filespace.ru/games/hl2/mods/single/cm7_rc1.rar
301 Moved Permanently 0 B URL HTTP/1.1 filespace.ru/games/hl2/mods/single/cm7_rc1.rar
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /games/hl2/mods/single/cm7_rc1.rar HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Cache-Control: private
Pragma: no-cache
Content-Type: text/html; charset=cp1251
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: http://filespace.ru/games/hl2/mods/single/
Vary: Accept-Encoding
Server: NashaLife Server 2019.12.20
Set-Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5; expires=Fri, 30-Sep-2022 16:43:20 GMT; Max-Age=604800; path=/; HttpOnly
Date: Fri, 23 Sep 2022 16:43:19 GMT
Content-Length: 0
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5894
Expires: Fri, 23 Sep 2022 18:21:34 GMT
Date: Fri, 23 Sep 2022 16:43:20 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash afb65a07bf7214addf83d17a53acba32
a8e973204431320aa7b362a4e73944520c4b51b9
46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4226
Expires: Fri, 23 Sep 2022 17:53:46 GMT
Date: Fri, 23 Sep 2022 16:43:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 16:05:09 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6777bbd78e2191b131d624eba7093540.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: QI6laBYHs3L2m1r_HPMIHxMvGG4b3Ry5CmNntGB7rZ-icaRh2rzBQA==
Age: 2291
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: iM9GYtdiITfIdiFa96QJuJFyLv3gO2ks+YRJFBsjAPho72+oCdLYeZv4rrccElXSIvih+/zlpsw=
x-amz-request-id: YJK82N770JCGH835
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Sep 2022 15:44:29 GMT
age: 3531
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 16:43:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 16:33:00 GMT
Expires: Fri, 23 Sep 2022 17:25:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9f698c14e6527accab310c26bfca2030.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: Zo38EYkASWz_aN229EsQ8taP0aB7URr7MzGmFBiQYSs0--Vh4Am0Ow==
Age: 620
filespace.ru/games/hl2/mods/single/
200 OK 12 kB URL HTTP/1.1 filespace.ru/games/hl2/mods/single/
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (680), with CRLF, CR, LF, NEL line terminators
Hash 1bef5b142cc430e25f508fa6dddd013b
424ae26075938e9c0d28a28f5cf63a07551ea3eb
416d2183cce70ac49d31398743f47fd109d8460641ea57088c7be7e225f26ba3
Analyzer Verdict Alert fortinet Malware
GET /games/hl2/mods/single/ HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: private
Pragma: no-cache
Content-Type: text/html; charset=cp1251
Content-Encoding: gzip
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Vary: Accept-Encoding
Server: NashaLife Server 2019.12.20
Set-Cookie: OAGEO=2%7CNO%7CEU%7C%7C%7C%7C59%2C95%7C10%2C75%7C200%7CEurope%2FOslo%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/; SameSite=none
OAID=7423bf8fefb75c62c27e02beb76f2e76; expires=Sat, 23-Sep-2023 16:43:20 GMT; Max-Age=31536000; path=/; SameSite=none
OAID=7423bf8fefb75c62c27e02beb76f2e76; expires=Sat, 23-Sep-2023 16:43:20 GMT; Max-Age=31536000; path=/; SameSite=none
OAID=7423bf8fefb75c62c27e02beb76f2e76; expires=Sat, 23-Sep-2023 16:43:20 GMT; Max-Age=31536000; path=/; SameSite=none
OAID=7423bf8fefb75c62c27e02beb76f2e76; expires=Sat, 23-Sep-2023 16:43:20 GMT; Max-Age=31536000; path=/; SameSite=none
OAID=7423bf8fefb75c62c27e02beb76f2e76; expires=Sat, 23-Sep-2023 16:43:20 GMT; Max-Age=31536000; path=/; SameSite=none
OAID=7423bf8fefb75c62c27e02beb76f2e76; expires=Sat, 23-Sep-2023 16:43:20 GMT; Max-Age=31536000; path=/; SameSite=none
OAID=7423bf8fefb75c62c27e02beb76f2e76; expires=Sat, 23-Sep-2023 16:43:20 GMT; Max-Age=31536000; path=/; SameSite=none
OAID=7423bf8fefb75c62c27e02beb76f2e76; expires=Sat, 23-Sep-2023 16:43:20 GMT; Max-Age=31536000; path=/; SameSite=none
P3P: CP="CUR ADM OUR NOR STA NID"
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 12375
ocsp.digicert.com/
200 OK 471 B IP
Hash f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5004
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:21 GMT
Last-Modified: Fri, 23 Sep 2022 15:19:57 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
pagead2.googlesyndication.com/pagead/show_ads.js
200 OK 41 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP
File type ASCII text, with very long lines (2535)
Hash 0ae207861678e66554f766b1e271723e
287207790c947b532d716bf48feb19deb4554397
adb6518fd9f7b1ee570d67179560def77292419718b3ea4aad1fd8e12e9e1b57
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Fri, 23 Sep 2022 16:43:21 GMT
Expires: Fri, 23 Sep 2022 16:43:21 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 2671255574498622625
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 40742
X-XSS-Protection: 0
filespace.ru/css/main.css
200 OK 629 B URL HTTP/1.1 filespace.ru/css/main.css
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with CRLF, LF line terminators
Hash 50da598b97c7ea40407eb2c2fe6d89f5
8c743a350900205dac3e559e2e60d15841e0dff6
52af12ef93e0d1b80aedd0a9306d74fc2103c0950a331ab8a23e6669fa1bc03f
GET /css/main.css HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=31536000
Content-Type: text/css
Content-Encoding: gzip
Expires: Sat, 23 Sep 2023 16:43:21 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:46 GMT
Accept-Ranges: bytes
Vary: User-Agent,Accept-Encoding
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 629
filespace.ru/css/blocks.css
200 OK 433 B URL HTTP/1.1 filespace.ru/css/blocks.css
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with CRLF line terminators
Hash 348a43ae61b4d04fd2b2fb7c3268668f
ca8e80c5e77ae4ed13e12cd5d88506d8ab046002
a1567270908cbb17d99650b48de3bd9fe101d3183bf87ee5fb9d478550d8f106
GET /css/blocks.css HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=31536000
Content-Type: text/css
Content-Encoding: gzip
Expires: Sat, 23 Sep 2023 16:43:21 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:44 GMT
Accept-Ranges: bytes
Vary: User-Agent,Accept-Encoding
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 433
filespace.ru/css/three.css
200 OK 369 B URL HTTP/1.1 filespace.ru/css/three.css
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with CRLF line terminators
Hash ce128ca4b1d0f7ff062c54532d664547
3a1f69a1ba38de7eb9f3036b08bce05962aea7f5
3e4de484b87cfedc51b2ad386080a587fef734856c58c6e9880d7482ff6a8395
GET /css/three.css HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=31536000
Content-Type: text/css
Content-Encoding: gzip
Expires: Sat, 23 Sep 2023 16:43:21 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:47 GMT
Accept-Ranges: bytes
Vary: User-Agent,Accept-Encoding
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 369
filespace.ru/css/functions.js
200 OK 752 B URL HTTP/1.1 filespace.ru/css/functions.js
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash 12cb5536a0cf67b1ab39658d34846ae4
4bc7387669cfc70a05f4458e391b78ed9548c2c1
78584781d90b27e25a84c611d7daad3443749c903dc3e2d6dc6478a5c4710388
Analyzer Verdict Alert fortinet Malware
GET /css/functions.js HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=31536000
Content-Type: application/javascript
Content-Encoding: gzip
Expires: Sat, 23 Sep 2023 16:43:21 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 752
filespace.ru/css/tooltip.js
200 OK 1.9 kB URL HTTP/1.1 filespace.ru/css/tooltip.js
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type ISO-8859 text, with CRLF line terminators
Hash 23e94cc61f2e240180bb57622801676a
35d203d9c92990e03d4a66cc765bf0f960780749
d212943b6353c48afc2e61444d17461b6399e86d992266de0ee61e04e38e15ca
Analyzer Verdict Alert fortinet Malware
GET /css/tooltip.js HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=31536000
Content-Type: application/javascript
Content-Encoding: gzip
Expires: Sat, 23 Sep 2023 16:43:21 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 1939
csj.ru/libs/nl_mistake/1.0/nl_mistake.js
301 Moved Permanently 258 B URL HTTP/1.1 csj.ru/libs/nl_mistake/1.0/nl_mistake.js
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 47b3391b3aab053cced1d641a72c5414
4a0b98ea98dc5331e4daf5f727bd2bdaf40be822
d337b935011d3018a100ef2b2c5d56e8143aae4b4d4e7c3fe20a29f83482039e
GET /libs/nl_mistake/1.0/nl_mistake.js HTTP/1.1
Host: csj.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/
HTTP/1.1 301 Moved Permanently
Cache-Control: public, max-age=0
Content-Type: text/html
Expires: Fri, 23 Sep 2022 16:43:21 GMT
Location: https://csj.ru/libs/nl_mistake/1.0/nl_mistake.js
Server: Microsoft-IIS/10.0
Date: Fri, 23 Sep 2022 16:43:21 GMT
Content-Length: 258
filespace.ru/css/brouser_css.php
200 OK 249 B URL HTTP/1.1 filespace.ru/css/brouser_css.php
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with CRLF line terminators
Hash aefbdba224bf2835d60290f6e4fe145f
f00a99c45956d9de1b948d142a9696d5b9c67ee4
b80905e2c2e76a8a3d5f91fdf337663c9a8aa54282398784663e9af520d917b9
Analyzer Verdict Alert fortinet Malware
GET /css/brouser_css.php HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=31536000
Content-Type: text/css;charset=cp1251
Content-Encoding: gzip
Expires: Sat, 23 Sep 2023 16:43:21 GMT
Vary: User-Agent,Accept-Encoding
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 249
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 38fb0afaa04ebfde47631659a6ee623f
6151352abf6a79e0058b64c337418e497595f919
a35077b8bb0524c8a3d15be9fdcce98963f260fa71a4494ebd2759b1231f21cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A35077B8BB0524C8A3D15BE9FDCCE98963F260FA71A4494EBD2759B1231F21CB"
Last-Modified: Wed, 21 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17378
Expires: Fri, 23 Sep 2022 21:32:59 GMT
Date: Fri, 23 Sep 2022 16:43:21 GMT
Connection: keep-alive
filespace.ru/images/single.gif
200 OK 43 B URL HTTP/1.1 filespace.ru/images/single.gif
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /images/single.gif HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=2592000
Content-Type: image/gif
Expires: Sun, 23 Oct 2022 16:43:21 GMT
Last-Modified: Tue, 24 Dec 2019 21:15:06 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 43
filespace.ru/images/icon_zip.gif
200 OK 531 B URL HTTP/1.1 filespace.ru/images/icon_zip.gif
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 36 x 36\012- data
Hash 543430e6538c8723106de263ae04a63f
fd29678e46fe4bc542a9d328aa2fa06946746f85
ac4aee5e6f6cfedd787aaec921314700f03044ddb42aeab17ce4cb2f5d8cc369
GET /images/icon_zip.gif HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=2592000
Content-Type: image/gif
Expires: Sun, 23 Oct 2022 16:43:21 GMT
Last-Modified: Tue, 24 Dec 2019 21:15:05 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 531
filespace.ru/images/icon_exe.gif
200 OK 528 B URL HTTP/1.1 filespace.ru/images/icon_exe.gif
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 36 x 36\012- data
Hash ae260272f0765673921e5ac35d5ce9b1
76d2ea64eedeffb8d084427429d22479c2b3424b
428e332bbbbd649f5a31e709bb4241a21722561877308b8720fab537646a53a5
GET /images/icon_exe.gif HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=2592000
Content-Type: image/gif
Expires: Sun, 23 Oct 2022 16:43:21 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:59 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 528
filespace.ru/images/icon_rar.gif
200 OK 531 B URL HTTP/1.1 filespace.ru/images/icon_rar.gif
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 36 x 36\012- data
Hash 543430e6538c8723106de263ae04a63f
fd29678e46fe4bc542a9d328aa2fa06946746f85
ac4aee5e6f6cfedd787aaec921314700f03044ddb42aeab17ce4cb2f5d8cc369
GET /images/icon_rar.gif HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=2592000
Content-Type: image/gif
Expires: Sun, 23 Oct 2022 16:43:21 GMT
Last-Modified: Tue, 24 Dec 2019 21:15:03 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 531
filespace.ru/images/flags/RU.gif
200 OK 1.0 kB URL HTTP/1.1 filespace.ru/images/flags/RU.gif
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 18 x 12\012- data
Hash daa2a635125539998a491f04ce53dc60
8b7daa6c7adef9a3db8c2d05b3830c3be3d9dcdd
987407b3bff6c7785ecdb057b9b4be01c28db9dc0343b68a2ada547d02c9f2f1
GET /images/flags/RU.gif HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=2592000
Content-Type: image/gif
Expires: Sun, 23 Oct 2022 16:43:21 GMT
Last-Modified: Tue, 24 Dec 2019 21:15:23 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 1006
filespace.ru/images/flags/EN.gif
200 OK 161 B URL HTTP/1.1 filespace.ru/images/flags/EN.gif
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 21 x 14\012- data
Hash 7eb14a278f26283c87db5c536d65eaa8
2a789fc4d53811a780f39e20781f0eeb8a48fa58
3203ae9c9bc498ba6160aec1495a7f001333811328af3658cce815a281a64dfb
GET /images/flags/EN.gif HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=2592000
Content-Type: image/gif
Expires: Sun, 23 Oct 2022 16:43:21 GMT
Last-Modified: Tue, 24 Dec 2019 21:15:19 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 161
filespace.ru/images/header_left_main.jpg
200 OK 11 kB URL HTTP/1.1 filespace.ru/images/header_left_main.jpg
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 470x111, components 3\012- data
Hash 913e88e679a80a6c8ca93723ad6a2a89
c1717481070f18f0e10df2d204d9d6fd8e414c32
adadc9f0a179090db6ef54e163849673064a3ba3abfab2bbaf6b856f2b6f3399
GET /images/header_left_main.jpg HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/css/three.css
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=2592000
Content-Type: image/jpeg
Expires: Sun, 23 Oct 2022 16:43:21 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:55 GMT
Accept-Ranges: bytes
Vary: User-Agent
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 11312
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GAlB1TJh+fr/HGf9fzdB5Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Hq45a4ym5A5OX423z/WL2iMxHNg=
filespace.ru/images/icon_up.gif
200 OK 889 B URL HTTP/1.1 filespace.ru/images/icon_up.gif
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 36 x 36\012- data
Hash f45fe5ba803c40a36113d5b4adc5cba7
ae9efba7ce2f58ccf2bfeecf78345af9480fda87
06ae4d7b43ca30833782538a0c600f13d645d0e4ccabc6b3876191189036f48a
GET /images/icon_up.gif HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=2592000
Content-Type: image/gif
Expires: Sun, 23 Oct 2022 16:43:21 GMT
Last-Modified: Tue, 24 Dec 2019 21:15:04 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 889
filespace.ru/images/header_bg.gif
200 OK 122 B URL HTTP/1.1 filespace.ru/images/header_bg.gif
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 10 x 181\012- data
Hash 9526592a93a50391b54807476a2ee8cf
9c95934d4da53cad3286ac350900a5071ab42200
c73dd3403822378234984dd1da20f30c7285c4d16b52a0c15ec4b38298d874d5
GET /images/header_bg.gif HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/css/three.css
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=2592000
Content-Type: image/gif
Expires: Sun, 23 Oct 2022 16:43:21 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:55 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 122
filespace.ru/images/icon_folder.gif
200 OK 1.0 kB URL HTTP/1.1 filespace.ru/images/icon_folder.gif
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 36 x 36\012- data
Hash e942257e22c7d2b4e4728920c8ac9d18
154563b1e005b1e90eb24a0040942f5c6a896152
bd38a13c120d6a6e213f5d9f40d5fc0ab96d34a3c205a621b2afe64bbfbae5be
GET /images/icon_folder.gif HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=2592000
Content-Type: image/gif
Expires: Sun, 23 Oct 2022 16:43:21 GMT
Last-Modified: Tue, 24 Dec 2019 21:15:00 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 1028
banners.nashalife.ru/delivery/lg.php?bannerid=70&campaignid=23&zoneid=56&loc=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&cb=63a795000d
200 OK 43 B URL HTTP/1.1 banners.nashalife.ru/delivery/lg.php?bannerid=70&campaignid=23&zoneid=56&loc=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&cb=63a795000d
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /delivery/lg.php?bannerid=70&campaignid=23&zoneid=56&loc=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&cb=63a795000d HTTP/1.1
Host: banners.nashalife.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/
HTTP/1.1 200 OK
Cache-Control: private
Pragma: no-cache
Content-Type: image/gif
Expires: 0
Server: NashaLife Server 2019.12.20
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAGEO=2%7CNO%7CEU%7C%7C%7C%7C59.95%7C10.75%7C200%7CEurope%2FOslo%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/; SameSite=none
OAID=aae2bcdfbeacf0414fe0f9cf962218d7; expires=Sat, 23-Sep-2023 16:43:21 GMT; Max-Age=31536000; path=/; SameSite=none
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 43
filespace.ru/images/header_right_main.gif
200 OK 13 kB URL HTTP/1.1 filespace.ru/images/header_right_main.gif
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 300x180, components 3\012- data
Hash 15e7d29660667457332c2485dd964cca
760642251b7131efbecb5bf9ba65a1592f74ce8d
551c080b726efa1bdb95679a200e6d1f182405cd2699af7e719290875db1e96c
GET /images/header_right_main.gif HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/css/three.css
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=2592000
Content-Type: image/gif
Expires: Sun, 23 Oct 2022 16:43:21 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:55 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 12876
banners.nashalife.ru/delivery/lg.php?bannerid=69&campaignid=23&zoneid=55&loc=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&cb=8d19698932
200 OK 43 B URL HTTP/1.1 banners.nashalife.ru/delivery/lg.php?bannerid=69&campaignid=23&zoneid=55&loc=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&cb=8d19698932
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /delivery/lg.php?bannerid=69&campaignid=23&zoneid=55&loc=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&cb=8d19698932 HTTP/1.1
Host: banners.nashalife.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/
HTTP/1.1 200 OK
Cache-Control: private
Pragma: no-cache
Content-Type: image/gif
Expires: 0
Server: NashaLife Server 2019.12.20
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAGEO=2%7CNO%7CEU%7C%7C%7C%7C59.95%7C10.75%7C200%7CEurope%2FOslo%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/; SameSite=none
OAID=69d395221de5741fa84edff146a6d7f3; expires=Sat, 23-Sep-2023 16:43:21 GMT; Max-Age=31536000; path=/; SameSite=none
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 43
filespace.ru/images/category00.gif
200 OK 316 B URL HTTP/1.1 filespace.ru/images/category00.gif
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 22 x 20\012- data
Hash 7b1d4782103fb414ae1293e5a3d7b7f3
2f1c1595da128a4568714f604787e36f6f63ca29
b216883628a8fc9575b1ccacb816d806d845c155cce09e47dd6a3f93ac1ad030
GET /images/category00.gif HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/css/blocks.css
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=2592000
Content-Type: image/gif
Expires: Sun, 23 Oct 2022 16:43:21 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:49 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 316
banners.nashalife.ru/delivery/lg.php?bannerid=72&campaignid=23&zoneid=53&loc=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&cb=d3d9675bd4
200 OK 43 B URL HTTP/1.1 banners.nashalife.ru/delivery/lg.php?bannerid=72&campaignid=23&zoneid=53&loc=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&cb=d3d9675bd4
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /delivery/lg.php?bannerid=72&campaignid=23&zoneid=53&loc=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&cb=d3d9675bd4 HTTP/1.1
Host: banners.nashalife.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/
HTTP/1.1 200 OK
Cache-Control: private
Pragma: no-cache
Content-Type: image/gif
Expires: 0
Server: NashaLife Server 2019.12.20
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAGEO=2%7CNO%7CEU%7C%7C%7C%7C59.95%7C10.75%7C200%7CEurope%2FOslo%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/; SameSite=none
OAID=604c305a007aeaa2efd0bda120ec3327; expires=Sat, 23-Sep-2023 16:43:21 GMT; Max-Age=31536000; path=/; SameSite=none
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 43
filespace.ru/images/rss.gif
200 OK 108 B URL HTTP/1.1 filespace.ru/images/rss.gif
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 29 x 15\012- data
Hash 68bf86e4e5a14692fc08595bdd177e51
23434c5829e5eae4adf76579e402963cae6a8455
f90ef18bb6a1d76b0d47c350f1f2ec777df5ce5d318e37ca3d3afa7671b3c322
GET /images/rss.gif HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=2592000
Content-Type: image/gif
Expires: Sun, 23 Oct 2022 16:43:21 GMT
Last-Modified: Tue, 24 Dec 2019 21:15:05 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 108
csj.ru/libs/jquery/1.12.4/jquery.min.js
200 OK 34 kB URL HTTP/2 csj.ru/libs/jquery/1.12.4/jquery.min.js
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with very long lines (32077)
Hash 6ef48572188eff37defb0732b5709248
b67437a98ed39c3d8d83c210b9c35b89141ac020
191841a685c0f035798a187ad89ad4386a3311bee659f202c576103be18b703b
GET /libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: csj.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-type: application/javascript
content-encoding: gzip
expires: Sat, 23 Sep 2023 16:43:21 GMT
last-modified: Fri, 20 May 2016 07:17:56 GMT
accept-ranges: bytes
etag: "0aacbb67b2d11:0"
vary: Accept-Encoding
server: CSoft Server 2019.12.21
access-control-allow-origin: *
date: Fri, 23 Sep 2022 16:43:21 GMT
content-length: 33886
X-Firefox-Spdy: h2
filespace.ru/images/icon_info.gif
200 OK 257 B URL HTTP/1.1 filespace.ru/images/icon_info.gif
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 15 x 15\012- data
Hash da33c6b0ba79d4a54c807e698cf296c5
c862075c85d98544d59626e18afa590366718a04
ae9c29e2d4cc0d5f2d05255ba4bae9a34780c29a04c870545152baf3a121f580
GET /images/icon_info.gif HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5
HTTP/1.1 200 OK
Cache-Control: public, max-age=2592000
Content-Type: image/gif
Expires: Sun, 23 Oct 2022 16:43:21 GMT
Last-Modified: Tue, 24 Dec 2019 21:15:01 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:20 GMT
Content-Length: 257
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 912d328d8c4a089964ef5bbd12519522
e3e6494691c611303bbeb19a2d78c9838b4d20ca
5485b7384f7916fb88550df02efd8748f3cb54fd48020f3de31e7bb3aa9e89e6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5485B7384F7916FB88550DF02EFD8748F3CB54FD48020F3DE31E7BB3AA9E89E6"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2571
Expires: Fri, 23 Sep 2022 17:26:12 GMT
Date: Fri, 23 Sep 2022 16:43:21 GMT
Connection: keep-alive
csj.ru/libs/nl_mistake/1.0/nl_mistake.js
200 OK 2.4 kB URL HTTP/2 csj.ru/libs/nl_mistake/1.0/nl_mistake.js
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with CRLF line terminators
Hash 024acff4a347f991f9816930df68805b
9db5c2041330462f4050dcf0f07f8525fe78af12
2754aa56d606bc89de92d3a85b2635c69920ba79d248a4b899985cd5067d9338
GET /libs/nl_mistake/1.0/nl_mistake.js HTTP/1.1
Host: csj.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://filespace.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-type: application/javascript
content-encoding: gzip
expires: Sat, 23 Sep 2023 16:43:21 GMT
last-modified: Sun, 06 Mar 2022 22:17:17 GMT
accept-ranges: bytes
etag: "2166b8f0a731d81:0"
vary: Accept-Encoding
server: CSoft Server 2019.12.21
access-control-allow-origin: *
date: Fri, 23 Sep 2022 16:43:21 GMT
content-length: 2389
X-Firefox-Spdy: h2
www.acint.net/aci.js
200 OK 7.5 kB IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1408)
Hash ae0aab6c5a2ae2e1168e74f6e6ae4741
2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 23 Sep 2022 16:43:21 GMT
content-type: application/x-javascript
content-length: 7461
last-modified: Mon, 15 Aug 2022 08:25:14 GMT
etag: "62fa02ea-1d25"
content-encoding: gzip
expires: Sat, 24 Sep 2022 04:43:21 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
csj.ru/libs/nl_mistake/1.0/nl_mistake.css
200 OK 3.2 kB URL HTTP/2 csj.ru/libs/nl_mistake/1.0/nl_mistake.css
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with very long lines (3997), with CRLF line terminators
Hash 4173e7cedfb401ba8977fe8082fe3970
9812dcd2b4b84e639ccb004a9f2b63d8b2dcefef
c2e0471db89203d486c478e9d839341c7de1136d2c799180e6cfdcbb00f4c58c
GET /libs/nl_mistake/1.0/nl_mistake.css HTTP/1.1
Host: csj.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-type: text/css
content-encoding: gzip
expires: Sat, 23 Sep 2023 16:43:21 GMT
last-modified: Sun, 31 May 2020 11:29:57 GMT
accept-ranges: bytes
etag: "b13059d03e37d61:0"
vary: User-Agent,Accept-Encoding
server: CSoft Server 2019.12.21
access-control-allow-origin: *
date: Fri, 23 Sep 2022 16:43:21 GMT
content-length: 3169
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
200 OK 84 kB URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Hash 93da68520075687596d7c4a0cb3c93a0
677e814d36fb09115d31b029c55b920c2b78f7aa
7ae325ea4d6de04c789cf4e147f9a334e8feb936d2d785ef48be82c5bbe3621d
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.244.0
x-jsd-version-type: version
etag: W/"3392e-Qi3gEcZr1l3TqINcJ23fMrDsrI8"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 23 Sep 2022 16:43:21 GMT
age: 27151
x-served-by: cache-fra19163-FRA, cache-bma1626-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 83683
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash 337a135e9b9bea4e8e27f2184de375a7
b02a7913e2999c4cff9f0c0594bdcf00d16e399c
9cd461f24e6bb4bffac5f84883e5598e215108b63a27bd68d208cb00ab308e05
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 16:43:21 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "150E8A829D9752C5C5E3A3C22490CFC7F1494256"
Expires: Sat, 24 Sep 2022 03:00:00 GMT
Last-Modified: Fri, 23 Sep 2022 15:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3217
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f4bd240c410b59-OSL
www.acint.net/mc/?dp=10
302 Moved Temporarily 142 B IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 23 Sep 2022 16:43:21 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10
www.acint.net/hit/?v=0.4.0&uid=ed003a41-f721-4790-85c1-3bfbf4d0a223&dp=10&tz=%2B00%3A00&nc=28984862&u=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&r=&rs=1280x1024&t=FileSpace.ru&oE=1&oP=1&dT=2022-09-23T16%3A43%3A20.735&fu=f7d7bf44-3a4e-46d9-a10b-26d34f13d943
302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/hit/?v=0.4.0&uid=ed003a41-f721-4790-85c1-3bfbf4d0a223&dp=10&tz=%2B00%3A00&nc=28984862&u=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&r=&rs=1280x1024&t=FileSpace.ru&oE=1&oP=1&dT=2022-09-23T16%3A43%3A20.735&fu=f7d7bf44-3a4e-46d9-a10b-26d34f13d943
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /hit/?v=0.4.0&uid=ed003a41-f721-4790-85c1-3bfbf4d0a223&dp=10&tz=%2B00%3A00&nc=28984862&u=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&r=&rs=1280x1024&t=FileSpace.ru&oE=1&oP=1&dT=2022-09-23T16%3A43%3A20.735&fu=f7d7bf44-3a4e-46d9-a10b-26d34f13d943 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 23 Sep 2022 16:43:21 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.4.0&uid=ed003a41-f721-4790-85c1-3bfbf4d0a223&dp=10&tz=%2B00%3A00&nc=28984862&u=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&r=&rs=1280x1024&t=FileSpace.ru&oE=1&oP=1&dT=2022-09-23T16%3A43%3A20.735&fu=f7d7bf44-3a4e-46d9-a10b-26d34f13d943
www.acint.net/mc/?dp=10
302 Found 154 B IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://filespace.ru/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Fri, 23 Sep 2022 16:43:21 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Fri, 23-Sep-22 16:53:21 GMT
aid=LgRybWMt4ikyFgC97ylxApZShQUtFgTH1V69tnPfgH6nZGtx; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.4.0&uid=ed003a41-f721-4790-85c1-3bfbf4d0a223&dp=10&tz=%2B00%3A00&nc=28984862&u=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&r=&rs=1280x1024&t=FileSpace.ru&oE=1&oP=1&dT=2022-09-23T16%3A43%3A20.735&fu=f7d7bf44-3a4e-46d9-a10b-26d34f13d943
200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.4.0&uid=ed003a41-f721-4790-85c1-3bfbf4d0a223&dp=10&tz=%2B00%3A00&nc=28984862&u=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&r=&rs=1280x1024&t=FileSpace.ru&oE=1&oP=1&dT=2022-09-23T16%3A43%3A20.735&fu=f7d7bf44-3a4e-46d9-a10b-26d34f13d943
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.4.0&uid=ed003a41-f721-4790-85c1-3bfbf4d0a223&dp=10&tz=%2B00%3A00&nc=28984862&u=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&r=&rs=1280x1024&t=FileSpace.ru&oE=1&oP=1&dT=2022-09-23T16%3A43%3A20.735&fu=f7d7bf44-3a4e-46d9-a10b-26d34f13d943 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://filespace.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 23 Sep 2022 16:43:21 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=LgRybWMt4ikyIQC7bF5zAp2+X9z2a1lVXBqFowx2827/6jIF; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 62457b43915db7768ebd87b69af07919
1901a22fa2ea00875721d3ee1c7091bb45067426
8a8927e560f4ecd92ce9a5ef26a5e993715533f7085087e9819a5b9db06205e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1580
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:21 GMT
Last-Modified: Fri, 23 Sep 2022 16:17:01 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
a.utraff.com/sync?ssp=sape
204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=sape
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 23 Sep 2022 16:43:21 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Sun, 23 Oct 2022 19:43:21 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Sun, 23 Oct 2022 19:43:21 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYG5681DZCcTGXu2OUaEYYy9RLWqhgatxAkxxoC4mBN9FnqeqzMiXYT0uLRW8wBxR0tB2VLFj2vZEqHdl8OYxHgDJfUDk5vKwO3luP7J0rUosukv3kMks3r5jDYTklE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f4bd256c34fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dm-eu.hybrid.ai/match?id=106&vid=6D72042E29E22D63BB00213202735E6C
204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=6D72042E29E22D63BB00213202735E6C
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 23 Sep 2022 16:43:21 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=e279029f19315927774c; expires=Sat, 23 Sep 2023 16:43:20 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 504
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=6D72042E29E22D63BB00213202735E6C
302 Found 0 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=6D72042E29E22D63BB00213202735E6C
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 23 Sep 2022 16:43:21 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=d5ddc941-3b5e-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 23 Sep 2023 16:43:21 GMT; SameSite=None; Secure
uid-legacy=d5ddc941-3b5e-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 23 Sep 2023 16:43:21 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=6D72042E29E22D63BB00213202735E6C&cs=1
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0af5c2dcb101c1bc972472be5205bcc0
9776105102f7c307cd95105772211624e6198c8b
7fd86e8d25bf5ed74a813015bb868fa3f5a0ec08829278713fe3f7d914c9823c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7FD86E8D25BF5ED74A813015BB868FA3F5A0EC08829278713FE3F7D914C9823C"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3525
Expires: Fri, 23 Sep 2022 17:42:06 GMT
Date: Fri, 23 Sep 2022 16:43:21 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 278 B IP
Hash b13bf301fd0c589268a3597684a5b010
dfc82350a51440b031c6151e1a9a2f16e58d9e34
5bee24f702493fcb52cbcb5f9902466165aa2a1139629abb7e57d1bfe3468617
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2876
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:21 GMT
Last-Modified: Fri, 23 Sep 2022 15:55:25 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2a5c4d3414e28d1afefba682f30c4cd6
54457c31b8abf5a16f4b89a6f0f2d5f01a923775
fe6e08489ccc6a01d4d7ebbb78b54487a5ac613e0830b547c279f265e7ec7fa5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE6E08489CCC6A01D4D7EBBB78B54487A5AC613E0830B547C279F265E7EC7FA5"
Last-Modified: Wed, 21 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5797
Expires: Fri, 23 Sep 2022 18:19:58 GMT
Date: Fri, 23 Sep 2022 16:43:21 GMT
Connection: keep-alive
www.acint.net/mc/?dp=10&tc=1
200 OK 1.6 kB URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP
ASN #24940 Hetzner Online GmbH
Hash 8654adf931b5791c658fe7db40fa4f75
f257aac2c5f6a487e4b2bd23b55c674b922feb7b
f81ce3cde6edd58e34f2d5e50223b2649d5cc67268963a9d78f393c7b919d5a0
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://filespace.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWMt4ikyIQC7bF5zAp2+X9z2a1lVXBqFowx2827/6jIF
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 23 Sep 2022 16:43:21 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1663951401; expires=Sat, 24-Sep-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp54v2=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp77=1663951401; expires=Fri, 07-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp84=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1663951401; expires=Fri, 07-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp111v2=1663951401; expires=Fri, 07-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp112v2=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v2=1663951401; expires=Sat, 08-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp138=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp144=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp179=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1663951401; expires=Sun, 23-Oct-22 16:43:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=6D72042E29E22D63BB00213202735E6C&cs=1
200 OK 35 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=6D72042E29E22D63BB00213202735E6C&cs=1
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=6D72042E29E22D63BB00213202735E6C&cs=1 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=d5ddc941-3b5e-11ed-acfd-901b0e8b2a6e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 16:43:21 GMT
content-type: image/gif
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=d5ddc941-3b5e-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 23 Sep 2023 16:43:21 GMT; SameSite=None; Secure
uid-legacy=d5ddc941-3b5e-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 23 Sep 2023 16:43:21 GMT
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash e0fe7a72108078c65325ca98cafdee34
0cf3d42dbd53dfaa05729bfba55b997e2a9d3f07
de5761e7e2912d526ae3ee3b9267424a145583c36f54ca222a828e8dc5327cbe
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 16:43:22 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Tue, 27 Sep 2022 15:38:23 GMT
ETag: "0cf3d42dbd53dfaa05729bfba55b997e2a9d3f07"
Last-Modified: Fri, 23 Sep 2022 15:38:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2975
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f4bd268eaa0b59-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 87a056d5b1ee2a77e77a1f1cb672df64
f947f664307e2c2a02e85fb4f7e24feec32e9639
79620af42e86cc52bb4419332a0c0d2a26b0cfc01f5d61e42b3c8c3294c16fd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79620AF42E86CC52BB4419332A0C0D2A26B0CFC01F5D61E42B3C8C3294C16FD8"
Last-Modified: Thu, 22 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2527
Expires: Fri, 23 Sep 2022 17:25:29 GMT
Date: Fri, 23 Sep 2022 16:43:22 GMT
Connection: keep-alive
sync.republer.com/match?dsp=sape
204 No Content 0 B URL HTTP/2 sync.republer.com/match?dsp=sape
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?dsp=sape HTTP/1.1
Host: sync.republer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 23 Sep 2022 16:43:22 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f1265cabee6888b4b59df76fa61e08bb
d412ba53fce58aec17f2c92974d6ec4b156e17fa
d3ffa9a34962536a8efff86fb04d44634d81b1bdd19b73e99899da7d7c3e2eb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3FFA9A34962536A8EFFF86FB04D44634D81B1BDD19B73E99899DA7D7C3E2EB8"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16020
Expires: Fri, 23 Sep 2022 21:10:22 GMT
Date: Fri, 23 Sep 2022 16:43:22 GMT
Connection: keep-alive
acint.net/match?dp=14&euid=C3B803C129E22D632500CC7F02BA1503
200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=C3B803C129E22D632500CC7F02BA1503
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=C3B803C129E22D632500CC7F02BA1503 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWMt4ikyIQC7bF5zAp2+X9z2a1lVXBqFowx2827/6jIF; cSyncDp7v2=1663951401; cSyncDp14v3=1663951401; cSyncDp17=1663951401; cSyncDp32=1663951401; cSyncDp45v3=1663951401; cSyncDp53=1663951401; cSyncDp54v2=1663951401; cSyncDp62=1663951401; cSyncDp67v2=1663951401; cSyncDp68=1663951401; cSyncDp71=1663951401; cSyncDp77=1663951401; cSyncDp84=1663951401; cSyncDp85=1663951401; cSyncDp95v3=1663951401; cSyncDp101=1663951401; cSyncDp104v2=1663951401; cSyncDp107=1663951401; cSyncDp110=1663951401; cSyncDp111v2=1663951401; cSyncDp112v2=1663951401; cSyncDp125v2=1663951401; cSyncDp126=1663951401; cSyncDp127=1663951401; cSyncDp129=1663951401; cSyncDp136v2=1663951401; cSyncDp138=1663951401; cSyncDp144=1663951401; cSyncDp146=1663951401; cSyncDp148=1663951401; cSyncDp149=1663951401; cSyncDp151=1663951401; cSyncDp178=1663951401; cSyncDp179=1663951401; cSyncDp186=1663951401; cSyncDp221=1663951401
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 23 Sep 2022 16:43:22 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
acint.net/match?dp=110&euid=35a1ad5da31a44b5b4631fa2f4c468e8
200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=35a1ad5da31a44b5b4631fa2f4c468e8
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=35a1ad5da31a44b5b4631fa2f4c468e8 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWMt4ikyIQC7bF5zAp2+X9z2a1lVXBqFowx2827/6jIF; cSyncDp7v2=1663951401; cSyncDp14v3=1663951401; cSyncDp17=1663951401; cSyncDp32=1663951401; cSyncDp45v3=1663951401; cSyncDp53=1663951401; cSyncDp54v2=1663951401; cSyncDp62=1663951401; cSyncDp67v2=1663951401; cSyncDp68=1663951401; cSyncDp71=1663951401; cSyncDp77=1663951401; cSyncDp84=1663951401; cSyncDp85=1663951401; cSyncDp95v3=1663951401; cSyncDp101=1663951401; cSyncDp104v2=1663951401; cSyncDp107=1663951401; cSyncDp110=1663951401; cSyncDp111v2=1663951401; cSyncDp112v2=1663951401; cSyncDp125v2=1663951401; cSyncDp126=1663951401; cSyncDp127=1663951401; cSyncDp129=1663951401; cSyncDp136v2=1663951401; cSyncDp138=1663951401; cSyncDp144=1663951401; cSyncDp146=1663951401; cSyncDp148=1663951401; cSyncDp149=1663951401; cSyncDp151=1663951401; cSyncDp178=1663951401; cSyncDp179=1663951401; cSyncDp186=1663951401; cSyncDp221=1663951401
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 23 Sep 2022 16:43:22 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
302 Found 0 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Fri, 23 Sep 2022 16:43:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=RJJFNFIN
Set-Cookie: uid=RJJFNFIN; Expires=Fri, 23 Sep 2032 00:00:00 GMT; mf2=1; Expires=Sun, 23 Oct 2022 00:00:00 GMT;
ocsp.digicert.com/
200 OK 278 B IP
Hash 62457b43915db7768ebd87b69af07919
1901a22fa2ea00875721d3ee1c7091bb45067426
8a8927e560f4ecd92ce9a5ef26a5e993715533f7085087e9819a5b9db06205e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1581
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:22 GMT
Last-Modified: Fri, 23 Sep 2022 16:17:01 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 67a6ab2f35c264b993026d7b9187a03e
b3b2dcb228c504db3ee4f95321766e8ddf64f065
a9479e2d500dcf2db5517573b366adc96d0c91df525e1d9ea478ee7a1b37d566
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9479E2D500DCF2DB5517573B366ADC96D0C91DF525E1D9EA478EE7A1B37D566"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11248
Expires: Fri, 23 Sep 2022 19:50:50 GMT
Date: Fri, 23 Sep 2022 16:43:22 GMT
Connection: keep-alive
filespace.ru/favicon.ico
200 OK 318 B IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Hash 065328b3c213836ada02de8ea7006971
25a2b6f57053c63d8eef16d735a04075e040fd09
bd3e79b578cef68e6fceee5240dc1f560f139bbdef6cc4b7db4f24eb7b1c51b9
GET /favicon.ico HTTP/1.1
Host: filespace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=0k9v8gkkcu2s9oa8l0onsfv4v5; fid=f7d7bf44-3a4e-46d9-a10b-26d34f13d943; _ym_uid=1663951401881673246; _ym_d=1663951401
HTTP/1.1 200 OK
Cache-Control: public, max-age=2592000
Content-Type: image/vnd.microsoft.icon
Expires: Sun, 23 Oct 2022 16:43:22 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:40 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:43:21 GMT
Content-Length: 318
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 10729e6cb2fdff03c2a6fae4a2ee972e
02395a6a821f65ecf0a3cf9d5aec16841ecaa0d7
c9852827b86d52cc40ecb600418f7ceb05823a3bd21122c9bcd109db26a57b79
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9852827B86D52CC40ECB600418F7CEB05823A3BD21122C9BCD109DB26A57B79"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2995
Expires: Fri, 23 Sep 2022 17:33:17 GMT
Date: Fri, 23 Sep 2022 16:43:22 GMT
Connection: keep-alive
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 23 Sep 2022 16:43:22 GMT
access-control-allow-origin: *
etag: "632d6d03-2b"
expires: Fri, 23 Sep 2022 17:43:22 GMT
accept-ranges: bytes
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4ad77458775a53dac1ef60f88614ffa8
13e41fda8d1fdb8d5f430af1f434531edb2896f5
78a553b1b54fdaf46b372088ef869fa27482b221d7940947319a807105bb88bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78A553B1B54FDAF46B372088EF869FA27482B221D7940947319A807105BB88BF"
Last-Modified: Thu, 22 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6029
Expires: Fri, 23 Sep 2022 18:23:51 GMT
Date: Fri, 23 Sep 2022 16:43:22 GMT
Connection: keep-alive
www.acint.net/match?dp=95&euid=RJJFNFIN
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=RJJFNFIN
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=RJJFNFIN HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWMt4ikyIQC7bF5zAp2+X9z2a1lVXBqFowx2827/6jIF; cSyncDp7v2=1663951401; cSyncDp14v3=1663951401; cSyncDp17=1663951401; cSyncDp32=1663951401; cSyncDp45v3=1663951401; cSyncDp53=1663951401; cSyncDp54v2=1663951401; cSyncDp62=1663951401; cSyncDp67v2=1663951401; cSyncDp68=1663951401; cSyncDp71=1663951401; cSyncDp77=1663951401; cSyncDp84=1663951401; cSyncDp85=1663951401; cSyncDp95v3=1663951401; cSyncDp101=1663951401; cSyncDp104v2=1663951401; cSyncDp107=1663951401; cSyncDp110=1663951401; cSyncDp111v2=1663951401; cSyncDp112v2=1663951401; cSyncDp125v2=1663951401; cSyncDp126=1663951401; cSyncDp127=1663951401; cSyncDp129=1663951401; cSyncDp136v2=1663951401; cSyncDp138=1663951401; cSyncDp144=1663951401; cSyncDp146=1663951401; cSyncDp148=1663951401; cSyncDp149=1663951401; cSyncDp151=1663951401; cSyncDp178=1663951401; cSyncDp179=1663951401; cSyncDp186=1663951401; cSyncDp221=1663951401
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 23 Sep 2022 16:43:22 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
match.new-programmatic.com/userbind?src=sape&id=6D72042E29E22D63BB00213202735E6C
204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=6D72042E29E22D63BB00213202735E6C
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.18.0
Date: Fri, 23 Sep 2022 16:43:22 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
mediatoday.ru/core/match.gif?s=32&id=6D72042E29E22D63BB00213202735E6C
200 OK 43 B URL HTTP/2 mediatoday.ru/core/match.gif?s=32&id=6D72042E29E22D63BB00213202735E6C
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /core/match.gif?s=32&id=6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.22.0
date: Fri, 23 Sep 2022 16:43:22 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUGSBZ7rSsrImk6; expires=Mon, 20-Sep-2032 16:43:22 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 50ab3b0b6ea325f0adba177b3aa8ef52
2c55441ba75dc618c1282f3ae095da4af2b2fe98
558c59c63fb940067a454741aa598b1e69be7ba6e3b95d1c1d2df9124f206810
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "558C59C63FB940067A454741AA598B1E69BE7BA6E3B95D1C1D2DF9124F206810"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15955
Expires: Fri, 23 Sep 2022 21:09:17 GMT
Date: Fri, 23 Sep 2022 16:43:22 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash b8af0969096ba66a33e914033d107d7b
aebee3a96cea231a0783a21220205be0b72058a7
58e271f1b73aa23e0a0338cd99f3f0f203807e4057f05d50f230bdd9a991b1ed
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 16:43:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 15:41:05 GMT
Expires: Tue, 27 Sep 2022 15:41:04 GMT
Etag: "aebee3a96cea231a0783a21220205be0b72058a7"
Cache-Control: max-age=341261,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f4bd25fa5a0b55-OSL
www.acint.net/match?dp=129&euid=g21uikp88b
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=g21uikp88b
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=g21uikp88b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWMt4ikyIQC7bF5zAp2+X9z2a1lVXBqFowx2827/6jIF; cSyncDp7v2=1663951401; cSyncDp14v3=1663951401; cSyncDp17=1663951401; cSyncDp32=1663951401; cSyncDp45v3=1663951401; cSyncDp53=1663951401; cSyncDp54v2=1663951401; cSyncDp62=1663951401; cSyncDp67v2=1663951401; cSyncDp68=1663951401; cSyncDp71=1663951401; cSyncDp77=1663951401; cSyncDp84=1663951401; cSyncDp85=1663951401; cSyncDp95v3=1663951401; cSyncDp101=1663951401; cSyncDp104v2=1663951401; cSyncDp107=1663951401; cSyncDp110=1663951401; cSyncDp111v2=1663951401; cSyncDp112v2=1663951401; cSyncDp125v2=1663951401; cSyncDp126=1663951401; cSyncDp127=1663951401; cSyncDp129=1663951401; cSyncDp136v2=1663951401; cSyncDp138=1663951401; cSyncDp144=1663951401; cSyncDp146=1663951401; cSyncDp148=1663951401; cSyncDp149=1663951401; cSyncDp151=1663951401; cSyncDp178=1663951401; cSyncDp179=1663951401; cSyncDp186=1663951401; cSyncDp221=1663951401
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 23 Sep 2022 16:43:22 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
s.uuidksinc.net/match/396/?remote_uid=6D72042E29E22D63BB00213202735E6C
302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=6D72042E29E22D63BB00213202735E6C
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Fri, 23 Sep 2022 16:43:22 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=Qh1XiMuq2SNjezjVW9cS
set-cookie: jcsuuid=Qh1XiMuq2SNjezjVW9cS; expires=Sat, 23 Sep 2023 16:43:22 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
ut.rktch.com/matchspm?pi=1000005&pui=6D72042E29E22D63BB00213202735E6C
302 Found 0 B URL HTTP/1.1 ut.rktch.com/matchspm?pi=1000005&pui=6D72042E29E22D63BB00213202735E6C
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /matchspm?pi=1000005&pui=6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: ut.rktch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Fri, 23 Sep 2022 16:43:22 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=5668a8f6b46224fa8780c45833bcf48460d1; Max-Age=2592000; Expires=Sun, 23 Oct 2022 16:43:22 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 08d4db29c429e6f937cc4fcd718b0bfe
a82efa1179f9853eea82e25f8a575a0cd58aa5a7
33cc7e1528cd3c0358c442656146c740469bdf1f68facb8d3171af0fd9f76b67
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "33CC7E1528CD3C0358C442656146C740469BDF1F68FACB8D3171AF0FD9F76B67"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5661
Expires: Fri, 23 Sep 2022 18:17:43 GMT
Date: Fri, 23 Sep 2022 16:43:22 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sync.bumlam.com/?src=sap1&uid=6D72042E29E22D63BB00213202735E6C
302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=6D72042E29E22D63BB00213202735E6C
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 23 Sep 2022 16:43:22 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRkNWZhZjMyNi0zYjVlLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Thu, 18 Sep 2042 16:43:22 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARiqxLeZBmIgNkQ3MjA0MkUyOUUyMkQ2M0JCMDAyMTMyMDI3MzVFNkOiARDV-vMmO14R7YZEACWQyCQ3
ETag: d5faf326-3b5e-11ed-8644-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
nr.bidderstack.com/sape/cm?user_id=6D72042E29E22D63BB00213202735E6C
200 OK 44 B URL HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=6D72042E29E22D63BB00213202735E6C
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
GET /sape/cm?user_id=6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 16:43:22 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=c3414a9f-ac9b-40ad-b78d-d82a5b7d3b27; domain=.bidderstack.com; path=/; expires=Sat, 23-Sep-2023 16:43:22 GMT;
Access-Control-Allow-Credentials: true
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 45eaa9201636f5a9aadd683cb07a49fe
a6b9e39eac6f0662daa1565d1b15c383030f8daa
0671963dca70dc50954dfbc1e3efb7a268ed490149fb8dc982fafe43eacc5773
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 16:43:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 27 Sep 2022 15:30:13 GMT
ETag: "a6b9e39eac6f0662daa1565d1b15c383030f8daa"
Last-Modified: Fri, 23 Sep 2022 15:30:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1526
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f4bd276f8a0b59-OSL
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash c7d91c8fae3814ddbe23a31feb6bf318
a5ab16d13b57c2f8ed6868570249ef66f0faba13
577e2f802e59882e7ac89684ace33bf1b537bc944960fe5e9f171da22737c612
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 16:43:22 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=177b3b54-477b-49fc-4110-e5ee8888d4c2
serverid: TODO
X-Firefox-Spdy: h2
www.acint.net/match?dp=127&euid=Qh1XiMuq2SNjezjVW9cS
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=Qh1XiMuq2SNjezjVW9cS
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=Qh1XiMuq2SNjezjVW9cS HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWMt4ikyIQC7bF5zAp2+X9z2a1lVXBqFowx2827/6jIF; cSyncDp7v2=1663951401; cSyncDp14v3=1663951401; cSyncDp17=1663951401; cSyncDp32=1663951401; cSyncDp45v3=1663951401; cSyncDp53=1663951401; cSyncDp54v2=1663951401; cSyncDp62=1663951401; cSyncDp67v2=1663951401; cSyncDp68=1663951401; cSyncDp71=1663951401; cSyncDp77=1663951401; cSyncDp84=1663951401; cSyncDp85=1663951401; cSyncDp95v3=1663951401; cSyncDp101=1663951401; cSyncDp104v2=1663951401; cSyncDp107=1663951401; cSyncDp110=1663951401; cSyncDp111v2=1663951401; cSyncDp112v2=1663951401; cSyncDp125v2=1663951401; cSyncDp126=1663951401; cSyncDp127=1663951401; cSyncDp129=1663951401; cSyncDp136v2=1663951401; cSyncDp138=1663951401; cSyncDp144=1663951401; cSyncDp146=1663951401; cSyncDp148=1663951401; cSyncDp149=1663951401; cSyncDp151=1663951401; cSyncDp178=1663951401; cSyncDp179=1663951401; cSyncDp186=1663951401; cSyncDp221=1663951401
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 23 Sep 2022 16:43:22 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
cs.agency2.ru/p?ssp=sp&uid=6D72042E29E22D63BB00213202735E6C
301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=6D72042E29E22D63BB00213202735E6C
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Fri, 23 Sep 2022 16:43:22 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=af208f59-e398-46e6-97b2-96ef469bf166
Set-Cookie: uuid=af208f59-e398-46e6-97b2-96ef469bf166; expires=Thu, 14 Sep 2023 16:43:22 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
stat.adlabs.ru/merge_gpsid/?sid=50&id=6D72042E29E22D63BB00213202735E6C
302 Found 0 B URL HTTP/2 stat.adlabs.ru/merge_gpsid/?sid=50&id=6D72042E29E22D63BB00213202735E6C
IP
ASN #201009 Centre of server systems Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge_gpsid/?sid=50&id=6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: stat.adlabs.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 23 Sep 2022 16:43:22 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=6D72042E29E22D63BB00213202735E6C
X-Firefox-Spdy: h2
mc.yandex.ru/watch/27873789/1?wmode=7&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afp%3A1265%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1138581179879%3Ahid%3A668602064%3Az%3A0%3Ai%3A20220923164320%3Aet%3A1663951401%3Ac%3A1%3Arn%3A888035332%3Arqn%3A1%3Au%3A1663951401881673246%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C630%2C1%2C354%2C359%2C1%2C470%2C16%2C%2C%2C%2C1460%3Ans%3A1663951399254%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663951401%3At%3AFileSpace.ru&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
200 OK 461 B URL HTTP/2 mc.yandex.ru/watch/27873789/1?wmode=7&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afp%3A1265%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1138581179879%3Ahid%3A668602064%3Az%3A0%3Ai%3A20220923164320%3Aet%3A1663951401%3Ac%3A1%3Arn%3A888035332%3Arqn%3A1%3Au%3A1663951401881673246%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C630%2C1%2C354%2C359%2C1%2C470%2C16%2C%2C%2C%2C1460%3Ans%3A1663951399254%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663951401%3At%3AFileSpace.ru&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP
File type JSON data\012- , ASCII text, with very long lines (461), with no line terminators
Hash 29ef09e89f15a50e07fb351ca954b46f
2a59c9b45db02560a0688a26b2232a10cbe5fa2b
bde50456aeeaaee74c81669faa60c95f5e279620b0a121781eb1bef321b26604
GET /watch/27873789/1?wmode=7&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afp%3A1265%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1138581179879%3Ahid%3A668602064%3Az%3A0%3Ai%3A20220923164320%3Aet%3A1663951401%3Ac%3A1%3Arn%3A888035332%3Arqn%3A1%3Au%3A1663951401881673246%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C630%2C1%2C354%2C359%2C1%2C470%2C16%2C%2C%2C%2C1460%3Ans%3A1663951399254%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663951401%3At%3AFileSpace.ru&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://filespace.ru
Referer: http://filespace.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 461
date: Fri, 23 Sep 2022 16:43:22 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://filespace.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 23-Sep-2022 16:43:22 GMT
last-modified: Fri, 23-Sep-2022 16:43:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&s_data=CAIQARiqxLeZBmIgNkQ3MjA0MkUyOUUyMkQ2M0JCMDAyMTMyMDI3MzVFNkOiARDV-vMmO14R7YZEACWQyCQ3
200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARiqxLeZBmIgNkQ3MjA0MkUyOUUyMkQ2M0JCMDAyMTMyMDI3MzVFNkOiARDV-vMmO14R7YZEACWQyCQ3
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARiqxLeZBmIgNkQ3MjA0MkUyOUUyMkQ2M0JCMDAyMTMyMDI3MzVFNkOiARDV-vMmO14R7YZEACWQyCQ3 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRkNWZhZjMyNi0zYjVlLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 16:43:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRkNWZhZjMyNi0zYjVlLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Thu, 18 Sep 2042 16:43:22 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
www.acint.net/match?dp=126&euid=177b3b54-477b-49fc-4110-e5ee8888d4c2
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=177b3b54-477b-49fc-4110-e5ee8888d4c2
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=177b3b54-477b-49fc-4110-e5ee8888d4c2 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWMt4ikyIQC7bF5zAp2+X9z2a1lVXBqFowx2827/6jIF; cSyncDp7v2=1663951401; cSyncDp14v3=1663951401; cSyncDp17=1663951401; cSyncDp32=1663951401; cSyncDp45v3=1663951401; cSyncDp53=1663951401; cSyncDp54v2=1663951401; cSyncDp62=1663951401; cSyncDp67v2=1663951401; cSyncDp68=1663951401; cSyncDp71=1663951401; cSyncDp77=1663951401; cSyncDp84=1663951401; cSyncDp85=1663951401; cSyncDp95v3=1663951401; cSyncDp101=1663951401; cSyncDp104v2=1663951401; cSyncDp107=1663951401; cSyncDp110=1663951401; cSyncDp111v2=1663951401; cSyncDp112v2=1663951401; cSyncDp125v2=1663951401; cSyncDp126=1663951401; cSyncDp127=1663951401; cSyncDp129=1663951401; cSyncDp136v2=1663951401; cSyncDp138=1663951401; cSyncDp144=1663951401; cSyncDp146=1663951401; cSyncDp148=1663951401; cSyncDp149=1663951401; cSyncDp151=1663951401; cSyncDp178=1663951401; cSyncDp179=1663951401; cSyncDp186=1663951401; cSyncDp221=1663951401
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 23 Sep 2022 16:43:22 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/show_ads_impl_with_ama_fy2021.js?client=pub-8597845466791288&plah=filespace.ru&bust=31069740
200 OK 125 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/show_ads_impl_with_ama_fy2021.js?client=pub-8597845466791288&plah=filespace.ru&bust=31069740
IP
File type ASCII text, with very long lines (5885)
Size 125 kB (125276 bytes)
Hash ce1fe76496ee8ab281200cc0632c2376
7bb7e4b3337a689f95b8b767c6268d563ba53d30
1f127be2ee97806e6749e7bd0b44830b956838edaf928e9441677467199d85c5
GET /pagead/managed/js/adsense/m202209200101/show_ads_impl_with_ama_fy2021.js?client=pub-8597845466791288&plah=filespace.ru&bust=31069740 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 23 Sep 2022 16:43:22 GMT
expires: Fri, 23 Sep 2022 16:43:22 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 4312596939511164033
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 125276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.acint.net/match?dp=186&euid=af208f59-e398-46e6-97b2-96ef469bf166
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=af208f59-e398-46e6-97b2-96ef469bf166
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=af208f59-e398-46e6-97b2-96ef469bf166 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWMt4ikyIQC7bF5zAp2+X9z2a1lVXBqFowx2827/6jIF; cSyncDp7v2=1663951401; cSyncDp14v3=1663951401; cSyncDp17=1663951401; cSyncDp32=1663951401; cSyncDp45v3=1663951401; cSyncDp53=1663951401; cSyncDp54v2=1663951401; cSyncDp62=1663951401; cSyncDp67v2=1663951401; cSyncDp68=1663951401; cSyncDp71=1663951401; cSyncDp77=1663951401; cSyncDp84=1663951401; cSyncDp85=1663951401; cSyncDp95v3=1663951401; cSyncDp101=1663951401; cSyncDp104v2=1663951401; cSyncDp107=1663951401; cSyncDp110=1663951401; cSyncDp111v2=1663951401; cSyncDp112v2=1663951401; cSyncDp125v2=1663951401; cSyncDp126=1663951401; cSyncDp127=1663951401; cSyncDp129=1663951401; cSyncDp136v2=1663951401; cSyncDp138=1663951401; cSyncDp144=1663951401; cSyncDp146=1663951401; cSyncDp148=1663951401; cSyncDp149=1663951401; cSyncDp151=1663951401; cSyncDp178=1663951401; cSyncDp179=1663951401; cSyncDp186=1663951401; cSyncDp221=1663951401
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 23 Sep 2022 16:43:22 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 826155b5ffc8b2b7f76d5900474d8ebd
edec4211b869f523f9567c35428578af1de7749e
0d90c8dfeeca5dae2c8ea3c648735a85146196a74f308775d6426aa37142b0af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D90C8DFEECA5DAE2C8EA3C648735A85146196A74F308775D6426AA37142B0AF"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2628
Expires: Fri, 23 Sep 2022 17:27:10 GMT
Date: Fri, 23 Sep 2022 16:43:22 GMT
Connection: keep-alive
6d72042e29e22d63bb00213202735e6c-sp.ops.beeline.ru/p?ssp=sp&id=6D72042E29E22D63BB00213202735E6C
301 Moved Permanently 0 B URL HTTP/2 6d72042e29e22d63bb00213202735e6c-sp.ops.beeline.ru/p?ssp=sp&id=6D72042E29E22D63BB00213202735E6C
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&id=6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: 6d72042e29e22d63bb00213202735e6c-sp.ops.beeline.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 16:43:22 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=a0cb3fcd-e7d2-4b6d-9675-06e6f2aed987
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=a0cb3fcd-e7d2-4b6d-9675-06e6f2aed987; expires=Thu, 14 Sep 2023 16:43:22 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.35
X-Firefox-Spdy: h2
www.acint.net/match?dp=111&euid=a0cb3fcd-e7d2-4b6d-9675-06e6f2aed987
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=111&euid=a0cb3fcd-e7d2-4b6d-9675-06e6f2aed987
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=111&euid=a0cb3fcd-e7d2-4b6d-9675-06e6f2aed987 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWMt4ikyIQC7bF5zAp2+X9z2a1lVXBqFowx2827/6jIF; cSyncDp7v2=1663951401; cSyncDp14v3=1663951401; cSyncDp17=1663951401; cSyncDp32=1663951401; cSyncDp45v3=1663951401; cSyncDp53=1663951401; cSyncDp54v2=1663951401; cSyncDp62=1663951401; cSyncDp67v2=1663951401; cSyncDp68=1663951401; cSyncDp71=1663951401; cSyncDp77=1663951401; cSyncDp84=1663951401; cSyncDp85=1663951401; cSyncDp95v3=1663951401; cSyncDp101=1663951401; cSyncDp104v2=1663951401; cSyncDp107=1663951401; cSyncDp110=1663951401; cSyncDp111v2=1663951401; cSyncDp112v2=1663951401; cSyncDp125v2=1663951401; cSyncDp126=1663951401; cSyncDp127=1663951401; cSyncDp129=1663951401; cSyncDp136v2=1663951401; cSyncDp138=1663951401; cSyncDp144=1663951401; cSyncDp146=1663951401; cSyncDp148=1663951401; cSyncDp149=1663951401; cSyncDp151=1663951401; cSyncDp178=1663951401; cSyncDp179=1663951401; cSyncDp186=1663951401; cSyncDp221=1663951401
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 23 Sep 2022 16:43:22 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 443b0617be50ed9c9a81efccc9e01157
d1298731f176c8e13a878be5d37c40bf45da7ec2
a63e8b9e4e05dd3bfefb01b74196c89c6ac9c8d1809f66d750b533ca81991e24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 423331d8bae78ba045bea86f1e4c6e7f
8ed72a508ba25a95e6899569180a02728d5edb5c
fb27ab0f1591889639eff81fa012d5c185ecb1b04be5060af2e89e378fc264a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=filespace.ru
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=filespace.ru
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=filespace.ru HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Sep 2022 16:43:22 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=filespace.ru
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=filespace.ru
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=filespace.ru HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Sep 2022 16:43:22 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b19c871f8d68a5cf507d6d29cb89da17
11197481d015eb6d7811381df5ee51d9ff31bb3b
48ce88e049d6f9a08ab2bd0812c037b4b4401e1a788cacefb539831978054b7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f4589cef50f0426b60bf56a1fadb93a5
7db92337dc8c6161e31f89f49db18c4cd22b871f
db8b6e5f5a4e43b9e8e835e9434f0f94ead7965c04dc4641dad639ac778d8215
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4491
Expires: Fri, 23 Sep 2022 17:58:13 GMT
Date: Fri, 23 Sep 2022 16:43:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4491
Expires: Fri, 23 Sep 2022 17:58:13 GMT
Date: Fri, 23 Sep 2022 16:43:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4491
Expires: Fri, 23 Sep 2022 17:58:13 GMT
Date: Fri, 23 Sep 2022 16:43:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 66716
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync
302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 23 Sep 2022 16:43:22 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1663951402394;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1663951402394;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b877ead4a15221fdd278ef27f281a7ec
48c10714503e8dfdd3e3c3d39b919ef2792f0d15
f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 66954
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7606ff88f05062b66970d9805f38987a
d47db5fcd83023b4a8de40a47d4510e183de387a
20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8497
x-amzn-requestid: 8543ac70-48ab-4523-856f-5d5fa1191c97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yin-pEryoAMFTfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324205d-660bba3f655f940d143bc437;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:06:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e9KUFhjuFMzjuh37rFiNKaMNVaGZwPGBkLrv0zgfSTT7dCIuWj4G9Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:27 GMT
age: 66715
etag: "d47db5fcd83023b4a8de40a47d4510e183de387a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f10a12719b387d176497669ba75f0acc
16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:48 GMT
age: 66694
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1985a957e6bc0c15d8489fa731e7f14e
4584bff61bf4d5c9b8fd3b97c048a8e6975e4323
9f3e1fd6e18d85d4f6645d077da643a3bc2cca611d5e85f534ba798102dca243
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7005
x-amzn-requestid: c805d882-7a00-4abd-a239-d8313d7df0c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4aBwEaMIAMF09A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd6d7-6d6a417f10c9628a16d438e1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:42:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7edV0FJytVSpHH-WkCiYzhW1JP4L6i6bpPCq9MTxPdhwFQTryf06BQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:53:16 GMT
age: 67806
etag: "4584bff61bf4d5c9b8fd3b97c048a8e6975e4323"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 68100
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8ec1540e8ec974c8f6edcedfe7dd807f
920b0ea678361a34b5508dee6c6f556a47586562
5749ded70372335a59fbf3f405a3330d8fb4ba6ae1df1417e8197a723abc46cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=filespace.ru&callback=_gfp_s_&client=ca-pub-8597845466791288
200 OK 202 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=filespace.ru&callback=_gfp_s_&client=ca-pub-8597845466791288
IP
File type ASCII text, with no line terminators
Hash b62120b367b5470e29305b6157847292
6882b8d3ee6d9c5d48832a7b6f5ee36b2a802f94
0ebf900d0135c03aaf968ecbd7e65496c4848814ed6c10c75ba97c37cde15f5b
GET /gampad/cookie.js?domain=filespace.ru&callback=_gfp_s_&client=ca-pub-8597845466791288 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Sep 2022 16:43:22 GMT
server: cafe
cache-control: private
content-length: 202
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8ec1540e8ec974c8f6edcedfe7dd807f
920b0ea678361a34b5508dee6c6f556a47586562
5749ded70372335a59fbf3f405a3330d8fb4ba6ae1df1417e8197a723abc46cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1663951402394
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 23 Sep 2022 16:43:22 GMT
content-type: image/png
content-length: 0
location: https://da8bf8a2-3bec-4525-b266-98bf7d23490f.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
set-cookie: user_id=da8bf8a2-3bec-4525-b266-98bf7d23490f;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=da8bf8a2-3bec-4525-b266-98bf7d23490f;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
302 Found 32 kB URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP
ASN #24940 Hetzner Online GmbH
Hash 2117cc1b24e9e42fae45a4725807e4eb
fdad46bf2a65952de2abc68d53b874d8e363a785
1381d040a8dc645965b0982a22d4e43496eb6acd9cacc512b89936b498c72bd3
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.23.0
date: Fri, 23 Sep 2022 16:43:21 GMT
x-request-id: f8f9d17e-72e3-4114-b0c7-f7d86c86d1f3
set-cookie: bvuid=g21uikp88b; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=g21uikp88b; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=g21uikp88b
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 49bdf35d14752f2b4e9658f505a41553
61572d3663df2af69e061d11a0ac046e843d10c4
92a138f2526e6b588a72dadb41740929935e0cf528f9e9c8ef275bb72de49a7d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 49bdf35d14752f2b4e9658f505a41553
61572d3663df2af69e061d11a0ac046e843d10c4
92a138f2526e6b588a72dadb41740929935e0cf528f9e9c8ef275bb72de49a7d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
IP
File type ASCII text, with very long lines (1494)
Hash d4c271459de87911060fd730756373be
9100e62d0d61513c1b489e47a6a35b84e8be4a25
b14fbcdbed0b02e9656b4d5ff183d84c25b076ac0b1087d2feb9254ee9ce8c24
GET /pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 7553
x-xss-protection: 0
date: Fri, 23 Sep 2022 16:36:44 GMT
expires: Fri, 07 Oct 2022 16:36:44 GMT
cache-control: public, max-age=1209600
etag: 15375136450269253166
content-type: text/javascript; charset=UTF-8
age: 398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 49bdf35d14752f2b4e9658f505a41553
61572d3663df2af69e061d11a0ac046e843d10c4
92a138f2526e6b588a72dadb41740929935e0cf528f9e9c8ef275bb72de49a7d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js
200 OK 9.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js
IP
File type ASCII text, with very long lines (1624)
Hash f46cc3169ffbd99218f62616e2dc44ea
f44964026d2af9900a059c88967c9e8d067def45
9c82ae03291d76510460e1468338fd9303e25ccbf65e94c66e7a3e2173d7b29c
GET /pagead/js/r20220921/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 9559
x-xss-protection: 0
date: Fri, 23 Sep 2022 16:42:10 GMT
expires: Fri, 07 Oct 2022 16:42:10 GMT
cache-control: public, max-age=1209600
etag: 12142024561622733046
content-type: text/javascript; charset=UTF-8
age: 72
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 340026679e26df7932a1effb5cccae93
54f0f3f5537bf6689e7419541e13ea0cbf528553
3b519c850c1994fdf8d8ab7758cb17d66bb3f5af5877fa1afe61684a6fbf9892
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 340026679e26df7932a1effb5cccae93
54f0f3f5537bf6689e7419541e13ea0cbf528553
3b519c850c1994fdf8d8ab7758cb17d66bb3f5af5877fa1afe61684a6fbf9892
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019
200 OK 14 kB URL HTTP/2 www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019
IP
File type C++ source, ASCII text, with very long lines (1792)
Hash dc869492c13c6684ab4eb7bf97d94e03
12c6685c433c3eb68db7babb6074f65a86b81350
7e6f05d389449ba380ad360c900ee4e5d0a05f7e0aac3c52a99d7fc684654e3e
GET /mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 13684
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 11:34:53 GMT
expires: Wed, 21 Dec 2022 11:34:53 GMT
cache-control: public, max-age=7776000
last-modified: Thu, 15 Sep 2022 20:14:13 GMT
content-type: text/javascript
age: 104910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/dynamic/5/381377812/11391301249471090011_11728547087652344421.jpeg
200 OK 46 kB URL HTTP/2 static.doubleclick.net/dynamic/5/381377812/11391301249471090011_11728547087652344421.jpeg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=386, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=686], baseline, precision 8, 600x314, components 3\012- data
Hash b71b9052848171f6beda2d26dbb34198
c68a932aa736b3492fb95194f248f247c869fb79
b71da306daf11d5030d36a837a760e107313a1ee925fe73788432df2b382df4e
GET /dynamic/5/381377812/11391301249471090011_11728547087652344421.jpeg HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 45874
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 10:50:00 GMT
expires: Sat, 23 Sep 2023 10:50:00 GMT
cache-control: public, max-age=31536000
age: 21203
last-modified: Wed, 25 May 2022 21:26:20 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/dynamic/5/381377812/1902669742793167252_15405183931049253404.jpeg
200 OK 39 kB URL HTTP/2 static.doubleclick.net/dynamic/5/381377812/1902669742793167252_15405183931049253404.jpeg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 500x262, components 3\012- data
Hash 8f75b4e7379522a66054fd86ef4a07ac
d46928f9d53d7e7ee2a2ce49f7cc63624f5858a2
660860b6bce44d1cb9f08eaf0ec2f5dc67c8e01db2511cbac99ea24305c1cb0d
GET /dynamic/5/381377812/1902669742793167252_15405183931049253404.jpeg HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 39076
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 11:38:34 GMT
expires: Tue, 19 Sep 2023 11:38:34 GMT
cache-control: public, max-age=31536000
age: 363889
last-modified: Wed, 25 May 2022 21:26:30 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=bXIELiniLWO7ACEyAnNebA
200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=bXIELiniLWO7ACEyAnNebA
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=agentstvo_sape_limited&google_hm=bXIELiniLWO7ACEyAnNebA HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Fri, 23 Sep 2022 16:43:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/dynamic/5/381377812/13970903474314911045_13753400661745536923.jpeg
200 OK 66 kB URL HTTP/2 static.doubleclick.net/dynamic/5/381377812/13970903474314911045_13753400661745536923.jpeg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=576, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1024], baseline, precision 8, 800x419, components 3\012- data
Hash 993e110ca6234689518bdd137dc1d75b
8ca55768179a741ae93f963f0078aec756a10ec7
161d14a6c2cc6c454a9cff29d2f686d820c91aa97f9893ce552b241734579288
GET /dynamic/5/381377812/13970903474314911045_13753400661745536923.jpeg HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 65977
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 10:18:47 GMT
expires: Sat, 23 Sep 2023 10:18:47 GMT
cache-control: public, max-age=31536000
age: 23076
last-modified: Wed, 25 May 2022 21:26:11 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/dynamic/5/381377812/4464317402001128184_15317191764495452027.jpeg
200 OK 32 kB URL HTTP/2 static.doubleclick.net/dynamic/5/381377812/4464317402001128184_15317191764495452027.jpeg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 500x262, components 3\012- data
Hash fe469cf925e3e3e55e7e8e3789ab1632
deebd18bcc5ba024ed81a7fcc0cad990affccba6
fb3e1042fe6c0fd03e015074cd91c33caa004e503d7ba6e8e1f2adcccd1475bf
GET /dynamic/5/381377812/4464317402001128184_15317191764495452027.jpeg HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 32164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 17:02:03 GMT
expires: Thu, 21 Sep 2023 17:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 25 May 2022 21:26:36 GMT
content-type: image/jpeg
age: 171680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/dynamic/5/381377812/13541699828546336093_9522286839810414201.jpeg
200 OK 31 kB URL HTTP/2 static.doubleclick.net/dynamic/5/381377812/13541699828546336093_9522286839810414201.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x262, components 3\012- data
Hash f7e2c6aa774098a342b500e53b8381b0
ede2b04a96e3b89ecd5cbcc6d016c2b5fd3f7d0e
5a7f7740662b22881ced9e03cbc4e340de34fdbafc42eca4d1bc8a4bf3bd00f8
GET /dynamic/5/381377812/13541699828546336093_9522286839810414201.jpeg HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 31379
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 21:29:28 GMT
expires: Mon, 18 Sep 2023 21:29:28 GMT
cache-control: public, max-age=31536000
age: 414835
last-modified: Wed, 25 May 2022 21:26:36 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/dynamic/5/381377812/3910288597019887286_14131568661810063202.jpeg
200 OK 58 kB URL HTTP/2 static.doubleclick.net/dynamic/5/381377812/3910288597019887286_14131568661810063202.jpeg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:12:08 14:18:40], baseline, precision 8, 800x419, components 3\012- data
Hash 0a82a60b0395774a595669555f497c12
2f0b0bbff421dcfcc20a432f6581816ccce76592
05c362bda17e57ae685f36aa97c1905f617d47fc2cb9c24ff94dd4144aee94ea
GET /dynamic/5/381377812/3910288597019887286_14131568661810063202.jpeg HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 58197
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 19:28:10 GMT
expires: Fri, 22 Sep 2023 19:28:10 GMT
cache-control: public, max-age=31536000
age: 76513
last-modified: Wed, 25 May 2022 21:26:11 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/dynamic/5/381377812/16444082230476026160_10135210783040172586.jpeg
200 OK 26 kB URL HTTP/2 static.doubleclick.net/dynamic/5/381377812/16444082230476026160_10135210783040172586.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x262, components 3\012- data
Hash 979208298a6e83599995e782d2488c94
865af3d50d3c48994b79d4f35aba70c61e4bcb3a
0460b9fec5869ace3d932a6864a0745768555f9887ccafcf87dbcadab1ba25f7
GET /dynamic/5/381377812/16444082230476026160_10135210783040172586.jpeg HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 26309
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 13:13:15 GMT
expires: Sat, 23 Sep 2023 13:13:15 GMT
cache-control: public, max-age=31536000
age: 12608
last-modified: Wed, 25 May 2022 21:26:20 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/dynamic/5/381377812/6355017904494637783_9601146762948819287.jpeg
200 OK 49 kB URL HTTP/2 static.doubleclick.net/dynamic/5/381377812/6355017904494637783_9601146762948819287.jpeg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:11:13 16:43:48], baseline, precision 8, 800x419, components 3\012- data
Hash eb130665049ad3cc3314de60363a4940
c8e76f2179179e1838eda0ce8a99031fed04e14d
1b2efe13cc417e3f8cbeb06fee83ca9e469054da07b418d6745582f41518771b
GET /dynamic/5/381377812/6355017904494637783_9601146762948819287.jpeg HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 48932
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:27:42 GMT
expires: Fri, 22 Sep 2023 16:27:42 GMT
cache-control: public, max-age=31536000
age: 87341
last-modified: Wed, 25 May 2022 21:26:11 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/dynamic/5/381377812/8353079563582585827_18090798063939997897.jpeg
200 OK 19 kB URL HTTP/2 static.doubleclick.net/dynamic/5/381377812/8353079563582585827_18090798063939997897.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x262, components 3\012- data
Hash 2b91ad4c2244b968e086684c9774a256
dba783daaf76395b06d098910b005043c6af6cfa
bed583f156b77389773c4692fb65db92a9f8b3f199ac8934b5ae1d65009711d6
GET /dynamic/5/381377812/8353079563582585827_18090798063939997897.jpeg HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 19409
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 17:33:59 GMT
expires: Sat, 16 Sep 2023 17:33:59 GMT
cache-control: public, max-age=31536000
age: 601764
last-modified: Wed, 25 May 2022 21:26:30 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d188a626af91c6a4befc510450fe80e2
b9fc12bd6da3b1c6580d9f3d3261b48e1d02ac71
429c4e9d31698b99d1d521e9fca1035cc7811fd977c6207b9f3f95be2100e1e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
da8bf8a2-3bec-4525-b266-98bf7d23490f.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
302 Found 0 B URL HTTP/2 da8bf8a2-3bec-4525-b266-98bf7d23490f.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP/1.1
Host: da8bf8a2-3bec-4525-b266-98bf7d23490f.sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1663951402394; user_id=da8bf8a2-3bec-4525-b266-98bf7d23490f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 23 Sep 2022 16:43:23 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=da8bf8a2-3bec-4525-b266-98bf7d23490f;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=da8bf8a2-3bec-4525-b266-98bf7d23490f;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=da8bf8a2-3bec-4525-b266-98bf7d23490f
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/6D72042E29E22D63BB00213202735E6C
204 No Content 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/6D72042E29E22D63BB00213202735E6C
IP
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching_ssp/Sape-dsp/6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 23 Sep 2022 16:43:23 GMT
set-cookie: uid=XV9maWMt4is6ZoY2xLzeAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQQbATrMxq9UHy9W9lLIlXlB7CWxuv-bkWp3FsTvg5878DltLs&usqp=CAI
200 OK 13 kB URL HTTP/2 encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQQbATrMxq9UHy9W9lLIlXlB7CWxuv-bkWp3FsTvg5878DltLs&usqp=CAI
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 788x652, components 3\012- data
Hash 1f13b8c09c29cce925ef80f5fdfed32d
0ae135bfc8c21b7ea497cd668ca614b07a5a219e
9ce048da4777e4b537f91495f54c7c7da9e4336819672b8cc15461adf587b157
GET /shopping?q=tbn:ANd9GcQQbATrMxq9UHy9W9lLIlXlB7CWxuv-bkWp3FsTvg5878DltLs&usqp=CAI HTTP/1.1
Host: encrypted-tbn1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 13233
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:11:43 GMT
expires: Thu, 21 Sep 2023 19:11:43 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 20 Sep 2022 22:00:33 GMT
content-type: image/jpeg
age: 163900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR0Kpt5_76SwDijFVGDndXBn9cfmsbiJflM-9AhoJdeFNJH4Ec&usqp=CAI
200 OK 17 kB URL HTTP/2 encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR0Kpt5_76SwDijFVGDndXBn9cfmsbiJflM-9AhoJdeFNJH4Ec&usqp=CAI
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 598x770, components 3\012- data
Hash a95f0e12a511343ecfb2b04a64f1714c
52cba3d777287d916f51b76922beffe89891d7c1
d87e3ed4b4e1a8579b2cc9c8f25384e4239ff9cd397acb98983117cac9c5f8af
GET /shopping?q=tbn:ANd9GcR0Kpt5_76SwDijFVGDndXBn9cfmsbiJflM-9AhoJdeFNJH4Ec&usqp=CAI HTTP/1.1
Host: encrypted-tbn1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 16892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 17:18:19 GMT
expires: Tue, 19 Sep 2023 17:18:19 GMT
cache-control: public, max-age=31536000
age: 343504
last-modified: Tue, 21 Jun 2022 03:39:48 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.acint.net/match?dp=71&euid=da8bf8a2-3bec-4525-b266-98bf7d23490f
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=da8bf8a2-3bec-4525-b266-98bf7d23490f
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=da8bf8a2-3bec-4525-b266-98bf7d23490f HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWMt4ikyIQC7bF5zAp2+X9z2a1lVXBqFowx2827/6jIF; cSyncDp7v2=1663951401; cSyncDp14v3=1663951401; cSyncDp17=1663951401; cSyncDp32=1663951401; cSyncDp45v3=1663951401; cSyncDp53=1663951401; cSyncDp54v2=1663951401; cSyncDp62=1663951401; cSyncDp67v2=1663951401; cSyncDp68=1663951401; cSyncDp71=1663951401; cSyncDp77=1663951401; cSyncDp84=1663951401; cSyncDp85=1663951401; cSyncDp95v3=1663951401; cSyncDp101=1663951401; cSyncDp104v2=1663951401; cSyncDp107=1663951401; cSyncDp110=1663951401; cSyncDp111v2=1663951401; cSyncDp112v2=1663951401; cSyncDp125v2=1663951401; cSyncDp126=1663951401; cSyncDp127=1663951401; cSyncDp129=1663951401; cSyncDp136v2=1663951401; cSyncDp138=1663951401; cSyncDp144=1663951401; cSyncDp146=1663951401; cSyncDp148=1663951401; cSyncDp149=1663951401; cSyncDp151=1663951401; cSyncDp178=1663951401; cSyncDp179=1663951401; cSyncDp186=1663951401; cSyncDp221=1663951401
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 23 Sep 2022 16:43:23 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
status.geotrust.com/
200 OK 280 B IP
Hash df6c9f16cc3cb83266ae5c69d9c60a86
695f01c50c2fbe462c3a5f5ab80e4c0a3c7b0d56
8be740a7eebdf83c1158930f0c99d81c537dd27b22106250347eba59a08f36da
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2298
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:23 GMT
Last-Modified: Fri, 23 Sep 2022 16:05:05 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
ocsp.usertrust.com/
200 OK 472 B IP
Hash 257c8cc52b3d92a06896ca47521c9a45
3cba20e0b1d62b3ac03751652bc9254ae9cd40c3
cf6a1bd543bc1c05c1680f0920de73be49929c26f5f924bc59c8c6265fa55535
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 16:18:19 GMT
Expires: Thu, 29 Sep 2022 16:18:18 GMT
Etag: "3cba20e0b1d62b3ac03751652bc9254ae9cd40c3"
Cache-Control: max-age=603212,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1630
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f4bd2e881e0afa-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 78062f2b46f4d08d7d3dae6c8c81ecb6
b900ff9eadcd59e187282ff3857c85d7d9519ddd
743e9af7ce24d69b344b9334cea1bf607d6fb75928693609f6dae2bf83041a0c
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 27 Sep 2022 15:52:45 GMT
ETag: "b900ff9eadcd59e187282ff3857c85d7d9519ddd"
Last-Modified: Fri, 23 Sep 2022 15:52:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2633
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f4bd2ead840b59-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 0d5a70a7b18409e83009d88b24e423e5
9e1a63ac26855e427ec1a0ad6b46d5637dee89e4
59be2add4fe12eeb9535c0392cebda64e1a989b2ce0b8e141ace22642fcaa626
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 16:09:20 GMT
Expires: Fri, 30 Sep 2022 16:09:19 GMT
Etag: "9e1a63ac26855e427ec1a0ad6b46d5637dee89e4"
Cache-Control: max-age=602155,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f4bd2e6a810b55-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 78062f2b46f4d08d7d3dae6c8c81ecb6
b900ff9eadcd59e187282ff3857c85d7d9519ddd
743e9af7ce24d69b344b9334cea1bf607d6fb75928693609f6dae2bf83041a0c
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 27 Sep 2022 15:52:45 GMT
ETag: "b900ff9eadcd59e187282ff3857c85d7d9519ddd"
Last-Modified: Fri, 23 Sep 2022 15:52:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2633
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f4bd2ebdaf0b59-OSL
ad.mail.ru/cm.gif?p=48&id=6D72042E29E22D63BB00213202735E6C
200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=6D72042E29E22D63BB00213202735E6C
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 16:43:23 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=0AYFDp3fa9IC002A0Y1EG4YC:::0-0-0-8483aeb:CAASEK9H5Df1wjByVQMW8jdnix8aYPpKxGdF8ijRyvNrNYlZGiLK1AlRPEHScX5w1DQXG7fImW8cKk2FIpRlWYJKzkOt2k1bTi9Rig_9fqdIY_iib7z5fidg6oFYx63prw0NiWrH9ukf2c7QtdJQqdfHXGeezA; path=/; expires=Sun, 24-Sep-23 16:43:23 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Fri, 23 Sep 2022 22:43:23 GMT
cache-control: max-age=21600
last-modified: Fri, 23 Sep 2022 16:43:23 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
status.thawte.com/
200 OK 471 B IP
Hash 3626cb52ca642a491d2f8a555dea2a24
0344f9ff5f55be1cc1e9c25442b65c694f159d68
5f3feed38f3b8faf92b2db48f810613534a2cb159521ddebf20df32f1ba579b6
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6029
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 16:43:23 GMT
Last-Modified: Fri, 23 Sep 2022 15:02:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
sape-sync.rutarget.ru/sync
302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP
ASN #208677 Cloud technology Limited (Ltd.)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=n2Kb7l7Y_mWh
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=n2Kb7l7Y_mWh; Path=/; Domain=.rutarget.ru; Expires=Wed, 22 Mar 2023 16:43:23 GMT; SameSite=None; Secure
ads.betweendigital.com/match?bidder_id=73&external_user_id=6D72042E29E22D63BB00213202735E6C
302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=6D72042E29E22D63BB00213202735E6C
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=6D72042E29E22D63BB00213202735E6C&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 23 Sep 2023 16:43:23 GMT; Path=/; Domain=.betweendigital.com
tuuid=ac695792-b5a1-520a-8a73-ab46e95e496d; Max-Age=31536000; Expires=Sat, 23 Sep 2023 16:43:23 GMT; Path=/; Domain=.betweendigital.com
ut=Yy3iKwAFGLB-AKOC3Bt1sUcfvc8tWkboLm7dlg==; Max-Age=31536000; Expires=Sat, 23 Sep 2023 16:43:23 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-5624666903; expires=Sun, 22 Sep 2024 16:43:23 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5624666903
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 87f7d867c30e968c3d62805ecf751396
033a078da2664c16cba6a0c56659e42da882900a
cee0b31b64cab56ff5e9bcc5d0079b9836251a5f29f76ea13a30d29c0b76aeda
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 27 Sep 2022 15:36:59 GMT
ETag: "033a078da2664c16cba6a0c56659e42da882900a"
Last-Modified: Fri, 23 Sep 2022 15:37:00 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1510
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f4bd2ef890b4fa-OSL
fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
200 OK 549 B URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
IP
Hash f8d80a3116fa6a22932faee459079f36
d10a952b21b7d9ee6a7613fae96bac5790819797
f1229f87c1abfcbab0bb6598d728d3d68feaaef5e4437d2804e21004beb22d46
GET /css?family=Google%20Sans%20Display%3A400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Sep 2022 16:43:22 GMT
date: Fri, 23 Sep 2022 16:43:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash b78a7c64b913ac3f1767b397502ac86b
05865b049673c91ca1f928574e7f4ca0e1fdbbf6
f9cfdd6f0b75357b1c8703349e589d46e8efdbb792cb3aa82edadd4688160f5b
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 27 Sep 2022 15:51:13 GMT
ETag: "05865b049673c91ca1f928574e7f4ca0e1fdbbf6"
Last-Modified: Fri, 23 Sep 2022 15:51:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 456
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f4bd2f1dfe0b59-OSL
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
200 OK 0 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP
ASN #36057 WEBAIR-INTERNET-MTL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Length: 0
Connection: close
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c9f43883942b62e69fddb651d99a3dd1
7c66254b2619fe098291f70ff23fccad3339b069
87cc1ed52f443895e5d7615695d2d1162e0bd93edf17990029727e52ce33256b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87CC1ED52F443895E5D7615695D2D1162E0BD93EDF17990029727E52CE33256B"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17918
Expires: Fri, 23 Sep 2022 21:42:01 GMT
Date: Fri, 23 Sep 2022 16:43:23 GMT
Connection: keep-alive
fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 20784, version 1.0\012- data
Hash e11c810c086df83c0876dd59ed32ebcb
b89fe2ed6d016f81af13b35797ad2b0e2e5c6822
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
GET /s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20784
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 22:12:05 GMT
expires: Wed, 20 Sep 2023 22:12:05 GMT
cache-control: public, max-age=31536000
age: 239478
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRxNx1QxMMQhHx32fEjPlhFk-c7bZpFvI53EKXmKhklpMBoNCvS&usqp=CAI
200 OK 11 kB URL HTTP/2 encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRxNx1QxMMQhHx32fEjPlhFk-c7bZpFvI53EKXmKhklpMBoNCvS&usqp=CAI
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 788x652, components 3\012- data
Hash aadefeb612159f5dde2af9f4e380352d
3385859852a62e424e31907532722277fda420a4
615d08110f5b5d0d8bd988e8cca1015fc5136b5e0865e5e87c2b06f64e9d7812
GET /shopping?q=tbn:ANd9GcRxNx1QxMMQhHx32fEjPlhFk-c7bZpFvI53EKXmKhklpMBoNCvS&usqp=CAI HTTP/1.1
Host: encrypted-tbn3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 11128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 15:07:18 GMT
expires: Tue, 19 Sep 2023 15:07:18 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 18 Sep 2022 15:41:55 GMT
content-type: image/jpeg
age: 351365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcS4rQC8MSD2A9hlC6VkGW6WibTzO_Sp0qu3m2UyjMTyCJjhyi4&usqp=CAI
200 OK 8.4 kB URL HTTP/2 encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcS4rQC8MSD2A9hlC6VkGW6WibTzO_Sp0qu3m2UyjMTyCJjhyi4&usqp=CAI
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Hash 53b8996f81b92b1bef01340638cdbde3
da70a78cbf278bb48d686f5d6712cb58ca4c8043
2e8263fb276e7753f2d24006f0e108f0329e9d5d3498e5ef3c0525acdd2af4b2
GET /shopping?q=tbn:ANd9GcS4rQC8MSD2A9hlC6VkGW6WibTzO_Sp0qu3m2UyjMTyCJjhyi4&usqp=CAI HTTP/1.1
Host: encrypted-tbn2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 8415
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 12:22:09 GMT
expires: Thu, 21 Sep 2023 12:22:09 GMT
cache-control: public, max-age=31536000
age: 188474
last-modified: Fri, 10 Dec 2021 11:27:08 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 1095cbeab0f073ac21b542ece43906e4
6a95016d800f003c5a9be4fb1a806178aeb263b3
cea83b7581093c0900582f4034033ef7b759a15163cd164b513f7cc47de60694
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 14:18:44 GMT
Expires: Tue, 27 Sep 2022 14:18:43 GMT
Etag: "6a95016d800f003c5a9be4fb1a806178aeb263b3"
Cache-Control: max-age=336319,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f4bd2f0b010b55-OSL
sm.rtb.mts.ru/p?ssp=sape&id=6D72042E29E22D63BB00213202735E6C
301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=6D72042E29E22D63BB00213202735E6C
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=6D72042E29E22D63BB00213202735E6C
Set-Cookie: dspid=7fd05052-a715-4666-b192-90b3d8cd5619; expires=Thu, 14 Sep 2023 16:43:23 GMT; domain=.mts.ru; path=/; secure; SameSite=None
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 22b0277441c57b57470c2eb25deabcdb
fdcf37ff0e62f2aada44afc646c8bab91610906f
767a76610f0407aec6a56a929e469eab929b774cd4a77a454c617e6c754860ee
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 22 Sep 2022 23:20:49 GMT
Expires: Fri, 23 Sep 2022 23:20:49 GMT
ETag: "fdcf37ff0e62f2aada44afc646c8bab91610906f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQcVedyM-0p5l4AHLcI5FqsXvZ-PoUtCnb1hcM57PdmqOxt-iM&usqp=CAI
200 OK 7.7 kB URL HTTP/2 encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQcVedyM-0p5l4AHLcI5FqsXvZ-PoUtCnb1hcM57PdmqOxt-iM&usqp=CAI
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Hash 1c2bf40ed791428e81d4dfac7aed8bd5
0704f02fc5163539e4d776cfea9a3e6c1d272f0a
61e53ee97d674789d5747dec68ac8bbb4f69185ae666b2f9df33ef2a7ca9e3d5
GET /shopping?q=tbn:ANd9GcQcVedyM-0p5l4AHLcI5FqsXvZ-PoUtCnb1hcM57PdmqOxt-iM&usqp=CAI HTTP/1.1
Host: encrypted-tbn2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 7656
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 20:06:03 GMT
expires: Mon, 18 Sep 2023 20:06:03 GMT
cache-control: public, max-age=31536000
age: 419840
last-modified: Wed, 06 Apr 2022 06:13:54 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRBDOI1B7eOKL5oIRy3EBZ5AkJ-g5FJtZyfJnUFdD2ivQbj_0pC&usqp=CAI
200 OK 13 kB URL HTTP/2 encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRBDOI1B7eOKL5oIRy3EBZ5AkJ-g5FJtZyfJnUFdD2ivQbj_0pC&usqp=CAI
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Hash 0cbbb2e517730d320a5534ccae0a80c8
7e0d7ba22c16ffda43746797031dc488525139ab
2b2d2e1818bee93826cf3af8c9f3ca1a7ad390f9cadd6aaea052aece0e26f2c5
GET /shopping?q=tbn:ANd9GcRBDOI1B7eOKL5oIRy3EBZ5AkJ-g5FJtZyfJnUFdD2ivQbj_0pC&usqp=CAI HTTP/1.1
Host: encrypted-tbn2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 13413
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 14:22:36 GMT
expires: Sat, 23 Sep 2023 14:22:36 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 16 Jun 2019 16:57:29 GMT
content-type: image/jpeg
age: 8447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTtWzWJ80oVCH__rUKiWXploGPCqo_KRtYo5tSVSvS6l0SKL0I&usqp=CAI
200 OK 14 kB URL HTTP/2 encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTtWzWJ80oVCH__rUKiWXploGPCqo_KRtYo5tSVSvS6l0SKL0I&usqp=CAI
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Hash 81c7b06f3a1bca0814e823b67170b175
e1ebf7b0da72d66d5e36f2acc578e1bbf52e21d5
b1235204871f4e2926946e7ca1b6555f5d790d3b1e9c4e9b10a7296d52c77098
GET /shopping?q=tbn:ANd9GcTtWzWJ80oVCH__rUKiWXploGPCqo_KRtYo5tSVSvS6l0SKL0I&usqp=CAI HTTP/1.1
Host: encrypted-tbn3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 13713
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 14:49:26 GMT
expires: Thu, 21 Sep 2023 14:49:26 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 18 Mar 2021 15:09:41 GMT
content-type: image/jpeg
age: 179637
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 182cdae0c8b220c547851514429ce82c
856c888bace8f23e0408dbefa5f690675192ada8
389e3720569d58df4980dbad5b74baaeb6cb6b7d2791f0dbe3e8f1a32e7cf739
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Tue, 27 Sep 2022 15:40:05 GMT
ETag: "856c888bace8f23e0408dbefa5f690675192ada8"
Last-Modified: Fri, 23 Sep 2022 15:40:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2034
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f4bd2f6e430b59-OSL
px.adhigh.net/p/cm/sape?u=6D72042E29E22D63BB00213202735E6C
302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=6D72042E29E22D63BB00213202735E6C
IP
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 23 Sep 2022 16:43:23 GMT
content-length: 0
x-backend-id: f13-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=eKMGsEWmSD4.AikABlGDazt5nw;Path=/;Domain=.adhigh.net;Expires=Sat, 23-Sep-2023 16:43:23 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=6D72042E29E22D63BB00213202735E6C&bounced=1
X-Firefox-Spdy: h2
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
302 Found 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Weborama Collect Frontend
date: Fri, 23 Sep 2022 16:43:23 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=3937213792
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Fri, 23 Sep 2022 16:43:23 GMT
set-cookie: AFFICHE_W=FiVg6imVsowW68; expires=Sat, 21 Oct 2023 16:43:23 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tag.digitaltarget.ru/adcm.js
200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Fri, 23 Sep 2022 16:34:56 GMT
Connection: keep-alive
ETag: "632de030-beb"
Accept-Ranges: bytes
x01.aidata.io/0.gif?pid=9401454&id=6D72042E29E22D63BB00213202735E6C
302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=6D72042E29E22D63BB00213202735E6C
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 23 Sep 2022 16:43:23 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=6D72042E29E22D63BB00213202735E6C&bounce=1
expires: Fri, 23 Sep 2022 16:43:22 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Fri, 23 Sep 2022 16:43:22 GMT
set-cookie: __upin=voIZde9EhOuopWqNQofCGA;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1663951403;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 0d5a70a7b18409e83009d88b24e423e5
9e1a63ac26855e427ec1a0ad6b46d5637dee89e4
59be2add4fe12eeb9535c0392cebda64e1a989b2ce0b8e141ace22642fcaa626
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 16:09:20 GMT
Expires: Fri, 30 Sep 2022 16:09:19 GMT
Etag: "9e1a63ac26855e427ec1a0ad6b46d5637dee89e4"
Cache-Control: max-age=602155,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f4bd2e8b5e1bfa-OSL
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 23 Sep 2023 16:43:23 GMT; Path=/; Domain=.betweendigital.com
tuuid=f9fee085-a5d4-520a-ab76-e2fec85b00d5; Max-Age=31536000; Expires=Sat, 23 Sep 2023 16:43:23 GMT; Path=/; Domain=.betweendigital.com
ut=Yy3iKwAHxEipG5WDCse3HIDoUGdfxAmhfymjyQ==; Max-Age=31536000; Expires=Sat, 23 Sep 2023 16:43:23 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 22b0277441c57b57470c2eb25deabcdb
fdcf37ff0e62f2aada44afc646c8bab91610906f
767a76610f0407aec6a56a929e469eab929b774cd4a77a454c617e6c754860ee
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 22 Sep 2022 23:20:49 GMT
Expires: Fri, 23 Sep 2022 23:20:49 GMT
ETag: "fdcf37ff0e62f2aada44afc646c8bab91610906f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ads.betweendigital.com/match?bidder_id=73&external_user_id=6D72042E29E22D63BB00213202735E6C&crf=1
200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=6D72042E29E22D63BB00213202735E6C&crf=1
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=6D72042E29E22D63BB00213202735E6C&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 23 Sep 2023 16:43:23 GMT; Path=/; Domain=.betweendigital.com
tuuid=55223251-e603-520a-8c0c-4a2eef21a805; Max-Age=31536000; Expires=Sat, 23 Sep 2023 16:43:23 GMT; Path=/; Domain=.betweendigital.com
ut=Yy3iKwALmMCcc8_PrCzBdOxWWB4CNTGyOn1s2w==; Max-Age=31536000; Expires=Sat, 23 Sep 2023 16:43:23 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
www.acint.net/match?dp=104&euid=n2Kb7l7Y_mWh
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=n2Kb7l7Y_mWh
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=n2Kb7l7Y_mWh HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWMt4ikyIQC7bF5zAp2+X9z2a1lVXBqFowx2827/6jIF; cSyncDp7v2=1663951401; cSyncDp14v3=1663951401; cSyncDp17=1663951401; cSyncDp32=1663951401; cSyncDp45v3=1663951401; cSyncDp53=1663951401; cSyncDp54v2=1663951401; cSyncDp62=1663951401; cSyncDp67v2=1663951401; cSyncDp68=1663951401; cSyncDp71=1663951401; cSyncDp77=1663951401; cSyncDp84=1663951401; cSyncDp85=1663951401; cSyncDp95v3=1663951401; cSyncDp101=1663951401; cSyncDp104v2=1663951401; cSyncDp107=1663951401; cSyncDp110=1663951401; cSyncDp111v2=1663951401; cSyncDp112v2=1663951401; cSyncDp125v2=1663951401; cSyncDp126=1663951401; cSyncDp127=1663951401; cSyncDp129=1663951401; cSyncDp136v2=1663951401; cSyncDp138=1663951401; cSyncDp144=1663951401; cSyncDp146=1663951401; cSyncDp148=1663951401; cSyncDp149=1663951401; cSyncDp151=1663951401; cSyncDp178=1663951401; cSyncDp179=1663951401; cSyncDp186=1663951401; cSyncDp221=1663951401
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 23 Sep 2022 16:43:23 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 23 Sep 2023 16:43:23 GMT; Path=/; Domain=.betweendigital.com
tuuid=09fc9076-3027-520a-ab7b-7c90c8569ebb; Max-Age=31536000; Expires=Sat, 23 Sep 2023 16:43:23 GMT; Path=/; Domain=.betweendigital.com
ut=Yy3iKwALrEhZ4yRL2VIJLKsAfN-y9bghG4cUCw==; Max-Age=31536000; Expires=Sat, 23 Sep 2023 16:43:23 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=6D72042E29E22D63BB00213202735E6C&bounce=1
204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=6D72042E29E22D63BB00213202735E6C&bounce=1
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=6D72042E29E22D63BB00213202735E6C&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 23 Sep 2022 16:43:23 GMT
expires: Fri, 23 Sep 2022 16:43:22 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Fri, 23 Sep 2022 16:43:22 GMT
set-cookie: __upin=m0cKk0xOJ/sDyJ646a8Xvg;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1663951403;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5624666903
302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5624666903
IP
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5624666903 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Sun, 22 Sep 2024 16:43:23 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
sm.rtb.mts.ru/match/second?ssp=30&exu=6D72042E29E22D63BB00213202735E6C
301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=6D72042E29E22D63BB00213202735E6C
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=30&exu=6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://tech.rtb.mts.ru/
px.adhigh.net/p/cm/sape?u=6D72042E29E22D63BB00213202735E6C&bounced=1
200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=6D72042E29E22D63BB00213202735E6C&bounced=1
IP
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=6D72042E29E22D63BB00213202735E6C&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 16:43:23 GMT
content-type: image/gif
content-length: 49
x-backend-id: f13-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWMt4ikyIQC7bF5zAp2+X9z2a1lVXBqFowx2827/6jIF; cSyncDp7v2=1663951401; cSyncDp14v3=1663951401; cSyncDp17=1663951401; cSyncDp32=1663951401; cSyncDp45v3=1663951401; cSyncDp53=1663951401; cSyncDp54v2=1663951401; cSyncDp62=1663951401; cSyncDp67v2=1663951401; cSyncDp68=1663951401; cSyncDp71=1663951401; cSyncDp77=1663951401; cSyncDp84=1663951401; cSyncDp85=1663951401; cSyncDp95v3=1663951401; cSyncDp101=1663951401; cSyncDp104v2=1663951401; cSyncDp107=1663951401; cSyncDp110=1663951401; cSyncDp111v2=1663951401; cSyncDp112v2=1663951401; cSyncDp125v2=1663951401; cSyncDp126=1663951401; cSyncDp127=1663951401; cSyncDp129=1663951401; cSyncDp136v2=1663951401; cSyncDp138=1663951401; cSyncDp144=1663951401; cSyncDp146=1663951401; cSyncDp148=1663951401; cSyncDp149=1663951401; cSyncDp151=1663951401; cSyncDp178=1663951401; cSyncDp179=1663951401; cSyncDp186=1663951401; cSyncDp221=1663951401
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Fri, 23 Sep 2022 16:43:23 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=6D72042E29E22D63BB00213202735E6C
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
tag.digitaltarget.ru/processor.js?i=180769056910439
200 OK 16 kB URL HTTP/1.1 tag.digitaltarget.ru/processor.js?i=180769056910439
IP
File type ASCII text, with very long lines (15892), with no line terminators
Hash 9d8bbf9b7d1aaed9a324a9cf9977dda4
d3365fba7f95ca11a9564b373162d1ddb06fcdbd
0935447866da8ca59df7d65710e0b68377a6dbc62c761e83ebfc83998f905788
GET /processor.js?i=180769056910439 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Type: application/javascript
Content-Length: 15892
Last-Modified: Fri, 23 Sep 2022 16:34:57 GMT
Connection: keep-alive
ETag: "632de031-3e14"
Accept-Ranges: bytes
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=6D72042E29E22D63BB00213202735E6C
200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=6D72042E29E22D63BB00213202735E6C
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 16:43:23 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
tech.rtb.mts.ru/
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: tech.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.2
Date: Fri, 23 Sep 2022 16:43:24 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Set-Cookie: mts_id=273c79a5-189e-4f21-81b9-378746fd7e12; Domain=mts.ru; expires=Sun, 01 Aug 2032 16:43:24 GMT; SameSite=None; Secure
mts_id_last_sync=1663951404; Domain=mts.ru; expires=Sun, 01 Aug 2032 16:43:24 GMT; SameSite=None; Secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fad1ce35490e1754e111191ea33db8e0
67c6817ba78ae25946577adc1d873289b7ba3c67
4f6fcff7c70ec4042a74ddf288481adb83ff4bfb30f254049b0f8a7eec3bb00a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F6FCFF7C70EC4042A74DDF288481ADB83FF4BFB30F254049B0F8A7EEC3BB00A"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6614
Expires: Fri, 23 Sep 2022 18:33:38 GMT
Date: Fri, 23 Sep 2022 16:43:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fad1ce35490e1754e111191ea33db8e0
67c6817ba78ae25946577adc1d873289b7ba3c67
4f6fcff7c70ec4042a74ddf288481adb83ff4bfb30f254049b0f8a7eec3bb00a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F6FCFF7C70EC4042A74DDF288481ADB83FF4BFB30F254049B0F8A7EEC3BB00A"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6614
Expires: Fri, 23 Sep 2022 18:33:38 GMT
Date: Fri, 23 Sep 2022 16:43:24 GMT
Connection: keep-alive
dmg.digitaltarget.ru/1/1093/i/i?i=444407120633209.527324088099227&a=77&e=6D72042E29E22D63BB00213202735E6C&pref=http%3A%2F%2Ffilespace.ru%2F&c=ss:77.up:6D72042E29E22D63BB00213202735E6C.sync:up.xdua:du7OFy2ie75kz1AWyPygtgu8.xps:xpsNQEvi8O_mnzsDZYT7XH1IQ.dn:acint__net.adcm:hit.tg:adcmjs_noorient
307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=444407120633209.527324088099227&a=77&e=6D72042E29E22D63BB00213202735E6C&pref=http%3A%2F%2Ffilespace.ru%2F&c=ss:77.up:6D72042E29E22D63BB00213202735E6C.sync:up.xdua:du7OFy2ie75kz1AWyPygtgu8.xps:xpsNQEvi8O_mnzsDZYT7XH1IQ.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=444407120633209.527324088099227&a=77&e=6D72042E29E22D63BB00213202735E6C&pref=http%3A%2F%2Ffilespace.ru%2F&c=ss:77.up:6D72042E29E22D63BB00213202735E6C.sync:up.xdua:du7OFy2ie75kz1AWyPygtgu8.xps:xpsNQEvi8O_mnzsDZYT7XH1IQ.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 23 Sep 2022 16:43:24 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=444407120633209.527324088099227&a=77&e=6D72042E29E22D63BB00213202735E6C&pref=http%3A%2F%2Ffilespace.ru%2F&c=ss:77.up:6D72042E29E22D63BB00213202735E6C.sync:up.xdua:du7OFy2ie75kz1AWyPygtgu8.xps:xpsNQEvi8O_mnzsDZYT7XH1IQ.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=50znBhfJSRbevpc7dJls; Max-Age=93312000; Expires=Sun, 07 Sep 2025 16:43:24 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/1/1093/i/i?i=444407120633209.765177545796204&a=77&e=6D72042E29E22D63BB00213202735E6C&pref=http%3A%2F%2Ffilespace.ru%2F&c=ss:77.up:6D72042E29E22D63BB00213202735E6C.sync:up.xdua:du7OFy2ie75kz1AWyPygtgu8.xps:xpsNQEvi8O_mnzsDZYT7XH1IQ.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=444407120633209.765177545796204&a=77&e=6D72042E29E22D63BB00213202735E6C&pref=http%3A%2F%2Ffilespace.ru%2F&c=ss:77.up:6D72042E29E22D63BB00213202735E6C.sync:up.xdua:du7OFy2ie75kz1AWyPygtgu8.xps:xpsNQEvi8O_mnzsDZYT7XH1IQ.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=444407120633209.765177545796204&a=77&e=6D72042E29E22D63BB00213202735E6C&pref=http%3A%2F%2Ffilespace.ru%2F&c=ss:77.up:6D72042E29E22D63BB00213202735E6C.sync:up.xdua:du7OFy2ie75kz1AWyPygtgu8.xps:xpsNQEvi8O_mnzsDZYT7XH1IQ.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 23 Sep 2022 16:43:24 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=444407120633209.765177545796204&a=77&e=6D72042E29E22D63BB00213202735E6C&pref=http%3A%2F%2Ffilespace.ru%2F&c=ss:77.up:6D72042E29E22D63BB00213202735E6C.sync:up.xdua:du7OFy2ie75kz1AWyPygtgu8.xps:xpsNQEvi8O_mnzsDZYT7XH1IQ.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=r8OT9xYJ9PPW0wk7p-Hh; Max-Age=93312000; Expires=Sun, 07 Sep 2025 16:43:24 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=444407120633209.527324088099227&a=77&e=6D72042E29E22D63BB00213202735E6C&pref=http%3A%2F%2Ffilespace.ru%2F&c=ss:77.up:6D72042E29E22D63BB00213202735E6C.sync:up.xdua:du7OFy2ie75kz1AWyPygtgu8.xps:xpsNQEvi8O_mnzsDZYT7XH1IQ.dn:acint__net.adcm:hit.tg:adcmjs_noorient
200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=444407120633209.527324088099227&a=77&e=6D72042E29E22D63BB00213202735E6C&pref=http%3A%2F%2Ffilespace.ru%2F&c=ss:77.up:6D72042E29E22D63BB00213202735E6C.sync:up.xdua:du7OFy2ie75kz1AWyPygtgu8.xps:xpsNQEvi8O_mnzsDZYT7XH1IQ.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&i=444407120633209.527324088099227&a=77&e=6D72042E29E22D63BB00213202735E6C&pref=http%3A%2F%2Ffilespace.ru%2F&c=ss:77.up:6D72042E29E22D63BB00213202735E6C.sync:up.xdua:du7OFy2ie75kz1AWyPygtgu8.xps:xpsNQEvi8O_mnzsDZYT7XH1IQ.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 16:43:24 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 2
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=444407120633209.765177545796204&a=77&e=6D72042E29E22D63BB00213202735E6C&pref=http%3A%2F%2Ffilespace.ru%2F&c=ss:77.up:6D72042E29E22D63BB00213202735E6C.sync:up.xdua:du7OFy2ie75kz1AWyPygtgu8.xps:xpsNQEvi8O_mnzsDZYT7XH1IQ.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=444407120633209.765177545796204&a=77&e=6D72042E29E22D63BB00213202735E6C&pref=http%3A%2F%2Ffilespace.ru%2F&c=ss:77.up:6D72042E29E22D63BB00213202735E6C.sync:up.xdua:du7OFy2ie75kz1AWyPygtgu8.xps:xpsNQEvi8O_mnzsDZYT7XH1IQ.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&i=444407120633209.765177545796204&a=77&e=6D72042E29E22D63BB00213202735E6C&pref=http%3A%2F%2Ffilespace.ru%2F&c=ss:77.up:6D72042E29E22D63BB00213202735E6C.sync:up.xdua:du7OFy2ie75kz1AWyPygtgu8.xps:xpsNQEvi8O_mnzsDZYT7XH1IQ.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 16:43:24 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 4
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
www.acint.net/ping/?v=0.4.0&uid=ed003a41-f721-4790-85c1-3bfbf4d0a223&dp=10&tz=%2B00%3A00&nc=06712542&dT=2022-09-23T16%3A43%3A23.745
302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/ping/?v=0.4.0&uid=ed003a41-f721-4790-85c1-3bfbf4d0a223&dp=10&tz=%2B00%3A00&nc=06712542&dT=2022-09-23T16%3A43%3A23.745
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ping/?v=0.4.0&uid=ed003a41-f721-4790-85c1-3bfbf4d0a223&dp=10&tz=%2B00%3A00&nc=06712542&dT=2022-09-23T16%3A43%3A23.745 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 23 Sep 2022 16:43:24 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/ping/?v=0.4.0&uid=ed003a41-f721-4790-85c1-3bfbf4d0a223&dp=10&tz=%2B00%3A00&nc=06712542&dT=2022-09-23T16%3A43%3A23.745
www.acint.net/ping/?v=0.4.0&uid=ed003a41-f721-4790-85c1-3bfbf4d0a223&dp=10&tz=%2B00%3A00&nc=06712542&dT=2022-09-23T16%3A43%3A23.745
200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.4.0&uid=ed003a41-f721-4790-85c1-3bfbf4d0a223&dp=10&tz=%2B00%3A00&nc=06712542&dT=2022-09-23T16%3A43%3A23.745
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.4.0&uid=ed003a41-f721-4790-85c1-3bfbf4d0a223&dp=10&tz=%2B00%3A00&nc=06712542&dT=2022-09-23T16%3A43%3A23.745 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://filespace.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWMt4ikyIQC7bF5zAp2+X9z2a1lVXBqFowx2827/6jIF; cSyncDp7v2=1663951401; cSyncDp14v3=1663951401; cSyncDp17=1663951401; cSyncDp32=1663951401; cSyncDp45v3=1663951401; cSyncDp53=1663951401; cSyncDp54v2=1663951401; cSyncDp62=1663951401; cSyncDp67v2=1663951401; cSyncDp68=1663951401; cSyncDp71=1663951401; cSyncDp77=1663951401; cSyncDp84=1663951401; cSyncDp85=1663951401; cSyncDp95v3=1663951401; cSyncDp101=1663951401; cSyncDp104v2=1663951401; cSyncDp107=1663951401; cSyncDp110=1663951401; cSyncDp111v2=1663951401; cSyncDp112v2=1663951401; cSyncDp125v2=1663951401; cSyncDp126=1663951401; cSyncDp127=1663951401; cSyncDp129=1663951401; cSyncDp136v2=1663951401; cSyncDp138=1663951401; cSyncDp144=1663951401; cSyncDp146=1663951401; cSyncDp148=1663951401; cSyncDp149=1663951401; cSyncDp151=1663951401; cSyncDp178=1663951401; cSyncDp179=1663951401; cSyncDp186=1663951401; cSyncDp221=1663951401
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 23 Sep 2022 16:43:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/27873789?wmode=0&wv-part=1&wv-hit=668602064&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&rn=768728854&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663951404%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220923164324%3Au%3A1663951401881673246%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1663951404&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/27873789?wmode=0&wv-part=1&wv-hit=668602064&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&rn=768728854&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663951404%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220923164324%3Au%3A1663951401881673246%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1663951404&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/27873789?wmode=0&wv-part=1&wv-hit=668602064&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&rn=768728854&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663951404%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220923164324%3Au%3A1663951401881673246%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1663951404&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 93590
Origin: http://filespace.ru
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 23 Sep 2022 16:43:25 GMT
access-control-allow-origin: http://filespace.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 23-Sep-2022 16:43:25 GMT
last-modified: Fri, 23-Sep-2022 16:43:25 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/27873789?wmode=0&wv-part=1&wv-hit=668602064&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&rn=552106702&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663951405%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220923164324%3Au%3A1663951401881673246%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1663951405&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/27873789?wmode=0&wv-part=1&wv-hit=668602064&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&rn=552106702&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663951405%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220923164324%3Au%3A1663951401881673246%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1663951405&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/27873789?wmode=0&wv-part=1&wv-hit=668602064&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&rn=552106702&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663951405%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220923164324%3Au%3A1663951401881673246%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1663951405&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: http://filespace.ru
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 23 Sep 2022 16:43:25 GMT
access-control-allow-origin: http://filespace.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 23-Sep-2022 16:43:25 GMT
last-modified: Fri, 23-Sep-2022 16:43:25 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/27873789?wv-check=41146&wv-type=0&wmode=0&wv-part=1&wv-hit=668602064&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&rn=216738140&browser-info=gdpr%3A14%3Aet%3A1663951408%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220923164328%3Au%3A1663951401881673246%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1663951408&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/27873789?wv-check=41146&wv-type=0&wmode=0&wv-part=1&wv-hit=668602064&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&rn=216738140&browser-info=gdpr%3A14%3Aet%3A1663951408%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220923164328%3Au%3A1663951401881673246%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1663951408&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/27873789?wv-check=41146&wv-type=0&wmode=0&wv-part=1&wv-hit=668602064&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&rn=216738140&browser-info=gdpr%3A14%3Aet%3A1663951408%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220923164328%3Au%3A1663951401881673246%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1663951408&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 44
Origin: http://filespace.ru
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 23 Sep 2022 16:43:29 GMT
access-control-allow-origin: http://filespace.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 23-Sep-2022 16:43:29 GMT
last-modified: Fri, 23-Sep-2022 16:43:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/27873789?wmode=0&wv-part=2&wv-hit=668602064&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&rn=118842044&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663951408%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220923164328%3Au%3A1663951401881673246%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1663951408&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/27873789?wmode=0&wv-part=2&wv-hit=668602064&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&rn=118842044&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663951408%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220923164328%3Au%3A1663951401881673246%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1663951408&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/27873789?wmode=0&wv-part=2&wv-hit=668602064&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&rn=118842044&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663951408%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220923164328%3Au%3A1663951401881673246%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1663951408&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 21
Origin: http://filespace.ru
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 23 Sep 2022 16:43:29 GMT
access-control-allow-origin: http://filespace.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 23-Sep-2022 16:43:29 GMT
last-modified: Fri, 23-Sep-2022 16:43:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
adlmerge.com/merge_gpsid/?sid=50&id=6D72042E29E22D63BB00213202735E6C
200 OK 0 B URL HTTP/2 adlmerge.com/merge_gpsid/?sid=50&id=6D72042E29E22D63BB00213202735E6C
IP
ASN #60781 LeaseWeb Netherlands B.V.
GET /merge_gpsid/?sid=50&id=6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: adlmerge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Fri, 23 Sep 2022 16:43:22 GMT
content-type: image/gif
iseu: eu
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/6D72042E29E22D63BB00213202735E6C?redir-setuniq=1
200 OK 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/6D72042E29E22D63BB00213202735E6C?redir-setuniq=1
IP
GET /mapuid/sapeis/6D72042E29E22D63BB00213202735E6C?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Fri, 23 Sep 2022 16:43:23 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 23 Sep 2022 16:43:23 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 23 Sep 2022 16:43:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/27873789?wmode=0&wv-part=2&wv-hit=668602064&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&rn=684895399&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663951408%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220923164328%3Au%3A1663951401881673246%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1663951408&t=gdpr(14)ti(2)
200 OK 0 B URL HTTP/2 mc.yandex.ru/webvisor/27873789?wmode=0&wv-part=2&wv-hit=668602064&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&rn=684895399&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663951408%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220923164328%3Au%3A1663951401881673246%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1663951408&t=gdpr(14)ti(2)
IP
POST /webvisor/27873789?wmode=0&wv-part=2&wv-hit=668602064&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&rn=684895399&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663951408%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220923164328%3Au%3A1663951401881673246%3Avf%3Aat6op7b9z7b01ildvcz5k%3Awe%3A1%3Ast%3A1663951408&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 15
Origin: http://filespace.ru
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 23 Sep 2022 16:43:29 GMT
access-control-allow-origin: http://filespace.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 23-Sep-2022 16:43:29 GMT
last-modified: Fri, 23-Sep-2022 16:43:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/6D72042E29E22D63BB00213202735E6C
302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/6D72042E29E22D63BB00213202735E6C
IP
GET /mapuid/sapeis/6D72042E29E22D63BB00213202735E6C HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/6D72042E29E22D63BB00213202735E6C?redir-setuniq=1
date: Fri, 23 Sep 2022 16:43:23 GMT
set-cookie: yandexuid=2829656251663951403; domain=.yandex.ru; path=/; expires=Mon, 20-Sep-2032 16:43:23 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 23 Sep 2022 16:43:23 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 23 Sep 2022 16:43:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
302 Found 0 B URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP
ASN #48096 Enterprise Cloud Ltd.
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=35a1ad5da31a44b5b4631fa2f4c468e8
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=35a1ad5da31a44b5b4631fa2f4c468e8; expires=Fri, 22 Sep 2023 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Fri, 23 Sep 2022 16:43:21 GMT
X-Firefox-Spdy: h2
mc.yandex.ru/watch/27873789?wmode=7&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afp%3A1265%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1138581179879%3Ahid%3A668602064%3Az%3A0%3Ai%3A20220923164320%3Aet%3A1663951401%3Ac%3A1%3Arn%3A888035332%3Arqn%3A1%3Au%3A1663951401881673246%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C630%2C1%2C354%2C359%2C1%2C470%2C16%2C%2C%2C%2C1460%3Ans%3A1663951399254%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663951401%3At%3AFileSpace.ru&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/27873789?wmode=7&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afp%3A1265%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1138581179879%3Ahid%3A668602064%3Az%3A0%3Ai%3A20220923164320%3Aet%3A1663951401%3Ac%3A1%3Arn%3A888035332%3Arqn%3A1%3Au%3A1663951401881673246%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C630%2C1%2C354%2C359%2C1%2C470%2C16%2C%2C%2C%2C1460%3Ans%3A1663951399254%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663951401%3At%3AFileSpace.ru&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP
GET /watch/27873789?wmode=7&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afp%3A1265%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1138581179879%3Ahid%3A668602064%3Az%3A0%3Ai%3A20220923164320%3Aet%3A1663951401%3Ac%3A1%3Arn%3A888035332%3Arqn%3A1%3Au%3A1663951401881673246%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C630%2C1%2C354%2C359%2C1%2C470%2C16%2C%2C%2C%2C1460%3Ans%3A1663951399254%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663951401%3At%3AFileSpace.ru&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://filespace.ru
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/27873789/1?wmode=7&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afp%3A1265%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1138581179879%3Ahid%3A668602064%3Az%3A0%3Ai%3A20220923164320%3Aet%3A1663951401%3Ac%3A1%3Arn%3A888035332%3Arqn%3A1%3Au%3A1663951401881673246%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C630%2C1%2C354%2C359%2C1%2C470%2C16%2C%2C%2C%2C1460%3Ans%3A1663951399254%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663951401%3At%3AFileSpace.ru&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 23 Sep 2022 16:43:22 GMT
access-control-allow-origin: http://filespace.ru
set-cookie: yandexuid=5714007281663951402; Expires=Sat, 23-Sep-2023 16:43:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5714007281663951402; Expires=Sat, 23-Sep-2023 16:43:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2487627121663951402; Path=/; SameSite=None; Secure
i=wlbswUVxfNbSOa16G4FSga8E4DJNhtB3D1qJoN5Nguoj6LG2695blPaMBu0n/3znJqNQZGSPM14TI8PuAz+a2nqudKQ=; Expires=Mon, 20-Sep-2032 16:43:20 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695487402.yrts.1663951402#1695487402.yrtsi.1663951402; Expires=Sat, 23-Sep-2023 16:43:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 23-Sep-2022 16:43:22 GMT
last-modified: Fri, 23-Sep-2022 16:43:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
217.23.140.249
172.217.21.162
31.220.27.155
104.18.20.226
23.88.82.46
23.36.76.226
65.108.236.88
151.101.85.229
93.184.220.29
188.42.191.196