r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7645
Expires: Thu, 01 Dec 2022 12:51:36 GMT
Date: Thu, 01 Dec 2022 10:44:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10622
Expires: Thu, 01 Dec 2022 13:41:13 GMT
Date: Thu, 01 Dec 2022 10:44:11 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3735
Cache-Control: max-age=89363
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:44:11 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:33:34 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BJdUwHzetvR1e21sYxoy+rLsPjd62FjwA6074jCrHif2f/Z4xupMHixGPlwKC91M7EWbbh5/y6Y=
x-amz-request-id: G64T5JDXP1Q4YX0Z
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 09:46:13 GMT
age: 3478
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 10:19:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1465
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 10:44:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
latvia4.ru/
81.90.182.215200 OK 22 kB IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1746)
Hash c4d5a836bac0713024e297e81fc3574f
8f845cfd0d6185e73682f3eb6026b0fbaa92f11e
92a18f690fd11bff385e29b00062cfa5e9d12d713545790d5f8960dc09048e30
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.33
Link: <http://latvia4.ru/wp-json/>; rel="https://api.w.org/"
Cache-Control: max-age=172800
Expires: Sat, 03 Dec 2022 10:44:11 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
latvia4.ru/wp-content/themes/bg-photo-frame/style.css?ver=4.9.22
81.90.182.215200 OK 4.2 kB URL HTTP/1.1 latvia4.ru/wp-content/themes/bg-photo-frame/style.css?ver=4.9.22
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
File type ASCII text, with very long lines (330)
Hash ba3ed6b64b402443b60ecdb980ae958a
1ada673b776862b13685b132f61164ef9a29e969
945955381a4b9d3bf4b11943401181d468305fd85a9b71fe31e41994ad8644e3
GET /wp-content/themes/bg-photo-frame/style.css?ver=4.9.22 HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:11 GMT
Content-Type: text/css
Last-Modified: Sun, 05 Dec 2021 02:22:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61ac2271-3c5a"
Expires: Fri, 01 Dec 2023 10:44:11 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
latvia4.ru/wp-content/plugins/yet-another-related-posts-plugin/style/widget.css?ver=4.9.22
81.90.182.215200 OK 387 B URL HTTP/1.1 latvia4.ru/wp-content/plugins/yet-another-related-posts-plugin/style/widget.css?ver=4.9.22
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
File type ASCII text, with CRLF line terminators
Hash 13ad319bdad690b32b2bffd076741ece
e801b99970794dc8af261904abf7971c181d389e
2537f6c7b2f344c009f59863f0dfb7d74bb49de115edaf398dddc21f1538d292
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yet-another-related-posts-plugin/style/widget.css?ver=4.9.22 HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:11 GMT
Content-Type: text/css
Last-Modified: Sun, 05 Dec 2021 02:22:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61ac2271-324"
Expires: Fri, 01 Dec 2023 10:44:11 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
latvia4.ru/wp-content/themes/bg-photo-frame/custom/css/bg-photo-frame-style-light.css?ver=4.9.22
81.90.182.215200 OK 495 B URL HTTP/1.1 latvia4.ru/wp-content/themes/bg-photo-frame/custom/css/bg-photo-frame-style-light.css?ver=4.9.22
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
Hash 38cd3a3043d32f84fe4133f36927763c
1e04f95fc58c001e78d1248e2cb54e4d0b2c8590
b824e853373c292ede7862226039e53dde528023de20ece25f7f95b65fc82fa7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bg-photo-frame/custom/css/bg-photo-frame-style-light.css?ver=4.9.22 HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:11 GMT
Content-Type: text/css
Last-Modified: Sun, 05 Dec 2021 02:22:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61ac2271-9ce"
Expires: Fri, 01 Dec 2023 10:44:11 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
latvia4.ru/wp-content/themes/bg-photo-frame/custom/css/bg-photo-frame-style-sp.css?ver=4.9.22
81.90.182.215200 OK 179 B URL HTTP/1.1 latvia4.ru/wp-content/themes/bg-photo-frame/custom/css/bg-photo-frame-style-sp.css?ver=4.9.22
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
Hash 94acd05f5c243d5484d97e03adf5ff4c
0fb8da1c2a1dc043293e36c42558a6eb8a1fc739
8ab636c315ed379884619d9cb6b30fa723bee4ea9acde8295b89d98542220639
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bg-photo-frame/custom/css/bg-photo-frame-style-sp.css?ver=4.9.22 HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:11 GMT
Content-Type: text/css
Last-Modified: Sun, 05 Dec 2021 02:22:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61ac2271-166"
Expires: Fri, 01 Dec 2023 10:44:11 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
latvia4.ru/wp-content/themes/bg-photo-frame/custom/css/jquery.bgPhotoFrame.min.css?ver=4.9.22
81.90.182.215200 OK 677 B URL HTTP/1.1 latvia4.ru/wp-content/themes/bg-photo-frame/custom/css/jquery.bgPhotoFrame.min.css?ver=4.9.22
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
File type ASCII text, with very long lines (2294), with no line terminators
Hash 456a589b553eee94a7a14918559a5783
28b4fac9ec2bbe2a53a02f72066a264579367098
71a454449a91c414db8d1c961a4f1f2a2fb1ed2c767a23853da0be9094d5e222
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bg-photo-frame/custom/css/jquery.bgPhotoFrame.min.css?ver=4.9.22 HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:11 GMT
Content-Type: text/css
Last-Modified: Sun, 05 Dec 2021 02:22:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61ac2271-8f6"
Expires: Fri, 01 Dec 2023 10:44:11 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
latvia4.ru/wp-includes/js/wp-emoji-release.min.js?ver=4.9.22
81.90.182.215200 OK 4.3 kB URL HTTP/1.1 latvia4.ru/wp-includes/js/wp-emoji-release.min.js?ver=4.9.22
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
File type ASCII text, with very long lines (9063)
Hash e9af5beafdeddad7e75483c5f1e6c4ff
38ab5b95e1da1d33a0cb4517bb1666210b0343a1
6d5fd3fa56d81f90832771f48dc401c50845fdc292ecbac51ca7b8fb71f864ea
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.22 HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:11 GMT
Content-Type: application/javascript
Last-Modified: Sun, 05 Dec 2021 02:22:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61ac2271-2ea7"
Expires: Fri, 01 Dec 2023 10:44:11 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
latvia4.ru/wp-content/themes/bg-photo-frame/js/navigation.js?ver=20120206
81.90.182.215200 OK 869 B URL HTTP/1.1 latvia4.ru/wp-content/themes/bg-photo-frame/js/navigation.js?ver=20120206
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
Hash ac8aa9c0d079920f5b3f851138fe3eb8
f9339b6b0bd7084b94089edc419507559379c172
7f54db7dd8c794a005d49c390e0cb71ce7ef3a857e541082a537d72fa05863be
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bg-photo-frame/js/navigation.js?ver=20120206 HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:11 GMT
Content-Type: application/javascript
Last-Modified: Sun, 05 Dec 2021 02:22:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61ac2271-8e7"
Expires: Fri, 01 Dec 2023 10:44:11 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
latvia4.ru/wp-content/themes/bg-photo-frame/js/skip-link-focus-fix.js?ver=20130115
81.90.182.215200 OK 468 B URL HTTP/1.1 latvia4.ru/wp-content/themes/bg-photo-frame/js/skip-link-focus-fix.js?ver=20130115
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
Hash a42636e1a407fdbf3e9cb652fec4bee8
f1fe1f1b4a9897ba6a7714242dd426f09aa730ff
88eed61a63825d9c9914eaf4ecf1d909303c2e265762b1e3076399534a66f0e5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bg-photo-frame/js/skip-link-focus-fix.js?ver=20130115 HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:11 GMT
Content-Type: application/javascript
Last-Modified: Sun, 05 Dec 2021 02:22:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61ac2271-370"
Expires: Fri, 01 Dec 2023 10:44:11 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
latvia4.ru/wp-content/themes/bg-photo-frame/custom/js/bg-photo-frame-master.js?ver=1.2.2
81.90.182.215200 OK 524 B URL HTTP/1.1 latvia4.ru/wp-content/themes/bg-photo-frame/custom/js/bg-photo-frame-master.js?ver=1.2.2
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
Hash cefb6ec4cb34d3cbb28f955c93195eaf
a69c2446a06ba07b86627cd6b1c190bc487a3561
38334d6d99bf0cff272d21e24d37ac099c3441b48529f31cf3d883bd8e1405ae
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bg-photo-frame/custom/js/bg-photo-frame-master.js?ver=1.2.2 HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:11 GMT
Content-Type: application/javascript
Last-Modified: Sun, 05 Dec 2021 02:22:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61ac2271-4d0"
Expires: Fri, 01 Dec 2023 10:44:11 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
latvia4.ru/wp-content/themes/bg-photo-frame/custom/js/jquery.bgPhotoFrame.min.js?ver=1.0.0
81.90.182.215200 OK 6.5 kB URL HTTP/1.1 latvia4.ru/wp-content/themes/bg-photo-frame/custom/js/jquery.bgPhotoFrame.min.js?ver=1.0.0
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
File type Unicode text, UTF-8 text, with very long lines (25281), with no line terminators
Hash e1ad79e49c4e0eb539785a2995cd8fac
f47e5e61f49ddd151423e3af8fecbbf7ea050673
a0079107c3c845ca20b7fbf9f6ad60587cc42bf80fd6e8f0dd118e600d3ab46c
GET /wp-content/themes/bg-photo-frame/custom/js/jquery.bgPhotoFrame.min.js?ver=1.0.0 HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:11 GMT
Content-Type: application/javascript
Last-Modified: Sun, 05 Dec 2021 02:22:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61ac2271-62c3"
Expires: Fri, 01 Dec 2023 10:44:11 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
latvia4.ru/wp-includes/js/wp-embed.min.js?ver=4.9.22
81.90.182.215200 OK 739 B URL HTTP/1.1 latvia4.ru/wp-includes/js/wp-embed.min.js?ver=4.9.22
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
File type ASCII text, with very long lines (1391), with no line terminators
Hash 60d8829560031a011771efa2f39708af
a4689c3b70f773deb896eec78028e0902ef15097
a0176bd4cc53bd2e920b0dfd10f56d2a4a3820d671539414ef4b3e2b3e50b9b7
GET /wp-includes/js/wp-embed.min.js?ver=4.9.22 HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:11 GMT
Content-Type: application/javascript
Last-Modified: Sun, 05 Dec 2021 02:22:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61ac2271-56f"
Expires: Fri, 01 Dec 2023 10:44:11 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
latvia4.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4
81.90.182.215200 OK 34 kB URL HTTP/1.1 latvia4.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
File type ASCII text, with very long lines (31997)
Hash 0130aabf79ee0b63dcf565281b478b7c
922856e0169b6daafad221117f0d765fd10c26d6
6b99aa0e79f140d2c732b6b4d7a9848257659db44ccc308eec740ed58d1a5589
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:11 GMT
Content-Type: application/javascript
Last-Modified: Sun, 05 Dec 2021 02:22:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61ac2271-17a6a"
Expires: Fri, 01 Dec 2023 10:44:11 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
latvia4.ru/wp-content/themes/bg-photo-frame/custom/css/bg-photo-frame-style.css?ver=4.9.22
81.90.182.215200 OK 832 B URL HTTP/1.1 latvia4.ru/wp-content/themes/bg-photo-frame/custom/css/bg-photo-frame-style.css?ver=4.9.22
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
Hash 0aefd18abb4987de2fe10726f7f160d0
3ec9e6febdabc03939e339c738be1001020892b3
9785218ce92d6088ad52f11919da99de8fe8046efe26e903757ef8a090083f2e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bg-photo-frame/custom/css/bg-photo-frame-style.css?ver=4.9.22 HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:11 GMT
Content-Type: text/css
Last-Modified: Sun, 05 Dec 2021 02:22:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61ac2271-e03"
Expires: Fri, 01 Dec 2023 10:44:11 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
latvia4.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
81.90.182.215200 OK 4.0 kB URL HTTP/1.1 latvia4.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:11 GMT
Content-Type: application/javascript
Last-Modified: Sun, 05 Dec 2021 02:22:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61ac2271-2748"
Expires: Fri, 01 Dec 2023 10:44:11 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
latvia4.ru/wp-content/themes/bg-photo-frame/custom/css/bootstrap.min.css?ver=4.9.22
81.90.182.215200 OK 20 kB URL HTTP/1.1 latvia4.ru/wp-content/themes/bg-photo-frame/custom/css/bootstrap.min.css?ver=4.9.22
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
File type ASCII text, with very long lines (65371)
Hash c86d9a95791486616965f31461bf70f7
17ff8e9f2b85dea4792ea192037fdb45add7b4c0
5819c1dd6423e7a8ad755f6c9d0a9456f1779b38b457c765dda6023e72901abd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bg-photo-frame/custom/css/bootstrap.min.css?ver=4.9.22 HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:11 GMT
Content-Type: text/css
Last-Modified: Sun, 05 Dec 2021 02:22:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61ac2271-1d9ac"
Expires: Fri, 01 Dec 2023 10:44:11 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
latvia4.ru/wp-content/uploads/sites/3/2020/04/4937655167-300x200.jpg
81.90.182.215200 OK 14 kB URL HTTP/1.1 latvia4.ru/wp-content/uploads/sites/3/2020/04/4937655167-300x200.jpg
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x200, components 3\012- data
Hash b2eab51bd8eaa3864ab48b386907976e
9c4d87864b2f9dc6ea20c3235d4e4d9c922c725f
893b84b8a0d5344a63152eaa80dae502766dec37295fb18d674ac7cf3e0563da
GET /wp-content/uploads/sites/3/2020/04/4937655167-300x200.jpg HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:11 GMT
Content-Type: image/jpeg
Content-Length: 13696
Last-Modified: Fri, 10 Apr 2020 06:37:40 GMT
Connection: keep-alive
ETag: "5e901434-3580"
Expires: Fri, 01 Dec 2023 10:44:11 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
latvia4.ru/wp-content/uploads/sites/3/2021/12/cropped-latvia4.ru_-1.jpg
81.90.182.215200 OK 234 kB URL HTTP/1.1 latvia4.ru/wp-content/uploads/sites/3/2021/12/cropped-latvia4.ru_-1.jpg
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1280x720, components 3\012- data
Size 234 kB (234129 bytes)
Hash 57261f5a3a04da30bdd8470779ef6b10
2f316d511a1d67024f0af24876a9ba8767448edf
029da9a96104db85b74b238b12042ad22d27697cc64652baed6611b9e0789f02
GET /wp-content/uploads/sites/3/2021/12/cropped-latvia4.ru_-1.jpg HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:11 GMT
Content-Type: image/jpeg
Content-Length: 234129
Last-Modified: Sun, 05 Dec 2021 21:02:35 GMT
Connection: keep-alive
ETag: "61ad28eb-39291"
Expires: Fri, 01 Dec 2023 10:44:11 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 10:08:56 GMT
cache-control: public,max-age=3600
age: 2116
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
latvia4.ru/wp-content/themes/bg-photo-frame/custom/fonts/glyphicons-halflings-regular.woff2
81.90.182.215200 OK 18 kB URL HTTP/1.1 latvia4.ru/wp-content/themes/bg-photo-frame/custom/fonts/glyphicons-halflings-regular.woff2
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bg-photo-frame/custom/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://latvia4.ru/wp-content/themes/bg-photo-frame/custom/css/bootstrap.min.css?ver=4.9.22
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:12 GMT
Content-Type: application/font-woff2
Content-Length: 18028
Last-Modified: Sun, 05 Dec 2021 02:22:41 GMT
Connection: keep-alive
ETag: "61ac2271-466c"
Expires: Fri, 01 Dec 2023 10:44:12 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 452dbfb734091e91a3589c4d7dd15f4b
661ac447618dae8bea4c5e09bcf1defa4c1799b0
590dded7098576b685a16a64881e112b1b742e1e1fae98464971fa8bb7d51847
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "590DDED7098576B685A16A64881E112B1B742E1E1FAE98464971FA8BB7D51847"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18202
Expires: Thu, 01 Dec 2022 15:47:34 GMT
Date: Thu, 01 Dec 2022 10:44:12 GMT
Connection: keep-alive
latvia4.ru/wp-content/uploads/sites/3/2021/12/cropped-latvia4.ru_-192x192.jpg
81.90.182.215200 OK 12 kB URL HTTP/1.1 latvia4.ru/wp-content/uploads/sites/3/2021/12/cropped-latvia4.ru_-192x192.jpg
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 192x192, components 3\012- data
Hash 6190acbf7b620fc9ea2938238e3fed94
0057b1260bfc4f9add82fdf6b4f0b2c6dd3a70e6
d226079678236ae73220210a6eebd7327ca37c5e94c6e4c88a345bf40bce34fd
GET /wp-content/uploads/sites/3/2021/12/cropped-latvia4.ru_-192x192.jpg HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:12 GMT
Content-Type: image/jpeg
Content-Length: 12187
Last-Modified: Sun, 05 Dec 2021 21:02:16 GMT
Connection: keep-alive
ETag: "61ad28d8-2f9b"
Expires: Fri, 01 Dec 2023 10:44:12 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
latvia4.ru/wp-content/uploads/sites/3/2021/12/cropped-latvia4.ru_-32x32.jpg
81.90.182.215200 OK 1.1 kB URL HTTP/1.1 latvia4.ru/wp-content/uploads/sites/3/2021/12/cropped-latvia4.ru_-32x32.jpg
IP 81.90.182.215:0
ASN #50340 OOO Network of data-centers Selectel
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 32x32, components 3\012- data
Hash 872be594cc314c2eac9d876746e739af
d5a2a397d70603855cfecf78379254769b1699c3
a00b3071af3874cf1d1c3f39f37b3cc5cdb87a4b4ea98f4d738895bc5d37e6dd
GET /wp-content/uploads/sites/3/2021/12/cropped-latvia4.ru_-32x32.jpg HTTP/1.1
Host: latvia4.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 01 Dec 2022 10:44:12 GMT
Content-Type: image/jpeg
Content-Length: 1088
Last-Modified: Sun, 05 Dec 2021 21:02:16 GMT
Connection: keep-alive
ETag: "61ad28d8-440"
Expires: Fri, 01 Dec 2023 10:44:12 GMT
Cache-Control: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3731
Cache-Control: max-age=170688
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:44:12 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:09:00 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
www.acint.net/aci.js
193.3.184.137200 OK 7.5 kB IP 193.3.184.137:0
File type ASCII text, with very long lines (1408)
Hash ae0aab6c5a2ae2e1168e74f6e6ae4741
2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://latvia4.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 01 Dec 2022 10:44:12 GMT
content-type: application/x-javascript
content-length: 7461
last-modified: Mon, 16 May 2022 07:14:50 GMT
etag: "6281f9ea-1d25"
content-encoding: gzip
expires: Thu, 01 Dec 2022 22:44:12 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash a368f259aaf691d500db779124d46ba2
5d8aecd6636d9254b5f0f698b2292d2d51cb570e
3fe12f3ad66a6916d2b5ecb0583eee79d76ed5ce90523b3e3010220e228a7c6d
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:44:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 05 Dec 2022 08:06:28 GMT
ETag: "5d8aecd6636d9254b5f0f698b2292d2d51cb570e"
Last-Modified: Thu, 01 Dec 2022 08:06:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1057
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772b39e8fd2db509-OSL
counter.yadro.ru/hit?t24.1;r;s1280*1024*24;uhttp%3A//latvia4.ru/;h%u0416%u0438%u0442%u044C%20%u0432%20%u041B%u0430%u0442%u0432%u0438%u0438%21%20%u2014%20%u041F%u043E%u0447%u0435%u043C%u0443%20%u0432%u044B%u0433%u043E%u0434%u043D%u043E%20%u043F%u043E%u043A%u0443%u043F%u0430%u0442%u044C%20%u043D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u044C%20%u0432%20%u041B%u0430%u0442%u0432%u0438%u0438;0.2579605176742483
88.212.201.198200 OK 125 B URL HTTP/1.1 counter.yadro.ru/hit?t24.1;r;s1280*1024*24;uhttp%3A//latvia4.ru/;h%u0416%u0438%u0442%u044C%20%u0432%20%u041B%u0430%u0442%u0432%u0438%u0438%21%20%u2014%20%u041F%u043E%u0447%u0435%u043C%u0443%20%u0432%u044B%u0433%u043E%u0434%u043D%u043E%20%u043F%u043E%u043A%u0443%u043F%u0430%u0442%u044C%20%u043D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u044C%20%u0432%20%u041B%u0430%u0442%u0432%u0438%u0438;0.2579605176742483
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 88 x 15\012- data
Hash feda4d11eb05bde25e45f136960100c9
7b765f5c89d554d63a9e5dc94c6d782c6c98e266
0b92354e8ca9c0b4835c381a602dfc01a1d51d6d291f4eb036efcde69efc4eb6
GET /hit?t24.1;r;s1280*1024*24;uhttp%3A//latvia4.ru/;h%u0416%u0438%u0442%u044C%20%u0432%20%u041B%u0430%u0442%u0432%u0438%u0438%21%20%u2014%20%u041F%u043E%u0447%u0435%u043C%u0443%20%u0432%u044B%u0433%u043E%u0434%u043D%u043E%20%u043F%u043E%u043A%u0443%u043F%u0430%u0442%u044C%20%u043D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u044C%20%u0432%20%u041B%u0430%u0442%u0432%u0438%u0438;0.2579605176742483 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://latvia4.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Dec 2022 10:44:12 GMT
Content-Type: image/gif
Content-Length: 125
Connection: keep-alive
Expires: Tue, 30 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
www.acint.net/mc/?dp=10
193.3.184.137302 Moved Temporarily 142 B IP 193.3.184.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 01 Dec 2022 10:44:12 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10
www.acint.net/hit/?v=0.4.0&uid=987601f5-3a4c-4fe1-8ac6-36ede2fe0c5e&dp=10&tz=%2B00%3A00&nc=81056511&u=http%3A%2F%2Flatvia4.ru%2F&r=&rs=1280x1024&t=%D0%96%D0%B8%D1%82%D1%8C%20%D0%B2%20%D0%9B%D0%B0%D1%82%D0%B2%D0%B8%D0%B8!%20%E2%80%94%20%D0%9F%D0%BE%D1%87%D0%B5%D0%BC%D1%83%20%D0%B2%D1%8B%D0%B3%D0%BE%D0%B4%D0%BD%D0%BE%20%D0%BF%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D1%82%D1%8C%20%D0%BD%D0%B5%D0%B4%D0%B2%D0%B8%D0%B6%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D1%8C%20%D0%B2%20%D0%9B%D0%B0%D1%82%D0%B2%D0%B8%D0%B8&oE=1&oP=1&dT=2022-12-01T10%3A44%3A10.846&fu=108fd438-2a78-4a10-895d-166774adc6a5
193.3.184.137302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/hit/?v=0.4.0&uid=987601f5-3a4c-4fe1-8ac6-36ede2fe0c5e&dp=10&tz=%2B00%3A00&nc=81056511&u=http%3A%2F%2Flatvia4.ru%2F&r=&rs=1280x1024&t=%D0%96%D0%B8%D1%82%D1%8C%20%D0%B2%20%D0%9B%D0%B0%D1%82%D0%B2%D0%B8%D0%B8!%20%E2%80%94%20%D0%9F%D0%BE%D1%87%D0%B5%D0%BC%D1%83%20%D0%B2%D1%8B%D0%B3%D0%BE%D0%B4%D0%BD%D0%BE%20%D0%BF%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D1%82%D1%8C%20%D0%BD%D0%B5%D0%B4%D0%B2%D0%B8%D0%B6%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D1%8C%20%D0%B2%20%D0%9B%D0%B0%D1%82%D0%B2%D0%B8%D0%B8&oE=1&oP=1&dT=2022-12-01T10%3A44%3A10.846&fu=108fd438-2a78-4a10-895d-166774adc6a5
IP 193.3.184.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /hit/?v=0.4.0&uid=987601f5-3a4c-4fe1-8ac6-36ede2fe0c5e&dp=10&tz=%2B00%3A00&nc=81056511&u=http%3A%2F%2Flatvia4.ru%2F&r=&rs=1280x1024&t=%D0%96%D0%B8%D1%82%D1%8C%20%D0%B2%20%D0%9B%D0%B0%D1%82%D0%B2%D0%B8%D0%B8!%20%E2%80%94%20%D0%9F%D0%BE%D1%87%D0%B5%D0%BC%D1%83%20%D0%B2%D1%8B%D0%B3%D0%BE%D0%B4%D0%BD%D0%BE%20%D0%BF%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D1%82%D1%8C%20%D0%BD%D0%B5%D0%B4%D0%B2%D0%B8%D0%B6%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D1%8C%20%D0%B2%20%D0%9B%D0%B0%D1%82%D0%B2%D0%B8%D0%B8&oE=1&oP=1&dT=2022-12-01T10%3A44%3A10.846&fu=108fd438-2a78-4a10-895d-166774adc6a5 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 01 Dec 2022 10:44:12 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.4.0&uid=987601f5-3a4c-4fe1-8ac6-36ede2fe0c5e&dp=10&tz=%2B00%3A00&nc=81056511&u=http%3A%2F%2Flatvia4.ru%2F&r=&rs=1280x1024&t=%D0%96%D0%B8%D1%82%D1%8C%20%D0%B2%20%D0%9B%D0%B0%D1%82%D0%B2%D0%B8%D0%B8!%20%E2%80%94%20%D0%9F%D0%BE%D1%87%D0%B5%D0%BC%D1%83%20%D0%B2%D1%8B%D0%B3%D0%BE%D0%B4%D0%BD%D0%BE%20%D0%BF%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D1%82%D1%8C%20%D0%BD%D0%B5%D0%B4%D0%B2%D0%B8%D0%B6%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D1%8C%20%D0%B2%20%D0%9B%D0%B0%D1%82%D0%B2%D0%B8%D0%B8&oE=1&oP=1&dT=2022-12-01T10%3A44%3A10.846&fu=108fd438-2a78-4a10-895d-166774adc6a5
www.acint.net/mc/?dp=10
193.3.184.137302 Found 154 B IP 193.3.184.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://latvia4.ru/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 01 Dec 2022 10:44:12 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Thu, 01-Dec-22 10:54:12 GMT
aid=fwAAAWOIhXyopwNinAOuAmkE/+hiBtTBxpdCZDVZroYFi6AI; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.4.0&uid=987601f5-3a4c-4fe1-8ac6-36ede2fe0c5e&dp=10&tz=%2B00%3A00&nc=81056511&u=http%3A%2F%2Flatvia4.ru%2F&r=&rs=1280x1024&t=%D0%96%D0%B8%D1%82%D1%8C%20%D0%B2%20%D0%9B%D0%B0%D1%82%D0%B2%D0%B8%D0%B8!%20%E2%80%94%20%D0%9F%D0%BE%D1%87%D0%B5%D0%BC%D1%83%20%D0%B2%D1%8B%D0%B3%D0%BE%D0%B4%D0%BD%D0%BE%20%D0%BF%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D1%82%D1%8C%20%D0%BD%D0%B5%D0%B4%D0%B2%D0%B8%D0%B6%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D1%8C%20%D0%B2%20%D0%9B%D0%B0%D1%82%D0%B2%D0%B8%D0%B8&oE=1&oP=1&dT=2022-12-01T10%3A44%3A10.846&fu=108fd438-2a78-4a10-895d-166774adc6a5
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.4.0&uid=987601f5-3a4c-4fe1-8ac6-36ede2fe0c5e&dp=10&tz=%2B00%3A00&nc=81056511&u=http%3A%2F%2Flatvia4.ru%2F&r=&rs=1280x1024&t=%D0%96%D0%B8%D1%82%D1%8C%20%D0%B2%20%D0%9B%D0%B0%D1%82%D0%B2%D0%B8%D0%B8!%20%E2%80%94%20%D0%9F%D0%BE%D1%87%D0%B5%D0%BC%D1%83%20%D0%B2%D1%8B%D0%B3%D0%BE%D0%B4%D0%BD%D0%BE%20%D0%BF%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D1%82%D1%8C%20%D0%BD%D0%B5%D0%B4%D0%B2%D0%B8%D0%B6%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D1%8C%20%D0%B2%20%D0%9B%D0%B0%D1%82%D0%B2%D0%B8%D0%B8&oE=1&oP=1&dT=2022-12-01T10%3A44%3A10.846&fu=108fd438-2a78-4a10-895d-166774adc6a5
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.4.0&uid=987601f5-3a4c-4fe1-8ac6-36ede2fe0c5e&dp=10&tz=%2B00%3A00&nc=81056511&u=http%3A%2F%2Flatvia4.ru%2F&r=&rs=1280x1024&t=%D0%96%D0%B8%D1%82%D1%8C%20%D0%B2%20%D0%9B%D0%B0%D1%82%D0%B2%D0%B8%D0%B8!%20%E2%80%94%20%D0%9F%D0%BE%D1%87%D0%B5%D0%BC%D1%83%20%D0%B2%D1%8B%D0%B3%D0%BE%D0%B4%D0%BD%D0%BE%20%D0%BF%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D1%82%D1%8C%20%D0%BD%D0%B5%D0%B4%D0%B2%D0%B8%D0%B6%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D1%8C%20%D0%B2%20%D0%9B%D0%B0%D1%82%D0%B2%D0%B8%D0%B8&oE=1&oP=1&dT=2022-12-01T10%3A44%3A10.846&fu=108fd438-2a78-4a10-895d-166774adc6a5 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://latvia4.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 01 Dec 2022 10:44:12 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=fwAAAWOIhXyopwNinAPyAtX9Iq/Ea+V2QD+TFcsW/ovj6EXq; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.163.114.208101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.114.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pPK8rrDiEIKQnHsbeH9/OQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: w63yq9+uFdlbHtYh7HMYbDEa59I=
a.utraff.com/sync?ssp=sape
104.21.59.66204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=sape
IP 104.21.59.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 01 Dec 2022 10:44:12 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Sat, 31 Dec 2022 13:44:12 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Sat, 31 Dec 2022 13:44:12 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtcckcZrDdzNLGzv7eYWTgPjdn%2FlVLlh4NFRP%2F8fD8z4QrKJQfyN78rlSovnkq5S6%2Fkgno4XWeMcJVJknkPN6SFWdYen17DOui0exrcgUdvv%2BJ6M42jDD8NRh4BziJY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772b39eaf8cbb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F7C8588636203A7A802AE039C
95.216.101.186302 Found 0 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F7C8588636203A7A802AE039C
IP 95.216.101.186:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 01 Dec 2022 10:44:12 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=180834e3-7165-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 01 Dec 2023 10:44:12 GMT; SameSite=None; Secure
uid-legacy=180834e3-7165-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 01 Dec 2023 10:44:12 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F7C8588636203A7A802AE039C&cs=1
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F7C8588636203A7A802AE039C&cs=1
95.216.101.186200 OK 35 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F7C8588636203A7A802AE039C&cs=1
IP 95.216.101.186:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F7C8588636203A7A802AE039C&cs=1 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=180834e3-7165-11ed-8ff0-f832e4719dd9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 10:44:12 GMT
content-type: image/gif
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=180834e3-7165-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 01 Dec 2023 10:44:12 GMT; SameSite=None; Secure
uid-legacy=180834e3-7165-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 01 Dec 2023 10:44:12 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a378e3cc6029dde181c06e0e0568cfa5
0eedaf829e2aa8ed4515963f324fda6ce6c1a024
00c029ae05bbc62c592d0aa39980d2143aa880833cbda0cf89301c2d7b790897
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00C029AE05BBC62C592D0AA39980D2143AA880833CBDA0CF89301C2D7B790897"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10868
Expires: Thu, 01 Dec 2022 13:45:20 GMT
Date: Thu, 01 Dec 2022 10:44:12 GMT
Connection: keep-alive
dm-eu.hybrid.ai/match?id=106&vid=0100007F7C8588636203A7A802AE039C
37.18.103.21204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=0100007F7C8588636203A7A802AE039C
IP 37.18.103.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 01 Dec 2022 10:44:12 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=c9a53b35231490385945; Expires=Fri, 01 Dec 2023 10:44:12 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 510
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b70adf021425d7e992c7cd64481c8e31
cb773403e99992c587353a18b06b4fdf3437d316
5e368e20981d070814b693ec0fdf1ed743a4b7219d53c4059e35411bf0392c0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E368E20981D070814B693EC0FDF1ED743A4B7219D53C4059E35411BF0392C0D"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10699
Expires: Thu, 01 Dec 2022 13:42:31 GMT
Date: Thu, 01 Dec 2022 10:44:12 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 5c517dcfeb99f9d6c7822aa13b3995ba
c20202761443403b6e7876e74fd3cbbc17c7040f
88935477202eca2e97aab2f879e5c3ac497499075a4982941502ca906540da1f
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:44:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 05 Dec 2022 07:25:13 GMT
ETag: "c20202761443403b6e7876e74fd3cbbc17c7040f"
Last-Modified: Thu, 01 Dec 2022 07:25:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1772
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772b39ec092eb509-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2a7b2dbd296e7ec389971e8e975a0fb6
a38083a925384e862f6e107899fffaaa852164de
465d5b596f237bf9e3ec87551496e6a43630acdf756fdf4b2e04969ecc82cafa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5232
Cache-Control: max-age=136550
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:44:12 GMT
Etag: "6387e372-117"
Expires: Sat, 03 Dec 2022 00:40:02 GMT
Last-Modified: Wed, 30 Nov 2022 23:12:50 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9d8826b25f34b06c8e8e429a0bfbe2de
735bf7d5ba8a596a5575696d3dd3d04f418fa442
234b943fc5baa922c0c87a98085a1ce506146c1460d1db179f16b45809778cf0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "234B943FC5BAA922C0C87A98085A1CE506146C1460D1DB179F16B45809778CF0"
Last-Modified: Wed, 30 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18198
Expires: Thu, 01 Dec 2022 15:47:30 GMT
Date: Thu, 01 Dec 2022 10:44:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ba2c74384048845e67ea414a305f1b3d
f199f6d359b0a0f894e63ede45b8f1a0f81e2f05
0033f5a92be8b7b3f561af35a3efffc60f2469da3985ba66f02809895f98bc64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0033F5A92BE8B7B3F561AF35A3EFFFC60F2469DA3985BA66F02809895F98BC64"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17540
Expires: Thu, 01 Dec 2022 15:36:32 GMT
Date: Thu, 01 Dec 2022 10:44:12 GMT
Connection: keep-alive
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 16d08b1b92e114db93b8afb8b6449cc4
d138b1be44421d0711fd2a9a987d22d433e832f3
5f51ff6df0277ab8bc37a5603a457fe533c5e309221989fd84fdfb3b9cc062d1
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:44:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 05 Dec 2022 08:49:42 GMT
ETag: "d138b1be44421d0711fd2a9a987d22d433e832f3"
Last-Modified: Thu, 01 Dec 2022 08:49:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3420
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772b39ec3b64b529-OSL
sync.dmp.otm-r.com/match/sape?id=0100007F7C8588636203A7A802AE039C
194.55.244.181204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=0100007F7C8588636203A7A802AE039C
IP 194.55.244.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.23.2
date: Thu, 01 Dec 2022 10:44:12 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fcda4541830adb0b51a55d5023f0802c
09dbb3a30d73fde250bf6d762b6d6c8382d3ae48
e9cc5817294bc775bc663924c3f81e27e8d7c4059ab1ac7fe2df1065d8cb7ec7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9CC5817294BC775BC663924C3F81E27E8D7C4059AB1AC7FE2DF1065D8CB7EC7"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17861
Expires: Thu, 01 Dec 2022 15:41:53 GMT
Date: Thu, 01 Dec 2022 10:44:12 GMT
Connection: keep-alive
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
193.3.184.200302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP 193.3.184.200:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 01 Dec 2022 10:44:12 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=2503420A7C858863A900869A0279C58F
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDJWOIhXyahgCpj8V5AvBKJ49XytVpmf/3Vfd2I9xywmva; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a51bed3d90e4059a74ba9368573a2147
a3435cd6360fff30efb00edf9867583870965d5e
df8bc13f0a8eaa6496dafa686c74add64ea7356acfd00788920a86a9bc02e273
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8BC13F0A8EAA6496DAFA686C74ADD64EA7356ACFD00788920A86A9BC02E273"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13008
Expires: Thu, 01 Dec 2022 14:21:00 GMT
Date: Thu, 01 Dec 2022 10:44:12 GMT
Connection: keep-alive
sync.republer.com/match?dsp=sape
23.88.82.46204 No Content 0 B URL HTTP/2 sync.republer.com/match?dsp=sape
IP 23.88.82.46:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?dsp=sape HTTP/1.1
Host: sync.republer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 01 Dec 2022 10:44:12 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4455b95998dcb02c0d77783b31bdda21
f743e50c365ad063ac17c26190d751c8655c028c
6d9938a902700069b2aaf56b242d06fb0475be4868472373d8c9b30cbfce707d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D9938A902700069B2AAF56B242D06FB0475BE4868472373D8C9B30CBFCE707D"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11600
Expires: Thu, 01 Dec 2022 13:57:32 GMT
Date: Thu, 01 Dec 2022 10:44:12 GMT
Connection: keep-alive
0100007f7c8588636203a7a802ae039c-sp.ops.beeline.ru/p?ssp=sp&id=0100007F7C8588636203A7A802AE039C
37.9.245.57301 Moved Permanently 0 B URL HTTP/2 0100007f7c8588636203a7a802ae039c-sp.ops.beeline.ru/p?ssp=sp&id=0100007F7C8588636203A7A802AE039C
IP 37.9.245.57:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&id=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: 0100007f7c8588636203a7a802ae039c-sp.ops.beeline.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 10:44:12 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=d6abe417-aadd-408f-8f51-e1eef83b4bfe
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=d6abe417-aadd-408f-8f51-e1eef83b4bfe; expires=Wed, 22 Nov 2023 10:44:12 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.32
X-Firefox-Spdy: h2
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
185.147.80.35302 Found 0 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP 185.147.80.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Thu, 01 Dec 2022 10:44:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=ARRYGNQM
Set-Cookie: uid=ARRYGNQM; Expires=Thu, 01 Dec 2032 00:00:00 GMT; mf2=1; Expires=Sat, 31 Dec 2022 00:00:00 GMT;
www.acint.net/match?dp=129&euid=iaexcjm4e0
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=iaexcjm4e0
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=iaexcjm4e0 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOIhXyopwNinAPyAtX9Iq/Ea+V2QD+TFcsW/ovj6EXq; cSyncDp7v2=1669891452; cSyncDp14v3=1669891452; cSyncDp17=1669891452; cSyncDp32=1669891452; cSyncDp45v3=1669891452; cSyncDp53=1669891452; cSyncDp54v2=1669891452; cSyncDp62=1669891452; cSyncDp67v2=1669891452; cSyncDp68=1669891452; cSyncDp71=1669891452; cSyncDp77=1669891452; cSyncDp84=1669891452; cSyncDp85=1669891452; cSyncDp95v3=1669891452; cSyncDp101=1669891452; cSyncDp104v2=1669891452; cSyncDp107=1669891452; cSyncDp110=1669891452; cSyncDp111v2=1669891452; cSyncDp112v2=1669891452; cSyncDp125v2=1669891452; cSyncDp126=1669891452; cSyncDp127=1669891452; cSyncDp129=1669891452; cSyncDp136v2=1669891452; cSyncDp138=1669891452; cSyncDp146=1669891452; cSyncDp148=1669891452; cSyncDp149v2=1669891452; cSyncDp151=1669891452; cSyncDp178=1669891452; cSyncDp179=1669891452; cSyncDp186=1669891452; cSyncDp221=1669891452
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 01 Dec 2022 10:44:12 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ut.rktch.com/matchspm?pi=1000005&pui=0100007F7C8588636203A7A802AE039C
89.108.97.2302 Found 0 B URL HTTP/1.1 ut.rktch.com/matchspm?pi=1000005&pui=0100007F7C8588636203A7A802AE039C
IP 89.108.97.2:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /matchspm?pi=1000005&pui=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: ut.rktch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Thu, 01 Dec 2022 10:44:12 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=5cf856b17cbc012f0ee6c2bf44704ac533a0; Max-Age=2592000; Expires=Sat, 31 Dec 2022 10:44:12 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ef4e8eb1e0f07b1edd0ae55f6bd5a2a
55dc5b42b7e8f110fd0d59234275ce0043d0adca
a4d6e816fee030f8012ce8b5804fd80fb451f6b91aa42e7e96c6c441048e1df7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4D6E816FEE030F8012CE8B5804FD80FB451F6B91AA42E7E96C6C441048E1DF7"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10989
Expires: Thu, 01 Dec 2022 13:47:21 GMT
Date: Thu, 01 Dec 2022 10:44:12 GMT
Connection: keep-alive
sync.upravel.com/sape/sync
148.251.129.43302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP 148.251.129.43:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 01 Dec 2022 10:44:12 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1669891452871;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1669891452871;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
mediatoday.ru/core/match.gif?s=32&id=0100007F7C8588636203A7A802AE039C
139.45.228.111200 OK 43 B URL HTTP/2 mediatoday.ru/core/match.gif?s=32&id=0100007F7C8588636203A7A802AE039C
IP 139.45.228.111:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /core/match.gif?s=32&id=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.22.0
date: Thu, 01 Dec 2022 10:44:12 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUfQAwebOzuhAbC; expires=Sun, 28-Nov-2032 10:44:12 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2
stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F7C8588636203A7A802AE039C
109.248.237.36302 Found 0 B URL HTTP/2 stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F7C8588636203A7A802AE039C
IP 109.248.237.36:0
ASN #201009 Centre of server systems Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge_gpsid/?sid=50&id=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: stat.adlabs.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 01 Dec 2022 10:30:15 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007F7C8588636203A7A802AE039C
X-Firefox-Spdy: h2
nr.bidderstack.com/sape/cm?user_id=0100007F7C8588636203A7A802AE039C
23.88.12.14200 OK 44 B URL HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=0100007F7C8588636203A7A802AE039C
IP 23.88.12.14:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
GET /sape/cm?user_id=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 10:44:12 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=b198ef6b-b06e-4f33-a20d-5ff82e187627; domain=.bidderstack.com; path=/; expires=Fri, 01-Dec-2023 10:44:12 GMT;
Access-Control-Allow-Credentials: true
s.uuidksinc.net/match/396/?remote_uid=0100007F7C8588636203A7A802AE039C
185.98.54.153302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=0100007F7C8588636203A7A802AE039C
IP 185.98.54.153:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Thu, 01 Dec 2022 10:44:12 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=wcOv1yAZ4j0YRZs7jbxa
set-cookie: jcsuuid=wcOv1yAZ4j0YRZs7jbxa; expires=Fri, 01 Dec 2023 10:44:12 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ef4e8eb1e0f07b1edd0ae55f6bd5a2a
55dc5b42b7e8f110fd0d59234275ce0043d0adca
a4d6e816fee030f8012ce8b5804fd80fb451f6b91aa42e7e96c6c441048e1df7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4D6E816FEE030F8012CE8B5804FD80FB451F6B91AA42E7E96C6C441048E1DF7"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10989
Expires: Thu, 01 Dec 2022 13:47:21 GMT
Date: Thu, 01 Dec 2022 10:44:12 GMT
Connection: keep-alive
acint.net/match?dp=14&euid=2503420A7C858863A900869A0279C58F
193.3.184.137200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=2503420A7C858863A900869A0279C58F
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=2503420A7C858863A900869A0279C58F HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOIhXyopwNinAPyAtX9Iq/Ea+V2QD+TFcsW/ovj6EXq; cSyncDp7v2=1669891452; cSyncDp14v3=1669891452; cSyncDp17=1669891452; cSyncDp32=1669891452; cSyncDp45v3=1669891452; cSyncDp53=1669891452; cSyncDp54v2=1669891452; cSyncDp62=1669891452; cSyncDp67v2=1669891452; cSyncDp68=1669891452; cSyncDp71=1669891452; cSyncDp77=1669891452; cSyncDp84=1669891452; cSyncDp85=1669891452; cSyncDp95v3=1669891452; cSyncDp101=1669891452; cSyncDp104v2=1669891452; cSyncDp107=1669891452; cSyncDp110=1669891452; cSyncDp111v2=1669891452; cSyncDp112v2=1669891452; cSyncDp125v2=1669891452; cSyncDp126=1669891452; cSyncDp127=1669891452; cSyncDp129=1669891452; cSyncDp136v2=1669891452; cSyncDp138=1669891452; cSyncDp146=1669891452; cSyncDp148=1669891452; cSyncDp149v2=1669891452; cSyncDp151=1669891452; cSyncDp178=1669891452; cSyncDp179=1669891452; cSyncDp186=1669891452; cSyncDp221=1669891452
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 01 Dec 2022 10:44:12 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
acint.net/match?dp=110&euid=e1851913e1744eb182571a971338ad61
193.3.184.137200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=e1851913e1744eb182571a971338ad61
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=e1851913e1744eb182571a971338ad61 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOIhXyopwNinAPyAtX9Iq/Ea+V2QD+TFcsW/ovj6EXq; cSyncDp7v2=1669891452; cSyncDp14v3=1669891452; cSyncDp17=1669891452; cSyncDp32=1669891452; cSyncDp45v3=1669891452; cSyncDp53=1669891452; cSyncDp54v2=1669891452; cSyncDp62=1669891452; cSyncDp67v2=1669891452; cSyncDp68=1669891452; cSyncDp71=1669891452; cSyncDp77=1669891452; cSyncDp84=1669891452; cSyncDp85=1669891452; cSyncDp95v3=1669891452; cSyncDp101=1669891452; cSyncDp104v2=1669891452; cSyncDp107=1669891452; cSyncDp110=1669891452; cSyncDp111v2=1669891452; cSyncDp112v2=1669891452; cSyncDp125v2=1669891452; cSyncDp126=1669891452; cSyncDp127=1669891452; cSyncDp129=1669891452; cSyncDp136v2=1669891452; cSyncDp138=1669891452; cSyncDp146=1669891452; cSyncDp148=1669891452; cSyncDp149v2=1669891452; cSyncDp151=1669891452; cSyncDp178=1669891452; cSyncDp179=1669891452; cSyncDp186=1669891452; cSyncDp221=1669891452
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 01 Dec 2022 10:44:12 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
match.new-programmatic.com/userbind?src=sape&id=0100007F7C8588636203A7A802AE039C
217.65.2.150204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=0100007F7C8588636203A7A802AE039C
IP 217.65.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Thu, 01 Dec 2022 10:26:12 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
sync.bumlam.com/?src=sap1&uid=0100007F7C8588636203A7A802AE039C
31.172.81.160302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=0100007F7C8588636203A7A802AE039C
IP 31.172.81.160:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 01 Dec 2022 10:44:12 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQxODI2ZDYyMC03MTY1LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 26 Nov 2042 10:44:12 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARj8iqKcBmIgMDEwMDAwN0Y3Qzg1ODg2MzYyMDNBN0E4MDJBRTAzOUOiARAYJtYgcWUR7YbgACWQwGR8
ETag: 1826d620-7165-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
www.acint.net/match?dp=111&euid=d6abe417-aadd-408f-8f51-e1eef83b4bfe
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=111&euid=d6abe417-aadd-408f-8f51-e1eef83b4bfe
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=111&euid=d6abe417-aadd-408f-8f51-e1eef83b4bfe HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOIhXyopwNinAPyAtX9Iq/Ea+V2QD+TFcsW/ovj6EXq; cSyncDp7v2=1669891452; cSyncDp14v3=1669891452; cSyncDp17=1669891452; cSyncDp32=1669891452; cSyncDp45v3=1669891452; cSyncDp53=1669891452; cSyncDp54v2=1669891452; cSyncDp62=1669891452; cSyncDp67v2=1669891452; cSyncDp68=1669891452; cSyncDp71=1669891452; cSyncDp77=1669891452; cSyncDp84=1669891452; cSyncDp85=1669891452; cSyncDp95v3=1669891452; cSyncDp101=1669891452; cSyncDp104v2=1669891452; cSyncDp107=1669891452; cSyncDp110=1669891452; cSyncDp111v2=1669891452; cSyncDp112v2=1669891452; cSyncDp125v2=1669891452; cSyncDp126=1669891452; cSyncDp127=1669891452; cSyncDp129=1669891452; cSyncDp136v2=1669891452; cSyncDp138=1669891452; cSyncDp146=1669891452; cSyncDp148=1669891452; cSyncDp149v2=1669891452; cSyncDp151=1669891452; cSyncDp178=1669891452; cSyncDp179=1669891452; cSyncDp186=1669891452; cSyncDp221=1669891452
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 01 Dec 2022 10:44:12 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash df027e5b54fe62d3886c6e32a20b8aa3
7d688bad1c351bbde75e7654eff8c371fb80fc3f
6aa339a9b6221ad68783e801fbd9b9c0f551840bc82a7f6a1ea347b8b4215ca2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA339A9B6221AD68783E801FBD9B9C0F551840BC82A7F6A1EA347B8B4215CA2"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16759
Expires: Thu, 01 Dec 2022 15:23:31 GMT
Date: Thu, 01 Dec 2022 10:44:12 GMT
Connection: keep-alive
www.acint.net/match?dp=95&euid=ARRYGNQM
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=ARRYGNQM
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=ARRYGNQM HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOIhXyopwNinAPyAtX9Iq/Ea+V2QD+TFcsW/ovj6EXq; cSyncDp7v2=1669891452; cSyncDp14v3=1669891452; cSyncDp17=1669891452; cSyncDp32=1669891452; cSyncDp45v3=1669891452; cSyncDp53=1669891452; cSyncDp54v2=1669891452; cSyncDp62=1669891452; cSyncDp67v2=1669891452; cSyncDp68=1669891452; cSyncDp71=1669891452; cSyncDp77=1669891452; cSyncDp84=1669891452; cSyncDp85=1669891452; cSyncDp95v3=1669891452; cSyncDp101=1669891452; cSyncDp104v2=1669891452; cSyncDp107=1669891452; cSyncDp110=1669891452; cSyncDp111v2=1669891452; cSyncDp112v2=1669891452; cSyncDp125v2=1669891452; cSyncDp126=1669891452; cSyncDp127=1669891452; cSyncDp129=1669891452; cSyncDp136v2=1669891452; cSyncDp138=1669891452; cSyncDp146=1669891452; cSyncDp148=1669891452; cSyncDp149v2=1669891452; cSyncDp151=1669891452; cSyncDp178=1669891452; cSyncDp179=1669891452; cSyncDp186=1669891452; cSyncDp221=1669891452
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 01 Dec 2022 10:44:12 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/check?sspuid=0100007F7C8588636203A7A802AE039C
31.172.81.159302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/check?sspuid=0100007F7C8588636203A7A802AE039C
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/check?sspuid=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 01 Dec 2022 10:44:12 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape
sync.bumlam.com/?src=sap1&s_data=CAIQARj8iqKcBmIgMDEwMDAwN0Y3Qzg1ODg2MzYyMDNBN0E4MDJBRTAzOUOiARAYJtYgcWUR7YbgACWQwGR8
31.172.81.160200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARj8iqKcBmIgMDEwMDAwN0Y3Qzg1ODg2MzYyMDNBN0E4MDJBRTAzOUOiARAYJtYgcWUR7YbgACWQwGR8
IP 31.172.81.160:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARj8iqKcBmIgMDEwMDAwN0Y3Qzg1ODg2MzYyMDNBN0E4MDJBRTAzOUOiARAYJtYgcWUR7YbgACWQwGR8 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQxODI2ZDYyMC03MTY1LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 10:44:12 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQxODI2ZDYyMC03MTY1LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 26 Nov 2042 10:44:12 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
148.251.129.43302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP 148.251.129.43:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1669891452871
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 01 Dec 2022 10:44:12 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=86492428-60eb-4238-b7e9-9d43cd1b53e3;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=86492428-60eb-4238-b7e9-9d43cd1b53e3;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=86492428-60eb-4238-b7e9-9d43cd1b53e3
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
www.acint.net/match?dp=127&euid=wcOv1yAZ4j0YRZs7jbxa
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=wcOv1yAZ4j0YRZs7jbxa
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=wcOv1yAZ4j0YRZs7jbxa HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOIhXyopwNinAPyAtX9Iq/Ea+V2QD+TFcsW/ovj6EXq; cSyncDp7v2=1669891452; cSyncDp14v3=1669891452; cSyncDp17=1669891452; cSyncDp32=1669891452; cSyncDp45v3=1669891452; cSyncDp53=1669891452; cSyncDp54v2=1669891452; cSyncDp62=1669891452; cSyncDp67v2=1669891452; cSyncDp68=1669891452; cSyncDp71=1669891452; cSyncDp77=1669891452; cSyncDp84=1669891452; cSyncDp85=1669891452; cSyncDp95v3=1669891452; cSyncDp101=1669891452; cSyncDp104v2=1669891452; cSyncDp107=1669891452; cSyncDp110=1669891452; cSyncDp111v2=1669891452; cSyncDp112v2=1669891452; cSyncDp125v2=1669891452; cSyncDp126=1669891452; cSyncDp127=1669891452; cSyncDp129=1669891452; cSyncDp136v2=1669891452; cSyncDp138=1669891452; cSyncDp146=1669891452; cSyncDp148=1669891452; cSyncDp149v2=1669891452; cSyncDp151=1669891452; cSyncDp178=1669891452; cSyncDp179=1669891452; cSyncDp186=1669891452; cSyncDp221=1669891452
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 01 Dec 2022 10:44:12 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
cs.agency2.ru/p?ssp=sp&uid=0100007F7C8588636203A7A802AE039C
23.111.107.44301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=0100007F7C8588636203A7A802AE039C
IP 23.111.107.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Dec 2022 10:44:12 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=57226e56-1839-4616-892b-e2c3c30b924a
Set-Cookie: uuid=57226e56-1839-4616-892b-e2c3c30b924a; expires=Wed, 22 Nov 2023 10:44:12 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ffea812856bc24a6463d3d67e2a07ef8
ca11e04261441a6a1baf10061acaf2ec8bd947ea
8d18599c6db1f4613bdf981433065d8847e89bf4ab2a6dac5b9d583189ff518c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 23:26:48 GMT
Expires: Wed, 07 Dec 2022 23:26:47 GMT
Etag: "ca11e04261441a6a1baf10061acaf2ec8bd947ea"
Cache-Control: max-age=563554,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772b39ecfcd00b3d-OSL
sync.bumlam.com/?src=sape
31.172.81.160302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape
IP 31.172.81.160:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQxODI2ZDYyMC03MTY1LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 01 Dec 2022 10:44:12 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQxODI2ZDYyMC03MTY1LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 26 Nov 2042 10:44:12 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=1826d620-7165-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
www.acint.net/match?dp=71&euid=86492428-60eb-4238-b7e9-9d43cd1b53e3
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=86492428-60eb-4238-b7e9-9d43cd1b53e3
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=86492428-60eb-4238-b7e9-9d43cd1b53e3 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOIhXyopwNinAPyAtX9Iq/Ea+V2QD+TFcsW/ovj6EXq; cSyncDp7v2=1669891452; cSyncDp14v3=1669891452; cSyncDp17=1669891452; cSyncDp32=1669891452; cSyncDp45v3=1669891452; cSyncDp53=1669891452; cSyncDp54v2=1669891452; cSyncDp62=1669891452; cSyncDp67v2=1669891452; cSyncDp68=1669891452; cSyncDp71=1669891452; cSyncDp77=1669891452; cSyncDp84=1669891452; cSyncDp85=1669891452; cSyncDp95v3=1669891452; cSyncDp101=1669891452; cSyncDp104v2=1669891452; cSyncDp107=1669891452; cSyncDp110=1669891452; cSyncDp111v2=1669891452; cSyncDp112v2=1669891452; cSyncDp125v2=1669891452; cSyncDp126=1669891452; cSyncDp127=1669891452; cSyncDp129=1669891452; cSyncDp136v2=1669891452; cSyncDp138=1669891452; cSyncDp146=1669891452; cSyncDp148=1669891452; cSyncDp149v2=1669891452; cSyncDp151=1669891452; cSyncDp178=1669891452; cSyncDp179=1669891452; cSyncDp186=1669891452; cSyncDp221=1669891452
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 01 Dec 2022 10:44:12 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b37388c5377b1c2d45acb58628d011ce
810f4fd8ce20869c6bb9347f10913766c7595936
3de70402913d9e806db7365e19f90ae03251548e03777f9ddd3980db8873d46a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3DE70402913D9E806DB7365E19F90AE03251548E03777F9DDD3980DB8873D46A"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20701
Expires: Thu, 01 Dec 2022 16:29:14 GMT
Date: Thu, 01 Dec 2022 10:44:13 GMT
Connection: keep-alive
www.acint.net/match?dp=186&euid=57226e56-1839-4616-892b-e2c3c30b924a
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=57226e56-1839-4616-892b-e2c3c30b924a
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=57226e56-1839-4616-892b-e2c3c30b924a HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOIhXyopwNinAPyAtX9Iq/Ea+V2QD+TFcsW/ovj6EXq; cSyncDp7v2=1669891452; cSyncDp14v3=1669891452; cSyncDp17=1669891452; cSyncDp32=1669891452; cSyncDp45v3=1669891452; cSyncDp53=1669891452; cSyncDp54v2=1669891452; cSyncDp62=1669891452; cSyncDp67v2=1669891452; cSyncDp68=1669891452; cSyncDp71=1669891452; cSyncDp77=1669891452; cSyncDp84=1669891452; cSyncDp85=1669891452; cSyncDp95v3=1669891452; cSyncDp101=1669891452; cSyncDp104v2=1669891452; cSyncDp107=1669891452; cSyncDp110=1669891452; cSyncDp111v2=1669891452; cSyncDp112v2=1669891452; cSyncDp125v2=1669891452; cSyncDp126=1669891452; cSyncDp127=1669891452; cSyncDp129=1669891452; cSyncDp136v2=1669891452; cSyncDp138=1669891452; cSyncDp146=1669891452; cSyncDp148=1669891452; cSyncDp149v2=1669891452; cSyncDp151=1669891452; cSyncDp178=1669891452; cSyncDp179=1669891452; cSyncDp186=1669891452; cSyncDp221=1669891452
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 01 Dec 2022 10:44:13 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/sync_ok?guid=1826d620-7165-11ed-86e0-002590c0647c
31.172.81.159302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/sync_ok?guid=1826d620-7165-11ed-86e0-002590c0647c
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/sync_ok?guid=1826d620-7165-11ed-86e0-002590c0647c HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQxODI2ZDYyMC03MTY1LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://1826d620-7165-11ed-86e0-002590c0647c.n6.sync.bumlam.com/?src=sape
dmp.gotechnology.io/match/sape?id=0100007F7C8588636203A7A802AE039C
142.132.209.138302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=0100007F7C8588636203A7A802AE039C
IP 142.132.209.138:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 01 Dec 2022 10:44:13 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=0100007F7C8588636203A7A802AE039C&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
dmp.gotechnology.io/match/sape?id=0100007F7C8588636203A7A802AE039C&chk=1
142.132.209.138302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=0100007F7C8588636203A7A802AE039C&chk=1
IP 142.132.209.138:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0100007F7C8588636203A7A802AE039C&chk=1 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 01 Dec 2022 10:44:13 GMT
content-length: 0
location: https://an.yandex.ru/mapuid/gonetdspis/NGFiZWQxNGE0YzBlNzdhYw
set-cookie: pid=NGFiZWQxNGE0YzBlNzdhYw; expires=Fri, 01 Dec 2023 10:44:13 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6b9efc56a5c83007514905bc0fbb010e
9133a19f469b8cc3d2fb36399c0955554b0fe1da
d0c5cd5deea1f0b5e77402c785309b5088f732f05ddb5a2ef90f66541c4f0aa5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 15:41:02 GMT
Expires: Tue, 06 Dec 2022 15:41:01 GMT
Etag: "9133a19f469b8cc3d2fb36399c0955554b0fe1da"
Cache-Control: max-age=449207,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772b39ec9beab529-OSL
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
116.202.236.171301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP 116.202.236.171:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash 3c97cfaebea5868b986c9bcbcd0a965e
a8cb66855dcfc3afe483cd3af19f6af7fddacdd9
1c396ddb388526ab6d1aed6abe3c8fb8b518d1c65256131e1e97e8ef21ad8990
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 01 Dec 2022 10:44:12 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=f7531c1d-c3c6-47e1-7a35-ef6a225cbfaa
serverid: TODO
X-Firefox-Spdy: h2
adlmerge.com/merge_gpsid/?sid=50&id=0100007F7C8588636203A7A802AE039C
95.211.66.35200 OK 546 B URL HTTP/2 adlmerge.com/merge_gpsid/?sid=50&id=0100007F7C8588636203A7A802AE039C
IP 95.211.66.35:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 139d1fd58ece9fb4992e36f3f236e387
cb024f0d3af6e6870d4bc7c6630f5c8be2d443e6
5c262fae6c78d7b38e9427c0fde4fcd567cc37ead39b336f5ea5eaed0f8e32e5
GET /merge_gpsid/?sid=50&id=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: adlmerge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Thu, 01 Dec 2022 10:44:13 GMT
content-type: image/gif
iseu: eu
X-Firefox-Spdy: h2
www.acint.net/match?dp=126&euid=f7531c1d-c3c6-47e1-7a35-ef6a225cbfaa
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=f7531c1d-c3c6-47e1-7a35-ef6a225cbfaa
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=f7531c1d-c3c6-47e1-7a35-ef6a225cbfaa HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOIhXyopwNinAPyAtX9Iq/Ea+V2QD+TFcsW/ovj6EXq; cSyncDp7v2=1669891452; cSyncDp14v3=1669891452; cSyncDp17=1669891452; cSyncDp32=1669891452; cSyncDp45v3=1669891452; cSyncDp53=1669891452; cSyncDp54v2=1669891452; cSyncDp62=1669891452; cSyncDp67v2=1669891452; cSyncDp68=1669891452; cSyncDp71=1669891452; cSyncDp77=1669891452; cSyncDp84=1669891452; cSyncDp85=1669891452; cSyncDp95v3=1669891452; cSyncDp101=1669891452; cSyncDp104v2=1669891452; cSyncDp107=1669891452; cSyncDp110=1669891452; cSyncDp111v2=1669891452; cSyncDp112v2=1669891452; cSyncDp125v2=1669891452; cSyncDp126=1669891452; cSyncDp127=1669891452; cSyncDp129=1669891452; cSyncDp136v2=1669891452; cSyncDp138=1669891452; cSyncDp146=1669891452; cSyncDp148=1669891452; cSyncDp149v2=1669891452; cSyncDp151=1669891452; cSyncDp178=1669891452; cSyncDp179=1669891452; cSyncDp186=1669891452; cSyncDp221=1669891452
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 01 Dec 2022 10:44:13 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
1826d620-7165-11ed-86e0-002590c0647c.n6.sync.bumlam.com/?src=sape
82.146.53.26302 Moved Temporarily 0 B URL HTTP/1.1 1826d620-7165-11ed-86e0-002590c0647c.n6.sync.bumlam.com/?src=sape
IP 82.146.53.26:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: 1826d620-7165-11ed-86e0-002590c0647c.n6.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQxODI2ZDYyMC03MTY1LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Length: 0
Connection: close
Location: https://pix.bumlam.com/sync/sape/done
pix.bumlam.com/sync/sape/done
31.172.81.159200 OK 43 B URL HTTP/1.1 pix.bumlam.com/sync/sape/done
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQxODI2ZDYyMC03MTY1LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:44:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf3yFiGNiA6eoAq4DnA
142.250.74.98200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf3yFiGNiA6eoAq4DnA
IP 142.250.74.98:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf3yFiGNiA6eoAq4DnA HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Thu, 01 Dec 2022 10:44:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 419d9c1b2ce3433f5a3017d043293dc5
cae4a0a9ca7cf04789c9a3d4854479fdb30f9bd9
258f1906d0dd610a44c08c08d07bfbdd638414bfefd8d7dde187931e98bc6f97
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 05 Dec 2022 10:09:13 GMT
ETag: "cae4a0a9ca7cf04789c9a3d4854479fdb30f9bd9"
Last-Modified: Thu, 01 Dec 2022 10:09:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1014
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772b39ef4fdfb529-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 419d9c1b2ce3433f5a3017d043293dc5
cae4a0a9ca7cf04789c9a3d4854479fdb30f9bd9
258f1906d0dd610a44c08c08d07bfbdd638414bfefd8d7dde187931e98bc6f97
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 05 Dec 2022 10:09:13 GMT
ETag: "cae4a0a9ca7cf04789c9a3d4854479fdb30f9bd9"
Last-Modified: Thu, 01 Dec 2022 10:09:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1014
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772b39ef5804b529-OSL
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
195.209.108.36302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP 195.209.108.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-5911567351; expires=Sat, 30 Nov 2024 10:44:13 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5911567351
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F7C8588636203A7A802AE039C
81.222.128.214200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F7C8588636203A7A802AE039C
IP 81.222.128.214:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash c0cd305ec6c4cfbf537db23bc4a7cb95
c811e783a96c2799166c57a2111937a33b7a09d5
f079546a6eb777219b1490bd070620943fb7435446aa2551835d9669bb5514ba
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Mon, 05 Dec 2022 08:59:02 GMT
ETag: "c811e783a96c2799166c57a2111937a33b7a09d5"
Last-Modified: Thu, 01 Dec 2022 08:59:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1818
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772b39ef988ab529-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 234a4a3c9c97d9e0e2cf3ad636b261a2
c86bd7e17dadc388154f74cb8cf8428afb2e5cd1
03c44be1aeb057ccc44b023524358f834522f123189eafdc01a9d5e06b16e225
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 04:09:16 GMT
Expires: Tue, 06 Dec 2022 04:09:15 GMT
Etag: "c86bd7e17dadc388154f74cb8cf8428afb2e5cd1"
Cache-Control: max-age=407701,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772b39ef6f010b3d-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:44:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 297a37937697cb8d80cf0989e578a412
56be3aeafd84e69e0b6e1d563110983108704d2f
6e50cbb027fce034bc4f8db661ee1a5c310e217da160aeba8eab66ec79d77332
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Mon, 05 Dec 2022 09:39:57 GMT
ETag: "56be3aeafd84e69e0b6e1d563110983108704d2f"
Last-Modified: Thu, 01 Dec 2022 09:39:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 422
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772b39efe8e5b529-OSL
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F7C8588636203A7A802AE039C
188.42.34.65302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F7C8588636203A7A802AE039C
IP 188.42.34.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=0100007F7C8588636203A7A802AE039C&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 01 Dec 2023 10:44:13 GMT; Path=/; Domain=.betweendigital.com
tuuid=3d5e43dc-270f-524f-a4d2-68f0c75aed8d; Max-Age=31536000; Expires=Fri, 01 Dec 2023 10:44:13 GMT; Path=/; Domain=.betweendigital.com
ut=Y4iFfQAL2yjPH2Gdtr4Q05XBCnj4CmNVKDJXVA==; Max-Age=31536000; Expires=Fri, 01 Dec 2023 10:44:13 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e29e1b6a4d7d8b622c0811f54ace7327
562bfa8688eba658bf77c7e51ef2e5a720b7b86d
15d20b692ecc0e6b10dd88945e5cdec4db6f4b98b4d06d55222e2df2d2ea0c40
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 04:18:21 GMT
Expires: Mon, 05 Dec 2022 04:18:20 GMT
Etag: "562bfa8688eba658bf77c7e51ef2e5a720b7b86d"
Cache-Control: max-age=601365,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 101
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772b39f00d27b4fd-OSL
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 2593cb02d9bd7fabc76b888dd911443f
8b247bdf31ef609655378c045f511b295fdf2379
136db57970f20122ce1fcd00705c25bee7cae338a280e7659febe20327f613d4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 30 Nov 2022 21:53:27 GMT
Expires: Thu, 01 Dec 2022 21:53:27 GMT
ETag: "8b247bdf31ef609655378c045f511b295fdf2379"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F7C8588636203A7A802AE039C&crf=1
188.42.34.65200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F7C8588636203A7A802AE039C&crf=1
IP 188.42.34.65:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=0100007F7C8588636203A7A802AE039C&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 01 Dec 2023 10:44:13 GMT; Path=/; Domain=.betweendigital.com
tuuid=98e3e9c8-9f48-524f-b5f2-812cd67a0451; Max-Age=31536000; Expires=Fri, 01 Dec 2023 10:44:13 GMT; Path=/; Domain=.betweendigital.com
ut=Y4iFfQAIZHAEn1-ueF4QQRz8C-qnLJu5iXuU8A==; Max-Age=31536000; Expires=Fri, 01 Dec 2023 10:44:13 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1b702d2e6f674c26bef3dd6806facd71
7ac09a72c217fad3bdf3121a8790ec609fda4aa9
e15b9d19e052b462e8ce497404cdfc5bb46ef4dfeb2efc5880056acbac0e3ce8
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3723
Cache-Control: max-age=131088
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 10:44:13 GMT
Etag: "6387d402-1d7"
Expires: Fri, 02 Dec 2022 23:09:01 GMT
Last-Modified: Wed, 30 Nov 2022 22:06:58 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 94761464ba8a8f704548cecc2ce63423
38d09e0ce1f8bcf76c31c1f27bc823e8453c6d85
51c92436ab7e9890dba871ca7f0d0eb6e4b3fc1ae9217e30ba9960eaa7e5c735
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 14:18:43 GMT
Expires: Tue, 06 Dec 2022 14:18:42 GMT
Etag: "38d09e0ce1f8bcf76c31c1f27bc823e8453c6d85"
Cache-Control: max-age=444268,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772b39efffa90b3d-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash be6badb6f4ade780bc9769957f7f7ccb
66ca89a6503a6b2c722ec1f0bb58c6763d7b95b7
f2d7bcfb4b70716ad305703abb9cacf4c5e2cde552c962e61cc6d75f15a9d84d
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 05 Dec 2022 06:48:49 GMT
ETag: "66ca89a6503a6b2c722ec1f0bb58c6763d7b95b7"
Last-Modified: Thu, 01 Dec 2022 06:48:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2228
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772b39f03e8fb509-OSL
ad.mail.ru/cm.gif?p=48&id=0100007F7C8588636203A7A802AE039C
95.163.41.56200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=0100007F7C8588636203A7A802AE039C
IP 95.163.41.56:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 10:44:13 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=1ZXPEe1O9ZIE0022kS0xWNoE:::0-0-0-8a2de3d:CAASEEPa4BSjzCpBIG-Zl5PJDjwaYLFXtaDGvJVkOBA4D4wmv_XR7CzaAvIZsv7u-1kZLcdc8eY3IwvbpJtAeBQ21va6X3Fnf6pQlcYaZB1BlR_jcsq-jTsqdQlnECpdWMj7Tgn5fBgEmvUPuAvnl4SMvdE34Q; path=/; expires=Sat, 02-Dec-23 10:44:13 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Thu, 01 Dec 2022 16:44:13 GMT
cache-control: max-age=21600
last-modified: Thu, 01 Dec 2022 10:44:13 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 0f71b407d0a62ed7d45866fde570a8eb
077aa08eacafb82d1f6d4efdd0959451939a0234
244f6e9e5b08a961d7971172637a9013be3e95acd011ce5e89b48a3178470716
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 05 Dec 2022 07:57:34 GMT
ETag: "077aa08eacafb82d1f6d4efdd0959451939a0234"
Last-Modified: Thu, 01 Dec 2022 07:57:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 624
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772b39f04999b529-OSL
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
35.190.24.218302 Found 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
IP 35.190.24.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Weborama Collect Frontend
date: Thu, 01 Dec 2022 10:44:12 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=4153551568
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Thu, 01 Dec 2022 10:44:13 GMT
set-cookie: AFFICHE_W=2WVqqADevVfZ88; expires=Fri, 29 Dec 2023 10:44:13 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 342a40dfdf02e2855bec281be0af6815
0b68216f54d6d466b28b0c581ff1fc578fa03ebb
0bc2a54f29c9c093d34ad80e3af901ce4af85c877381cb84a6f8fd604875b898
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BC2A54F29C9C093D34AD80E3AF901CE4AF85C877381CB84A6F8FD604875B898"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2083
Expires: Thu, 01 Dec 2022 11:18:56 GMT
Date: Thu, 01 Dec 2022 10:44:13 GMT
Connection: keep-alive
sape-sync.rutarget.ru/sync
178.170.196.9302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP 178.170.196.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=ODYhUJecfk6C
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=ODYhUJecfk6C; Path=/; Domain=.rutarget.ru; Expires=Tue, 30 May 2023 10:44:13 GMT; SameSite=None; Secure
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
77.245.57.72200 OK 0 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Length: 0
Connection: close
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=4153551568
35.190.24.218204 No Content 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=4153551568
IP 35.190.24.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=4153551568 HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Weborama Collect Frontend
date: Thu, 01 Dec 2022 10:44:12 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Thu, 01 Dec 2022 10:44:13 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=0100007F7C8588636203A7A802AE039C
89.108.119.28302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=0100007F7C8588636203A7A802AE039C
IP 89.108.119.28:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 01 Dec 2022 10:44:13 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=0100007F7C8588636203A7A802AE039C&bounce=1
expires: Thu, 01 Dec 2022 10:44:12 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Thu, 01 Dec 2022 10:44:12 GMT
set-cookie: __upin=xyZMpbJME+hlBX2uMfqLhA;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1669891453;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
sm.rtb.mts.ru/p?ssp=sape&id=0100007F7C8588636203A7A802AE039C
217.66.147.33301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=0100007F7C8588636203A7A802AE039C
IP 217.66.147.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F7C8588636203A7A802AE039C
Set-Cookie: dspid=5fcff9e4-08b5-43a4-aebe-502f26e93f81; expires=Wed, 22 Nov 2023 10:44:13 GMT; domain=.mts.ru; path=/; secure; SameSite=None
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5911567351
195.209.108.36302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5911567351
IP 195.209.108.36:0
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5911567351 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Sat, 30 Nov 2024 10:44:13 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
www.acint.net/match?dp=104&euid=ODYhUJecfk6C
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=ODYhUJecfk6C
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=ODYhUJecfk6C HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOIhXyopwNinAPyAtX9Iq/Ea+V2QD+TFcsW/ovj6EXq; cSyncDp7v2=1669891452; cSyncDp14v3=1669891452; cSyncDp17=1669891452; cSyncDp32=1669891452; cSyncDp45v3=1669891452; cSyncDp53=1669891452; cSyncDp54v2=1669891452; cSyncDp62=1669891452; cSyncDp67v2=1669891452; cSyncDp68=1669891452; cSyncDp71=1669891452; cSyncDp77=1669891452; cSyncDp84=1669891452; cSyncDp85=1669891452; cSyncDp95v3=1669891452; cSyncDp101=1669891452; cSyncDp104v2=1669891452; cSyncDp107=1669891452; cSyncDp110=1669891452; cSyncDp111v2=1669891452; cSyncDp112v2=1669891452; cSyncDp125v2=1669891452; cSyncDp126=1669891452; cSyncDp127=1669891452; cSyncDp129=1669891452; cSyncDp136v2=1669891452; cSyncDp138=1669891452; cSyncDp146=1669891452; cSyncDp148=1669891452; cSyncDp149v2=1669891452; cSyncDp151=1669891452; cSyncDp178=1669891452; cSyncDp179=1669891452; cSyncDp186=1669891452; cSyncDp221=1669891452
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 01 Dec 2022 10:44:13 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=0100007F7C8588636203A7A802AE039C
193.232.148.145302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0100007F7C8588636203A7A802AE039C
IP 193.232.148.145:0
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 01 Dec 2022 10:44:13 GMT
content-length: 0
x-backend-id: f6-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=B075cQfkkH.AikABlGEzUlyXA;Path=/;Domain=.adhigh.net;Expires=Fri, 01-Dec-2023 10:44:13 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=0100007F7C8588636203A7A802AE039C&bounced=1
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 2593cb02d9bd7fabc76b888dd911443f
8b247bdf31ef609655378c045f511b295fdf2379
136db57970f20122ce1fcd00705c25bee7cae338a280e7659febe20327f613d4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 30 Nov 2022 21:53:27 GMT
Expires: Thu, 01 Dec 2022 21:53:27 GMT
ETag: "8b247bdf31ef609655378c045f511b295fdf2379"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
x01.aidata.io/0.gif?pid=9401454&id=0100007F7C8588636203A7A802AE039C&bounce=1
89.108.119.28204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=0100007F7C8588636203A7A802AE039C&bounce=1
IP 89.108.119.28:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=0100007F7C8588636203A7A802AE039C&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 01 Dec 2022 10:44:13 GMT
expires: Thu, 01 Dec 2022 10:44:12 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Thu, 01 Dec 2022 10:44:12 GMT
set-cookie: __upin=43zp0A5APexnc8CW3J33Dw;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1669891453;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
193.3.184.137302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP 193.3.184.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOIhXyopwNinAPyAtX9Iq/Ea+V2QD+TFcsW/ovj6EXq; cSyncDp7v2=1669891452; cSyncDp14v3=1669891452; cSyncDp17=1669891452; cSyncDp32=1669891452; cSyncDp45v3=1669891452; cSyncDp53=1669891452; cSyncDp54v2=1669891452; cSyncDp62=1669891452; cSyncDp67v2=1669891452; cSyncDp68=1669891452; cSyncDp71=1669891452; cSyncDp77=1669891452; cSyncDp84=1669891452; cSyncDp85=1669891452; cSyncDp95v3=1669891452; cSyncDp101=1669891452; cSyncDp104v2=1669891452; cSyncDp107=1669891452; cSyncDp110=1669891452; cSyncDp111v2=1669891452; cSyncDp112v2=1669891452; cSyncDp125v2=1669891452; cSyncDp126=1669891452; cSyncDp127=1669891452; cSyncDp129=1669891452; cSyncDp136v2=1669891452; cSyncDp138=1669891452; cSyncDp146=1669891452; cSyncDp148=1669891452; cSyncDp149v2=1669891452; cSyncDp151=1669891452; cSyncDp178=1669891452; cSyncDp179=1669891452; cSyncDp186=1669891452; cSyncDp221=1669891452
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 01 Dec 2022 10:44:13 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F7C8588636203A7A802F2039C
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F7C8588636203A7A802AE039C
217.66.147.33200 OK 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F7C8588636203A7A802AE039C
IP 217.66.147.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=30&exu=0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F7C8588636203A7A802F2039C
81.222.128.214200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F7C8588636203A7A802F2039C
IP 81.222.128.214:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F7C8588636203A7A802F2039C HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 10:44:13 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
px.adhigh.net/p/cm/sape?u=0100007F7C8588636203A7A802AE039C&bounced=1
193.232.148.145200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0100007F7C8588636203A7A802AE039C&bounced=1
IP 193.232.148.145:0
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=0100007F7C8588636203A7A802AE039C&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 10:44:13 GMT
content-type: image/gif
content-length: 49
x-backend-id: f6-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10072
Expires: Thu, 01 Dec 2022 13:32:05 GMT
Date: Thu, 01 Dec 2022 10:44:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10072
Expires: Thu, 01 Dec 2022 13:32:05 GMT
Date: Thu, 01 Dec 2022 10:44:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10072
Expires: Thu, 01 Dec 2022 13:32:05 GMT
Date: Thu, 01 Dec 2022 10:44:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10072
Expires: Thu, 01 Dec 2022 13:32:05 GMT
Date: Thu, 01 Dec 2022 10:44:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gsn5uUFEzDZDOMPTvW9UQxtccvRfJKUM4eJ8U99jvUGzNIKkF9SzeA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:20 GMT
age: 46493
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 46720
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 04:29:19 GMT
age: 22494
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash acffcb88ce68b2d70c9c046a7b5a4aa8
cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1
692d782ac1d812de6dadbcfe46034b6b5d8bbd586e56beedd96dc4d65445dd4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12035
x-amzn-requestid: eef7d417-c6ca-4e3f-ac00-1425f3d5c4a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0TSGHDIAMF_jA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdae-467c79a805dfb5622687f628;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:39:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: haFJ2LZecbT4HRbkvcaZxR4SAIx5cGxNyghKiDOJVX6xDkPwzc2wNQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:34 GMT
age: 46719
etag: "cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/0100007F7C8588636203A7A802AE039C?redir-setuniq=1
93.158.134.90200 OK 4.2 kB URL HTTP/2 an.yandex.ru/mapuid/sapeis/0100007F7C8588636203A7A802AE039C?redir-setuniq=1
IP 93.158.134.90:0
Hash e3bd799a8005e97a905128de29285a0c
3777609e9daffec9ddc58b0429c24b5f734a6a1b
ac2f943bcd06e8e1fff16ddba404a1cb911734f22f37a6e92add0eee1169c26a
GET /mapuid/sapeis/0100007F7C8588636203A7A802AE039C?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Thu, 01 Dec 2022 10:44:13 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01 Dec 2022 10:44:13 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 01 Dec 2022 10:44:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7SqHjYIAMF8xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 13:21:34 GMT
age: 76959
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
5.200.43.131302 Found 472 B URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP 5.200.43.131:0
ASN #48096 Enterprise Cloud Ltd.
Hash 234a4a3c9c97d9e0e2cf3ad636b261a2
c86bd7e17dadc388154f74cb8cf8428afb2e5cd1
03c44be1aeb057ccc44b023524358f834522f123189eafdc01a9d5e06b16e225
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=e1851913e1744eb182571a971338ad61
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=e1851913e1744eb182571a971338ad61; expires=Thu, 30 Nov 2023 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Thu, 01 Dec 2022 10:44:12 GMT
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
188.42.34.65302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP 188.42.34.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 01 Dec 2023 10:44:13 GMT; Path=/; Domain=.betweendigital.com
tuuid=5b1c4c50-9fc3-524f-b645-7594d5cdf0e9; Max-Age=31536000; Expires=Fri, 01 Dec 2023 10:44:13 GMT; Path=/; Domain=.betweendigital.com
ut=Y4iFfQAJK6h5Y6mKMGA-Eyub2Zyic4Vnz3iloA==; Max-Age=31536000; Expires=Fri, 01 Dec 2023 10:44:13 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
188.42.34.65200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.34.65:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 01 Dec 2023 10:44:14 GMT; Path=/; Domain=.betweendigital.com
tuuid=dd6d39da-1ca8-524f-be9a-8a03dd120f7d; Max-Age=31536000; Expires=Fri, 01 Dec 2023 10:44:14 GMT; Path=/; Domain=.betweendigital.com
ut=Y4iFfgABZ2Ai1Q13dUvBEzI3Oh_4OD1nO7e_nw==; Max-Age=31536000; Expires=Fri, 01 Dec 2023 10:44:14 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
tag.digitaltarget.ru/adcm.js
185.15.175.130200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP 185.15.175.130:0
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 10:44:14 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Thu, 01 Dec 2022 10:34:18 GMT
Connection: keep-alive
ETag: "6388832a-beb"
Accept-Ranges: bytes
www.acint.net/ping/?v=0.4.0&uid=987601f5-3a4c-4fe1-8ac6-36ede2fe0c5e&dp=10&tz=%2B00%3A00&nc=28535154&dT=2022-12-01T10%3A44%3A13.848
193.3.184.137302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/ping/?v=0.4.0&uid=987601f5-3a4c-4fe1-8ac6-36ede2fe0c5e&dp=10&tz=%2B00%3A00&nc=28535154&dT=2022-12-01T10%3A44%3A13.848
IP 193.3.184.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ping/?v=0.4.0&uid=987601f5-3a4c-4fe1-8ac6-36ede2fe0c5e&dp=10&tz=%2B00%3A00&nc=28535154&dT=2022-12-01T10%3A44%3A13.848 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://latvia4.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 01 Dec 2022 10:44:15 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/ping/?v=0.4.0&uid=987601f5-3a4c-4fe1-8ac6-36ede2fe0c5e&dp=10&tz=%2B00%3A00&nc=28535154&dT=2022-12-01T10%3A44%3A13.848
www.acint.net/ping/?v=0.4.0&uid=987601f5-3a4c-4fe1-8ac6-36ede2fe0c5e&dp=10&tz=%2B00%3A00&nc=28535154&dT=2022-12-01T10%3A44%3A13.848
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.4.0&uid=987601f5-3a4c-4fe1-8ac6-36ede2fe0c5e&dp=10&tz=%2B00%3A00&nc=28535154&dT=2022-12-01T10%3A44%3A13.848
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.4.0&uid=987601f5-3a4c-4fe1-8ac6-36ede2fe0c5e&dp=10&tz=%2B00%3A00&nc=28535154&dT=2022-12-01T10%3A44%3A13.848 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://latvia4.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOIhXyopwNinAPyAtX9Iq/Ea+V2QD+TFcsW/ovj6EXq; cSyncDp7v2=1669891452; cSyncDp14v3=1669891452; cSyncDp17=1669891452; cSyncDp32=1669891452; cSyncDp45v3=1669891452; cSyncDp53=1669891452; cSyncDp54v2=1669891452; cSyncDp62=1669891452; cSyncDp67v2=1669891452; cSyncDp68=1669891452; cSyncDp71=1669891452; cSyncDp77=1669891452; cSyncDp84=1669891452; cSyncDp85=1669891452; cSyncDp95v3=1669891452; cSyncDp101=1669891452; cSyncDp104v2=1669891452; cSyncDp107=1669891452; cSyncDp110=1669891452; cSyncDp111v2=1669891452; cSyncDp112v2=1669891452; cSyncDp125v2=1669891452; cSyncDp126=1669891452; cSyncDp127=1669891452; cSyncDp129=1669891452; cSyncDp136v2=1669891452; cSyncDp138=1669891452; cSyncDp146=1669891452; cSyncDp148=1669891452; cSyncDp149v2=1669891452; cSyncDp151=1669891452; cSyncDp178=1669891452; cSyncDp179=1669891452; cSyncDp186=1669891452; cSyncDp221=1669891452
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 01 Dec 2022 10:44:15 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
tag.digitaltarget.ru/processor.js?i=666426298963278
185.15.175.130200 OK 16 kB URL HTTP/1.1 tag.digitaltarget.ru/processor.js?i=666426298963278
IP 185.15.175.130:0
File type ASCII text, with very long lines (15897), with no line terminators
Hash c9571a7ce0a22f154c74bdc8e35523e0
101feba577e71fc076ea5bf3f4af08b5d3fe988d
51cf59da6b7e03337540ee3ab9f8e135ff2ead958475c1bacc8683df57823fb0
GET /processor.js?i=666426298963278 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 10:44:15 GMT
Content-Type: application/javascript
Content-Length: 15897
Last-Modified: Thu, 01 Dec 2022 10:34:19 GMT
Connection: keep-alive
ETag: "6388832b-3e19"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ee5415c1cb989c2bec53f15dd7dad91c
433bc8f85b6266d168dee0bf62a698946edd75ce
3e4f85c376a23536751f707fb6c73d81628081a3d31cbad6b541d58395735988
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E4F85C376A23536751F707FB6C73D81628081A3D31CBAD6B541D58395735988"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19291
Expires: Thu, 01 Dec 2022 16:05:47 GMT
Date: Thu, 01 Dec 2022 10:44:16 GMT
Connection: keep-alive
dmg.digitaltarget.ru/1/1093/i/i?i=180553142612002.610815132411521&a=77&e=0100007F7C8588636203A7A802AE039C&pref=http%3A%2F%2Flatvia4.ru%2F&c=ss:77.up:0100007F7C8588636203A7A802AE039C.sync:up.xdua:duEboW8u_Egbpy6I1TdEbQE8.xps:xpsEb0cZTuRX2bMFChwd2VqrX.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.146307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=180553142612002.610815132411521&a=77&e=0100007F7C8588636203A7A802AE039C&pref=http%3A%2F%2Flatvia4.ru%2F&c=ss:77.up:0100007F7C8588636203A7A802AE039C.sync:up.xdua:duEboW8u_Egbpy6I1TdEbQE8.xps:xpsEb0cZTuRX2bMFChwd2VqrX.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=180553142612002.610815132411521&a=77&e=0100007F7C8588636203A7A802AE039C&pref=http%3A%2F%2Flatvia4.ru%2F&c=ss:77.up:0100007F7C8588636203A7A802AE039C.sync:up.xdua:duEboW8u_Egbpy6I1TdEbQE8.xps:xpsEb0cZTuRX2bMFChwd2VqrX.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 01 Dec 2022 10:44:16 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669891456259&i=180553142612002.610815132411521&a=77&e=0100007F7C8588636203A7A802AE039C&pref=http%3A%2F%2Flatvia4.ru%2F&c=ss:77.up:0100007F7C8588636203A7A802AE039C.sync:up.xdua:duEboW8u_Egbpy6I1TdEbQE8.xps:xpsEb0cZTuRX2bMFChwd2VqrX.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=qlNehRgcb4Hugic75USg; Max-Age=93312000; Expires=Sat, 15 Nov 2025 10:44:16 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/1/1093/i/i?i=180553142612002.104283138287419&a=77&e=0100007F7C8588636203A7A802AE039C&pref=http%3A%2F%2Flatvia4.ru%2F&c=ss:77.up:0100007F7C8588636203A7A802AE039C.sync:up.xdua:duEboW8u_Egbpy6I1TdEbQE8.xps:xpsEb0cZTuRX2bMFChwd2VqrX.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.146307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=180553142612002.104283138287419&a=77&e=0100007F7C8588636203A7A802AE039C&pref=http%3A%2F%2Flatvia4.ru%2F&c=ss:77.up:0100007F7C8588636203A7A802AE039C.sync:up.xdua:duEboW8u_Egbpy6I1TdEbQE8.xps:xpsEb0cZTuRX2bMFChwd2VqrX.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=180553142612002.104283138287419&a=77&e=0100007F7C8588636203A7A802AE039C&pref=http%3A%2F%2Flatvia4.ru%2F&c=ss:77.up:0100007F7C8588636203A7A802AE039C.sync:up.xdua:duEboW8u_Egbpy6I1TdEbQE8.xps:xpsEb0cZTuRX2bMFChwd2VqrX.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 01 Dec 2022 10:44:16 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669891456256&i=180553142612002.104283138287419&a=77&e=0100007F7C8588636203A7A802AE039C&pref=http%3A%2F%2Flatvia4.ru%2F&c=ss:77.up:0100007F7C8588636203A7A802AE039C.sync:up.xdua:duEboW8u_Egbpy6I1TdEbQE8.xps:xpsEb0cZTuRX2bMFChwd2VqrX.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=QRhk3e9c4-stJk57Xh1u; Max-Age=93312000; Expires=Sat, 15 Nov 2025 10:44:16 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669891456259&i=180553142612002.610815132411521&a=77&e=0100007F7C8588636203A7A802AE039C&pref=http%3A%2F%2Flatvia4.ru%2F&c=ss:77.up:0100007F7C8588636203A7A802AE039C.sync:up.xdua:duEboW8u_Egbpy6I1TdEbQE8.xps:xpsEb0cZTuRX2bMFChwd2VqrX.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.146200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669891456259&i=180553142612002.610815132411521&a=77&e=0100007F7C8588636203A7A802AE039C&pref=http%3A%2F%2Flatvia4.ru%2F&c=ss:77.up:0100007F7C8588636203A7A802AE039C.sync:up.xdua:duEboW8u_Egbpy6I1TdEbQE8.xps:xpsEb0cZTuRX2bMFChwd2VqrX.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1669891456259&i=180553142612002.610815132411521&a=77&e=0100007F7C8588636203A7A802AE039C&pref=http%3A%2F%2Flatvia4.ru%2F&c=ss:77.up:0100007F7C8588636203A7A802AE039C.sync:up.xdua:duEboW8u_Egbpy6I1TdEbQE8.xps:xpsEb0cZTuRX2bMFChwd2VqrX.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 10:44:16 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 3
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669891456256&i=180553142612002.104283138287419&a=77&e=0100007F7C8588636203A7A802AE039C&pref=http%3A%2F%2Flatvia4.ru%2F&c=ss:77.up:0100007F7C8588636203A7A802AE039C.sync:up.xdua:duEboW8u_Egbpy6I1TdEbQE8.xps:xpsEb0cZTuRX2bMFChwd2VqrX.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.146200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669891456256&i=180553142612002.104283138287419&a=77&e=0100007F7C8588636203A7A802AE039C&pref=http%3A%2F%2Flatvia4.ru%2F&c=ss:77.up:0100007F7C8588636203A7A802AE039C.sync:up.xdua:duEboW8u_Egbpy6I1TdEbQE8.xps:xpsEb0cZTuRX2bMFChwd2VqrX.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1669891456256&i=180553142612002.104283138287419&a=77&e=0100007F7C8588636203A7A802AE039C&pref=http%3A%2F%2Flatvia4.ru%2F&c=ss:77.up:0100007F7C8588636203A7A802AE039C.sync:up.xdua:duEboW8u_Egbpy6I1TdEbQE8.xps:xpsEb0cZTuRX2bMFChwd2VqrX.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 10:44:16 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 6
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabcce497-e838-40ff-ab98-af5f631b766f.jpeg
34.120.237.76200 OK 2.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabcce497-e838-40ff-ab98-af5f631b766f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5469e846da1e0f21cfc480f56a656a6
b3eaec75f854d22cd1dcd6aa42e37f6d0df50036
d5701207a8b6b358359ebfd85a6916af7a3abf79acba235bf7d4131b0bc2e9b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabcce497-e838-40ff-ab98-af5f631b766f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 2382
x-amzn-requestid: 94ae079e-ec35-4e9c-aa30-33be1137c477
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTRYNHPeIAMFncg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6384629a-386ca2063c3991d4749e18cf;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 07:26:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6hcyQXOxk36UdAHQkayqoUCfBxaKkDk407cfakceLUQBX4PlYwd5tg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 12:36:46 GMT
age: 79654
etag: "b3eaec75f854d22cd1dcd6aa42e37f6d0df50036"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10&tc=1
193.3.184.137200 OK 0 B URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP 193.3.184.137:0
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://latvia4.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOIhXyopwNinAOuAmkE/+hiBtTBxpdCZDVZroYFi6AI
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 01 Dec 2022 10:44:12 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1669891452; expires=Fri, 02-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp54v2=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp77=1669891452; expires=Thu, 15-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp84=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1669891452; expires=Thu, 15-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp111v2=1669891452; expires=Thu, 15-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp112v2=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v2=1669891452; expires=Fri, 16-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp138=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp179=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1669891452; expires=Sat, 31-Dec-22 10:44:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
65.108.236.88302 Found 0 B URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP 65.108.236.88:0
ASN #24940 Hetzner Online GmbH
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.23.0
date: Thu, 01 Dec 2022 10:44:12 GMT
x-request-id: 23c65825-98d6-46c7-9b91-099bf8f21b2c
set-cookie: bvuid=iaexcjm4e0; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=iaexcjm4e0; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=iaexcjm4e0
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/0100007F7C8588636203A7A802AE039C
93.158.134.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/0100007F7C8588636203A7A802AE039C
IP 93.158.134.90:0
GET /mapuid/sapeis/0100007F7C8588636203A7A802AE039C HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/0100007F7C8588636203A7A802AE039C?redir-setuniq=1
date: Thu, 01 Dec 2022 10:44:13 GMT
set-cookie: yandexuid=4144725931669891453; domain=.yandex.ru; path=/; expires=Sun, 28-Nov-2032 10:44:13 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01 Dec 2022 10:44:13 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 01 Dec 2022 10:44:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/NGFiZWQxNGE0YzBlNzdhYw
93.158.134.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/NGFiZWQxNGE0YzBlNzdhYw
IP 93.158.134.90:0
GET /mapuid/gonetdspis/NGFiZWQxNGE0YzBlNzdhYw HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/gonetdspis/NGFiZWQxNGE0YzBlNzdhYw?redir-setuniq=1
date: Thu, 01 Dec 2022 10:44:13 GMT
set-cookie: yandexuid=271267521669891453; domain=.yandex.ru; path=/; expires=Sun, 28-Nov-2032 10:44:13 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01 Dec 2022 10:44:13 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 01 Dec 2022 10:44:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/NGFiZWQxNGE0YzBlNzdhYw?redir-setuniq=1
93.158.134.90200 OK 0 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/NGFiZWQxNGE0YzBlNzdhYw?redir-setuniq=1
IP 93.158.134.90:0
GET /mapuid/gonetdspis/NGFiZWQxNGE0YzBlNzdhYw?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Thu, 01 Dec 2022 10:44:13 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01 Dec 2022 10:44:13 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 01 Dec 2022 10:44:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2