rem-tv.net/stuff/16-1-0-5234
88.99.99.206302 Found 220 B URL HTTP/1.1 rem-tv.net/stuff/16-1-0-5234
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc97fd68ccadb10b2eea7bc8ce9e758d
983de1cf897a202a8038491488ae9d621903e8bc
c74c94a4b43a984a67924353b421ce895317816c9878ae8ce522b7e1f5e16d0e
Analyzer Verdict Alert fortinet Malware
GET /stuff/16-1-0-5234 HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 02 Feb 2023 16:11:28 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 220
Connection: keep-alive
X-Content-Type-Options: nosniff
Set-Cookie: antibot-hostia=true; path=/; domain=rem-tv.net; expires=Fri, 03-Feb-2023 16:11:28 GMT
Location: https://rem-tv.net/stuff/16-1-0-5234
Cache-Control: max-age=1209600
Expires: Thu, 16 Feb 2023 16:11:28 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12833
Expires: Thu, 02 Feb 2023 19:45:22 GMT
Date: Thu, 02 Feb 2023 16:11:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11292
Expires: Thu, 02 Feb 2023 19:19:41 GMT
Date: Thu, 02 Feb 2023 16:11:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 15:36:06 GMT
content-type: application/json
age: 2123
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4885
Expires: Thu, 02 Feb 2023 17:32:54 GMT
Date: Thu, 02 Feb 2023 16:11:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Q9uRIi9beeMoyY3gS/O2q0kau74U/9gwk7ZUBppZjyKaS2E6R7ZxgS5rVl/Bq7gp+/Fk+FIYTQdcJEpml+Kz/g==
x-amz-request-id: KPAM3BF9ZBKF37GY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 15:23:09 GMT
age: 2900
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0deff4b5d611b1744a1cfe45d9856339
28fba869f5c8ba338d1b8d6473a66d7f1db62c7f
8ce5acb637bb8b8cc2b23d4a5bc898860d53ebc2447fb2216ab67a2cbc66b3ee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8CE5ACB637BB8B8CC2B23D4A5BC898860D53EBC2447FB2216AB67A2CBC66B3EE"
Last-Modified: Wed, 01 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=768
Expires: Thu, 02 Feb 2023 16:24:17 GMT
Date: Thu, 02 Feb 2023 16:11:29 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:29 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 15:49:05 GMT
age: 1344
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15625
Expires: Thu, 02 Feb 2023 20:31:55 GMT
Date: Thu, 02 Feb 2023 16:11:30 GMT
Connection: keep-alive
push.services.mozilla.com/
52.41.156.90101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.156.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Vu6Hd8dIYFybAWBWeQ98Ww==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ztCvSjFVNEfnW9LYoKoXDsBAcZQ=
rem-tv.net/sites/default/files/css/css_VhHJ73m5Hd56ca3-7RFojD97LzpSFJUFopxXAHBw9PE.css
88.99.99.206200 OK 2.3 kB URL HTTP/2 rem-tv.net/sites/default/files/css/css_VhHJ73m5Hd56ca3-7RFojD97LzpSFJUFopxXAHBw9PE.css
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (3007)
Hash 9b9fcf44f9d4c6010eef9379cb69dac6
6a3cfca12f53ab65355ed5e8c68e3b7c4ca21174
f6a5bd2976671771e6b8fd8c1db42ea2b29e139a9d85e912593b03ed63742fba
GET /sites/default/files/css/css_VhHJ73m5Hd56ca3-7RFojD97LzpSFJUFopxXAHBw9PE.css HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: text/css
content-length: 2254
last-modified: Sat, 07 Jan 2023 11:25:28 GMT
vary: Accept-Encoding
content-encoding: gzip
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/css/css_mxbvRAV0_YoXwGCXbsQzCkegc1pXHICzfd8PPQD9YE4.css
88.99.99.206200 OK 2.6 kB URL HTTP/2 rem-tv.net/sites/default/files/css/css_mxbvRAV0_YoXwGCXbsQzCkegc1pXHICzfd8PPQD9YE4.css
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (14956)
Hash fdf8e7aecda2e0ea57fb9d4cab0445ad
d260ee76d5d7ae0c942af13eb3580e5e5ef4045c
74c47dbfc9c1e71684e44281bdfe3f31145a060add06514145a930191fbea109
GET /sites/default/files/css/css_mxbvRAV0_YoXwGCXbsQzCkegc1pXHICzfd8PPQD9YE4.css HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: text/css
content-length: 2605
last-modified: Sat, 07 Jan 2023 11:25:28 GMT
vary: Accept-Encoding
content-encoding: gzip
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/css/css_YwgBKXTHy8jzaXfC1r6qv6IlrmgWV3v1IfflwCc59bc.css
88.99.99.206200 OK 1.2 kB URL HTTP/2 rem-tv.net/sites/default/files/css/css_YwgBKXTHy8jzaXfC1r6qv6IlrmgWV3v1IfflwCc59bc.css
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1286)
Hash 30b12f2d220cbf379e8258b9d14dc70b
074a334d76a497a4a33f3cdd4eb4c077bb84cb3f
f2d034a56f00aadd0c032523ecb23182532d2c1e1c334b756688d191e2633833
GET /sites/default/files/css/css_YwgBKXTHy8jzaXfC1r6qv6IlrmgWV3v1IfflwCc59bc.css HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: text/css
content-length: 1203
last-modified: Sat, 07 Jan 2023 11:25:28 GMT
vary: Accept-Encoding
content-encoding: gzip
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/css/css_MW2dBBmDPitgGQoSjMH7UGhS_aAbxfnRJ2OP5_pDnyg.css
88.99.99.206200 OK 2.2 kB URL HTTP/2 rem-tv.net/sites/default/files/css/css_MW2dBBmDPitgGQoSjMH7UGhS_aAbxfnRJ2OP5_pDnyg.css
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type assembler source, ASCII text, with very long lines (3131)
Hash 837330862decc2ec415634c5012ea5a9
f21e1e3305ad640661f720f8b502821387dc746b
7f491dca8d3155664a9b91fcdce288c96125710e49df49bcd5c32c64bb0017a2
GET /sites/default/files/css/css_MW2dBBmDPitgGQoSjMH7UGhS_aAbxfnRJ2OP5_pDnyg.css HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: text/css
content-length: 2206
last-modified: Sat, 07 Jan 2023 11:25:28 GMT
vary: Accept-Encoding
content-encoding: gzip
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/css/css_YqLrL_oQODZdXsS9qvT_ptdG5CR_j4FeTneFEnmTACs.css
88.99.99.206200 OK 5.4 kB URL HTTP/2 rem-tv.net/sites/default/files/css/css_YqLrL_oQODZdXsS9qvT_ptdG5CR_j4FeTneFEnmTACs.css
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (22150)
Hash ce32b510d7d03dc34475697973d00e99
735132c18d48d2032ef2950f6b4aaf06d6b64967
f09764e50714b42a3c9aa73dcd87cc4c0002263f01919155738068de755085f5
GET /sites/default/files/css/css_YqLrL_oQODZdXsS9qvT_ptdG5CR_j4FeTneFEnmTACs.css HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: text/css
content-length: 5374
last-modified: Sat, 07 Jan 2023 11:25:26 GMT
vary: Accept-Encoding
content-encoding: gzip
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/css/css_NDTEdbeIjYYCdY2FAh7VR9vRX_G1BPIHDVwTc0YaUsc.css
88.99.99.206200 OK 5.4 kB URL HTTP/2 rem-tv.net/sites/default/files/css/css_NDTEdbeIjYYCdY2FAh7VR9vRX_G1BPIHDVwTc0YaUsc.css
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (24251)
Hash 4ba64493ccf7bdbbcb06e536a1e1fa5c
2985e4b3331f5d2bbb573dcff2f759f3b589dc35
6b8a01a37208dd4f3a968d52fe67d9f24f80a864da8f547e94c944356ff2807e
GET /sites/default/files/css/css_NDTEdbeIjYYCdY2FAh7VR9vRX_G1BPIHDVwTc0YaUsc.css HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: text/css
content-length: 5380
last-modified: Thu, 02 Feb 2023 15:09:56 GMT
vary: Accept-Encoding
content-encoding: gzip
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 943cd391edbe689ff602ee277fb042eb
64cd72bde2fe397324233fb30598220bcb3b2763
db648205a10a4c4cf4beec24da828042ea44a3980e8fadc5d3667ffe88428b05
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5674
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:30 GMT
Last-Modified: Thu, 02 Feb 2023 14:36:56 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 943cd391edbe689ff602ee277fb042eb
64cd72bde2fe397324233fb30598220bcb3b2763
db648205a10a4c4cf4beec24da828042ea44a3980e8fadc5d3667ffe88428b05
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4059
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:30 GMT
Last-Modified: Thu, 02 Feb 2023 15:03:51 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
rem-tv.net/sites/default/files/js/js_mtE_CiJIVDoy_n2wdXYELT64685ZYZG8v65WLxPN848.js
88.99.99.206200 OK 40 kB URL HTTP/2 rem-tv.net/sites/default/files/js/js_mtE_CiJIVDoy_n2wdXYELT64685ZYZG8v65WLxPN848.js
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (820)
Hash 0a7ff329143e80e923db8dd85321ead1
365c2db321562ac45baa1b8f411dc93920719d5a
34861a25d81f39d87370c10fe1b7cd7bf6806459dfa67fcad3bbd7eb85360b41
GET /sites/default/files/js/js_mtE_CiJIVDoy_n2wdXYELT64685ZYZG8v65WLxPN848.js HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: application/javascript
content-length: 40404
last-modified: Sat, 07 Jan 2023 11:25:28 GMT
vary: Accept-Encoding
content-encoding: gzip
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/js/js_tLe1gpnTFeyiOF-VJx2Q4dp6FakeubPOhD3BQ76sZEU.js
88.99.99.206200 OK 7.7 kB URL HTTP/2 rem-tv.net/sites/default/files/js/js_tLe1gpnTFeyiOF-VJx2Q4dp6FakeubPOhD3BQ76sZEU.js
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (641)
Hash dfe019270343f2326b51e4655bee5c43
c456fc9318dfae985b4bedd9eeeb529b0cedc58a
ffca3d87d277701f695e86e0d19adcafa56c71cb5545f9961f33cf3bbcb641e5
GET /sites/default/files/js/js_tLe1gpnTFeyiOF-VJx2Q4dp6FakeubPOhD3BQ76sZEU.js HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: application/javascript
content-length: 7709
last-modified: Sat, 07 Jan 2023 11:25:28 GMT
vary: Accept-Encoding
content-encoding: gzip
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/js/js_COMsmDyrY9mzVU28X2uGvF4Ba3vd5eTo5xEO7dvCUZM.js
88.99.99.206200 OK 233 B URL HTTP/2 rem-tv.net/sites/default/files/js/js_COMsmDyrY9mzVU28X2uGvF4Ba3vd5eTo5xEO7dvCUZM.js
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
Hash 4aa1f193a9d896cfb5bfbfab98875f87
bf6aaf092a8582508713870a1c75401a6134ee48
ef3961b3cc15e080038a2383f49f4108aeac7bfbc300499f57d41e16e2bedfb4
GET /sites/default/files/js/js_COMsmDyrY9mzVU28X2uGvF4Ba3vd5eTo5xEO7dvCUZM.js HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: application/javascript
content-length: 233
last-modified: Sat, 07 Jan 2023 11:25:28 GMT
vary: Accept-Encoding
content-encoding: gzip
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/js/js_rSnT9jQ6B5BYFBKr92YMg4FYis7POpFKatXdn5AJ0sw.js
88.99.99.206200 OK 13 kB URL HTTP/2 rem-tv.net/sites/default/files/js/js_rSnT9jQ6B5BYFBKr92YMg4FYis7POpFKatXdn5AJ0sw.js
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (11888)
Hash cf31c326eccb7d89e8d804b35544f8a1
935e0f76f87b769f5f1a94f0842004d598f484e7
a12f1b3a7dc114124d5f5e5545ea580808172b0d11f4919d1b10ac03dc73be7b
GET /sites/default/files/js/js_rSnT9jQ6B5BYFBKr92YMg4FYis7POpFKatXdn5AJ0sw.js HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: application/javascript
content-length: 12950
last-modified: Sat, 07 Jan 2023 11:27:47 GMT
vary: Accept-Encoding
content-encoding: gzip
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/js/js_VWH0Wca5mS3MP7PG27hMVRZZebZR1H3RwaYkzic_9XY.js
88.99.99.206200 OK 9.2 kB URL HTTP/2 rem-tv.net/sites/default/files/js/js_VWH0Wca5mS3MP7PG27hMVRZZebZR1H3RwaYkzic_9XY.js
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (14871)
Hash e5ae8d6ee282691a8d8cb63c2030c6a5
892e87e4b9b3faca55d57bc2d0503a5bd17bf39f
8a0d26307b9a25214524f7ae153728c837ad0c4a1099b0dbaa8c1aeb164ad62f
GET /sites/default/files/js/js_VWH0Wca5mS3MP7PG27hMVRZZebZR1H3RwaYkzic_9XY.js HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: application/javascript
content-length: 9179
last-modified: Sat, 07 Jan 2023 11:25:28 GMT
vary: Accept-Encoding
content-encoding: gzip
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/js/js_iYsPpB3B-cWPXOZpHqdoSUudh3OYEXD053YZrYvXrws.js
88.99.99.206200 OK 366 B URL HTTP/2 rem-tv.net/sites/default/files/js/js_iYsPpB3B-cWPXOZpHqdoSUudh3OYEXD053YZrYvXrws.js
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
Hash ab29723acf7c057dabeb59b9ae85fc47
1f3408d46f3cc1814e10ac20ed2765ed92a0f546
2fca5d5dd46a38a100fb286239729cac559e16781e5b6f13b225b792838516ab
GET /sites/default/files/js/js_iYsPpB3B-cWPXOZpHqdoSUudh3OYEXD053YZrYvXrws.js HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: application/javascript
content-length: 366
last-modified: Sat, 07 Jan 2023 11:25:26 GMT
vary: Accept-Encoding
content-encoding: gzip
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
X-Firefox-Spdy: h2
rem-tv.net/sites/all/themes/fix/script/pubads.ads.js
88.99.99.206200 OK 18 B URL HTTP/2 rem-tv.net/sites/all/themes/fix/script/pubads.ads.js
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 4b8a3a3cee481368c865f50cdb63083f
f0dbc5cdf3a59279f39cd2ef8814b74a4307931f
2b39479832b314bea73445dc15b0719f4438cc5a8ec7611edc4479f521f21214
GET /sites/all/themes/fix/script/pubads.ads.js HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: application/javascript
content-length: 18
last-modified: Fri, 17 Sep 2021 10:52:02 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
jsc.mgid.com/r/e/rem-tv.net.906195.js
104.19.135.78200 OK 1.2 kB URL HTTP/2 jsc.mgid.com/r/e/rem-tv.net.906195.js
IP 104.19.135.78:0
File type ASCII text, with very long lines (2648), with no line terminators
Hash c3e1525beb1854aa6bcd69d1bb3e87c7
97b63971432c00f37c5037637fadc91a97cc5c40
6125e5a285f508c643e92fd319d932b50fc41cbebb27160896fd5e483bf01e49
GET /r/e/rem-tv.net.906195.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=2649
etag: W/"7137f69adfaa30407bdacf16e25cfdf9"
last-modified: Wed, 18 Jan 2023 10:10:55 GMT
x-amz-id-2: DEG/Xbgo0Sf/QEISAFlLRBUGykoWVZsxGJNEFRfT8yuhD5biz8erxRWGpb/JDfphXi77r9LaC88=
x-amz-request-id: Z7R96QZ1HKNPPWKF
x-amz-version-id: 0JPL4ecVBfUpuN9IX7kCy7qxKCw67KWM
cf-cache-status: HIT
expires: Thu, 02 Feb 2023 19:11:30 GMT
cache-control: public, max-age=10800
set-cookie: __cf_bm=ynxyR7L_zrBo33V6yuyc94MJTpyUpOtnNmcC26HYscM-1675354290-0-AT36bc41VEZsbQIT4wLmy3qGpdL6a05PwUMHRU3/pt2RGFiTwkpEM8skZon6WUWFnJB7PkCAkcPAzZzsVphMbRI=; path=/; expires=Thu, 02-Feb-23 16:41:30 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 793433fd2cd5fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rem-tv.net/dizain/arhiv.png
88.99.99.206200 OK 827 B URL HTTP/2 rem-tv.net/dizain/arhiv.png
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 2621796f6b0090919a4310a4934c45a3
c6de2263cd928c5cff39a6e7981c12f4c092716c
ea4f5e3cb3756167b6928b739d7a2e8ab3225f97af33b92f4f957deadbe442b6
GET /dizain/arhiv.png HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/png
content-length: 827
last-modified: Wed, 17 Jun 2020 15:20:38 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/dizain/data.png
88.99.99.206200 OK 655 B URL HTTP/2 rem-tv.net/dizain/data.png
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 1c0c5489912c03f29e91c10fdfed8ee5
f6a943e494051ad0b71d172021181d04524be767
19c6be63b3166e37d5ffa3e2e61b6f0b141d1ad33dc2bc07c1325d7cac2b0a35
GET /dizain/data.png HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/png
content-length: 655
last-modified: Wed, 17 Jun 2020 15:20:39 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/dizain/avtor.png
88.99.99.206200 OK 835 B URL HTTP/2 rem-tv.net/dizain/avtor.png
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b8292cb8b48acf6f588f5954c265f27
c43e7e7801b2643f5b321f28029120874fb23d4b
c78246e00b89b8ca2125769e41c0fea9a5f05956da0aa83c6cb38a8e0500d617
GET /dizain/avtor.png HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/png
content-length: 835
last-modified: Wed, 17 Jun 2020 15:20:38 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/dizain/oko.png
88.99.99.206200 OK 837 B URL HTTP/2 rem-tv.net/dizain/oko.png
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 17 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 596c0efbf35bd95fcc2befc2e03fe083
ba39f33604ece1f5798c2a19eb52c1a3cc4fd658
ad96f679b144876b518a4d7f356be910f64a7692cb3f0e2290bef09230ce9a46
GET /dizain/oko.png HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/png
content-length: 837
last-modified: Wed, 17 Jun 2020 15:20:40 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/dizain/kom.png
88.99.99.206200 OK 733 B URL HTTP/2 rem-tv.net/dizain/kom.png
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 75147a59091f1b91b76c5f05f576859a
965c9e46cd472a409236df115548f4322fb17755
824e7d4b07b8438b6a322cfa2f4865dce7b18aca608f3dec29e74d4dfd00d32b
GET /dizain/kom.png HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/png
content-length: 733
last-modified: Wed, 17 Jun 2020 15:20:40 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/dizain/per-0.png
88.99.99.206200 OK 529 B URL HTTP/2 rem-tv.net/dizain/per-0.png
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash bf4fb5d062f2e6887d25cbe077e16112
c60a106cb9e6e5a13b9540f8401056f8a8132f74
4651f007080886ed2af1fcc732f4190fe878f0069939b8c66e780f0a949a8dee
GET /dizain/per-0.png HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/png
content-length: 529
last-modified: Wed, 17 Jun 2020 15:20:40 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/styles/medium/public/img/scrin/stuff/parus-301_s.jpg?itok=yN15EEuv
88.99.99.206200 OK 7.5 kB URL HTTP/2 rem-tv.net/sites/default/files/styles/medium/public/img/scrin/stuff/parus-301_s.jpg?itok=yN15EEuv
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 150x57, components 3\012- data
Hash df590738e7d7772e82a28c29bc0b6255
39299bc9db6a7767aab29bef27911ea6bb3c17da
dae3856d4673a5aeb3975f98987ccf599a166ba29764ff0e5bc591cb586094f1
GET /sites/default/files/styles/medium/public/img/scrin/stuff/parus-301_s.jpg?itok=yN15EEuv HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/jpeg
content-length: 7537
last-modified: Wed, 31 Jan 2018 11:45:14 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/styles/medium/public/img/scrin/stuff/elektronika_m-327_s1.jpg?itok=oOSNBx6c
88.99.99.206200 OK 6.9 kB URL HTTP/2 rem-tv.net/sites/default/files/styles/medium/public/img/scrin/stuff/elektronika_m-327_s1.jpg?itok=oOSNBx6c
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 150x57, components 3\012- data
Hash 9ce652a41bc621a1a59c54afa94bb293
3e4dc4216b4ad2986339793b73629819bd982eb6
d410d5749dc47f194b42347b8b5b1bd771b1192afc76a4db2270e79751bbd989
GET /sites/default/files/styles/medium/public/img/scrin/stuff/elektronika_m-327_s1.jpg?itok=oOSNBx6c HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/jpeg
content-length: 6935
last-modified: Wed, 31 Jan 2018 21:45:58 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/styles/medium/public/img/scrin/stuff/elektronika-590_s.jpg?itok=R322CpLH
88.99.99.206200 OK 6.7 kB URL HTTP/2 rem-tv.net/sites/default/files/styles/medium/public/img/scrin/stuff/elektronika-590_s.jpg?itok=R322CpLH
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 150x57, components 3\012- data
Hash 9891e35d1a53a7de2edb613423c68ded
6fe4e6d1f4e0dd7fc8fca6c725c668bcfe50bf44
bb38eaa9b1f76a0e83ff9ecd0743169120cdd57a5663d0bcd96a08952444de19
GET /sites/default/files/styles/medium/public/img/scrin/stuff/elektronika-590_s.jpg?itok=R322CpLH HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/jpeg
content-length: 6683
last-modified: Thu, 01 Feb 2018 11:48:54 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/styles/medium/public/img/scrin/stuff/266.jpg?itok=QjqRWimL
88.99.99.206200 OK 7.4 kB URL HTTP/2 rem-tv.net/sites/default/files/styles/medium/public/img/scrin/stuff/266.jpg?itok=QjqRWimL
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 150x57, components 3\012- data
Hash 11f4041488d5948bd7cbd4ee77ade1f8
17483b52099beb4a66c241d5426a1d446460be20
a6274e54a88e542efc287d014c5b862a89082124e3a9aeb554739a49300c75f5
GET /sites/default/files/styles/medium/public/img/scrin/stuff/266.jpg?itok=QjqRWimL HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/jpeg
content-length: 7409
last-modified: Wed, 31 Jan 2018 10:46:54 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/styles/medium/public/img/scrin/stuff/elektronika-301_s.jpg?itok=jVE9BH_p
88.99.99.206200 OK 8.0 kB URL HTTP/2 rem-tv.net/sites/default/files/styles/medium/public/img/scrin/stuff/elektronika-301_s.jpg?itok=jVE9BH_p
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 150x57, components 3\012- data
Hash 2950b46f81473cfdb049d8eaa8b90ee1
02be4544e363943135372ec976ca90dd1409c4f6
19fdd8081cab1484e0a0981efdb13739bef0c6065f0c003503ae9c25b74f680b
GET /sites/default/files/styles/medium/public/img/scrin/stuff/elektronika-301_s.jpg?itok=jVE9BH_p HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/jpeg
content-length: 7960
last-modified: Wed, 31 Jan 2018 11:45:17 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/logo.png
88.99.99.206200 OK 88 kB URL HTTP/2 rem-tv.net/sites/default/files/logo.png
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 277 x 185, 8-bit/color RGBA, non-interlaced\012- data
Hash c3f357d021f476e89e21b75d36c12069
e0e3a1855416024de8bf977944f5a29847447132
77790be6f62bb00ea0f6c2f9e4b146f7bd7088d37e2f98b9e1116b0722c67750
GET /sites/default/files/logo.png HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/png
content-length: 88525
last-modified: Fri, 25 Jan 2019 10:27:10 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/img/stuff/42334212.jpg
88.99.99.206200 OK 78 kB URL HTTP/2 rem-tv.net/sites/default/files/img/stuff/42334212.jpg
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, software=ACD Systems Digital Imaging, datetime=2013:03:25 15:39:08], baseline, precision 8, 500x379, components 3\012- data
Hash 83474e59e0a25dca8681761d65dfda0c
fbae9aa737af1fbd79ade33295465712b61de7fd
3ea611ab02482a321589c4ef0cf467f4de3148473e11ce6e54709594effa96ad
GET /sites/default/files/img/stuff/42334212.jpg HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/jpeg
content-length: 77621
last-modified: Mon, 26 Oct 2015 09:32:35 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/img/stuff/19814770.jpg
88.99.99.206200 OK 75 kB URL HTTP/2 rem-tv.net/sites/default/files/img/stuff/19814770.jpg
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, software=ACD Systems Digital Imaging, datetime=2013:03:25 15:39:16], baseline, precision 8, 500x402, components 3\012- data
Hash a203328583332a8b8adeb96bb9c53d2f
314757f53bf46c828d138e94c59b8b8a8f717b60
8ec09411165da1765536ba1751aff10bcef10ece7b20540f4b2315ab0a973cac
GET /sites/default/files/img/stuff/19814770.jpg HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/jpeg
content-length: 74823
last-modified: Mon, 26 Oct 2015 09:31:50 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/img/stuff/35181115.jpg
88.99.99.206200 OK 93 kB URL HTTP/2 rem-tv.net/sites/default/files/img/stuff/35181115.jpg
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, software=ACD Systems Digital Imaging, datetime=2013:03:25 15:39:24], baseline, precision 8, 500x383, components 3\012- data
Hash 91135783fe17922a52f354cf7124f52c
cade182ee5a968cdde2627af5f58ee1ac26b7a62
a1572f4401841acf4646084061f2b76acd295c42a03d5e02706c5ed7044076f3
GET /sites/default/files/img/stuff/35181115.jpg HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/jpeg
content-length: 92807
last-modified: Mon, 26 Oct 2015 09:32:17 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/img/stuff/01583988.jpg
88.99.99.206200 OK 79 kB URL HTTP/2 rem-tv.net/sites/default/files/img/stuff/01583988.jpg
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, software=ACD Systems Digital Imaging, datetime=2013:03:25 15:39:32], baseline, precision 8, 500x363, components 3\012- data
Hash 107732b58f556ea2e7b7aeda8f305c5e
7d3860db599faad631712d49dad9c33c983a44b6
dc43daba0a5d0fad661b0fc0cf213f079539aedef3d9ff82ecdd026700fded5f
GET /sites/default/files/img/stuff/01583988.jpg HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/jpeg
content-length: 79238
last-modified: Mon, 26 Oct 2015 09:31:12 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
jsc.mgid.com/r/e/rem-tv.net.387985.js
104.19.135.78200 OK 4.0 kB URL HTTP/2 jsc.mgid.com/r/e/rem-tv.net.387985.js
IP 104.19.135.78:0
File type ASCII text, with very long lines (2648), with no line terminators
Hash 3e55f56d308c7cb01d6d3d34395e6a80
77a40c5eddc8fd70752da996c8248169403fbd66
7d90c66a75dda37e24821d12d6a200348c480007f93c7952a4cea2750e713dfc
GET /r/e/rem-tv.net.387985.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=2649
etag: W/"a1b6bec7fbd1caefad3dba34708584f9"
last-modified: Wed, 18 Jan 2023 10:07:54 GMT
x-amz-id-2: Kn57F6DMIcoOF/p8PEc2d0ZWKmyGRbATnHnsMjyQD6ZGL368Oo/pWLG/QlITxNv5CxFVkguk+18=
x-amz-request-id: Z7RAC0RMQQ6N44CZ
x-amz-version-id: 34czcBN9AdGofURqJSbwq9Ferv7afKoR
cf-cache-status: HIT
expires: Thu, 02 Feb 2023 19:11:30 GMT
cache-control: public, max-age=10800
set-cookie: __cf_bm=.Vqa5IU4ZeRX_k_OgCN2Qt54mk1.KjpvpD3dgzCxcSM-1675354290-0-Acx0wuAA+OCt7CFzMX9FL32TjtovkafoWBirt0gNBXECgmxeJOLVKx6tzKH9SKetECH461QKzTlsYEzpch/YteA=; path=/; expires=Thu, 02-Feb-23 16:41:30 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 793433fd2cd4fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rem-tv.net/dizain/per-1.png
88.99.99.206200 OK 1.7 kB URL HTTP/2 rem-tv.net/dizain/per-1.png
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 5aa06945aaa9aee1d702b465c2398855
15b7a75b60cedff7790adf114f538893bfe136fd
28f8b1a67de15c4480b988c9ecc03d3e0f3926732457789b4dc6c3a8e28012ac
GET /dizain/per-1.png HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/sites/default/files/css/css_NDTEdbeIjYYCdY2FAh7VR9vRX_G1BPIHDVwTc0YaUsc.css
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/png
content-length: 1677
last-modified: Wed, 17 Jun 2020 15:20:41 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/misc/menu-expanded.png
88.99.99.206200 OK 106 B URL HTTP/2 rem-tv.net/misc/menu-expanded.png
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 7 x 7, 1-bit colormap, non-interlaced\012- data
Hash d2d5438d897dcf8bd12fd05a98bd627d
fabfc0b53580f77c542d5af6ccfc22562e4cdbaf
71044970e802b0cf12ff5cb2e20a5910192e473a2968385f99c2987d3a4d0231
GET /misc/menu-expanded.png HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/sites/default/files/css/css_VhHJ73m5Hd56ca3-7RFojD97LzpSFJUFopxXAHBw9PE.css
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/png
content-length: 106
last-modified: Sat, 07 Jan 2023 11:20:43 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/misc/menu-leaf.png
88.99.99.206200 OK 126 B URL HTTP/2 rem-tv.net/misc/menu-leaf.png
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 7 x 7, 4-bit colormap, non-interlaced\012- data
Hash 78140c61857042a4ad3bf169b85e5167
296dbd7fd1fc19ae4b180f0bff661ea7553a2c6d
e457a1f5c855a40b853c0f8f6421db58c3e7b443444389e3ac1cb128bb02fc97
GET /misc/menu-leaf.png HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/sites/default/files/css/css_VhHJ73m5Hd56ca3-7RFojD97LzpSFJUFopxXAHBw9PE.css
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/png
content-length: 126
last-modified: Sat, 07 Jan 2023 11:20:43 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/sites/all/themes/professional_theme/images/search-button.png
88.99.99.206200 OK 725 B URL HTTP/2 rem-tv.net/sites/all/themes/professional_theme/images/search-button.png
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 34 x 48, 8-bit grayscale, non-interlaced\012- data
Hash 34537bf4511594ffa1fac3227fe8df67
99d00b11305e0b99964a19a770c66da365b13fba
235d488e81decd7850ef229e9c12d62689d4567e1d3d190b6c61796170b942db
GET /sites/all/themes/professional_theme/images/search-button.png HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/sites/default/files/css/css_YqLrL_oQODZdXsS9qvT_ptdG5CR_j4FeTneFEnmTACs.css
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/png
content-length: 725
last-modified: Tue, 02 Feb 2016 13:54:00 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d82139609e323e908fac5d93cc352a0
16464d86dbab5ffda5e66d870c5d139ee69f9422
dafce9d952b644da844563623a477eec073d696e74275b56b8329ed44b64aa57
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAFCE9D952B644DA844563623A477EEC073D696E74275B56B8329ED44B64AA57"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18488
Expires: Thu, 02 Feb 2023 21:19:39 GMT
Date: Thu, 02 Feb 2023 16:11:31 GMT
Connection: keep-alive
rem-tv.net/sites/default/files/bueditor-sprites/sprite_e0a4c72c628c73f6c8f5d94b75e81e66.png
88.99.99.206200 OK 4.0 kB URL HTTP/2 rem-tv.net/sites/default/files/bueditor-sprites/sprite_e0a4c72c628c73f6c8f5d94b75e81e66.png
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 176 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 6662f15f1e0ab888294b49170271564a
a76ef85558223748bb1d672f171a042949510b6b
3a113e0d66adeb544def59c69865a2b593957f540e272fc9be4568ffffcc1d3a
GET /sites/default/files/bueditor-sprites/sprite_e0a4c72c628c73f6c8f5d94b75e81e66.png HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/png
content-length: 3969
last-modified: Fri, 09 Feb 2018 10:14:55 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/sites/all/modules/bueditor/icons/x1.png
88.99.99.206200 OK 95 B URL HTTP/2 rem-tv.net/sites/all/modules/bueditor/icons/x1.png
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /sites/all/modules/bueditor/icons/x1.png HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/png
content-length: 95
last-modified: Mon, 05 Apr 2021 15:04:32 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/sites/default/files/custom-icon-path/separator.gif
88.99.99.206200 OK 60 B URL HTTP/2 rem-tv.net/sites/default/files/custom-icon-path/separator.gif
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 3 x 20\012- data
Hash d359334332afefc5f6dd28b8bd07ddea
3a20975c5bfad7908067842b0ad91822c59f9a81
2072772ca051530c9c034226af9da2911489b948ec6122c25c4de47df8870f20
GET /sites/default/files/custom-icon-path/separator.gif HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/gif
content-length: 60
last-modified: Mon, 26 Oct 2015 09:19:29 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/misc/grippie.png
88.99.99.206200 OK 106 B URL HTTP/2 rem-tv.net/misc/grippie.png
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 27 x 5, 1-bit colormap, non-interlaced\012- data
Hash 2a1b86da8c7f3b398b14e506ac400b09
c3dbadf66932cc33e771b102de4f7bcd1bdf5936
cd2532a071fb1aeeb3382db826860d52c149727769cf500e64bb157d05c1e332
GET /misc/grippie.png HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/sites/default/files/css/css_VhHJ73m5Hd56ca3-7RFojD97LzpSFJUFopxXAHBw9PE.css
Cookie: antibot-hostia=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: image/png
content-length: 106
last-modified: Sat, 07 Jan 2023 11:20:41 GMT
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de99efdb483392c76935172796187eea
871805102397ba943939ba0be6e025b2ee2dc50d
bb9286d8b2b2c1f77997ee252ecf50ffdb7f9631b436bf07a3c34315c26432ba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6346
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:31 GMT
Last-Modified: Thu, 02 Feb 2023 14:25:45 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
www.acint.net/aci.js
193.3.184.227200 OK 7.8 kB IP 193.3.184.227:0
File type ASCII text, with very long lines (1649)
Hash 777eef0db9280e74fe8d3e0e9561da9c
f8316623410b9735dd07b6e12a2f29352c0aa4cd
985dc8f4eb0a0b4629fa8e6d86f741ee8d22b7a0a1f64be2e9e9f2c96c9cf772
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: application/x-javascript
content-length: 7784
last-modified: Thu, 02 Feb 2023 13:54:08 GMT
etag: "63dbc080-1e68"
content-encoding: gzip
expires: Fri, 03 Feb 2023 04:11:31 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.5.1&uid=3ddd28ae-dbe0-4109-a046-e0983d8bc5a7&dp=10&tz=%2B00%3A00&nc=50242821&u=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&r=&rs=1280x1024&t=%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-321%2C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-322%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BE%D1%84%D0%BE%D0%BD%D1%8B%20%D0%BA%D0%B0%D1%81%D1%81%D0%B5%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B7%D0%B0%D0%BF%D0%B8%D1%81%D1%8C%20%D0%B8%20%D0%B2%D0%BE%D1%81%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20-%20%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B0%2020-%D0%B3%D0%BE%20%D0%B2%D0%B5%D0%BA%D0%B0&oE=1&oP=1&dT=2023-02-02T16%3A11%3A57.955&fu=5c55766a-81e1-414f-8fd1-94d1761b903e
193.3.184.227200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.5.1&uid=3ddd28ae-dbe0-4109-a046-e0983d8bc5a7&dp=10&tz=%2B00%3A00&nc=50242821&u=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&r=&rs=1280x1024&t=%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-321%2C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-322%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BE%D1%84%D0%BE%D0%BD%D1%8B%20%D0%BA%D0%B0%D1%81%D1%81%D0%B5%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B7%D0%B0%D0%BF%D0%B8%D1%81%D1%8C%20%D0%B8%20%D0%B2%D0%BE%D1%81%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20-%20%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B0%2020-%D0%B3%D0%BE%20%D0%B2%D0%B5%D0%BA%D0%B0&oE=1&oP=1&dT=2023-02-02T16%3A11%3A57.955&fu=5c55766a-81e1-414f-8fd1-94d1761b903e
IP 193.3.184.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.5.1&uid=3ddd28ae-dbe0-4109-a046-e0983d8bc5a7&dp=10&tz=%2B00%3A00&nc=50242821&u=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&r=&rs=1280x1024&t=%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-321%2C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-322%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BE%D1%84%D0%BE%D0%BD%D1%8B%20%D0%BA%D0%B0%D1%81%D1%81%D0%B5%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B7%D0%B0%D0%BF%D0%B8%D1%81%D1%8C%20%D0%B8%20%D0%B2%D0%BE%D1%81%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20-%20%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B0%2020-%D0%B3%D0%BE%20%D0%B2%D0%B5%D0%BA%D0%B0&oE=1&oP=1&dT=2023-02-02T16%3A11%3A57.955&fu=5c55766a-81e1-414f-8fd1-94d1761b903e HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=CkIDE2Pb4LNTkwpP8Po1Au2z4TaBNk2/6EI40Hm7awzhJLo1; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10
193.3.184.227302 Found 154 B IP 193.3.184.227:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Thu, 02-Feb-23 16:21:31 GMT
aid=CkIDFWPb4LOOjxQQBD0HAh4vsfnVFokDX9clF82Z3tkUgcmD; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
st.top100.ru/top100/top100.js
81.19.89.16200 OK 33 kB URL HTTP/2 st.top100.ru/top100/top100.js
IP 81.19.89.16:0
ASN #24638 Rambler Internet Holding LLC
Hash f3707fe0d3a42f978147b081c835869e
21cb78bc0bdcca884eb628d299483659307cd521
4fc0cbfbae209163688a8c4ae3fff71a8e0962d3a3a2e2998ebdb2d38a09e267
GET /top100/top100.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 30 Jan 2023 10:42:42 GMT
x-rgw-object-type: Normal
etag: W/"85fd0629b4936ca6bd7f6dca635c0da1"
x-amz-request-id: tx00000000000021fb28b1f-0063dbe08c-f85be6-default
expires: Thu, 02 Feb 2023 17:11:31 GMT
cache-control: max-age=3600
set-cookie: proto_uid=1CIAALPg22NrHGB3AUKM9gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f3ffb98af2a384a86eca3a5e4fcdb048
9efd753eb844d3b32276133bbb90a07f53a07fbc
32ba8f2a89ed5715b4ad12d112356f7c5b5d1471cdcb253e68cb111bdaa20964
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1606
Cache-Control: max-age=85942
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:31 GMT
Etag: "63da8723-117"
Expires: Fri, 03 Feb 2023 16:03:53 GMT
Last-Modified: Wed, 01 Feb 2023 15:37:07 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e798950bda0d223c428c68b3bc79c280
ce614125a64c75310142da2a7a0edba425f0fe71
04a09a43fd071a2426aa56f15b14bc65ca366381e00e647de8623351111d374f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04A09A43FD071A2426AA56F15B14BC65CA366381E00E647DE8623351111D374F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9891
Expires: Thu, 02 Feb 2023 18:56:22 GMT
Date: Thu, 02 Feb 2023 16:11:31 GMT
Connection: keep-alive
ulogin.ru/js/ulogin.js
95.163.118.168200 OK 19 kB IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (580)
Hash 599eddaba3f8c40136909d3c05ad6d55
aaf7f95360ca9642316e6ceec6b62d37add8a899
42d8bcb34be7b5cabf06b66878c21a2cbcbf8de08f8a3cfa4cade66e85d93e81
GET /js/ulogin.js HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:34 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 30 Dec 2022 16:08:32 GMT
Set-Cookie: ulogin_token=u31dac9b61ee541e855c53e6c7f3de996; expires=Tuesday, 12-Jan-2030 10:00:00 GMT; path=/
Expires: Sun, 05 Feb 2023 16:11:34 GMT
Cache-Control: max-age=259200
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d70f1cb18a126c2e00820d9a4c3580d5
9bb09bc547b0c3133ded9285be6a3c1fbb9434f0
d6a83867bb58f8bc2e55f993a8d5e0747da1ead394b66e238de1c2a82730c722
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6A83867BB58F8BC2E55F993A8D5E0747DA1EAD394B66E238DE1C2A82730C722"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19359
Expires: Thu, 02 Feb 2023 21:34:10 GMT
Date: Thu, 02 Feb 2023 16:11:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15588
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 16:11:31 GMT
Connection: keep-alive
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
185.147.80.35302 Found 74 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP 185.147.80.35:0
File type HTML document, ASCII text
Hash 9bcd1a8d4cff49538a080aeba61bdacc
c1e977b6aecdbae7c412fadf0466cd24adeb73bc
51a89fdeec546219da53b1acebdf5f4b3f942b33fc0390c66ffdb2e248e5d03c
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Thu, 02 Feb 2023 16:11:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 74
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=GQJBJKTW
Set-Cookie: uid=GQJBJKTW; Expires=Sun, 30 Jan 2033 16:11:31 GMT
dm-eu.hybrid.ai/match?id=106&vid=1503420AB3E0DB6310148F8E02073D04
37.18.103.21204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=1503420AB3E0DB6310148F8E02073D04
IP 37.18.103.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=1503420AB3E0DB6310148F8E02073D04 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 16:11:31 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=7a2eb8a9329aa166624e; Expires=Fri, 02 Feb 2024 16:11:29 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 519
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.acint.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ybz4mmNUwsKOkpz6GFm4nLz7iGX5gJ--EiUjqrs8G92GBLn6qaF7IQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:51 GMT
age: 65620
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
a.utraff.com/sync?ssp=Sape
104.21.59.66204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=Sape
IP 104.21.59.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=Sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Sat, 04 Mar 2023 19:11:31 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Sat, 04 Mar 2023 19:11:31 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHFmM1YbXliXzGEy8pI9mXIP7KvsUdW121KiVyCvVAFT9ZZEtD5y20GkhuoWWfGsdnYpi%2BHtFzRP%2FEIjstvL%2BajY%2FrfkZ4DJdwYw1i0ASKQQBjS8%2FyBWer4xZGI%2FvOM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79343401481bb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:16:08 GMT
age: 32123
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:54:58 GMT
age: 65793
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0224e848c34cb32cf932ed99dfd8468a
31c1abac8979bca5a998a6649ca3e6f59c0fb2f5
f93d5a69758e57d4d2b0d307ce98ad5ea8d86b825108873e8ea5bc36567dc5c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5061
x-amzn-requestid: e8e96b85-5b24-48b4-bea3-6c1b93c55ca1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGf3oAMFj1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-558cb5ec6f31497d284518be;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AeFT9dVmzOw8800DKN7VouWS3HGHRYp64On9sF62J-aOK_OGtvAa7w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:52 GMT
age: 64719
etag: "31c1abac8979bca5a998a6649ca3e6f59c0fb2f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f85742f336de59ca88f7f964a8b33f4
0fc7177f8cb06421a8807e93989f651bda743567
fbd5fd39c39c218b0fa956f8cb8050cbdbfcb109a92303f6175d73cc8c339526
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8642
x-amzn-requestid: f47f7616-41aa-4983-8ada-20f6f0b6856b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frfXtHkUoAMFr1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadf64-083a903959cdab540bd38265;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:53:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UqoeSWse0jZAC3IEIWk5fj9q_4xsAoZRkn67U4m2L5NkayHxsAYmlA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:35 GMT
age: 65456
etag: "0fc7177f8cb06421a8807e93989f651bda743567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i697kJpdT4ZPeMLWIftWf16pWCic0-v4tL4GDKfVfTZLo-E4-3FwDQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 64193
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c70fa210db8cb3a65d555bef49e050bc
8a834fe202d34465e13fdaefc7562702097e0fdc
d13d61f106ad0d5b69027daa0e626df63e0aaeac2f46f244f0806bcc90f69e0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D13D61F106AD0D5B69027DAA0E626DF63E0AAEAC2F46F244F0806BCC90F69E0F"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11332
Expires: Thu, 02 Feb 2023 19:20:23 GMT
Date: Thu, 02 Feb 2023 16:11:31 GMT
Connection: keep-alive
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 2dc048c269e4351bcc787d0e920f1e84
6fb594acf3eda7a825e2eea9dd13647e95364b35
6f8d08a47656defd943cff16141cfc61638f4f0713508443c7a77e2c51718fff
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:11:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 06 Feb 2023 14:37:19 GMT
ETag: "6fb594acf3eda7a825e2eea9dd13647e95364b35"
Last-Modified: Thu, 02 Feb 2023 14:37:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 378
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793434020fa6b52d-OSL
www.acint.net/match?dp=129&euid=qqdq9rflw3
193.3.184.227200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=qqdq9rflw3
IP 193.3.184.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=qqdq9rflw3 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2Pb4LNTkwpP8Po1Au2z4TaBNk2/6EI40Hm7awzhJLo1; test_cookie=CheckForPermission; cSyncDp7v2=1675354291; cSyncDp14v3=1675354291; cSyncDp17=1675354291; cSyncDp32=1675354291; cSyncDp45v3=1675354291; cSyncDp53v2=1675354291; cSyncDp62=1675354291; cSyncDp67v2=1675354291; cSyncDp68=1675354291; cSyncDp71=1675354291; cSyncDp85=1675354291; cSyncDp95v3=1675354291; cSyncDp98v2=1675354291; cSyncDp101=1675354291; cSyncDp104v2=1675354291; cSyncDp107=1675354291; cSyncDp110=1675354291; cSyncDp125v3=1675354291; cSyncDp126=1675354291; cSyncDp127=1675354291; cSyncDp129=1675354291; cSyncDp136v2=1675354291; cSyncDp146=1675354291; cSyncDp148=1675354291; cSyncDp149v2=1675354291; cSyncDp151=1675354291; cSyncDp178=1675354291; cSyncDp186=1675354291; cSyncDp221=1675354291; cSyncDp235=1675354291
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=95&euid=GQJBJKTW
193.3.184.227200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=GQJBJKTW
IP 193.3.184.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=GQJBJKTW HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2Pb4LNTkwpP8Po1Au2z4TaBNk2/6EI40Hm7awzhJLo1; test_cookie=CheckForPermission; cSyncDp7v2=1675354291; cSyncDp14v3=1675354291; cSyncDp17=1675354291; cSyncDp32=1675354291; cSyncDp45v3=1675354291; cSyncDp53v2=1675354291; cSyncDp62=1675354291; cSyncDp67v2=1675354291; cSyncDp68=1675354291; cSyncDp71=1675354291; cSyncDp85=1675354291; cSyncDp95v3=1675354291; cSyncDp98v2=1675354291; cSyncDp101=1675354291; cSyncDp104v2=1675354291; cSyncDp107=1675354291; cSyncDp110=1675354291; cSyncDp125v3=1675354291; cSyncDp126=1675354291; cSyncDp127=1675354291; cSyncDp129=1675354291; cSyncDp136v2=1675354291; cSyncDp146=1675354291; cSyncDp148=1675354291; cSyncDp149v2=1675354291; cSyncDp151=1675354291; cSyncDp178=1675354291; cSyncDp186=1675354291; cSyncDp221=1675354291; cSyncDp235=1675354291
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c38aef777743922d08ac552bdc4b3968
d0f8258c4a8aeb9259973c4492e6c9cf7518e744
a521d1d7702d2f422b03313d0e76e34eda17838bd8e989464e1bd72cbd5c9b34
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A521D1D7702D2F422B03313D0E76E34EDA17838BD8E989464E1BD72CBD5C9B34"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5341
Expires: Thu, 02 Feb 2023 17:40:32 GMT
Date: Thu, 02 Feb 2023 16:11:31 GMT
Connection: keep-alive
kraken.rambler.ru/userip
81.19.89.18200 OK 12 B IP 81.19.89.18:0
ASN #24638 Rambler Internet Holding LLC
File type ASCII text, with no line terminators
Hash 35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
GET /userip HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rem-tv.net
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: application/octet-stream
content-length: 12
access-control-allow-origin: https://rem-tv.net
x-srv: 2kraken-prod0002.ad.rambler.tech
set-cookie: ruid=1CIAALPg22NmV4QZAVBy2AB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAALPg22NmV4QZAVBy2AB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 400810988c946c068e781a3678e10ddc
77bfadbb2cb63fc15a1201f8925d69e3f73bcd88
c217b29a942ad9537456ffc75f8269cc971d30ea14ca05c7ecde2d076afca474
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:11:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 06 Feb 2023 14:51:16 GMT
ETag: "77bfadbb2cb63fc15a1201f8925d69e3f73bcd88"
Last-Modified: Thu, 02 Feb 2023 14:51:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2464
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793434025f80b4ed-OSL
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
193.3.184.212302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP 193.3.184.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 16:11:31 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=2B03420AB3E0DB63480067470247D0B9
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDK2Pb4LNHZwBIudBHApz2M5RGEAPYMmDdCDvKxUg9+WVN; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
sync.bumlam.com/?src=sap1&uid=1503420AB3E0DB6310148F8E02073D04
31.172.81.159302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=1503420AB3E0DB6310148F8E02073D04
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=1503420AB3E0DB6310148F8E02073D04 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 16:11:31 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ0MWJhZjc0Yy1hMzE0LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 28 Jan 2043 16:11:31 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARizwe-eBmIgMTUwMzQyMEFCM0UwREI2MzEwMTQ4RjhFMDIwNzNEMDSiARBBuvdMoxQR7YbgACWQwGR8
ETag: 41baf74c-a314-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
pix.bumlam.com/sync/sape/check?sspuid=1503420AB3E0DB6310148F8E02073D04
31.172.81.172302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/check?sspuid=1503420AB3E0DB6310148F8E02073D04
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/check?sspuid=1503420AB3E0DB6310148F8E02073D04 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 02 Feb 2023 16:11:31 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ad50fd429d43590d1ef8635ee01498ea
f0917fd3a14ea4f5b1e97dcd534338c5ff06c8af
50edbb5e017eb9381fccaf770b4fc5dc94e970ea2631eec51e180ac69d59a70b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:11:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 15:41:07 GMT
Expires: Tue, 07 Feb 2023 15:41:06 GMT
Etag: "f0917fd3a14ea4f5b1e97dcd534338c5ff06c8af"
Cache-Control: max-age=429574,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793434023bc6fab4-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d5aa03d944374e364d4fdbb8f9cbf95e
43e3c5a8a5ff027de3c9ad9a41b572e4f33e72f9
483314668ec3c34108277a26d39a4282ce255e416cb5cec43e3d30d5340b8138
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "483314668EC3C34108277A26D39A4282CE255E416CB5CEC43E3D30D5340B8138"
Last-Modified: Wed, 01 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17806
Expires: Thu, 02 Feb 2023 21:08:17 GMT
Date: Thu, 02 Feb 2023 16:11:31 GMT
Connection: keep-alive
sync.upravel.com/sape/sync
144.76.138.28302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP 144.76.138.28:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1675354291592;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1675354291592;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
sync.dmp.otm-r.com/match/sape?id=1503420AB3E0DB6310148F8E02073D04
138.201.65.66204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=1503420AB3E0DB6310148F8E02073D04
IP 138.201.65.66:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1503420AB3E0DB6310148F8E02073D04 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.19.7
date: Thu, 02 Feb 2023 16:11:31 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aa8a4de2da89e63bf5d87528f4942f8e
842533601fec8fa0504e9f12a68c638ac83f99f3
acad47db275e28fde5be3477bdb915aca613e8e7a3e04486e52fd47f6463151f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ACAD47DB275E28FDE5BE3477BDB915ACA613E8E7A3E04486E52FD47F6463151F"
Last-Modified: Tue, 31 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1860
Expires: Thu, 02 Feb 2023 16:42:31 GMT
Date: Thu, 02 Feb 2023 16:11:31 GMT
Connection: keep-alive
sync.bumlam.com/?src=sap1&s_data=CAIQARizwe-eBmIgMTUwMzQyMEFCM0UwREI2MzEwMTQ4RjhFMDIwNzNEMDSiARBBuvdMoxQR7YbgACWQwGR8
31.172.81.159200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARizwe-eBmIgMTUwMzQyMEFCM0UwREI2MzEwMTQ4RjhFMDIwNzNEMDSiARBBuvdMoxQR7YbgACWQwGR8
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARizwe-eBmIgMTUwMzQyMEFCM0UwREI2MzEwMTQ4RjhFMDIwNzNEMDSiARBBuvdMoxQR7YbgACWQwGR8 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ0MWJhZjc0Yy1hMzE0LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ0MWJhZjc0Yy1hMzE0LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 28 Jan 2043 16:11:31 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
s.uuidksinc.net/match/396/?remote_uid=1503420AB3E0DB6310148F8E02073D04
31.220.27.135302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=1503420AB3E0DB6310148F8E02073D04
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=1503420AB3E0DB6310148F8E02073D04 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Thu, 02 Feb 2023 16:11:31 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=P2MAGTEC333urBcSukJG
set-cookie: jcsuuid=P2MAGTEC333urBcSukJG; expires=Fri, 02 Feb 2024 16:11:31 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f3ffb98af2a384a86eca3a5e4fcdb048
9efd753eb844d3b32276133bbb90a07f53a07fbc
32ba8f2a89ed5715b4ad12d112356f7c5b5d1471cdcb253e68cb111bdaa20964
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1606
Cache-Control: max-age=85942
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:31 GMT
Etag: "63da8723-117"
Expires: Fri, 03 Feb 2023 16:03:53 GMT
Last-Modified: Wed, 01 Feb 2023 15:37:07 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
49.12.83.94301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP 49.12.83.94:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash 76bb09c8218cf5653fae1d6f7cfdbf61
27a6ec26463d01e2ca5a1f79949f7c2c8176df5d
ce6da268f9ca234d9c001372fd3949ae1f77ee9c14da52f18c1f5b82868b901d
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=8c87cc33-5b2b-42b3-49c9-10b5011cf968
serverid: TODO
X-Firefox-Spdy: h2
nr.bidderstack.com/sape/cm?user_id=1503420AB3E0DB6310148F8E02073D04
23.88.12.13200 OK 44 B URL HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=1503420AB3E0DB6310148F8E02073D04
IP 23.88.12.13:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
GET /sape/cm?user_id=1503420AB3E0DB6310148F8E02073D04 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:31 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bac30724b4d5e7813c3f649da4c1be81
68709ea92544ba83880208fb1a9923010a97652d
319df7ec746969bf3e8b84e1a846d2bb09f3e9f6fd2ef0887989698357ed245f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "319DF7EC746969BF3E8B84E1A846D2BB09F3E9F6FD2EF0887989698357ED245F"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6000
Expires: Thu, 02 Feb 2023 17:51:31 GMT
Date: Thu, 02 Feb 2023 16:11:31 GMT
Connection: keep-alive
acint.net/match?dp=14&euid=2B03420AB3E0DB63480067470247D0B9
193.3.184.227200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=2B03420AB3E0DB63480067470247D0B9
IP 193.3.184.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=2B03420AB3E0DB63480067470247D0B9 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2Pb4LNTkwpP8Po1Au2z4TaBNk2/6EI40Hm7awzhJLo1; test_cookie=CheckForPermission; cSyncDp7v2=1675354291; cSyncDp14v3=1675354291; cSyncDp17=1675354291; cSyncDp32=1675354291; cSyncDp45v3=1675354291; cSyncDp53v2=1675354291; cSyncDp62=1675354291; cSyncDp67v2=1675354291; cSyncDp68=1675354291; cSyncDp71=1675354291; cSyncDp85=1675354291; cSyncDp95v3=1675354291; cSyncDp98v2=1675354291; cSyncDp101=1675354291; cSyncDp104v2=1675354291; cSyncDp107=1675354291; cSyncDp110=1675354291; cSyncDp125v3=1675354291; cSyncDp126=1675354291; cSyncDp127=1675354291; cSyncDp129=1675354291; cSyncDp136v2=1675354291; cSyncDp146=1675354291; cSyncDp148=1675354291; cSyncDp149v2=1675354291; cSyncDp151=1675354291; cSyncDp178=1675354291; cSyncDp186=1675354291; cSyncDp221=1675354291; cSyncDp235=1675354291
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
acint.net/match?dp=110&euid=8f5c4b3151e2469d8d3b721b6c2eb5c1
193.3.184.227200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=8f5c4b3151e2469d8d3b721b6c2eb5c1
IP 193.3.184.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=8f5c4b3151e2469d8d3b721b6c2eb5c1 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2Pb4LNTkwpP8Po1Au2z4TaBNk2/6EI40Hm7awzhJLo1; test_cookie=CheckForPermission; cSyncDp7v2=1675354291; cSyncDp14v3=1675354291; cSyncDp17=1675354291; cSyncDp32=1675354291; cSyncDp45v3=1675354291; cSyncDp53v2=1675354291; cSyncDp62=1675354291; cSyncDp67v2=1675354291; cSyncDp68=1675354291; cSyncDp71=1675354291; cSyncDp85=1675354291; cSyncDp95v3=1675354291; cSyncDp98v2=1675354291; cSyncDp101=1675354291; cSyncDp104v2=1675354291; cSyncDp107=1675354291; cSyncDp110=1675354291; cSyncDp125v3=1675354291; cSyncDp126=1675354291; cSyncDp127=1675354291; cSyncDp129=1675354291; cSyncDp136v2=1675354291; cSyncDp146=1675354291; cSyncDp148=1675354291; cSyncDp149v2=1675354291; cSyncDp151=1675354291; cSyncDp178=1675354291; cSyncDp186=1675354291; cSyncDp221=1675354291; cSyncDp235=1675354291
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
144.76.138.28302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP 144.76.138.28:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1675354291592
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=98c5f68a-f17c-487b-83ff-7f9256ef9028;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=98c5f68a-f17c-487b-83ff-7f9256ef9028;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=98c5f68a-f17c-487b-83ff-7f9256ef9028
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1503420AB3E0DB6310148F8E02073D04
87.242.89.90200 OK 12 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1503420AB3E0DB6310148F8E02073D04
IP 87.242.89.90:0
File type exported SGML document, ASCII text, with no line terminators
Hash d8932e1cb3ee147415fbf5591a7217ca
97da5b95fb7f60ecd8d9ed0e5a05d83ad5a9c070
c0327cbcde50f1ab8228334a550b947301123d6f6f7d625707cb6d08a1faec35
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1503420AB3E0DB6310148F8E02073D04 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: text/html
content-length: 12
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
etag: "63d8131e-c"
accept-ranges: bytes
server: elb
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 29cbed0f6d8c99166782eb19e3b3b40a
a79f0c9f23b25cd341b7810ae7c65b4f2c606193
17b752520814b21a538551090467600dc8cefa1ca4da6f660c8046c729ccf316
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17B752520814B21A538551090467600DC8CEFA1CA4DA6F660C8046C729CCF316"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11318
Expires: Thu, 02 Feb 2023 19:20:09 GMT
Date: Thu, 02 Feb 2023 16:11:31 GMT
Connection: keep-alive
www.acint.net/match?dp=127&euid=P2MAGTEC333urBcSukJG
193.3.184.227200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=P2MAGTEC333urBcSukJG
IP 193.3.184.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=P2MAGTEC333urBcSukJG HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2Pb4LNTkwpP8Po1Au2z4TaBNk2/6EI40Hm7awzhJLo1; test_cookie=CheckForPermission; cSyncDp7v2=1675354291; cSyncDp14v3=1675354291; cSyncDp17=1675354291; cSyncDp32=1675354291; cSyncDp45v3=1675354291; cSyncDp53v2=1675354291; cSyncDp62=1675354291; cSyncDp67v2=1675354291; cSyncDp68=1675354291; cSyncDp71=1675354291; cSyncDp85=1675354291; cSyncDp95v3=1675354291; cSyncDp98v2=1675354291; cSyncDp101=1675354291; cSyncDp104v2=1675354291; cSyncDp107=1675354291; cSyncDp110=1675354291; cSyncDp125v3=1675354291; cSyncDp126=1675354291; cSyncDp127=1675354291; cSyncDp129=1675354291; cSyncDp136v2=1675354291; cSyncDp146=1675354291; cSyncDp148=1675354291; cSyncDp149v2=1675354291; cSyncDp151=1675354291; cSyncDp178=1675354291; cSyncDp186=1675354291; cSyncDp221=1675354291; cSyncDp235=1675354291
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sape
31.172.81.159302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ0MWJhZjc0Yy1hMzE0LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 16:11:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ0MWJhZjc0Yy1hMzE0LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 28 Jan 2043 16:11:31 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=41baf74c-a314-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a36a6fe1fcf00efea92342e5d443c0ac
c6a2b6c0307e7bd87919554c12aecd804659983f
a87bd3a8794753dc4671d7d870b3109d45f2b07b785aa69ec38edebdd3d452f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A87BD3A8794753DC4671D7D870B3109D45F2B07B785AA69EC38EDEBDD3D452F4"
Last-Modified: Thu, 02 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13697
Expires: Thu, 02 Feb 2023 19:59:48 GMT
Date: Thu, 02 Feb 2023 16:11:31 GMT
Connection: keep-alive
www.acint.net/match?dp=126&euid=8c87cc33-5b2b-42b3-49c9-10b5011cf968
193.3.184.227200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=8c87cc33-5b2b-42b3-49c9-10b5011cf968
IP 193.3.184.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=8c87cc33-5b2b-42b3-49c9-10b5011cf968 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2Pb4LNTkwpP8Po1Au2z4TaBNk2/6EI40Hm7awzhJLo1; test_cookie=CheckForPermission; cSyncDp7v2=1675354291; cSyncDp14v3=1675354291; cSyncDp17=1675354291; cSyncDp32=1675354291; cSyncDp45v3=1675354291; cSyncDp53v2=1675354291; cSyncDp62=1675354291; cSyncDp67v2=1675354291; cSyncDp68=1675354291; cSyncDp71=1675354291; cSyncDp85=1675354291; cSyncDp95v3=1675354291; cSyncDp98v2=1675354291; cSyncDp101=1675354291; cSyncDp104v2=1675354291; cSyncDp107=1675354291; cSyncDp110=1675354291; cSyncDp125v3=1675354291; cSyncDp126=1675354291; cSyncDp127=1675354291; cSyncDp129=1675354291; cSyncDp136v2=1675354291; cSyncDp146=1675354291; cSyncDp148=1675354291; cSyncDp149v2=1675354291; cSyncDp151=1675354291; cSyncDp178=1675354291; cSyncDp186=1675354291; cSyncDp221=1675354291; cSyncDp235=1675354291
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.globalsign.com/alphasslcasha256g4
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.20.226:0
Hash f49f98207eae0317577d02397373ae46
1755fce857bf99c6e2ce15605d73108f026193fa
f87e1efe8f3c27b9009c4f53f824a2365963d3771c8e9fa22c01afa666fb1364
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:11:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Mon, 06 Feb 2023 13:18:41 GMT
ETag: "1755fce857bf99c6e2ce15605d73108f026193fa"
Last-Modified: Thu, 02 Feb 2023 13:18:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 959
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934340338cdb52d-OSL
ulogin.ru/version/3.0/img/providers-32-classic.png?version=img.3.0.2
95.163.118.168200 OK 37 kB URL HTTP/1.1 ulogin.ru/version/3.0/img/providers-32-classic.png?version=img.3.0.2
IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type PNG image data, 32 x 816, 8-bit/color RGBA, non-interlaced\012- data
Hash deda48d7164be4bd370e4f4a842ef4c3
05779a81d5c22751d9fc3233e24dd39d863874b4
4101a0011295ffe856d6ed838c40acace8a110e03a4bd884f681de7a9354b320
GET /version/3.0/img/providers-32-classic.png?version=img.3.0.2 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:34 GMT
Content-Type: image/png
Content-Length: 37284
Last-Modified: Tue, 10 Aug 2021 18:31:03 GMT
Connection: keep-alive
ETag: "6112c5e7-91a4"
Expires: Sun, 05 Feb 2023 16:11:34 GMT
Cache-Control: max-age=259200, public
Accept-Ranges: bytes
sync.adspend.space/sape?uid=1503420AB3E0DB6310148F8E02073D04
212.76.129.183302 Found 149 B URL HTTP/2 sync.adspend.space/sape?uid=1503420AB3E0DB6310148F8E02073D04
IP 212.76.129.183:0
File type HTML document, ASCII text
Hash 896bcbac2965db80da375b0d27c2e121
5005b4b4cdec4578bff278c86f16452d8f121318
d0e7808c515531724d2cdf4b3bb9fcf7b7416acc3250ff33abe540b0c254a946
GET /sape?uid=1503420AB3E0DB6310148F8E02073D04 HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: text/html; charset=utf-8
content-length: 149
location: https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D0d3ee7b0-f78b-4609-b197-7181e3f23e13
set-cookie: as-user=0d3ee7b0-f78b-4609-b197-7181e3f23e13; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
www.acint.net/match?dp=71&euid=98c5f68a-f17c-487b-83ff-7f9256ef9028
193.3.184.227200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=98c5f68a-f17c-487b-83ff-7f9256ef9028
IP 193.3.184.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=98c5f68a-f17c-487b-83ff-7f9256ef9028 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2Pb4LNTkwpP8Po1Au2z4TaBNk2/6EI40Hm7awzhJLo1; test_cookie=CheckForPermission; cSyncDp7v2=1675354291; cSyncDp14v3=1675354291; cSyncDp17=1675354291; cSyncDp32=1675354291; cSyncDp45v3=1675354291; cSyncDp53v2=1675354291; cSyncDp62=1675354291; cSyncDp67v2=1675354291; cSyncDp68=1675354291; cSyncDp71=1675354291; cSyncDp85=1675354291; cSyncDp95v3=1675354291; cSyncDp98v2=1675354291; cSyncDp101=1675354291; cSyncDp104v2=1675354291; cSyncDp107=1675354291; cSyncDp110=1675354291; cSyncDp125v3=1675354291; cSyncDp126=1675354291; cSyncDp127=1675354291; cSyncDp129=1675354291; cSyncDp136v2=1675354291; cSyncDp146=1675354291; cSyncDp148=1675354291; cSyncDp149v2=1675354291; cSyncDp151=1675354291; cSyncDp178=1675354291; cSyncDp186=1675354291; cSyncDp221=1675354291; cSyncDp235=1675354291
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
cs.agency2.ru/p?ssp=sp&uid=1503420AB3E0DB6310148F8E02073D04
23.111.107.44301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=1503420AB3E0DB6310148F8E02073D04
IP 23.111.107.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=1503420AB3E0DB6310148F8E02073D04 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 16:11:31 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=70c0be2f-ff17-45ec-bef4-baee8ba070e6
Set-Cookie: uuid=70c0be2f-ff17-45ec-bef4-baee8ba070e6; expires=Wed, 24 Jan 2024 16:11:31 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
pix.bumlam.com/sync/sape/sync_ok?guid=41baf74c-a314-11ed-86e0-002590c0647c
31.172.81.172302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/sync_ok?guid=41baf74c-a314-11ed-86e0-002590c0647c
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/sync_ok?guid=41baf74c-a314-11ed-86e0-002590c0647c HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ0MWJhZjc0Yy1hMzE0LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 02 Feb 2023 16:11:31 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://41baf74c-a314-11ed-86e0-002590c0647c.n7.sync.bumlam.com/?src=sape
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 08ffbd617e3c4fe6363eac8207df7517
9e609b37c80b441d84d4bc50b28679f40bf87d2d
00f9131e6fd8f03c2f2a9bdf857c64a366587907d39826e6b7df365257de63e6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00F9131E6FD8F03C2F2A9BDF857C64A366587907D39826E6B7DF365257DE63E6"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7451
Expires: Thu, 02 Feb 2023 18:15:42 GMT
Date: Thu, 02 Feb 2023 16:11:31 GMT
Connection: keep-alive
www.acint.net/oci/?v=0.5.1&uid=3ddd28ae-dbe0-4109-a046-e0983d8bc5a7&dp=10&tz=%2B00%3A00&nc=17739997&oid=39e8192718f4ed5a678fc273d654392b
193.3.184.227200 OK 43 B URL HTTP/2 www.acint.net/oci/?v=0.5.1&uid=3ddd28ae-dbe0-4109-a046-e0983d8bc5a7&dp=10&tz=%2B00%3A00&nc=17739997&oid=39e8192718f4ed5a678fc273d654392b
IP 193.3.184.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /oci/?v=0.5.1&uid=3ddd28ae-dbe0-4109-a046-e0983d8bc5a7&dp=10&tz=%2B00%3A00&nc=17739997&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Cookie: aid=CkIDE2Pb4LNTkwpP8Po1Au2z4TaBNk2/6EI40Hm7awzhJLo1; test_cookie=CheckForPermission; cSyncDp7v2=1675354291; cSyncDp14v3=1675354291; cSyncDp17=1675354291; cSyncDp32=1675354291; cSyncDp45v3=1675354291; cSyncDp53v2=1675354291; cSyncDp62=1675354291; cSyncDp67v2=1675354291; cSyncDp68=1675354291; cSyncDp71=1675354291; cSyncDp85=1675354291; cSyncDp95v3=1675354291; cSyncDp98v2=1675354291; cSyncDp101=1675354291; cSyncDp104v2=1675354291; cSyncDp107=1675354291; cSyncDp110=1675354291; cSyncDp125v3=1675354291; cSyncDp126=1675354291; cSyncDp127=1675354291; cSyncDp129=1675354291; cSyncDp136v2=1675354291; cSyncDp146=1675354291; cSyncDp148=1675354291; cSyncDp149v2=1675354291; cSyncDp151=1675354291; cSyncDp178=1675354291; cSyncDp186=1675354291; cSyncDp221=1675354291; cSyncDp235=1675354291
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.programmatica.com/match/RTBSape?id=1503420AB3E0DB6310148F8E02073D04
167.235.117.42302 Found 0 B URL HTTP/2 sync.programmatica.com/match/RTBSape?id=1503420AB3E0DB6310148F8E02073D04
IP 167.235.117.42:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/RTBSape?id=1503420AB3E0DB6310148F8E02073D04 HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 16:11:31 GMT
content-length: 0
location: https://sync.programmatica.com/match/RTBSape?id=1503420AB3E0DB6310148F8E02073D04&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
mazelift.ru/codes1.js
62.109.17.230200 OK 4.4 kB IP 62.109.17.230:0
File type ASCII text, with very long lines (9746), with no line terminators
Hash 55a4de8713aea43d54ef4f7fafa5f0e7
346374ab630210154b058eb6af3c8a00b7be5554
7541d62adf6c6ec49a7b3a6b10153d03f3d8f4449e4c7ba82121e592c324573a
GET /codes1.js HTTP/1.1
Host: mazelift.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.13.12
Date: Thu, 02 Feb 2023 16:11:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Set-Cookie: utm1=1:b98a5951-e0a4-4206-9918-180e8de2d400; expires=Fri, 02 Feb 2024 16:11:31 GMT; Max-Age=31536000; Path=/
ttl_cmVtLXR2Lm5ldAzz=0; Path=/
Last-Modified: Thursday, 02-Feb-2023 16:11:31 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Content-Encoding: gzip
www.acint.net/match?dp=186&euid=70c0be2f-ff17-45ec-bef4-baee8ba070e6
193.3.184.227200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=70c0be2f-ff17-45ec-bef4-baee8ba070e6
IP 193.3.184.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=70c0be2f-ff17-45ec-bef4-baee8ba070e6 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2Pb4LNTkwpP8Po1Au2z4TaBNk2/6EI40Hm7awzhJLo1; test_cookie=CheckForPermission; cSyncDp7v2=1675354291; cSyncDp14v3=1675354291; cSyncDp17=1675354291; cSyncDp32=1675354291; cSyncDp45v3=1675354291; cSyncDp53v2=1675354291; cSyncDp62=1675354291; cSyncDp67v2=1675354291; cSyncDp68=1675354291; cSyncDp71=1675354291; cSyncDp85=1675354291; cSyncDp95v3=1675354291; cSyncDp98v2=1675354291; cSyncDp101=1675354291; cSyncDp104v2=1675354291; cSyncDp107=1675354291; cSyncDp110=1675354291; cSyncDp125v3=1675354291; cSyncDp126=1675354291; cSyncDp127=1675354291; cSyncDp129=1675354291; cSyncDp136v2=1675354291; cSyncDp146=1675354291; cSyncDp148=1675354291; cSyncDp149v2=1675354291; cSyncDp151=1675354291; cSyncDp178=1675354291; cSyncDp186=1675354291; cSyncDp221=1675354291; cSyncDp235=1675354291
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.programmatica.com/match/RTBSape?id=1503420AB3E0DB6310148F8E02073D04&chk=1
167.235.117.42200 OK 43 B URL HTTP/2 sync.programmatica.com/match/RTBSape?id=1503420AB3E0DB6310148F8E02073D04&chk=1
IP 167.235.117.42:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/RTBSape?id=1503420AB3E0DB6310148F8E02073D04&chk=1 HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: image/gif
content-length: 43
set-cookie: pid=MTg5OWQ0MjVkYzJiODQzMw; expires=Fri, 02 Aug 2024 16:11:31 GMT; domain=.programmatica.com; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D0d3ee7b0-f78b-4609-b197-7181e3f23e13
212.76.129.183302 Found 102 B URL HTTP/2 sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D0d3ee7b0-f78b-4609-b197-7181e3f23e13
IP 212.76.129.183:0
File type HTML document, ASCII text
Hash 35a8e5dd9f5bf6942ac2d1bcad3c2379
bdcb19e0426d1fe33c4d0a7d222e8fb52c9c9a8a
65ed9d42cb11ac901fd5071af0e739f387d801f1349fb44579323eb8d64eacbe
GET /check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D0d3ee7b0-f78b-4609-b197-7181e3f23e13 HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: as-user=0d3ee7b0-f78b-4609-b197-7181e3f23e13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: text/html; charset=utf-8
content-length: 102
location: https://www.acint.net/match?dp=98&euid=0d3ee7b0-f78b-4609-b197-7181e3f23e13
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
match.new-programmatic.com/userbind?src=sape&id=1503420AB3E0DB6310148F8E02073D04
217.65.2.150204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=1503420AB3E0DB6310148F8E02073D04
IP 217.65.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=1503420AB3E0DB6310148F8E02073D04 HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Thu, 02 Feb 2023 16:11:31 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
65.109.23.99302 Found 1.4 kB URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP 65.109.23.99:0
ASN #24940 Hetzner Online GmbH
Hash 0afaf01b2a0d1e099a5b0f3cc9f39c8b
2be8343b899a68d62f3c98524bc9556cc6bd6655
4c3fcf63bc417e48427bce1d0caf033a130ebe8b7f6307733edb4e135e53bdaf
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Thu, 02 Feb 2023 16:11:31 GMT
x-request-id: 1002689a-df71-4ee3-be9e-f9eccc0c5f2a
set-cookie: bvuid=qqdq9rflw3; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=qqdq9rflw3; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=qqdq9rflw3
X-Firefox-Spdy: h2
rem-tv.net/ico.png
88.99.99.206200 OK 39 kB IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 40c70d8b818aa210f6b385a8da6b8e74
0599d879c91885d82a3ad7226bfdcf1037820826
f31d1fab5628d3fe4ed03a531ed46b83ae887a25ac84b43b5a835bf4fa6a53dc
GET /ico.png HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true; fid=5c55766a-81e1-414f-8fd1-94d1761b903e; MgidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C387985%22%3A%7B%22page%22%3A1%7D%2C%22C906195%22%3A%7B%22page%22%3A1%7D%7D; adtech_uid=5766b1b9-2b83-488b-a22a-2f3e43f731a6%3Arem-tv.net; top100_id=t1.2654241.1805921781.1675354318076; t3_sid_2654241=s1.863304923.1675354318079.1675354318079.1.1; last_visit=1675354318085%3A%3A1675354318085; _ac_oid=39e8192718f4ed5a678fc273d654392b%3A1675357918536
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: image/png
content-length: 38952
last-modified: Fri, 16 Mar 2018 07:30:59 GMT
expires: Sun, 12 Feb 2023 16:11:31 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
rem-tv.net/favicon.ico
88.99.99.206200 OK 4.3 kB IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 7070e30634de9e94e5852327f21a583f
3529dd24175a53f1e64dc767e31d5b8d9db5884c
3c95a9bac3553a772ec22f8c8ec8df0d32860a6547c25af097a9be293c34ee1c
GET /favicon.ico HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true; fid=5c55766a-81e1-414f-8fd1-94d1761b903e; MgidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C387985%22%3A%7B%22page%22%3A1%7D%2C%22C906195%22%3A%7B%22page%22%3A1%7D%7D; adtech_uid=5766b1b9-2b83-488b-a22a-2f3e43f731a6%3Arem-tv.net; top100_id=t1.2654241.1805921781.1675354318076; t3_sid_2654241=s1.863304923.1675354318079.1675354318079.1.1; last_visit=1675354318085%3A%3A1675354318085; _ac_oid=39e8192718f4ed5a678fc273d654392b%3A1675357918536
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: image/x-icon
content-length: 4286
last-modified: Sat, 24 Feb 2018 08:17:43 GMT
expires: Sun, 12 Feb 2023 16:11:31 GMT
cache-control: max-age=864000, private
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 0afaf01b2a0d1e099a5b0f3cc9f39c8b
2be8343b899a68d62f3c98524bc9556cc6bd6655
4c3fcf63bc417e48427bce1d0caf033a130ebe8b7f6307733edb4e135e53bdaf
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:11:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 06 Feb 2023 14:04:18 GMT
ETag: "2be8343b899a68d62f3c98524bc9556cc6bd6655"
Last-Modified: Thu, 02 Feb 2023 14:04:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1729
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793434041ca9b518-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash ffa6c10726bdc5af58eac28284044443
408dc0ebb18882a17460be357cbffebc998c39e0
c3904f9635ffd5831332300f137c04de57ee468c4104af7f4359327217e15bd2
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:11:31 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 06 Feb 2023 13:10:28 GMT
ETag: "408dc0ebb18882a17460be357cbffebc998c39e0"
Last-Modified: Thu, 02 Feb 2023 13:10:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 192
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934340449d3b52d-OSL
counter.yadro.ru/logo?17.4
88.212.201.198200 OK 203 B URL HTTP/1.1 counter.yadro.ru/logo?17.4
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 88 x 31\012- data
Hash 9ef3802172323c37c498e8508d1a5112
a6d4e6984bfb7fcb02004c503c85b085b2c97966
baf58a4e06f47e75559418a2d0a34dd4bd7b837f282152714a694840d12505ec
GET /logo?17.4 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 16:11:31 GMT
Content-Type: image/gif
Content-Length: 203
Connection: keep-alive
Expires: Tue, 01 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Strict-Transport-Security: max-age=86400
www.acint.net/match?dp=98&euid=0d3ee7b0-f78b-4609-b197-7181e3f23e13
193.3.184.227200 OK 43 B URL HTTP/2 www.acint.net/match?dp=98&euid=0d3ee7b0-f78b-4609-b197-7181e3f23e13
IP 193.3.184.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=98&euid=0d3ee7b0-f78b-4609-b197-7181e3f23e13 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2Pb4LNTkwpP8Po1Au2z4TaBNk2/6EI40Hm7awzhJLo1; test_cookie=CheckForPermission; cSyncDp7v2=1675354291; cSyncDp14v3=1675354291; cSyncDp17=1675354291; cSyncDp32=1675354291; cSyncDp45v3=1675354291; cSyncDp53v2=1675354291; cSyncDp62=1675354291; cSyncDp67v2=1675354291; cSyncDp68=1675354291; cSyncDp71=1675354291; cSyncDp85=1675354291; cSyncDp95v3=1675354291; cSyncDp98v2=1675354291; cSyncDp101=1675354291; cSyncDp104v2=1675354291; cSyncDp107=1675354291; cSyncDp110=1675354291; cSyncDp125v3=1675354291; cSyncDp126=1675354291; cSyncDp127=1675354291; cSyncDp129=1675354291; cSyncDp136v2=1675354291; cSyncDp146=1675354291; cSyncDp148=1675354291; cSyncDp149v2=1675354291; cSyncDp151=1675354291; cSyncDp178=1675354291; cSyncDp186=1675354291; cSyncDp221=1675354291; cSyncDp235=1675354291
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
counter.yadro.ru/hit?r;s1280*1024*24;uhttps%3A//rem-tv.net/stuff/16-1-0-5234;0.5446722352953358
88.212.201.198200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit?r;s1280*1024*24;uhttps%3A//rem-tv.net/stuff/16-1-0-5234;0.5446722352953358
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit?r;s1280*1024*24;uhttps%3A//rem-tv.net/stuff/16-1-0-5234;0.5446722352953358 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 16:11:31 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Tue, 01 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.66200 OK 51 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (3642)
Hash a9435dd7190369c1e76375e955b26415
8abbddb977fd1bc1e527bdf731615f3c6154c7cf
1b4122c92ee4e54e5cce819e926d6a8d784472bfd78f84553af3f73406d44fdc
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 02 Feb 2023 16:11:31 GMT
expires: Thu, 02 Feb 2023 16:11:31 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 1537882413692251977
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50692
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash db7e0be65c783c07cac86e8e9e040ddb
917c3c0c522f73baf8f2f5715d3325598dbb939a
7b9f9540b486e157a1eb57236f3e8ffe5f279bed4c28e5da356147de7bf9f726
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B9F9540B486E157A1EB57236F3E8FFE5F279BED4C28E5DA356147DE7BF9F726"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1084
Expires: Thu, 02 Feb 2023 16:29:35 GMT
Date: Thu, 02 Feb 2023 16:11:31 GMT
Connection: keep-alive
mc.yandex.ru/metrika/watch.js
87.250.251.119200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (554)
Hash 315a601116a9b3b0fbc85feb58375ba4
5d283ed923d0b3beb8a2ec4e80c2958d1d132fbf
251ba0fc04953e3615e7c19a9a10c5d6a4f25cc03bef190f8a5e7c6cd72a991a
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 58140
date: Thu, 02 Feb 2023 16:11:31 GMT
access-control-allow-origin: *
etag: "63c93a4b-e31c"
expires: Thu, 02 Feb 2023 17:11:31 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
41baf74c-a314-11ed-86e0-002590c0647c.n7.sync.bumlam.com/?src=sape
188.120.241.50302 Found 0 B URL HTTP/2 41baf74c-a314-11ed-86e0-002590c0647c.n7.sync.bumlam.com/?src=sape
IP 188.120.241.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: 41baf74c-a314-11ed-86e0-002590c0647c.n7.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ0MWJhZjc0Yy1hMzE0LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.1
date: Thu, 02 Feb 2023 16:11:32 GMT
content-length: 0
location: https://pix.bumlam.com/sync/sape/done
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20230131/r20190131/zrt_lookup.html
142.250.74.162200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230131/r20190131/zrt_lookup.html
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230131/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:56:08 GMT
expires: Thu, 16 Feb 2023 00:56:08 GMT
cache-control: public, max-age=1209600
age: 54924
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/done
31.172.81.172200 OK 43 B URL HTTP/1.1 pix.bumlam.com/sync/sape/done
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ0MWJhZjc0Yy1hMzE0LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 1afd3517ebc844038700db8c82d69ae3
1327e511903b229cd36c1647fdb71c17d4ce7bdd
ff3430f1affa22881cd632c75d9f51cb97deb53a2cd76f3ee3be5e4b0518192a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 23:26:49 GMT
Expires: Wed, 08 Feb 2023 23:26:48 GMT
Etag: "1327e511903b229cd36c1647fdb71c17d4ce7bdd"
Cache-Control: max-age=543916,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79343402ec46fab4-OSL
dmp.gotechnology.io/match/sape?id=1503420AB3E0DB6310148F8E02073D04
167.235.32.7302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=1503420AB3E0DB6310148F8E02073D04
IP 167.235.32.7:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1503420AB3E0DB6310148F8E02073D04 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 16:11:32 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=1503420AB3E0DB6310148F8E02073D04&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10&tc=1
193.3.184.227200 OK 1.3 kB URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP 193.3.184.227:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 8724be01fd8c611c58b2a259df6be990
2b378bfc3ad4222dd592c4f70c9abdc815df9bd0
4ced338c2c23fafb9106935d5d58ba5db2f4f6a29c7c1eb8808eb251357fc242
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rem-tv.net/
Connection: keep-alive
Cookie: aid=CkIDFWPb4LOOjxQQBD0HAh4vsfnVFokDX9clF82Z3tkUgcmD; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1675354291; expires=Fri, 03-Feb-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53v2=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp98v2=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1675354291; expires=Thu, 16-Feb-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v3=1675354291; expires=Fri, 17-Feb-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp235=1675354291; expires=Sat, 04-Mar-23 16:11:31 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/82412725?wmode=7&page-url=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1906%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A125867483859%3Ahid%3A377214806%3Az%3A0%3Ai%3A20230202161158%3Aet%3A1675354319%3Ac%3A1%3Arn%3A616628559%3Arqn%3A1%3Au%3A167535431929590600%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A5%2C124%2C1061%2C0%2C315%2C0%2C%2C419%2C62%2C%2C%2C%2C1964%3Aco%3A0%3Ans%3A1675354315865%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675354319%3At%3A%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-321%2C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-322%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BE%D1%84%D0%BE%D0%BD%D1%8B%20%D0%BA%D0%B0%D1%81%D1%81%D0%B5%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B7%D0%B0%D0%BF%D0%B8%D1%81%D1%8C%20%D0%B8%20%D0%B2%D0%BE%D1%81%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20-%20%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B0%2020-%D0%B3%D0%BE%20%D0%B2%D0%B5%D0%BA%D0%B0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.251.119302 Found 400 B URL HTTP/2 mc.yandex.ru/watch/82412725?wmode=7&page-url=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1906%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A125867483859%3Ahid%3A377214806%3Az%3A0%3Ai%3A20230202161158%3Aet%3A1675354319%3Ac%3A1%3Arn%3A616628559%3Arqn%3A1%3Au%3A167535431929590600%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A5%2C124%2C1061%2C0%2C315%2C0%2C%2C419%2C62%2C%2C%2C%2C1964%3Aco%3A0%3Ans%3A1675354315865%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675354319%3At%3A%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-321%2C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-322%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BE%D1%84%D0%BE%D0%BD%D1%8B%20%D0%BA%D0%B0%D1%81%D1%81%D0%B5%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B7%D0%B0%D0%BF%D0%B8%D1%81%D1%8C%20%D0%B8%20%D0%B2%D0%BE%D1%81%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20-%20%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B0%2020-%D0%B3%D0%BE%20%D0%B2%D0%B5%D0%BA%D0%B0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 93248dca1d473fdb9b86b43771dd70ca
34e1d6e3b47d5a836e3bf98e74bfcdc926de4276
524122a6085659062763d3680fdf9616bef912aa06309d2de87144f406658553
GET /watch/82412725?wmode=7&page-url=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1906%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A125867483859%3Ahid%3A377214806%3Az%3A0%3Ai%3A20230202161158%3Aet%3A1675354319%3Ac%3A1%3Arn%3A616628559%3Arqn%3A1%3Au%3A167535431929590600%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A5%2C124%2C1061%2C0%2C315%2C0%2C%2C419%2C62%2C%2C%2C%2C1964%3Aco%3A0%3Ans%3A1675354315865%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675354319%3At%3A%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-321%2C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-322%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BE%D1%84%D0%BE%D0%BD%D1%8B%20%D0%BA%D0%B0%D1%81%D1%81%D0%B5%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B7%D0%B0%D0%BF%D0%B8%D1%81%D1%8C%20%D0%B8%20%D0%B2%D0%BE%D1%81%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20-%20%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B0%2020-%D0%B3%D0%BE%20%D0%B2%D0%B5%D0%BA%D0%B0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rem-tv.net
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/82412725/1?wmode=7&page-url=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1906%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A125867483859%3Ahid%3A377214806%3Az%3A0%3Ai%3A20230202161158%3Aet%3A1675354319%3Ac%3A1%3Arn%3A616628559%3Arqn%3A1%3Au%3A167535431929590600%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A5%2C124%2C1061%2C0%2C315%2C0%2C%2C419%2C62%2C%2C%2C%2C1964%3Aco%3A0%3Ans%3A1675354315865%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675354319%3At%3A%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-321%2C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-322%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BE%D1%84%D0%BE%D0%BD%D1%8B%20%D0%BA%D0%B0%D1%81%D1%81%D0%B5%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B7%D0%B0%D0%BF%D0%B8%D1%81%D1%8C%20%D0%B8%20%D0%B2%D0%BE%D1%81%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20-%20%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B0%2020-%D0%B3%D0%BE%20%D0%B2%D0%B5%D0%BA%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Thu, 02 Feb 2023 16:11:32 GMT
access-control-allow-origin: https://rem-tv.net
set-cookie: yabs-sid=2077374691675354292; Path=/; SameSite=None; Secure
i=ucloZO4h/Laxo+qtWaYh32ciDzZ17e7EOYQREYgvxsXG+sWE7FcUZD/EHd/nm/lQOp/92JoRaN8jlOfBFMUMRIcySfY=; Expires=Sun, 30-Jan-2033 16:11:30 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4795526941675354292; Expires=Fri, 02-Feb-2024 16:11:32 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4795526941675354292; Expires=Fri, 02-Feb-2024 16:11:32 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706890292.yc.1675354292#1706890292.yrts.1675354292#1706890292.yrtsi.1675354292; Expires=Fri, 02-Feb-2024 16:11:32 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 16:11:32 GMT
last-modified: Thu, 02-Feb-2023 16:11:32 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash aa9f1b51afddaf6690b38e5c63571e97
7cac8020a57211b172bd8809cdb6ed83e1268565
14b2d99ffa446f30515d3e4bc1ab1bf9d6448717e5e2a69c8f7f758cd2cb6578
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 06 Feb 2023 12:55:11 GMT
ETag: "7cac8020a57211b172bd8809cdb6ed83e1268565"
Last-Modified: Thu, 02 Feb 2023 12:55:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1485
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793434068bf3b52d-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash aa9f1b51afddaf6690b38e5c63571e97
7cac8020a57211b172bd8809cdb6ed83e1268565
14b2d99ffa446f30515d3e4bc1ab1bf9d6448717e5e2a69c8f7f758cd2cb6578
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 06 Feb 2023 12:55:11 GMT
ETag: "7cac8020a57211b172bd8809cdb6ed83e1268565"
Last-Modified: Thu, 02 Feb 2023 12:55:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1485
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79343406ac16b52d-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 19d1cb8536267608cae4860251141a67
c632128e1a573970610eecdfb502ca9c38a91f53
9871bc3579da0eee83d5612f2a467cf696547b64163b2c00a3aa9ae42f3f8b29
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Mon, 06 Feb 2023 11:55:43 GMT
ETag: "c632128e1a573970610eecdfb502ca9c38a91f53"
Last-Modified: Thu, 02 Feb 2023 11:55:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3534
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79343406cc2fb52d-OSL
ocsp.globalsign.com/alphasslcasha256g4
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.20.226:0
Hash a6aea3bc4165d806f2bd258eafa3cbbb
60fc71acf729fc570443f5b48c59a263c81e63f1
cb96329b5f7efe9bbefc850434ec5c5a3090939885fbcfef1ab07b2f87d144c5
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Mon, 06 Feb 2023 15:01:15 GMT
ETag: "60fc71acf729fc570443f5b48c59a263c81e63f1"
Last-Modified: Thu, 02 Feb 2023 15:01:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3362
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79343406c90bb506-OSL
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
195.209.108.51302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP 195.209.108.51:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-5506526150; expires=Sat, 01 Feb 2025 16:11:32 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5506526150
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1503420AB3E0DB6310148F8E02073D04
81.222.128.214200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1503420AB3E0DB6310148F8E02073D04
IP 81.222.128.214:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=1503420AB3E0DB6310148F8E02073D04 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:03:25 GMT
Expires: Wed, 08 Feb 2023 02:03:24 GMT
Etag: "a9569ad568776c896099e2e7b4291dbe7101cb9b"
Cache-Control: max-age=466911,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79343406dfecfab4-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 9e10319fb1a01a0084ed15b6ef45dfbb
d5d7bced7b5300f12de642355666ba739bc6a732
1b71c06d23659730b22488a44669b4bddb4d8f2f1c9cccb5d6b1760dfa61277e
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Mon, 06 Feb 2023 12:48:17 GMT
ETag: "d5d7bced7b5300f12de642355666ba739bc6a732"
Last-Modified: Thu, 02 Feb 2023 12:48:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2355
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793434070c71b52d-OSL
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5506526150
195.209.108.51302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5506526150
IP 195.209.108.51:0
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5506526150 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Sat, 01 Feb 2025 16:11:32 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
77.245.57.72400 Bad Request 22 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
File type ASCII text, with no line terminators
Hash b0b11e1c78b526b61477f8e9ee540be0
d5e73002987ff54626542b116d98a8f4aa9ee2eb
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Length: 22
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09905a9da2b8c534b2a2339f7ed3ea0f
c9757e32b8d0032fe15e166141f832a9133d575f
48f74cadddfc2aaa06f4831abb571ce1717243a159508098f25922762d694c15
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F74CADDDFC2AAA06F4831ABB571CE1717243A159508098F25922762D694C15"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4352
Expires: Thu, 02 Feb 2023 17:24:04 GMT
Date: Thu, 02 Feb 2023 16:11:32 GMT
Connection: keep-alive
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash c60ca4b761622aee6dac8fcd5a7b47bb
bf27b8a42a03073eb548b79b3adfc1c4a09921ba
55e4d169563b096866bbab23531097fd09fa620a64f56261165cf190aa90aaa7
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 04:18:19 GMT
Expires: Mon, 06 Feb 2023 04:18:18 GMT
Etag: "bf27b8a42a03073eb548b79b3adfc1c4a09921ba"
Cache-Control: max-age=604094,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1291
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793434075804b524-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash fa8249652d458cfa3544e8c34edcca69
daf4a902fdc1fc5fdf5a425b9680da5e2100e44c
f60f3e2993ef7a65539484c0aa44527841a3d93ec43a2fdd974435e00da531c9
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 06 Feb 2023 12:44:04 GMT
ETag: "daf4a902fdc1fc5fdf5a425b9680da5e2100e44c"
Last-Modified: Thu, 02 Feb 2023 12:44:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 958
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934340759f2b506-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 47104af366e237afec3af30f37af7dba
b24492f724ba1d4395df66bc2e0de1bdabc4264d
59c7255b4bd417487377052a2b4ec75029319525bad73a5ef43dce28d79efbbb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 14:18:45 GMT
Expires: Tue, 07 Feb 2023 14:18:44 GMT
Etag: "b24492f724ba1d4395df66bc2e0de1bdabc4264d"
Cache-Control: max-age=424631,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793434073864fab4-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
188.42.34.64302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP 188.42.34.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 16:11:32 GMT; Path=/; Domain=.betweendigital.com
tuuid=9f64c021-ebc9-5221-98cf-2602fb14c6b6; Max-Age=31536000; Expires=Fri, 02 Feb 2024 16:11:32 GMT; Path=/; Domain=.betweendigital.com
ut=Y9vgtAAF66CI-Y8pYKukZ_d68pBvFaKT5Urpdg==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 16:11:32 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:03:25 GMT
Expires: Wed, 08 Feb 2023 02:03:24 GMT
Etag: "a9569ad568776c896099e2e7b4291dbe7101cb9b"
Cache-Control: max-age=466911,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793434075ab4b523-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f44095f8ebc7d211f4ee24d88a703128
97263cb2c5d0237c08bee075fb75c8bddefddf2c
1183ec38cb48e7986d42d545c968616fe9f996f73849f1da6c111eb4ccfbb529
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
5.200.43.243302 Found 174 B URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP 5.200.43.243:0
ASN #48096 Enterprise Cloud Ltd.
File type gzip compressed data, from Unix\012- data
Hash 8a1fe14ff370be52dac9836776e7411e
905ce78f48149f35853b70373fc8e4c26e88f764
a37ae8fe00850240aa78fa5a852aacd18b9fe51dbce494cdc94a60492b83d658
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=8f5c4b3151e2469d8d3b721b6c2eb5c1
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=8f5c4b3151e2469d8d3b721b6c2eb5c1; expires=Thu, 01 Feb 2024 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Thu, 02 Feb 2023 16:11:31 GMT
X-Firefox-Spdy: h2
tag.digitaltarget.ru/adcm.js
185.15.175.130200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP 185.15.175.130:0
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Thu, 02 Feb 2023 16:04:39 GMT
Connection: keep-alive
ETag: "63dbdf17-beb"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=rem-tv.net
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=rem-tv.net
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=rem-tv.net HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 16:11:32 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad.mail.ru/cm.gif?p=48&id=1503420AB3E0DB6310148F8E02073D04
95.163.41.56200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=1503420AB3E0DB6310148F8E02073D04
IP 95.163.41.56:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=1503420AB3E0DB6310148F8E02073D04 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:32 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=2lHh3T2mb5oF002CCo1eK7oF:::0-0-0-8f63974:CAASEItRascIPYFBaJnJ3J184I4aYAiev2O56oGPkQIc_AJbUUb9FlaPat0w0aj5Q8h-o7ZpB25wnOg39nDOalAWiPxDsBIyu_Hi3-URgmb1DFLRSVfrNJGanSjcoNxplwUs3__a9aUeAAnx2CIN_c8ISRI4xA; path=/; expires=Sat, 03-Feb-24 16:11:32 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Thu, 02 Feb 2023 22:11:32 GMT
cache-control: max-age=21600
last-modified: Thu, 02 Feb 2023 16:11:32 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
sape-sync.rutarget.ru/sync
46.243.142.48302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP 46.243.142.48:0
ASN #208677 Cloud technology Limited (Ltd.)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=O4WsJTlqE5-6
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=O4WsJTlqE5-6; Path=/; Domain=.rutarget.ru; Expires=Tue, 01 Aug 2023 16:11:32 GMT; SameSite=None; Secure
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 00c2d9c9f72cb17e5f9e93817c9aa89f
eb820d6b18ec7172a3d69a02ba81bf688c0cb61d
5940d04d3861f8ea93772a3bee5341e40d6e95c203fd9fdfd7daaa4abf88aa74
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 06 Feb 2023 13:07:49 GMT
ETag: "eb820d6b18ec7172a3d69a02ba81bf688c0cb61d"
Last-Modified: Thu, 02 Feb 2023 13:07:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 738
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79343407ad2ab52d-OSL
partner.googleadservices.com/gampad/cookie.js?domain=rem-tv.net&callback=_gfp_s_&client=ca-pub-4577572500132245
142.250.74.98200 OK 251 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=rem-tv.net&callback=_gfp_s_&client=ca-pub-4577572500132245
IP 142.250.74.98:0
File type ASCII text, with very long lines (387), with no line terminators
Hash 4d7541d30e3668f65c6752c6d4141b0e
58704537d3f2af2cf4e73757daba571b514b241a
b007d95e335675c0f7d3ae8722b9cea15c26432d6ea73a200c72b75b2e45e66e
GET /gampad/cookie.js?domain=rem-tv.net&callback=_gfp_s_&client=ca-pub-4577572500132245 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 16:11:32 GMT
server: cafe
cache-control: private
content-length: 251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sm.rtb.mts.ru/p?ssp=sape&id=1503420AB3E0DB6310148F8E02073D04
217.66.147.38301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=1503420AB3E0DB6310148F8E02073D04
IP 217.66.147.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=1503420AB3E0DB6310148F8E02073D04 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=1503420AB3E0DB6310148F8E02073D04
Set-Cookie: dspid=484d1b82-ca4f-4e81-bbaf-9192edb7b80e; expires=Wed, 24 Jan 2024 16:11:32 GMT; domain=.mts.ru; path=/; secure; SameSite=None
ads.betweendigital.com/match?bidder_id=73&external_user_id=1503420AB3E0DB6310148F8E02073D04
188.42.34.64302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=1503420AB3E0DB6310148F8E02073D04
IP 188.42.34.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=1503420AB3E0DB6310148F8E02073D04 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=1503420AB3E0DB6310148F8E02073D04&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 16:11:32 GMT; Path=/; Domain=.betweendigital.com
tuuid=9076854f-9fdd-5221-a03c-5cd1c3e7bc65; Max-Age=31536000; Expires=Fri, 02 Feb 2024 16:11:32 GMT; Path=/; Domain=.betweendigital.com
ut=Y9vgtAAGvpDfpj7B7sOEHt2gGBZDwRb5dgNp7Q==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 16:11:32 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=rem-tv.net
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=rem-tv.net
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=rem-tv.net HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 16:11:32 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=1503420AB3E0DB6310148F8E02073D04
89.108.119.28302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=1503420AB3E0DB6310148F8E02073D04
IP 89.108.119.28:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=1503420AB3E0DB6310148F8E02073D04 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 16:11:32 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=1503420AB3E0DB6310148F8E02073D04&bounce=1
expires: Thu, 02 Feb 2023 16:11:31 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Thu, 02 Feb 2023 16:11:31 GMT
set-cookie: __upin=1xXbJZhD0Dcnp3y2viyiCA;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675354292;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ead5df3e30e38bb1a739ababb3292302
b5986cff7222999bf19e360ced4a445a2202c82c
768a8260af372a1ca06f826c3a3f84b6bc4523130134b32998baf75b64d7de4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 02 Feb 2023 16:11:32 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Thu, 02 Feb 2023 17:11:32 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=1503420AB3E0DB6310148F8E02073D04
193.232.148.141302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1503420AB3E0DB6310148F8E02073D04
IP 193.232.148.141:0
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=1503420AB3E0DB6310148F8E02073D04 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 16:11:32 GMT
content-length: 0
x-backend-id: f2-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=gOYsEHMEMCV.AikABlGGEuXBBw;Path=/;Domain=.adhigh.net;Expires=Fri, 02-Feb-2024 16:11:32 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=1503420AB3E0DB6310148F8E02073D04&bounced=1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kraken.rambler.ru/cnt/?et=pv&v=3.13.6&pid=2654241&tid=t1.2654241.1805921781.1675354318076&rid=1675354318.076-1059513274&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cw1vwdASCM%2FgA%3D&eid=426643192129022&aduid=5766b1b9-2b83-488b-a22a-2f3e43f731a6&aduidsc=rem-tv.net&stid=863304923_1675354318079&sn=1&sen=1&ce=1&bs=1268x939&rf&en=UTF-8&pt=%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-321%2C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-322%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BE%D1%84%D0%BE%D0%BD%D1%8B%20%D0%BA%D0%B0%D1%81%D1%81%D0%B5%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B7%D0%B0%D0%BF%D0%B8%D1%81%D1%8C%20%D0%B8%20%D0%B2%D0%BE%D1%81%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20-%20%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B0%2020-%D0%B3%D0%BE%20%D0%B2%D0%B5%D0%BA%D0%B0&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&ct=web&url=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=528823918
81.19.89.18200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/?et=pv&v=3.13.6&pid=2654241&tid=t1.2654241.1805921781.1675354318076&rid=1675354318.076-1059513274&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cw1vwdASCM%2FgA%3D&eid=426643192129022&aduid=5766b1b9-2b83-488b-a22a-2f3e43f731a6&aduidsc=rem-tv.net&stid=863304923_1675354318079&sn=1&sen=1&ce=1&bs=1268x939&rf&en=UTF-8&pt=%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-321%2C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-322%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BE%D1%84%D0%BE%D0%BD%D1%8B%20%D0%BA%D0%B0%D1%81%D1%81%D0%B5%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B7%D0%B0%D0%BF%D0%B8%D1%81%D1%8C%20%D0%B8%20%D0%B2%D0%BE%D1%81%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20-%20%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B0%2020-%D0%B3%D0%BE%20%D0%B2%D0%B5%D0%BA%D0%B0&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&ct=web&url=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=528823918
IP 81.19.89.18:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash a4c182ef9402a88d94530f639bf7ca43
dba9bea07cd3f97b226cf3f559cffc7da571918f
972a6fb4a3bef927cf66dcef6ba7a1344a1a393d7eb55afb3ff0c1babc9a3419
GET /cnt/?et=pv&v=3.13.6&pid=2654241&tid=t1.2654241.1805921781.1675354318076&rid=1675354318.076-1059513274&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cw1vwdASCM%2FgA%3D&eid=426643192129022&aduid=5766b1b9-2b83-488b-a22a-2f3e43f731a6&aduidsc=rem-tv.net&stid=863304923_1675354318079&sn=1&sen=1&ce=1&bs=1268x939&rf&en=UTF-8&pt=%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-321%2C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-322%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BE%D1%84%D0%BE%D0%BD%D1%8B%20%D0%BA%D0%B0%D1%81%D1%81%D0%B5%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B7%D0%B0%D0%BF%D0%B8%D1%81%D1%8C%20%D0%B8%20%D0%B2%D0%BE%D1%81%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20-%20%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B0%2020-%D0%B3%D0%BE%20%D0%B2%D0%B5%D0%BA%D0%B0&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&ct=web&url=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=528823918 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Thu, 02 Feb 2023 16:11:32 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 2kraken-prod0001.ad.rambler.tech
set-cookie: ruid=1CIAALTg22OPBoSPASYJ1gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAALTg22OPBoSPASYJ1gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1303420AB3E0DB634F0A93530235FAF0
81.222.128.214200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1303420AB3E0DB634F0A93530235FAF0
IP 81.222.128.214:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=1303420AB3E0DB634F0A93530235FAF0 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
188.42.34.64200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.34.64:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 16:11:32 GMT; Path=/; Domain=.betweendigital.com
tuuid=55c276b7-6d00-5221-aede-3bc9cd05db7d; Max-Age=31536000; Expires=Fri, 02 Feb 2024 16:11:32 GMT; Path=/; Domain=.betweendigital.com
ut=Y9vgtAAJCIBOJ1ufkKhAc91vSolCvX3bQZpKqQ==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 16:11:32 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=1503420AB3E0DB6310148F8E02073D04&crf=1
188.42.34.64200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=1503420AB3E0DB6310148F8E02073D04&crf=1
IP 188.42.34.64:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=1503420AB3E0DB6310148F8E02073D04&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 16:11:32 GMT; Path=/; Domain=.betweendigital.com
tuuid=7d6c4078-0c7b-5221-8189-fb30e2521b84; Max-Age=31536000; Expires=Fri, 02 Feb 2024 16:11:32 GMT; Path=/; Domain=.betweendigital.com
ut=Y9vgtAAJI9jEe3XOu3CqqxMroHoi44zpRHoYJA==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 16:11:32 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
www.acint.net/match?dp=104&euid=O4WsJTlqE5-6
193.3.184.227200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=O4WsJTlqE5-6
IP 193.3.184.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=O4WsJTlqE5-6 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2Pb4LNTkwpP8Po1Au2z4TaBNk2/6EI40Hm7awzhJLo1; test_cookie=CheckForPermission; cSyncDp7v2=1675354291; cSyncDp14v3=1675354291; cSyncDp17=1675354291; cSyncDp32=1675354291; cSyncDp45v3=1675354291; cSyncDp53v2=1675354291; cSyncDp62=1675354291; cSyncDp67v2=1675354291; cSyncDp68=1675354291; cSyncDp71=1675354291; cSyncDp85=1675354291; cSyncDp95v3=1675354291; cSyncDp98v2=1675354291; cSyncDp101=1675354291; cSyncDp104v2=1675354291; cSyncDp107=1675354291; cSyncDp110=1675354291; cSyncDp125v3=1675354291; cSyncDp126=1675354291; cSyncDp127=1675354291; cSyncDp129=1675354291; cSyncDp136v2=1675354291; cSyncDp146=1675354291; cSyncDp148=1675354291; cSyncDp149v2=1675354291; cSyncDp151=1675354291; cSyncDp178=1675354291; cSyncDp186=1675354291; cSyncDp221=1675354291; cSyncDp235=1675354291
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 16:11:32 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=1503420AB3E0DB6310148F8E02073D04&bounce=1
89.108.119.28204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=1503420AB3E0DB6310148F8E02073D04&bounce=1
IP 89.108.119.28:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=1503420AB3E0DB6310148F8E02073D04&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 02 Feb 2023 16:11:32 GMT
expires: Thu, 02 Feb 2023 16:11:31 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Thu, 02 Feb 2023 16:11:31 GMT
set-cookie: __upin=MjbzdsBBSpwyxsmBUoYVBg;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675354292;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=2654241&session_id=863304923_1675354318079&session_number=1&session_event_number=1&version=3.13.6&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.2654241.1805921781.1675354318076&adtech_uid=5766b1b9-2b83-488b-a22a-2f3e43f731a6&adtech_uid_scope=rem-tv.net&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cw1vwdASCM%2FgA%3D&url=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&request_id=1675354318.076-1059513274&event_id=426643192129022&meta=%7B%22title%22%3A%22%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-321%2C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-322%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BE%D1%84%D0%BE%D0%BD%D1%8B%20%D0%BA%D0%B0%D1%81%D1%81%D0%B5%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B7%D0%B0%D0%BF%D0%B8%D1%81%D1%8C%20%D0%B8%20%D0%B2%D0%BE%D1%81%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20-%20%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B0%2020-%D0%B3%D0%BE%20%D0%B2%D0%B5%D0%BA%D0%B0%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1592815622
81.19.89.18200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=2654241&session_id=863304923_1675354318079&session_number=1&session_event_number=1&version=3.13.6&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.2654241.1805921781.1675354318076&adtech_uid=5766b1b9-2b83-488b-a22a-2f3e43f731a6&adtech_uid_scope=rem-tv.net&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cw1vwdASCM%2FgA%3D&url=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&request_id=1675354318.076-1059513274&event_id=426643192129022&meta=%7B%22title%22%3A%22%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-321%2C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-322%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BE%D1%84%D0%BE%D0%BD%D1%8B%20%D0%BA%D0%B0%D1%81%D1%81%D0%B5%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B7%D0%B0%D0%BF%D0%B8%D1%81%D1%8C%20%D0%B8%20%D0%B2%D0%BE%D1%81%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20-%20%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B0%2020-%D0%B3%D0%BE%20%D0%B2%D0%B5%D0%BA%D0%B0%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1592815622
IP 81.19.89.18:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash a4c182ef9402a88d94530f639bf7ca43
dba9bea07cd3f97b226cf3f559cffc7da571918f
972a6fb4a3bef927cf66dcef6ba7a1344a1a393d7eb55afb3ff0c1babc9a3419
GET /cnt/v2/?event_type=base&event_name=page_view&project_id=2654241&session_id=863304923_1675354318079&session_number=1&session_event_number=1&version=3.13.6&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.2654241.1805921781.1675354318076&adtech_uid=5766b1b9-2b83-488b-a22a-2f3e43f731a6&adtech_uid_scope=rem-tv.net&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cw1vwdASCM%2FgA%3D&url=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&request_id=1675354318.076-1059513274&event_id=426643192129022&meta=%7B%22title%22%3A%22%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-321%2C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0-322%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BE%D1%84%D0%BE%D0%BD%D1%8B%20%D0%BA%D0%B0%D1%81%D1%81%D0%B5%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20-%20%D0%9C%D0%B0%D0%B3%D0%BD%D0%B8%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B7%D0%B0%D0%BF%D0%B8%D1%81%D1%8C%20%D0%B8%20%D0%B2%D0%BE%D1%81%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20-%20%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B0%2020-%D0%B3%D0%BE%20%D0%B2%D0%B5%D0%BA%D0%B0%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1592815622 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Thu, 02 Feb 2023 16:11:32 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 2kraken-prod0001.ad.rambler.tech
set-cookie: ruid=1CIAALTg22OPBoSPATAJ1gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAALTg22OPBoSPATAJ1gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
sm.rtb.mts.ru/match/second?ssp=30&exu=1503420AB3E0DB6310148F8E02073D04
217.66.147.38200 OK 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=1503420AB3E0DB6310148F8E02073D04
IP 217.66.147.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=30&exu=1503420AB3E0DB6310148F8E02073D04 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
px.adhigh.net/p/cm/sape?u=1503420AB3E0DB6310148F8E02073D04&bounced=1
193.232.148.141200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1503420AB3E0DB6310148F8E02073D04&bounced=1
IP 193.232.148.141:0
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=1503420AB3E0DB6310148F8E02073D04&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:32 GMT
content-type: image/gif
content-length: 49
x-backend-id: f2-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
tag.digitaltarget.ru/processor.js?i=868125569250008
185.15.175.130200 OK 16 kB URL HTTP/1.1 tag.digitaltarget.ru/processor.js?i=868125569250008
IP 185.15.175.130:0
File type ASCII text, with very long lines (15892), with no line terminators
Hash 736e2fb1da94f3277e3f931048c1b9f3
196387db95a17da825b629de3542eff901b09905
4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc
GET /processor.js?i=868125569250008 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Type: application/javascript
Content-Length: 15892
Last-Modified: Thu, 02 Feb 2023 16:04:40 GMT
Connection: keep-alive
ETag: "63dbdf18-3e14"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fda91fa23cb10f30886b8eeb9f707e2
6f7a61ea7e4c4529997bd00f12e97930a632f8c5
b3540cb1284fe60c7bc16e069e88439b8bfe80058aeb10131e6199cfd97ac3c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3540CB1284FE60C7BC16E069E88439B8BFE80058AEB10131E6199CFD97AC3C7"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7015
Expires: Thu, 02 Feb 2023 18:08:27 GMT
Date: Thu, 02 Feb 2023 16:11:32 GMT
Connection: keep-alive
an.yandex.ru/mapuid/sapeis/1503420AB3E0DB6310148F8E02073D04?redir-setuniq=1
77.88.21.90200 OK 553 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/1503420AB3E0DB6310148F8E02073D04?redir-setuniq=1
IP 77.88.21.90:0
Hash 81d3e1d64df9cb73ab7b0e97fcb1f41c
745ede408af95880b02a6d55eaa460572412c101
bbe1f66b2e50a5d2ca4f8038821e99791253977f91bf18ab772c087e62d9a6b3
GET /mapuid/sapeis/1503420AB3E0DB6310148F8E02073D04?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Thu, 02 Feb 2023 16:11:32 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 16:11:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 02 Feb 2023 16:11:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dmg.digitaltarget.ru/1/1093/i/i?i=991428705132263.912008256667083&a=77&e=1503420AB3E0DB6310148F8E02073D04&pref=https%3A%2F%2Frem-tv.net%2F&c=ss:77.up:1503420AB3E0DB6310148F8E02073D04.sync:up.xdua:du03BH4RcoUlxL3sK3tMTuIa.xps:xpsU1QAzsh7KoJNwEUhxr9IoA.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.158307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=991428705132263.912008256667083&a=77&e=1503420AB3E0DB6310148F8E02073D04&pref=https%3A%2F%2Frem-tv.net%2F&c=ss:77.up:1503420AB3E0DB6310148F8E02073D04.sync:up.xdua:du03BH4RcoUlxL3sK3tMTuIa.xps:xpsU1QAzsh7KoJNwEUhxr9IoA.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=991428705132263.912008256667083&a=77&e=1503420AB3E0DB6310148F8E02073D04&pref=https%3A%2F%2Frem-tv.net%2F&c=ss:77.up:1503420AB3E0DB6310148F8E02073D04.sync:up.xdua:du03BH4RcoUlxL3sK3tMTuIa.xps:xpsU1QAzsh7KoJNwEUhxr9IoA.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675354292898&i=991428705132263.912008256667083&a=77&e=1503420AB3E0DB6310148F8E02073D04&pref=https%3A%2F%2Frem-tv.net%2F&c=ss:77.up:1503420AB3E0DB6310148F8E02073D04.sync:up.xdua:du03BH4RcoUlxL3sK3tMTuIa.xps:xpsU1QAzsh7KoJNwEUhxr9IoA.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=cyJmhf3L.F0FL9Y7vjtM; Max-Age=93312000; Expires=Sat, 17 Jan 2026 16:11:32 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dmg.digitaltarget.ru/1/1093/i/i?i=991428705132263.415416713634617&a=77&e=1503420AB3E0DB6310148F8E02073D04&pref=https%3A%2F%2Frem-tv.net%2F&c=ss:77.up:1503420AB3E0DB6310148F8E02073D04.sync:up.xdua:du03BH4RcoUlxL3sK3tMTuIa.xps:xpsU1QAzsh7KoJNwEUhxr9IoA.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.158307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=991428705132263.415416713634617&a=77&e=1503420AB3E0DB6310148F8E02073D04&pref=https%3A%2F%2Frem-tv.net%2F&c=ss:77.up:1503420AB3E0DB6310148F8E02073D04.sync:up.xdua:du03BH4RcoUlxL3sK3tMTuIa.xps:xpsU1QAzsh7KoJNwEUhxr9IoA.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=991428705132263.415416713634617&a=77&e=1503420AB3E0DB6310148F8E02073D04&pref=https%3A%2F%2Frem-tv.net%2F&c=ss:77.up:1503420AB3E0DB6310148F8E02073D04.sync:up.xdua:du03BH4RcoUlxL3sK3tMTuIa.xps:xpsU1QAzsh7KoJNwEUhxr9IoA.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 02 Feb 2023 16:11:32 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675354292926&i=991428705132263.415416713634617&a=77&e=1503420AB3E0DB6310148F8E02073D04&pref=https%3A%2F%2Frem-tv.net%2F&c=ss:77.up:1503420AB3E0DB6310148F8E02073D04.sync:up.xdua:du03BH4RcoUlxL3sK3tMTuIa.xps:xpsU1QAzsh7KoJNwEUhxr9IoA.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=-jiDzSYbX.PMReO7zc2f; Max-Age=93312000; Expires=Sat, 17 Jan 2026 16:11:32 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
www.gstatic.com/mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019
216.58.211.3200 OK 4.2 kB URL HTTP/2 www.gstatic.com/mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019
IP 216.58.211.3:0
File type ASCII text, with very long lines (2595)
Hash 22b1107093ffdaf82c67748570c23847
23dfc8f212390c65e14e5429f57808ba23519546
cbbc030a379d4135d1a593fe405ab78879df73eef55d3cb03774cc3b3c27ac82
GET /mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 4209
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 01:07:23 GMT
expires: Wed, 03 May 2023 01:07:23 GMT
cache-control: public, max-age=7776000
last-modified: Wed, 01 Feb 2023 06:12:50 GMT
content-type: text/javascript
age: 54249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/9f1a5ca513cd67f408268f629c2a8fce.js?tag=pingback
216.58.211.3200 OK 8.0 kB URL HTTP/2 www.gstatic.com/mysidia/9f1a5ca513cd67f408268f629c2a8fce.js?tag=pingback
IP 216.58.211.3:0
File type ASCII text, with very long lines (1480)
Hash 8b71042a4b90f387a65a96d6837714d3
285fc0b8ba93ce864258a39a6e647285ecb1d01e
1abb70b7c66419e4f4d75118d53329583249caa9510c623eb00764fc5a1eb5d8
GET /mysidia/9f1a5ca513cd67f408268f629c2a8fce.js?tag=pingback HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 7963
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 14:52:16 GMT
expires: Tue, 02 May 2023 14:52:16 GMT
cache-control: public, max-age=7776000
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
content-type: text/javascript
age: 91156
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/bfed04b48628648932a16634cb3b86cf.js?tag=exit_2019
216.58.211.3200 OK 9.7 kB URL HTTP/2 www.gstatic.com/mysidia/bfed04b48628648932a16634cb3b86cf.js?tag=exit_2019
IP 216.58.211.3:0
File type ASCII text, with very long lines (1691)
Hash 4b52e648ba8e65b8cb54bbd0355387e8
2bbd8116b08f23fe677a79f690f7f77deb3d9b52
9c2bf94b5e1123cd196110ef1acd0457c19438a8c4ec38ae3c6aeb4e22b2d5a4
GET /mysidia/bfed04b48628648932a16634cb3b86cf.js?tag=exit_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 9676
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 05:47:41 GMT
expires: Mon, 01 May 2023 05:47:41 GMT
cache-control: public, max-age=7776000
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
content-type: text/javascript
age: 210231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b204f3abe06417a75a9703b1ed69bb37
f636ae39c412c40c3737e9c3c99a5e2e30a7e861
209edba54e970905fc4efd62b8736ef3f5d5021ccb82ea63e7ebfe0baf3e1896
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b204f3abe06417a75a9703b1ed69bb37
f636ae39c412c40c3737e9c3c99a5e2e30a7e861
209edba54e970905fc4efd62b8736ef3f5d5021ccb82ea63e7ebfe0baf3e1896
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019
216.58.211.3200 OK 2.0 kB URL HTTP/2 www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019
IP 216.58.211.3:0
File type ASCII text, with very long lines (979)
Hash a783464f74b8135ea9c9ca85f9a0a70b
c85558378c32e6980b374d5b9050f7f5b3e4d4d7
1d5bfdd6ae42d4d81efc8f6405de61502283510b53d7a43dfe24278adfc9be11
GET /mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 2003
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 12:24:14 GMT
expires: Tue, 02 May 2023 12:24:14 GMT
cache-control: public, max-age=7776000
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
content-type: text/javascript
age: 100039
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230131/r20110914/abg_lite_fy2021.js
142.250.74.161200 OK 9.0 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230131/r20110914/abg_lite_fy2021.js
IP 142.250.74.161:0
File type ASCII text, with very long lines (1672)
Hash 9aa683d616d8b2d10fe0100d761df816
60f84308b40072edcc24b6fd54c68247786001aa
2e8549a4bc0e1f4a4eda2637f239105e780b2ae2879c9a241b1ffe7130386e0a
GET /pagead/js/r20230131/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8993
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:18:58 GMT
expires: Wed, 15 Feb 2023 22:18:58 GMT
cache-control: public, max-age=1209600
age: 64355
etag: 12355142264901698679
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7821222626075549264/index.html
142.250.74.161200 OK 3.8 kB URL HTTP/2 tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7821222626075549264/index.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9145)
Hash 947a57c456bf84d24bedbeac5e9cb12c
5f3ecd1b932cc72b9599dd3b94433f2fbf8a3ddf
cf448cbf1799bc024a3f3c87c2eb2a9b9ff0a838a390410f74172a5e7bf6cd07
GET /sadbundle/$csp%3Der3$/7821222626075549264/index.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 3826
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 23:14:33 GMT
expires: Thu, 01 Feb 2024 23:14:33 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 29 Mar 2022 11:17:10 GMT
content-type: text/html
age: 61020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/qs_click_protection_fy2021.js
142.250.74.161200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230131/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.161:0
File type ASCII text, with very long lines (1605)
Hash aeaebc4fec11dcafa566897f3b2aa937
7b4507c8793c1ce833dccaeb7dbc956c1fd06668
c23b4a16d9468c0018f502492594408fc809fc0fe003aed2f1145ba3dca87bae
GET /pagead/js/r20230131/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7647
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:18:58 GMT
expires: Wed, 15 Feb 2023 22:18:58 GMT
cache-control: public, max-age=1209600
age: 64355
etag: 2161395064574532456
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675354292898&i=991428705132263.912008256667083&a=77&e=1503420AB3E0DB6310148F8E02073D04&pref=https%3A%2F%2Frem-tv.net%2F&c=ss:77.up:1503420AB3E0DB6310148F8E02073D04.sync:up.xdua:du03BH4RcoUlxL3sK3tMTuIa.xps:xpsU1QAzsh7KoJNwEUhxr9IoA.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.158200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675354292898&i=991428705132263.912008256667083&a=77&e=1503420AB3E0DB6310148F8E02073D04&pref=https%3A%2F%2Frem-tv.net%2F&c=ss:77.up:1503420AB3E0DB6310148F8E02073D04.sync:up.xdua:du03BH4RcoUlxL3sK3tMTuIa.xps:xpsU1QAzsh7KoJNwEUhxr9IoA.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.158:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1675354292898&i=991428705132263.912008256667083&a=77&e=1503420AB3E0DB6310148F8E02073D04&pref=https%3A%2F%2Frem-tv.net%2F&c=ss:77.up:1503420AB3E0DB6310148F8E02073D04.sync:up.xdua:du03BH4RcoUlxL3sK3tMTuIa.xps:xpsU1QAzsh7KoJNwEUhxr9IoA.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:33 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 5
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675354292926&i=991428705132263.415416713634617&a=77&e=1503420AB3E0DB6310148F8E02073D04&pref=https%3A%2F%2Frem-tv.net%2F&c=ss:77.up:1503420AB3E0DB6310148F8E02073D04.sync:up.xdua:du03BH4RcoUlxL3sK3tMTuIa.xps:xpsU1QAzsh7KoJNwEUhxr9IoA.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.158200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675354292926&i=991428705132263.415416713634617&a=77&e=1503420AB3E0DB6310148F8E02073D04&pref=https%3A%2F%2Frem-tv.net%2F&c=ss:77.up:1503420AB3E0DB6310148F8E02073D04.sync:up.xdua:du03BH4RcoUlxL3sK3tMTuIa.xps:xpsU1QAzsh7KoJNwEUhxr9IoA.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.158:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1675354292926&i=991428705132263.415416713634617&a=77&e=1503420AB3E0DB6310148F8E02073D04&pref=https%3A%2F%2Frem-tv.net%2F&c=ss:77.up:1503420AB3E0DB6310148F8E02073D04.sync:up.xdua:du03BH4RcoUlxL3sK3tMTuIa.xps:xpsU1QAzsh7KoJNwEUhxr9IoA.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:33 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 6
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQxlO33lhqsSXB0RVvytlLVRRvQGaG2jKzO3zgauBAJFrmWWTE&usqp=CAI
216.58.211.14200 OK 5.7 kB URL HTTP/2 encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQxlO33lhqsSXB0RVvytlLVRRvQGaG2jKzO3zgauBAJFrmWWTE&usqp=CAI
IP 216.58.211.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Hash 58bd4a328f8e217ead16fb6fc95a8b0e
30da6a88a0334a03a613a458ad0c5e3c65ca12d5
6c9a68982959ccb415dafc6fe158b0e7caae5dfa41ec814a3fd58f5de9b27f58
GET /shopping?q=tbn:ANd9GcQxlO33lhqsSXB0RVvytlLVRRvQGaG2jKzO3zgauBAJFrmWWTE&usqp=CAI HTTP/1.1
Host: encrypted-tbn2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 5685
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 17:15:31 GMT
expires: Thu, 01 Feb 2024 17:15:31 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 18 Oct 2022 10:24:17 GMT
content-type: image/jpeg
age: 82562
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSPSubdaqCOAwok3mI442B5EJxPUw7JVy-rLwqI-347FMnYS40&usqp=CAI
142.250.74.174200 OK 8.8 kB URL HTTP/2 encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSPSubdaqCOAwok3mI442B5EJxPUw7JVy-rLwqI-347FMnYS40&usqp=CAI
IP 142.250.74.174:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Hash 15c4ec02e9621002363989d207f686a1
70113e81fc63befb1c579fe2b50e0850d2ddfb44
4f40250fabdf42ad38986bdb389b35e1a6ae23534441950ee0e87a7b5f4c26f0
GET /shopping?q=tbn:ANd9GcSPSubdaqCOAwok3mI442B5EJxPUw7JVy-rLwqI-347FMnYS40&usqp=CAI HTTP/1.1
Host: encrypted-tbn0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 8799
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 21:30:03 GMT
expires: Sun, 28 Jan 2024 21:30:03 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Aug 2021 12:11:28 GMT
content-type: image/jpeg
age: 412890
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQOSUMEdPlYZFPJEtgWA5NnKJ_0rpoIqpCqP5s-Hud-sTWad9-f&usqp=CAI
142.250.74.46200 OK 7.5 kB URL HTTP/2 encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQOSUMEdPlYZFPJEtgWA5NnKJ_0rpoIqpCqP5s-Hud-sTWad9-f&usqp=CAI
IP 142.250.74.46:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Hash 97c25bfef7af55a274ea453ccec511b2
8bfd1973b538b7dba94aac204e156adc00fc6a24
993db4b17ac7e9f4e9cf95ab07fb8826ed3e4410ccc2943250c68fe0f8e9e5c7
GET /shopping?q=tbn:ANd9GcQOSUMEdPlYZFPJEtgWA5NnKJ_0rpoIqpCqP5s-Hud-sTWad9-f&usqp=CAI HTTP/1.1
Host: encrypted-tbn1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 7489
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:16:03 GMT
expires: Tue, 30 Jan 2024 18:16:03 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 09:07:45 GMT
content-type: image/jpeg
age: 251730
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS8-vkXaPtQKKbc1vUmlr6vsP2fk-aj0bCVM6FbnX2zX577YKTc&usqp=CAI
216.58.207.206200 OK 7.2 kB URL HTTP/2 encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS8-vkXaPtQKKbc1vUmlr6vsP2fk-aj0bCVM6FbnX2zX577YKTc&usqp=CAI
IP 216.58.207.206:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Hash e20bcc597e1ee2c4ea6f73bd03b014cb
80e2eb2ede59791618ed8f1cc781cd956dbb1134
ff2013aad48887ee7aa2b80a21f41b3883022fe1011e515beb9cde66f3fc6787
GET /shopping?q=tbn:ANd9GcS8-vkXaPtQKKbc1vUmlr6vsP2fk-aj0bCVM6FbnX2zX577YKTc&usqp=CAI HTTP/1.1
Host: encrypted-tbn3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 7249
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 21:40:34 GMT
expires: Sat, 27 Jan 2024 21:40:34 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 08 Nov 2022 09:17:03 GMT
content-type: image/jpeg
age: 498659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSo8M1mrFpSuRQxQKtC5aVgWCKlhjgsSsiPFSvMuSTdxgXpkhI&usqp=CAI
142.250.74.46200 OK 9.3 kB URL HTTP/2 encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSo8M1mrFpSuRQxQKtC5aVgWCKlhjgsSsiPFSvMuSTdxgXpkhI&usqp=CAI
IP 142.250.74.46:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Hash 9542671b0f2c68a6791e80e206145fdb
52553fef5bff014378f3a828e3b11721f2ae4eb8
0023a702f2d11975543b90c8cf1b615d25633778eff9bf4402bb7a074b95e63f
GET /shopping?q=tbn:ANd9GcSo8M1mrFpSuRQxQKtC5aVgWCKlhjgsSsiPFSvMuSTdxgXpkhI&usqp=CAI HTTP/1.1
Host: encrypted-tbn1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 9282
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 16:53:30 GMT
expires: Thu, 01 Feb 2024 16:53:30 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 30 Sep 2022 08:31:29 GMT
content-type: image/jpeg
age: 83883
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT8IFsu1jStntw0ZIhIL6vITmtmlEW2IMgwM955BAqL5-xvCv0&usqp=CAI
216.58.207.206200 OK 9.9 kB URL HTTP/2 encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT8IFsu1jStntw0ZIhIL6vITmtmlEW2IMgwM955BAqL5-xvCv0&usqp=CAI
IP 216.58.207.206:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Hash 06504bb831d7fec444329d8103ffbaf7
5c4e321ab487d353f9174cf0b0783cd1d40935ee
6cb3b154a7210a6fd5098056607f6c6ec31de25c816530b413887a9354793656
GET /shopping?q=tbn:ANd9GcT8IFsu1jStntw0ZIhIL6vITmtmlEW2IMgwM955BAqL5-xvCv0&usqp=CAI HTTP/1.1
Host: encrypted-tbn3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 9920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 04:20:39 GMT
expires: Fri, 02 Feb 2024 04:20:39 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 08 Nov 2022 09:17:14 GMT
content-type: image/jpeg
age: 42654
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcS3kNK3ZBrvYfXq08uTXoqAoyJxDrKnFYK5xCV64W24sWjoONE&usqp=CAI
142.250.74.46200 OK 8.1 kB URL HTTP/2 encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcS3kNK3ZBrvYfXq08uTXoqAoyJxDrKnFYK5xCV64W24sWjoONE&usqp=CAI
IP 142.250.74.46:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Hash 94d3cda9b2b0b20dc46521e66547c2a0
099d000044ed81898360782b4b145d69f0858b0d
30707e980d4377b97705523550b3f755a03c6b8db83ffeecee59164885653158
GET /shopping?q=tbn:ANd9GcS3kNK3ZBrvYfXq08uTXoqAoyJxDrKnFYK5xCV64W24sWjoONE&usqp=CAI HTTP/1.1
Host: encrypted-tbn1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 8076
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 16:57:51 GMT
expires: Thu, 01 Feb 2024 16:57:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jan 2023 11:22:36 GMT
content-type: image/jpeg
age: 83622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRGLlw-h3JtMiweEKgLsADR2n7feYe0jOjVx-ffjeQjuZysNhrj&usqp=CAI
142.250.74.46200 OK 8.7 kB URL HTTP/2 encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRGLlw-h3JtMiweEKgLsADR2n7feYe0jOjVx-ffjeQjuZysNhrj&usqp=CAI
IP 142.250.74.46:0
File type gzip compressed data, max compression\012- data
Hash 2b46a46e1128931d9137a108089853f3
02177d9d833f2746b217dbb2e11943f97e77fc74
8a2419778a3be11b18a9e9c8e9ce4e589d0b852a592eac29fab2c7233a56e1e4
GET /shopping?q=tbn:ANd9GcRGLlw-h3JtMiweEKgLsADR2n7feYe0jOjVx-ffjeQjuZysNhrj&usqp=CAI HTTP/1.1
Host: encrypted-tbn1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 8063
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 04:06:19 GMT
expires: Fri, 02 Feb 2024 04:06:19 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 30 Sep 2022 08:31:15 GMT
content-type: image/jpeg
age: 43514
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSXTuBj6x5YWSkc5CyjfDQsT8dpSTB5eRPtL8fh8gGcjOhBmDU&usqp=CAI
216.58.207.206200 OK 6.2 kB URL HTTP/2 encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSXTuBj6x5YWSkc5CyjfDQsT8dpSTB5eRPtL8fh8gGcjOhBmDU&usqp=CAI
IP 216.58.207.206:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Hash f03d288e25a1ea07c84fc70c7b3a43a2
f2c3f931169e29e4ca9db3fa5b6d4e584b5fa893
27201abf7dbe993559f8b84e2f090284bb92df8d7b6417ee4381da93a40cfd4c
GET /shopping?q=tbn:ANd9GcSXTuBj6x5YWSkc5CyjfDQsT8dpSTB5eRPtL8fh8gGcjOhBmDU&usqp=CAI HTTP/1.1
Host: encrypted-tbn3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 6223
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 19:40:55 GMT
expires: Thu, 01 Feb 2024 19:40:55 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 30 Sep 2022 08:11:28 GMT
content-type: image/jpeg
age: 73838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
142.250.74.163200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash 7b08b9e11fc6b8a8a1398b357e874144
4b5fb5790fae1c96655aaa7a426b697f5ab986d0
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 21:51:23 GMT
expires: Wed, 31 Jan 2024 21:51:23 GMT
cache-control: public, max-age=31536000
age: 152410
last-modified: Wed, 11 May 2022 19:24:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 03:13:04 GMT
expires: Fri, 02 Feb 2024 03:13:04 GMT
cache-control: public, max-age=31536000
age: 46709
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 12:46:12 GMT
expires: Mon, 29 Jan 2024 12:46:12 GMT
cache-control: public, max-age=31536000
age: 357921
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 20784, version 1.0\012- data
Hash e11c810c086df83c0876dd59ed32ebcb
b89fe2ed6d016f81af13b35797ad2b0e2e5c6822
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
GET /s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20784
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 21:59:25 GMT
expires: Sat, 27 Jan 2024 21:59:25 GMT
cache-control: public, max-age=31536000
age: 497528
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 19:34:21 GMT
expires: Thu, 01 Feb 2024 19:34:21 GMT
cache-control: public, max-age=31536000
age: 74232
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 14:07:32 GMT
expires: Thu, 01 Feb 2024 14:07:32 GMT
cache-control: public, max-age=31536000
age: 93841
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
142.250.74.163200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9644, version 1.0\012- data
Hash 6f112ec2b932ee12379442c42853244e
b2e73c8c70d6261e1d187f41693c43ac4fe0809d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 05:06:00 GMT
expires: Fri, 02 Feb 2024 05:06:00 GMT
cache-control: public, max-age=31536000
age: 39933
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:11:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/drt/ui
216.58.207.228302 Found 0 B URL HTTP/2 www.google.com/pagead/drt/ui
IP 216.58.207.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/drt/ui HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 16:11:33 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/scada/v14/RLpxK5Pv5qumeVJvzTQ.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/scada/v14/RLpxK5Pv5qumeVJvzTQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15020, version 1.0\012- data
Hash 4e8fb98a8b4c4fb943fee804999df380
965feda507b2c5433dd11e2ed2695123180a5349
a2fa27986574c62b2910430afc0168b9691937d8b7793e208cf59ffa3da63951
GET /s/scada/v14/RLpxK5Pv5qumeVJvzTQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: null
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15020
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 01:41:49 GMT
expires: Sat, 27 Jan 2024 01:41:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:02:43 GMT
content-type: font/woff2
age: 570585
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ulogin.ru/stats.html?r=26349&type=panel&xdm_e=https%3A%2F%2Frem-tv.net&xdm_c=default3012&xdm_p=1
95.163.118.168200 OK 1.1 kB URL HTTP/1.1 ulogin.ru/stats.html?r=26349&type=panel&xdm_e=https%3A%2F%2Frem-tv.net&xdm_c=default3012&xdm_p=1
IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4a960496cafd40eadd72f4bca9980313
6c320736ce0e61dbe3ad4e7c04928c18a63b2b01
bdaf1d4b1e28c4f0e696b8494ac0c7387ab9b6122166fe9a13845a545085851b
GET /stats.html?r=26349&type=panel&xdm_e=https%3A%2F%2Frem-tv.net&xdm_c=default3012&xdm_p=1 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:37 GMT
Content-Type: text/html
Last-Modified: Tue, 10 Aug 2021 16:01:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.acint.net/ping/?v=0.5.1&uid=3ddd28ae-dbe0-4109-a046-e0983d8bc5a7&dp=10&tz=%2B00%3A00&nc=18939671&dT=2023-02-02T16%3A12%3A01.038
193.3.184.227200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.5.1&uid=3ddd28ae-dbe0-4109-a046-e0983d8bc5a7&dp=10&tz=%2B00%3A00&nc=18939671&dT=2023-02-02T16%3A12%3A01.038
IP 193.3.184.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.5.1&uid=3ddd28ae-dbe0-4109-a046-e0983d8bc5a7&dp=10&tz=%2B00%3A00&nc=18939671&dT=2023-02-02T16%3A12%3A01.038 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Cookie: aid=CkIDE2Pb4LNTkwpP8Po1Au2z4TaBNk2/6EI40Hm7awzhJLo1; test_cookie=CheckForPermission; cSyncDp7v2=1675354291; cSyncDp14v3=1675354291; cSyncDp17=1675354291; cSyncDp32=1675354291; cSyncDp45v3=1675354291; cSyncDp53v2=1675354291; cSyncDp62=1675354291; cSyncDp67v2=1675354291; cSyncDp68=1675354291; cSyncDp71=1675354291; cSyncDp85=1675354291; cSyncDp95v3=1675354291; cSyncDp98v2=1675354291; cSyncDp101=1675354291; cSyncDp104v2=1675354291; cSyncDp107=1675354291; cSyncDp110=1675354291; cSyncDp125v3=1675354291; cSyncDp126=1675354291; cSyncDp127=1675354291; cSyncDp129=1675354291; cSyncDp136v2=1675354291; cSyncDp146=1675354291; cSyncDp148=1675354291; cSyncDp149v2=1675354291; cSyncDp151=1675354291; cSyncDp178=1675354291; cSyncDp186=1675354291; cSyncDp221=1675354291; cSyncDp235=1675354291
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 16:11:34 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ulogin.ru/version/3.0/html/drop.html?id=0&redirect_uri=https%3A%2F%2Frem-tv.net%2Fulogin%3Fdestination%3Dnode%2F1910&callback=&providers=vkontakte,odnoklassniki&fields=first_name,last_name,email,nickname,photo&force_fields=&popup_css=&optional=&othprov=google,facebook,yandex,mailru&protocol=https&host=rem-tv.net&lang=en&verify=&sort=relevant&m=0&icons_32=&icons_16=&theme=classic&client=&page=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&version=3&xdm_e=https%3A%2F%2Frem-tv.net&xdm_c=default3013&xdm_p=1
95.163.118.168200 OK 1.2 kB URL HTTP/1.1 ulogin.ru/version/3.0/html/drop.html?id=0&redirect_uri=https%3A%2F%2Frem-tv.net%2Fulogin%3Fdestination%3Dnode%2F1910&callback=&providers=vkontakte,odnoklassniki&fields=first_name,last_name,email,nickname,photo&force_fields=&popup_css=&optional=&othprov=google,facebook,yandex,mailru&protocol=https&host=rem-tv.net&lang=en&verify=&sort=relevant&m=0&icons_32=&icons_16=&theme=classic&client=&page=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&version=3&xdm_e=https%3A%2F%2Frem-tv.net&xdm_c=default3013&xdm_p=1
IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a8cb46f716d89ac94f20035ca2ae51de
fb107f5079f9a5e151096ebaee7c14f781c2aeb3
2ce770b46cb037ae399d0ded7b261d9088dc2a1096a9b0a9409b214a36914c56
GET /version/3.0/html/drop.html?id=0&redirect_uri=https%3A%2F%2Frem-tv.net%2Fulogin%3Fdestination%3Dnode%2F1910&callback=&providers=vkontakte,odnoklassniki&fields=first_name,last_name,email,nickname,photo&force_fields=&popup_css=&optional=&othprov=google,facebook,yandex,mailru&protocol=https&host=rem-tv.net&lang=en&verify=&sort=relevant&m=0&icons_32=&icons_16=&theme=classic&client=&page=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&version=3&xdm_e=https%3A%2F%2Frem-tv.net&xdm_c=default3013&xdm_p=1 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:37 GMT
Content-Type: text/html
Last-Modified: Tue, 20 Jul 2021 16:00:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ulogin.ru/stats.html?r=93400&type=panel&xdm_e=https%3A%2F%2Frem-tv.net&xdm_c=default3014&xdm_p=1
95.163.118.168200 OK 1.1 kB URL HTTP/1.1 ulogin.ru/stats.html?r=93400&type=panel&xdm_e=https%3A%2F%2Frem-tv.net&xdm_c=default3014&xdm_p=1
IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4a960496cafd40eadd72f4bca9980313
6c320736ce0e61dbe3ad4e7c04928c18a63b2b01
bdaf1d4b1e28c4f0e696b8494ac0c7387ab9b6122166fe9a13845a545085851b
GET /stats.html?r=93400&type=panel&xdm_e=https%3A%2F%2Frem-tv.net&xdm_c=default3014&xdm_p=1 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:37 GMT
Content-Type: text/html
Last-Modified: Tue, 10 Aug 2021 16:01:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ulogin.ru/version/3.0/html/drop.html?id=1&redirect_uri=https%3A%2F%2Frem-tv.net%2Fulogin%3Fdestination%3Dnode%2F1910&callback=&providers=vkontakte,odnoklassniki&fields=first_name,last_name,email,nickname,photo&force_fields=&popup_css=&optional=&othprov=google,facebook,yandex,mailru&protocol=https&host=rem-tv.net&lang=en&verify=&sort=relevant&m=0&icons_32=&icons_16=&theme=classic&client=&page=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&version=3&xdm_e=https%3A%2F%2Frem-tv.net&xdm_c=default3015&xdm_p=1
95.163.118.168200 OK 1.2 kB URL HTTP/1.1 ulogin.ru/version/3.0/html/drop.html?id=1&redirect_uri=https%3A%2F%2Frem-tv.net%2Fulogin%3Fdestination%3Dnode%2F1910&callback=&providers=vkontakte,odnoklassniki&fields=first_name,last_name,email,nickname,photo&force_fields=&popup_css=&optional=&othprov=google,facebook,yandex,mailru&protocol=https&host=rem-tv.net&lang=en&verify=&sort=relevant&m=0&icons_32=&icons_16=&theme=classic&client=&page=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&version=3&xdm_e=https%3A%2F%2Frem-tv.net&xdm_c=default3015&xdm_p=1
IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a8cb46f716d89ac94f20035ca2ae51de
fb107f5079f9a5e151096ebaee7c14f781c2aeb3
2ce770b46cb037ae399d0ded7b261d9088dc2a1096a9b0a9409b214a36914c56
GET /version/3.0/html/drop.html?id=1&redirect_uri=https%3A%2F%2Frem-tv.net%2Fulogin%3Fdestination%3Dnode%2F1910&callback=&providers=vkontakte,odnoklassniki&fields=first_name,last_name,email,nickname,photo&force_fields=&popup_css=&optional=&othprov=google,facebook,yandex,mailru&protocol=https&host=rem-tv.net&lang=en&verify=&sort=relevant&m=0&icons_32=&icons_16=&theme=classic&client=&page=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&version=3&xdm_e=https%3A%2F%2Frem-tv.net&xdm_c=default3015&xdm_p=1 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:37 GMT
Content-Type: text/html
Last-Modified: Tue, 20 Jul 2021 16:00:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ulogin.ru/js/easyXDM.min.js?version=js.2.0.0
95.163.118.168200 OK 7.0 kB URL HTTP/1.1 ulogin.ru/js/easyXDM.min.js?version=js.2.0.0
IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type Unicode text, UTF-8 text, with very long lines (19804)
Hash 489ab3ceae080380a204ec274fb6debc
4759776b7953b70ecb269125ad0d945a7836b884
4840a22f680156aa6f5d95be69dcb71962c27747b6dfae8f7946f90d6387932f
GET /js/easyXDM.min.js?version=js.2.0.0 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulogin.ru/stats.html?r=26349&type=panel&xdm_e=https%3A%2F%2Frem-tv.net&xdm_c=default3012&xdm_p=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:37 GMT
Content-Type: application/x-javascript
Content-Length: 6980
Last-Modified: Wed, 08 Jun 2016 14:44:03 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "57582f33-1b44"
Content-Encoding: gzip
Expires: Sun, 05 Feb 2023 16:11:37 GMT
Cache-Control: max-age=259200, public
ulogin.ru/js/easyXDM.min.js?version=js.3.0.1
95.163.118.168200 OK 7.0 kB URL HTTP/1.1 ulogin.ru/js/easyXDM.min.js?version=js.3.0.1
IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type Unicode text, UTF-8 text, with very long lines (19804)
Hash 489ab3ceae080380a204ec274fb6debc
4759776b7953b70ecb269125ad0d945a7836b884
4840a22f680156aa6f5d95be69dcb71962c27747b6dfae8f7946f90d6387932f
GET /js/easyXDM.min.js?version=js.3.0.1 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulogin.ru/version/3.0/html/drop.html?id=0&redirect_uri=https%3A%2F%2Frem-tv.net%2Fulogin%3Fdestination%3Dnode%2F1910&callback=&providers=vkontakte,odnoklassniki&fields=first_name,last_name,email,nickname,photo&force_fields=&popup_css=&optional=&othprov=google,facebook,yandex,mailru&protocol=https&host=rem-tv.net&lang=en&verify=&sort=relevant&m=0&icons_32=&icons_16=&theme=classic&client=&page=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&version=3&xdm_e=https%3A%2F%2Frem-tv.net&xdm_c=default3013&xdm_p=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:37 GMT
Content-Type: application/x-javascript
Content-Length: 6980
Last-Modified: Wed, 08 Jun 2016 14:44:03 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "57582f33-1b44"
Content-Encoding: gzip
Expires: Sun, 05 Feb 2023 16:11:37 GMT
Cache-Control: max-age=259200, public
ulogin.ru/js/iscroll.5.js?version=js.3.0.1
95.163.118.168200 OK 8.1 kB URL HTTP/1.1 ulogin.ru/js/iscroll.5.js?version=js.3.0.1
IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (684)
Hash 6754ac598535802945a2a92d39363872
6cc5419d7dce755e7ecb60dd41e87344fc2ecb39
39e0862bf13fd29a3b71b4f71a41433e9842f6b3943bd135f85521a9d6ef4448
GET /js/iscroll.5.js?version=js.3.0.1 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulogin.ru/version/3.0/html/drop.html?id=0&redirect_uri=https%3A%2F%2Frem-tv.net%2Fulogin%3Fdestination%3Dnode%2F1910&callback=&providers=vkontakte,odnoklassniki&fields=first_name,last_name,email,nickname,photo&force_fields=&popup_css=&optional=&othprov=google,facebook,yandex,mailru&protocol=https&host=rem-tv.net&lang=en&verify=&sort=relevant&m=0&icons_32=&icons_16=&theme=classic&client=&page=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&version=3&xdm_e=https%3A%2F%2Frem-tv.net&xdm_c=default3013&xdm_p=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:37 GMT
Content-Type: application/x-javascript
Content-Length: 8143
Last-Modified: Mon, 08 Aug 2016 08:12:03 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "57a83ed3-1fcf"
Content-Encoding: gzip
Expires: Sun, 05 Feb 2023 16:11:37 GMT
Cache-Control: max-age=259200, public
fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
142.250.74.74200 OK 3.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
IP 142.250.74.74:0
File type ASCII text, with very long lines (738)
Hash 15e176d0d0da1579ce4abc9ed871bc56
478e9424f6b82babca1c9c94c93db225591c1d57
0aa4f920c2f897073087e20cf323778ccdce9ae34d9cc5d934b28bff543aa739
GET /css?family=Google%20Sans%20Display%3A400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 16:11:33 GMT
date: Thu, 02 Feb 2023 16:11:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
counter.yadro.ru/hit?t26.6;rhttps%3A//rem-tv.net/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D26349%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252Frem-tv.net%26xdm_c%3Ddefault3012%26xdm_p%3D1;0.3145891075356053
88.212.201.198200 OK 111 B URL HTTP/1.1 counter.yadro.ru/hit?t26.6;rhttps%3A//rem-tv.net/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D26349%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252Frem-tv.net%26xdm_c%3Ddefault3012%26xdm_p%3D1;0.3145891075356053
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 15\012- data
Hash 461c6ecbe7e5c1031c4c5f1d877ab251
7a9ed50ead5fc203d982e574ffc0a1defda0505f
771258edf682e442c71c3f6e2e6efdb65fb985307663a5f4819818120a3cceec
GET /hit?t26.6;rhttps%3A//rem-tv.net/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D26349%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252Frem-tv.net%26xdm_c%3Ddefault3012%26xdm_p%3D1;0.3145891075356053 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulogin.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 16:11:34 GMT
Content-Type: image/gif
Content-Length: 111
Connection: keep-alive
Expires: Tue, 01 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
counter.yadro.ru/hit?t26.6;rhttps%3A//rem-tv.net/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D93400%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252Frem-tv.net%26xdm_c%3Ddefault3014%26xdm_p%3D1;0.5921815524896112
88.212.201.198200 OK 111 B URL HTTP/1.1 counter.yadro.ru/hit?t26.6;rhttps%3A//rem-tv.net/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D93400%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252Frem-tv.net%26xdm_c%3Ddefault3014%26xdm_p%3D1;0.5921815524896112
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 15\012- data
Hash 461c6ecbe7e5c1031c4c5f1d877ab251
7a9ed50ead5fc203d982e574ffc0a1defda0505f
771258edf682e442c71c3f6e2e6efdb65fb985307663a5f4819818120a3cceec
GET /hit?t26.6;rhttps%3A//rem-tv.net/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D93400%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252Frem-tv.net%26xdm_c%3Ddefault3014%26xdm_p%3D1;0.5921815524896112 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulogin.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 16:11:34 GMT
Content-Type: image/gif
Content-Length: 111
Connection: keep-alive
Expires: Tue, 01 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ulogin.ru/version/3.0/js/drop.js?version=js.3.0.3
95.163.118.168200 OK 2.7 kB URL HTTP/1.1 ulogin.ru/version/3.0/js/drop.js?version=js.3.0.3
IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (525)
Hash ab2c10db046c766b4d92b50689936e0f
27506fa1b9e0bcc07ce3503ed6152538add667bd
011dd4ef4d69099652bef4398ba9ece5d963465e13e0e251f918e33265366173
GET /version/3.0/js/drop.js?version=js.3.0.3 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulogin.ru/version/3.0/html/drop.html?id=0&redirect_uri=https%3A%2F%2Frem-tv.net%2Fulogin%3Fdestination%3Dnode%2F1910&callback=&providers=vkontakte,odnoklassniki&fields=first_name,last_name,email,nickname,photo&force_fields=&popup_css=&optional=&othprov=google,facebook,yandex,mailru&protocol=https&host=rem-tv.net&lang=en&verify=&sort=relevant&m=0&icons_32=&icons_16=&theme=classic&client=&page=https%3A%2F%2Frem-tv.net%2Fstuff%2F16-1-0-5234&version=3&xdm_e=https%3A%2F%2Frem-tv.net&xdm_c=default3013&xdm_p=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:11:37 GMT
Content-Type: application/x-javascript
Content-Length: 2684
Last-Modified: Tue, 10 Aug 2021 18:42:12 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "6112c884-a7c"
Content-Encoding: gzip
Expires: Sun, 05 Feb 2023 16:11:37 GMT
Cache-Control: max-age=259200, public
counter.yadro.ru/hit?t26.6;rhttps%3A//rem-tv.net/;s1280*1024*24;uhttps%3A//ulogin.ru/version/3.0/html/drop.html%3Fid%3D0%26redirect_uri%3Dhttps%253A%252F%252Frem-tv.net%252Fulogin%253Fdestination%253Dnode%252F1910%26callback%3D%26providers%3Dvkontakte%2Codnoklassniki%26fields%3Dfirst_name%2Clast_name%2Cemail%2Cnickname%2Cphoto%26force_fields%3D%26popup_css%3D%26optional%3D%26othprov%3Dgoogle%2Cfacebook%2Cyandex%2Cmailru%26protocol%3Dhttps%26host%3Drem-tv.net%26lang%3Den%26verify%3D%26sort%3Drelevant%26m%3D0%26icons_32%3D%26icons_16%3D%26theme%3Dclassic%26client%3D%26page%3Dhttps%253A%252F%252Frem-tv.net%252Fstuff%252F16-1-0-5234%26version%3D3%26xdm_e%3Dhttps%253A%252F%252Frem-tv.net%26xdm_c%3Ddefault3013%26xdm_p%3D1;0.8065563378127958
88.212.201.198200 OK 111 B URL HTTP/1.1 counter.yadro.ru/hit?t26.6;rhttps%3A//rem-tv.net/;s1280*1024*24;uhttps%3A//ulogin.ru/version/3.0/html/drop.html%3Fid%3D0%26redirect_uri%3Dhttps%253A%252F%252Frem-tv.net%252Fulogin%253Fdestination%253Dnode%252F1910%26callback%3D%26providers%3Dvkontakte%2Codnoklassniki%26fields%3Dfirst_name%2Clast_name%2Cemail%2Cnickname%2Cphoto%26force_fields%3D%26popup_css%3D%26optional%3D%26othprov%3Dgoogle%2Cfacebook%2Cyandex%2Cmailru%26protocol%3Dhttps%26host%3Drem-tv.net%26lang%3Den%26verify%3D%26sort%3Drelevant%26m%3D0%26icons_32%3D%26icons_16%3D%26theme%3Dclassic%26client%3D%26page%3Dhttps%253A%252F%252Frem-tv.net%252Fstuff%252F16-1-0-5234%26version%3D3%26xdm_e%3Dhttps%253A%252F%252Frem-tv.net%26xdm_c%3Ddefault3013%26xdm_p%3D1;0.8065563378127958
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 15\012- data
Hash 461c6ecbe7e5c1031c4c5f1d877ab251
7a9ed50ead5fc203d982e574ffc0a1defda0505f
771258edf682e442c71c3f6e2e6efdb65fb985307663a5f4819818120a3cceec
GET /hit?t26.6;rhttps%3A//rem-tv.net/;s1280*1024*24;uhttps%3A//ulogin.ru/version/3.0/html/drop.html%3Fid%3D0%26redirect_uri%3Dhttps%253A%252F%252Frem-tv.net%252Fulogin%253Fdestination%253Dnode%252F1910%26callback%3D%26providers%3Dvkontakte%2Codnoklassniki%26fields%3Dfirst_name%2Clast_name%2Cemail%2Cnickname%2Cphoto%26force_fields%3D%26popup_css%3D%26optional%3D%26othprov%3Dgoogle%2Cfacebook%2Cyandex%2Cmailru%26protocol%3Dhttps%26host%3Drem-tv.net%26lang%3Den%26verify%3D%26sort%3Drelevant%26m%3D0%26icons_32%3D%26icons_16%3D%26theme%3Dclassic%26client%3D%26page%3Dhttps%253A%252F%252Frem-tv.net%252Fstuff%252F16-1-0-5234%26version%3D3%26xdm_e%3Dhttps%253A%252F%252Frem-tv.net%26xdm_c%3Ddefault3013%26xdm_p%3D1;0.8065563378127958 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulogin.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 16:11:34 GMT
Content-Type: image/gif
Content-Length: 111
Connection: keep-alive
Expires: Tue, 01 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
counter.yadro.ru/hit?t26.6;rhttps%3A//rem-tv.net/;s1280*1024*24;uhttps%3A//ulogin.ru/version/3.0/html/drop.html%3Fid%3D1%26redirect_uri%3Dhttps%253A%252F%252Frem-tv.net%252Fulogin%253Fdestination%253Dnode%252F1910%26callback%3D%26providers%3Dvkontakte%2Codnoklassniki%26fields%3Dfirst_name%2Clast_name%2Cemail%2Cnickname%2Cphoto%26force_fields%3D%26popup_css%3D%26optional%3D%26othprov%3Dgoogle%2Cfacebook%2Cyandex%2Cmailru%26protocol%3Dhttps%26host%3Drem-tv.net%26lang%3Den%26verify%3D%26sort%3Drelevant%26m%3D0%26icons_32%3D%26icons_16%3D%26theme%3Dclassic%26client%3D%26page%3Dhttps%253A%252F%252Frem-tv.net%252Fstuff%252F16-1-0-5234%26version%3D3%26xdm_e%3Dhttps%253A%252F%252Frem-tv.net%26xdm_c%3Ddefault3015%26xdm_p%3D1;0.03792131300216017
88.212.201.198200 OK 111 B URL HTTP/1.1 counter.yadro.ru/hit?t26.6;rhttps%3A//rem-tv.net/;s1280*1024*24;uhttps%3A//ulogin.ru/version/3.0/html/drop.html%3Fid%3D1%26redirect_uri%3Dhttps%253A%252F%252Frem-tv.net%252Fulogin%253Fdestination%253Dnode%252F1910%26callback%3D%26providers%3Dvkontakte%2Codnoklassniki%26fields%3Dfirst_name%2Clast_name%2Cemail%2Cnickname%2Cphoto%26force_fields%3D%26popup_css%3D%26optional%3D%26othprov%3Dgoogle%2Cfacebook%2Cyandex%2Cmailru%26protocol%3Dhttps%26host%3Drem-tv.net%26lang%3Den%26verify%3D%26sort%3Drelevant%26m%3D0%26icons_32%3D%26icons_16%3D%26theme%3Dclassic%26client%3D%26page%3Dhttps%253A%252F%252Frem-tv.net%252Fstuff%252F16-1-0-5234%26version%3D3%26xdm_e%3Dhttps%253A%252F%252Frem-tv.net%26xdm_c%3Ddefault3015%26xdm_p%3D1;0.03792131300216017
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 15\012- data
Hash 461c6ecbe7e5c1031c4c5f1d877ab251
7a9ed50ead5fc203d982e574ffc0a1defda0505f
771258edf682e442c71c3f6e2e6efdb65fb985307663a5f4819818120a3cceec
GET /hit?t26.6;rhttps%3A//rem-tv.net/;s1280*1024*24;uhttps%3A//ulogin.ru/version/3.0/html/drop.html%3Fid%3D1%26redirect_uri%3Dhttps%253A%252F%252Frem-tv.net%252Fulogin%253Fdestination%253Dnode%252F1910%26callback%3D%26providers%3Dvkontakte%2Codnoklassniki%26fields%3Dfirst_name%2Clast_name%2Cemail%2Cnickname%2Cphoto%26force_fields%3D%26popup_css%3D%26optional%3D%26othprov%3Dgoogle%2Cfacebook%2Cyandex%2Cmailru%26protocol%3Dhttps%26host%3Drem-tv.net%26lang%3Den%26verify%3D%26sort%3Drelevant%26m%3D0%26icons_32%3D%26icons_16%3D%26theme%3Dclassic%26client%3D%26page%3Dhttps%253A%252F%252Frem-tv.net%252Fstuff%252F16-1-0-5234%26version%3D3%26xdm_e%3Dhttps%253A%252F%252Frem-tv.net%26xdm_c%3Ddefault3015%26xdm_p%3D1;0.03792131300216017 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulogin.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 16:11:34 GMT
Content-Type: image/gif
Content-Length: 111
Connection: keep-alive
Expires: Tue, 01 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700
IP 142.250.74.74:0
GET /css?family=Roboto%3A300%2C400%2C500%2C700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 16:11:33 GMT
date: Thu, 02 Feb 2023 16:11:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.acint.net/oci.js?t=1675354317958
193.3.184.227200 OK 0 B URL HTTP/2 www.acint.net/oci.js?t=1675354317958
IP 193.3.184.227:0
GET /oci.js?t=1675354317958 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: application/x-javascript
last-modified: Mon, 09 Jan 2023 08:01:14 GMT
etag: W/"63bbc9ca-7dac"
content-encoding: gzip
X-Firefox-Spdy: h2
st.top100.ru/top100/3.13.6/usability.js
81.19.89.16200 OK 0 B URL HTTP/2 st.top100.ru/top100/3.13.6/usability.js
IP 81.19.89.16:0
ASN #24638 Rambler Internet Holding LLC
GET /top100/3.13.6/usability.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 30 Jan 2023 10:42:42 GMT
x-rgw-object-type: Normal
etag: W/"e8cd7191520320c30825c4c7c12b0d42"
x-amz-request-id: tx00000000000021fb28b25-0063dbe08c-f85be6-default
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
set-cookie: proto_uid=1CIAALPg22NrHGB3AVqM9gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2
st.top100.ru/top100/3.13.6/media.js
81.19.89.16200 OK 0 B URL HTTP/2 st.top100.ru/top100/3.13.6/media.js
IP 81.19.89.16:0
ASN #24638 Rambler Internet Holding LLC
GET /top100/3.13.6/media.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Thu, 02 Feb 2023 16:11:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 30 Jan 2023 10:42:42 GMT
x-rgw-object-type: Normal
etag: W/"64e5ae8c67be676fefc929bb3e1ca02d"
x-amz-request-id: tx00000000000021fb28b29-0063dbe08c-f85be6-default
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
set-cookie: proto_uid=1CIAALPg22NrHGB3AV2M9gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/NGM1NDVhY2ViZTYzZmViMQ?redir-setuniq=1
77.88.21.90200 OK 0 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/NGM1NDVhY2ViZTYzZmViMQ?redir-setuniq=1
IP 77.88.21.90:0
GET /mapuid/gonetdspis/NGM1NDVhY2ViZTYzZmViMQ?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Thu, 02 Feb 2023 16:11:32 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 16:11:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 02 Feb 2023 16:11:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
rem-tv.net/sites/all/themes/fix/script/jquery-1.11.3.min.js
88.99.99.206200 OK 0 B URL HTTP/2 rem-tv.net/sites/all/themes/fix/script/jquery-1.11.3.min.js
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
GET /sites/all/themes/fix/script/jquery-1.11.3.min.js HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rem-tv.net/stuff/16-1-0-5234
Cookie: antibot-hostia=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:30 GMT
content-type: application/javascript
last-modified: Mon, 26 Oct 2015 09:23:32 GMT
vary: Accept-Encoding
expires: Sun, 12 Feb 2023 16:11:30 GMT
cache-control: max-age=864000, private
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/NGM1NDVhY2ViZTYzZmViMQ
77.88.21.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/NGM1NDVhY2ViZTYzZmViMQ
IP 77.88.21.90:0
GET /mapuid/gonetdspis/NGM1NDVhY2ViZTYzZmViMQ HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/gonetdspis/NGM1NDVhY2ViZTYzZmViMQ?redir-setuniq=1
date: Thu, 02 Feb 2023 16:11:32 GMT
set-cookie: yandexuid=7476702761675354292; domain=.yandex.ru; path=/; expires=Sun, 30-Jan-2033 16:11:32 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 16:11:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 02 Feb 2023 16:11:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
rem-tv.net/stuff/16-1-0-5234
88.99.99.206200 OK 0 B URL HTTP/2 rem-tv.net/stuff/16-1-0-5234
IP 88.99.99.206:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Malware
GET /stuff/16-1-0-5234 HTTP/1.1
Host: rem-tv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:11:29 GMT
content-type: text/html; charset=utf-8
expires: Sun, 19 Nov 1978 05:00:00 GMT
cache-control: no-cache, must-revalidate
content-language: en
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-generator: Drupal 7 (http://drupal.org)
link: <https://rem-tv.net/stuff/16-1-0-5234>; rel="canonical",<https://rem-tv.net/node/1910>; rel="shortlink"
set-cookie: antibot-hostia=true; path=/; domain=rem-tv.net; expires=Fri, 03-Feb-2023 16:11:28 GMT
vary: Accept-Encoding, User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2