed3fb6be6e4182
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41F3CBAE3E0EAAEB020F29C665E4FCEBAD612839F6B467A17EED3FB6BE6E4182"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9539
Expires: Fri, 03 Feb 2023 15:58:19 GMT
Date: Fri, 03 Feb 2023 13:19:20 GMT
Connection: keep-alive
sartojelius.com/70027
88.208.46.22200 OK 3.2 kB IP 88.208.46.22:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (3244), with no line terminators
Hash a524ee37afeaf9fb290c65a6496937fa
6a3f19bb3bbdc5b375aeeb806b38a3b7017101ac
0b83141eccdfd472e508918391cfec8b02cceb4213426adfa05f962e3821df20
POST /70027 HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://87.biqund.com/
Content-Type: text/plain;charset=UTF-8
Origin: http://87.biqund.com
Content-Length: 250
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 13:19:20 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://87.biqund.com
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: userid=65d61f47-1488-4050-954e-c743eb751bc6; expires=Thu, 03-Feb-2028 13:19:20 GMT; Path=/; SameSite=None; Secure
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
sartojelius.com/event/set
88.208.46.22200 OK 20 B URL HTTP/1.1 sartojelius.com/event/set
IP 88.208.46.22:0
ASN #39572 DataWeb Global Group B.V.
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /event/set HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://87.biqund.com/
Content-Type: text/plain;charset=UTF-8
Origin: http://87.biqund.com
Content-Length: 116
Connection: keep-alive
Cookie: userid=65d61f47-1488-4050-954e-c743eb751bc6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 13:19:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://87.biqund.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Content-Encoding: gzip
sartojelius.com/js/cs?uuid=65d61f47-1488-4050-954e-c743eb751bc6
88.208.46.22302 Found 0 B URL HTTP/1.1 sartojelius.com/js/cs?uuid=65d61f47-1488-4050-954e-c743eb751bc6
IP 88.208.46.22:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/cs?uuid=65d61f47-1488-4050-954e-c743eb751bc6 HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://87.biqund.com/
Cookie: userid=65d61f47-1488-4050-954e-c743eb751bc6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 03 Feb 2023 13:19:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid=65d61f47-1488-4050-954e-c743eb751bc6; expires=Sun, 05-Mar-2023 13:19:20 GMT; Path=/; domain=.sartojelius.com; SameSite=None; Secure
Location: https://s.uuidksinc.net/match/1165/?remote_uid=65d61f47-1488-4050-954e-c743eb751bc6&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3D65d61f47-1488-4050-954e-c743eb751bc6%26oid%3D%5BUID%5D
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 01f0f31fd5c4eb91d3e40c86525ed648
6b5d76917b14e310ae643056123edba7bd235764
1f0a7b3865bfaf1b6a45fd77aa09a1988bba0bc1c9793832c5906c8ff38df24b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F0A7B3865BFAF1B6A45FD77AA09A1988BBA0BC1C9793832C5906C8FF38DF24B"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2219
Expires: Fri, 03 Feb 2023 13:56:19 GMT
Date: Fri, 03 Feb 2023 13:19:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 01f0f31fd5c4eb91d3e40c86525ed648
6b5d76917b14e310ae643056123edba7bd235764
1f0a7b3865bfaf1b6a45fd77aa09a1988bba0bc1c9793832c5906c8ff38df24b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F0A7B3865BFAF1B6A45FD77AA09A1988BBA0BC1C9793832C5906C8FF38DF24B"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3221
Expires: Fri, 03 Feb 2023 14:13:01 GMT
Date: Fri, 03 Feb 2023 13:19:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 13:07:19 GMT
age: 721
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d5aa03d944374e364d4fdbb8f9cbf95e
43e3c5a8a5ff027de3c9ad9a41b572e4f33e72f9
483314668ec3c34108277a26d39a4282ce255e416cb5cec43e3d30d5340b8138
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "483314668EC3C34108277A26D39A4282CE255E416CB5CEC43E3D30D5340B8138"
Last-Modified: Wed, 01 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=455
Expires: Fri, 03 Feb 2023 13:26:55 GMT
Date: Fri, 03 Feb 2023 13:19:20 GMT
Connection: keep-alive
87.biqund.com/favicon.ico
172.67.214.84200 OK 4.0 kB URL HTTP/1.1 87.biqund.com/favicon.ico
IP 172.67.214.84:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash a51793fe0317686ba089709c57a35b1a
61575816c708298644a9c26859edc3a17ae91ebd
b81a8f8301df8f22e0ca12689afd9855d710026631f486c9538fdb08b129b084
GET /favicon.ico HTTP/1.1
Host: 87.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://87.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=18339&utm_content=get-tune.net&utm_clickid=v4kc0o444kwg8cg8&aurl=https://done.7cord.com/done?data=SUhuckhqb0NGQ3I3L2RhckVjeWM4TlBsN2l4OG55c0NHUmpucTFHNXI4V05wVGJWTkFMSEpWWkJLWGptajBFRlhpR2pxSUdhSXVYemg5N3dSdlB4Q1g3aWdTeG1PcEJPMWhmRFVUY25TaHpmWnpOZCtIVzY5YTBLWFV2TEd3SytlYVE2ZnNES2VwelczN0hqS1VBS3BVS2ZJcVJKQ3diSG9nMGVaRzdOZlZoUStzOUEvbGcvTTVoY1NjTE5NcEdIcXREbWFnd2tsQTg0SGd5Wml6T1AwTU1odjc4SFhHSXpsZy9ncmlKa1VSbnJRN1h6UFVWN21WM0JmdVc2clhZVEVJZk9JZDBSWm5CbTlLNHB6VkYxcDlXSUV6dzdrOHhhRE5FYTFML21iZnBiRWhBUWt3d094YkIzNk1ERTdBOTVtUWxtK3pSUlEwVVJ1MmVIcnhYLzA0Q0w2azdBaDJ0S2VOSS9NckZjNS9oT3YxRlUrc2hWNXZMWlA1dU5tY2FpOE4yUkZ2ODk5elEvUFBHTlo5ZHNRaGhndEZ2bENnMnI2SnVETWl2Q2JIaTgwMERtUWY1SUhOMjNKcUUzZ1kvK2t1c2tRNTluSzIwN3BxYldVek9mcVRIMGNYQmlhYXdaaVNUSk4rdmlrODI0aXhTcWpTQjBCKzFYVnErUXlzMkF2cERGOVRnNmtFRTRuelE2QWlNVnRFbUg4ZS9XZWhKYTRRNGJPTkhZaElzZldwM2xoM3RuZmZ6REhsWkNzVWFXeUIvYjlKL3JiOWhna29vZWdsNFRXTDRXY1cxckpKaVBMdGZubVVHYStHbTJQOXUxTTh3eUgzVnlNalc1UGFpTW9lelNBNUtUSndITFRGcU9xN1FGMXlURWhDQytWaU1RT2UvUkhIYXB1K2tQOUU1c1N0WTM1NWY1K29pdnlCektnRnk1WmVvMDVKdEtHM0tYQVJUdjY3WGkwejlPWjB6ckdMR2FYZmJjSlEvME9PLzl5UkZpSnhFWHdYNGtUcnJFYlhRSEZOdjZ6cXp1a2dSdG9ONFB2UVJ6RmplSWZ4Yk13d2w1aVdJNzh4UjVFNElETnhPQTlvSVFvcXV2dlVMV2RmQkRiMkc2Nml3VTIxQWdwWWpXYUd2ckRkVHJMamZML0RMMVFTUGk1RCtaQVBLWWl3T0ZwVnNpem5iVklVcUVwajZod21hVXd5UVpOV3RYNTY1bnVGbk5mQnhnSzZSMjdIRGF1NW9vakZXSXg4TkhMeGZPTVV2MmVzTFNIeGkvMzVHSThlTGMyWU5qVTlGS2NOQVplRDdSNmsvN0lYYTQrVkIvM3VUaFN4UTF4RkpFUnlxa1d5Z0VlQzNzTUVtM1htSCt5N1ExdzNydmRKeHFnNkZyQ3o0THhvZForYzI3MCtsSndaSUZIeUJtUzFGVWlVNEFFY1hhaWlLS2tlOHV2Q0R6MkZWVWxDblpHcjBhVGdFcFF3bkY5dGJ3RmtkNDRpNUZCazhIalRzdEI4djF6YW5XU3U5K3lBWEZPSU5WRDF0OXB3UzdrN3Z2bldkQWdOcXF0bytHU3JzTEEzUDFhVlhtbFlid2hzWT0&an=go_12tnsot_19602700&utm_term=&site=&isubs=0
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 13:19:20 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 12:29:48 GMT
ETag: W/"636262bc-1007"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 25
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDt2vSgxrsOJ4QMAXU8wckwoSNt9HovT2UG0U2EZ9bZAsakJjUnJ4PsG4u8HL%2B7UW4rpIMjKD3Tj28N7nno4jzeAb8WV56fdzY06cHeQdIWcorjIUWnvqnB5jqSO94Gm"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b752b19bbb511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
hdtcode.com/event?data=go_12tnsot_19602700&id=30
185.196.197.130200 OK 0 B URL HTTP/2 hdtcode.com/event?data=go_12tnsot_19602700&id=30
IP 185.196.197.130:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?data=go_12tnsot_19602700&id=30 HTTP/1.1
Host: hdtcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://87.biqund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 03 Feb 2023 13:19:20 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
s.uuidksinc.net/match/1165/?remote_uid=65d61f47-1488-4050-954e-c743eb751bc6&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3D65d61f47-1488-4050-954e-c743eb751bc6%26oid%3D%5BUID%5D
31.220.27.135302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/1165/?remote_uid=65d61f47-1488-4050-954e-c743eb751bc6&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3D65d61f47-1488-4050-954e-c743eb751bc6%26oid%3D%5BUID%5D
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/1165/?remote_uid=65d61f47-1488-4050-954e-c743eb751bc6&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3D65d61f47-1488-4050-954e-c743eb751bc6%26oid%3D%5BUID%5D HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://87.biqund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Fri, 03 Feb 2023 13:19:20 GMT
content-length: 0
location: https://sartojelius.com/js/cs?uuid=65d61f47-1488-4050-954e-c743eb751bc6&oid=HRCGLd9bHZ9NKGiBMPKx
set-cookie: jcsuuid=HRCGLd9bHZ9NKGiBMPKx; expires=Sat, 03 Feb 2024 13:19:20 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
hdtcode.com/event?data=go_12tnsot_19602700&id=10
185.196.197.130200 OK 0 B URL HTTP/2 hdtcode.com/event?data=go_12tnsot_19602700&id=10
IP 185.196.197.130:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?data=go_12tnsot_19602700&id=10 HTTP/1.1
Host: hdtcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://87.biqund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 03 Feb 2023 13:19:20 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
sartojelius.com/js/cs?uuid=65d61f47-1488-4050-954e-c743eb751bc6&oid=HRCGLd9bHZ9NKGiBMPKx
88.208.46.22200 OK 43 B URL HTTP/1.1 sartojelius.com/js/cs?uuid=65d61f47-1488-4050-954e-c743eb751bc6&oid=HRCGLd9bHZ9NKGiBMPKx
IP 88.208.46.22:0
ASN #39572 DataWeb Global Group B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /js/cs?uuid=65d61f47-1488-4050-954e-c743eb751bc6&oid=HRCGLd9bHZ9NKGiBMPKx HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://87.biqund.com/
Connection: keep-alive
Cookie: userid=65d61f47-1488-4050-954e-c743eb751bc6; uuid=65d61f47-1488-4050-954e-c743eb751bc6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 13:19:20 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: oid=HRCGLd9bHZ9NKGiBMPKx; expires=Sun, 05-Mar-2023 13:19:20 GMT; Path=/; domain=.sartojelius.com; SameSite=None; Secure
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13903
Expires: Fri, 03 Feb 2023 17:11:03 GMT
Date: Fri, 03 Feb 2023 13:19:20 GMT
Connection: keep-alive
push.services.mozilla.com/
44.238.73.182101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.73.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2ii4Kh3qDwo1s9tES7W+2g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yjTv+qQkDSZ3Wzd7giinGE35ieQ=
uuidksinc.net/matchx
31.220.27.135200 OK 1.2 kB IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2136)
Hash d811e6066bdd0e4ba0ee86ccd6bf8ab6
dfd20327fff83ef3d28d1062caa21fcd255595e8
963a44f479769a665f8a1bf131cd7d4819b8ad10775e144ac5c55ea155e8b7ce
GET /matchx HTTP/1.1
Host: uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://87.biqund.com/
Cookie: jcsuuid=HRCGLd9bHZ9NKGiBMPKx
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 03 Feb 2023 13:19:21 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
dm-eu.hybrid.ai/match?id=158&vid=HRCGLd9bHZ9NKGiBMPKx
37.18.103.16204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=158&vid=HRCGLd9bHZ9NKGiBMPKx
IP 37.18.103.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=158&vid=HRCGLd9bHZ9NKGiBMPKx HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 03 Feb 2023 13:19:21 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=1259c70e4401dd98014a; Expires=Sat, 03 Feb 2024 13:19:20 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 523
x-xss-protection: 1; mode=block
access-control-allow-origin: https://uuidksinc.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 85c49be634a7f42279fb6e164384c685
2bd0e3f80dd7bf1aeacccb67a671e1fb504cd4e6
a133c2450c873e29dcdcd7630744b0f9211b1362b3c1eb5e2bf690949ff04d7f
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 13:19:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 07 Feb 2023 12:22:38 GMT
ETag: "2bd0e3f80dd7bf1aeacccb67a671e1fb504cd4e6"
Last-Modified: Fri, 03 Feb 2023 12:22:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 779
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b752e6a98b515-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1d82139609e323e908fac5d93cc352a0
16464d86dbab5ffda5e66d870c5d139ee69f9422
dafce9d952b644da844563623a477eec073d696e74275b56b8329ed44b64aa57
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAFCE9D952B644DA844563623A477EEC073D696E74275B56B8329ED44B64AA57"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2096
Expires: Fri, 03 Feb 2023 13:54:17 GMT
Date: Fri, 03 Feb 2023 13:19:21 GMT
Connection: keep-alive
www.acint.net/rmatch?dp=191&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D%24%7BUSER_ID%7D
185.12.125.26302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=191&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D%24%7BUSER_ID%7D
IP 185.12.125.26:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=191&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Fri, 03 Feb 2023 13:19:21 GMT
content-type: text/html
content-length: 154
location: /rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D&dp=191&tc=1
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Fri, 03-Feb-23 13:29:21 GMT
aid=CkIDFWPdCdmsqRRY2hp0An7xIQLTjhireAaYwem+OJyZZ3BW; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
kimberlite.io/rtb/sync/kadam?u=HRCGLd9bHZ9NKGiBMPKx
80.78.249.201307 Temporary Redirect 0 B URL HTTP/1.1 kimberlite.io/rtb/sync/kadam?u=HRCGLd9bHZ9NKGiBMPKx
IP 80.78.249.201:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/sync/kadam?u=HRCGLd9bHZ9NKGiBMPKx HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 03 Feb 2023 13:19:21 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: u=Y90J2T8PhwI~W0WcnRqKbH-inwWWAmXR2Q5giOo; path=/; max-age=7776000; samesite=none; httponly; secure
f=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F499%2F%3Fremote_uid%3DY90J2T8PhwI; max-age=30; samesite=none; httponly; secure
n=1; max-age=30; samesite=none; httponly; secure
location: https://sm.rtb.mts.ru/p?ssp=toptraffic&id=Y90J2T8PhwI
referrer-policy: no-referrer
server-timing: app;srv=2;dur=0.0002
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f8181d9b50f1940562d3cf6e094591dc
0ada23c077f794cb9acb32890e2c09678e6bd683
c32b8a74f04a4a763a29755b573b4e4e7e24a5fbcc47f1b806fe68cd59a96bdc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C32B8A74F04A4A763A29755B573B4E4E7E24A5FBCC47F1B806FE68CD59A96BDC"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3278
Expires: Fri, 03 Feb 2023 14:13:59 GMT
Date: Fri, 03 Feb 2023 13:19:21 GMT
Connection: keep-alive
www.acint.net/rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D&dp=191&tc=1
185.12.125.26302 Found 154 B URL HTTP/2 www.acint.net/rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D&dp=191&tc=1
IP 185.12.125.26:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D&dp=191&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPdCdmsqRRY2hp0An7xIQLTjhireAaYwem+OJyZZ3BW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Fri, 03 Feb 2023 13:19:21 GMT
content-type: text/html
content-length: 154
location: https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253D$%257BUSER_ID%257D&dp=14
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
set-cookie: cSyncDp14v3=1675430361; expires=Sun, 05-Mar-23 13:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
dmpprof.com/matching/external/pixel.gif?sid=14&uid=HRCGLd9bHZ9NKGiBMPKx
85.192.12.174200 OK 43 B URL HTTP/2 dmpprof.com/matching/external/pixel.gif?sid=14&uid=HRCGLd9bHZ9NKGiBMPKx
IP 85.192.12.174:0
ASN #12695 LLC Digital Network
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /matching/external/pixel.gif?sid=14&uid=HRCGLd9bHZ9NKGiBMPKx HTTP/1.1
Host: dmpprof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 03 Feb 2023 13:19:21 GMT
content-type: image/gif
content-length: 43
last-modified: Fri, 03 Feb 2023 13:19:21 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: nmatch=14_HRCGLd9bHZ9NKGiBMPKx; expires=Sat, 04 Feb 2023 01:19:21 GMT; path=/; secure; SameSite=None
uid=temp-91.90.42.154-; expires=Fri, 03 Feb 2023 15:19:21 GMT; path=/; secure; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f3f15ff2714ae5a6a878f5f0e8dae5f2
1cce0f8fef7c589ee1193e42e7e82bb704d9e190
14fe174a664d908c6a4dd0da7280c64641bfb2618ec75106874e9fa397938fd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14FE174A664D908C6A4DD0DA7280C64641BFB2618EC75106874E9FA397938FD8"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15227
Expires: Fri, 03 Feb 2023 17:33:08 GMT
Date: Fri, 03 Feb 2023 13:19:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 625db98ded64d33f3649378918788897
e48be419f8559bf38d62d48bb391251f40553fcf
934f40c7f5a20e2d2f241da3087d4166bcb2481a6ee6e3970c93b8ccfeddf543
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "934F40C7F5A20E2D2F241DA3087D4166BCB2481A6EE6E3970C93B8CCFEDDF543"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6261
Expires: Fri, 03 Feb 2023 15:03:42 GMT
Date: Fri, 03 Feb 2023 13:19:21 GMT
Connection: keep-alive
ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253D$%257BUSER_ID%257D&dp=14
193.3.184.217302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253D$%257BUSER_ID%257D&dp=14
IP 193.3.184.217:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253D$%257BUSER_ID%257D&dp=14 HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 03 Feb 2023 13:19:21 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/rmatch?dp=14&euid=1D03420AD909DD634800E54202640AF0&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDHWPdCdlC5QBI8ApkAskxVhbX6FtoVYYhYpHj2cHwIqwd; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
acint.net/rmatch?dp=14&euid=1D03420AD909DD634800E54202640AF0&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D
185.12.125.26302 Found 154 B URL HTTP/2 acint.net/rmatch?dp=14&euid=1D03420AD909DD634800E54202640AF0&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D
IP 185.12.125.26:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=14&euid=1D03420AD909DD634800E54202640AF0&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPdCdmsqRRY2hp0An7xIQLTjhireAaYwem+OJyZZ3BW; cSyncDp14v3=1675430361
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Fri, 03 Feb 2023 13:19:21 GMT
content-type: text/html
content-length: 154
location: https://d.uuidksinc.net/match/383/?remote_uid=1503420AD909DD635814A9AC02741ADA
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
rtb.com.ru/kadam-sync?uid=HRCGLd9bHZ9NKGiBMPKx
83.222.114.189204 No Content 0 B URL HTTP/1.1 rtb.com.ru/kadam-sync?uid=HRCGLd9bHZ9NKGiBMPKx
IP 83.222.114.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /kadam-sync?uid=HRCGLd9bHZ9NKGiBMPKx HTTP/1.1
Host: rtb.com.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.18.0
Date: Fri, 03 Feb 2023 13:19:21 GMT
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
P3p: CP="rtb.com.ru does not have a P3P policy"
d.uuidksinc.net/match/383/?remote_uid=1503420AD909DD635814A9AC02741ADA
31.220.27.135200 OK 74 B URL HTTP/2 d.uuidksinc.net/match/383/?remote_uid=1503420AD909DD635814A9AC02741ADA
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /match/383/?remote_uid=1503420AD909DD635814A9AC02741ADA HTTP/1.1
Host: d.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: jcsuuid=HRCGLd9bHZ9NKGiBMPKx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 03 Feb 2023 13:19:21 GMT
content-type: image/png
content-length: 74
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d132fc3241a2d974e0951cca93d9e828
74c9eb6072fc07ccf0eec7d78c30b58052b05dd8
28d6d764a99953f0d39d62c688594d0a0e8969d8d87a5fbe13917b90e23071ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28D6D764A99953F0D39D62C688594D0A0E8969D8D87A5FBE13917B90E23071CA"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2090
Expires: Fri, 03 Feb 2023 13:54:11 GMT
Date: Fri, 03 Feb 2023 13:19:21 GMT
Connection: keep-alive
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 51ab5a8626b70c7594e57366f659f93d
b306da2759928ddd7895083be1196fae9f634197
2eb603282049d073ffcd2928301736eb6d72e02c0ea9e4a884e103c73debd5de
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 13:19:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 16:18:21 GMT
Expires: Thu, 09 Feb 2023 16:18:20 GMT
Etag: "b306da2759928ddd7895083be1196fae9f634197"
Cache-Control: max-age=604041,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 478
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b75317fe3b524-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 14a633088f88e709b2046db49d45112d
d392d3da031acb435b53612b92eec2c386b032f7
af9e4e2f581bb428894b80c97ca707b506e8e0f585d70d85565224a5cf620dc5
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 13:19:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 07 Feb 2023 10:05:36 GMT
ETag: "d392d3da031acb435b53612b92eec2c386b032f7"
Last-Modified: Fri, 03 Feb 2023 10:05:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2512
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b7531a87f1c0a-OSL
fcgi4.gnezdo.ru/cookie_matching/kadam/HRCGLd9bHZ9NKGiBMPKx/?redirect=1
93.95.102.105204 No Content 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching/kadam/HRCGLd9bHZ9NKGiBMPKx/?redirect=1
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching/kadam/HRCGLd9bHZ9NKGiBMPKx/?redirect=1 HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 03 Feb 2023 13:19:21 GMT
set-cookie: uid=XV9maWPdCdnAnYN2BmcCAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
fcgi4.gnezdo.ru/cookie_matching/kadam/HRCGLd9bHZ9NKGiBMPKx
93.95.102.105302 Found 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching/kadam/HRCGLd9bHZ9NKGiBMPKx
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching/kadam/HRCGLd9bHZ9NKGiBMPKx HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 03 Feb 2023 13:19:21 GMT
location: https://fcgi4.gnezdo.ru/cookie_matching/kadam/HRCGLd9bHZ9NKGiBMPKx/?redirect=1
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-credentials: true
set-cookie: uid=XV9maWPdCdnAnYN2BmbpAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/1/6573/i/i?a=662&e=HRCGLd9bHZ9NKGiBMPKx&i=0.8651058199840833
185.15.175.159307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/6573/i/i?a=662&e=HRCGLd9bHZ9NKGiBMPKx&i=0.8651058199840833
IP 185.15.175.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/6573/i/i?a=662&e=HRCGLd9bHZ9NKGiBMPKx&i=0.8651058199840833 HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 03 Feb 2023 13:19:21 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1675430361850&a=662&e=HRCGLd9bHZ9NKGiBMPKx&i=0.8651058199840833
Set-Cookie: viuserid=5pQ5kzNLuagVQW.7diPK; Max-Age=93312000; Expires=Sun, 18 Jan 2026 13:19:21 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
kadam-sync.rutarget.ru/sync
45.9.24.193302 Moved Temporarily 0 B URL HTTP/1.1 kadam-sync.rutarget.ru/sync
IP 45.9.24.193:0
ASN #208677 Cloud technology Limited (Ltd.)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: kadam-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 13:19:21 GMT
Content-Length: 0
Connection: close
Location: https://d.uuidksinc.net/match/386/?remote_uid=82NJJUJhWSPX
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=82NJJUJhWSPX; Path=/; Domain=.rutarget.ru; Expires=Wed, 02 Aug 2023 13:19:21 GMT; SameSite=None; Secure
d.uuidksinc.net/match/386/?remote_uid=82NJJUJhWSPX
31.220.27.135200 OK 74 B URL HTTP/2 d.uuidksinc.net/match/386/?remote_uid=82NJJUJhWSPX
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /match/386/?remote_uid=82NJJUJhWSPX HTTP/1.1
Host: d.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: jcsuuid=HRCGLd9bHZ9NKGiBMPKx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Fri, 03 Feb 2023 13:19:21 GMT
content-type: image/png
content-length: 74
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1675430361850&a=662&e=HRCGLd9bHZ9NKGiBMPKx&i=0.8651058199840833
185.15.175.159200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1675430361850&a=662&e=HRCGLd9bHZ9NKGiBMPKx&i=0.8651058199840833
IP 185.15.175.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/6573/i/i?call_source=awg&ts=1675430361850&a=662&e=HRCGLd9bHZ9NKGiBMPKx&i=0.8651058199840833 HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 13:19:21 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
sm.rtb.mts.ru/p?ssp=toptraffic&id=Y90J2T8PhwI
217.66.147.38301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=toptraffic&id=Y90J2T8PhwI
IP 217.66.147.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=toptraffic&id=Y90J2T8PhwI HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 03 Feb 2023 13:19:21 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=59&exu=Y90J2T8PhwI
Set-Cookie: dspid=11aa8c11-54b1-48fb-9b40-1874a243ad99; expires=Thu, 25 Jan 2024 13:19:21 GMT; domain=.mts.ru; path=/; secure; SameSite=None
sm.rtb.mts.ru/match/second?ssp=59&exu=Y90J2T8PhwI
217.66.147.38200 OK 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=59&exu=Y90J2T8PhwI
IP 217.66.147.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=59&exu=Y90J2T8PhwI HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 13:19:22 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14367
Expires: Fri, 03 Feb 2023 17:18:49 GMT
Date: Fri, 03 Feb 2023 13:19:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14367
Expires: Fri, 03 Feb 2023 17:18:49 GMT
Date: Fri, 03 Feb 2023 13:19:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14367
Expires: Fri, 03 Feb 2023 17:18:49 GMT
Date: Fri, 03 Feb 2023 13:19:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14367
Expires: Fri, 03 Feb 2023 17:18:49 GMT
Date: Fri, 03 Feb 2023 13:19:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G0R-0w9HtLB5OXb-w-RyR9QCnrddkS29FqF_GeAQa1CRWkqaUJwQoA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:27:53 GMT
age: 53489
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 2df5779a-a808-46ec-9246-1a9b9bddd9e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmKLVHwroAMF72Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd7b-3cfe97e07d17958836425784;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZZXEXszbtmGh7kLfhabCGd41rZRnSmQvdcySUQRTDtJRBqZVUK3LaQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 07:19:27 GMT
age: 21595
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aTs6L8dJENFRdtBn7ggAbY5yaYRAzSY2B0bmElV4YNPrJg-KRDAyNA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:46:56 GMT
age: 55946
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vUJO-Pt9Hi1ndrCQQT1nNCGT7oDOYBpA8-EawHanESoZAsZv32dQdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 00:25:04 GMT
age: 46458
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:28:50 GMT
age: 53432
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 04:53:21 GMT
age: 30361
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fcgi4.gnezdo.ru/cookie_matching/kadam_resell/HRCGLd9bHZ9NKGiBMPKx
93.95.102.105302 Found 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching/kadam_resell/HRCGLd9bHZ9NKGiBMPKx
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
GET /cookie_matching/kadam_resell/HRCGLd9bHZ9NKGiBMPKx HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 03 Feb 2023 13:19:21 GMT
location: https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/HRCGLd9bHZ9NKGiBMPKx/?redirect=1
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-credentials: true
set-cookie: uid=XV9maWPdCdnAnYN2BmbrAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2