r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13907
Expires: Fri, 02 Dec 2022 08:26:10 GMT
Date: Fri, 02 Dec 2022 04:34:23 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1940
Cache-Control: max-age=109749
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:34:23 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:03:32 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 04:18:11 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 972
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11894
Expires: Fri, 02 Dec 2022 07:52:37 GMT
Date: Fri, 02 Dec 2022 04:34:23 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9SMqK6DB4xTkq4UEa2FdhPhHmUKGTbHIho58DhKgnOn0eQLg93EBoKG3KJomUieMl5yccedbgkA=
x-amz-request-id: BASM3M0K21NCVT7Z
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 03:45:57 GMT
age: 2906
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
prikoli-ru.ru/
200 OK 10 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 2b07bef0bebc76a954e1d21256e82722
0393333e755790ef11877197f8815a14b249a410
9488ab07075452e38b2dd5c5627b87ad277ffae50309632ef4fbc3e876dabeef
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 10305
Connection: keep-alive
Server: Jino.ru/mod_pizza
Link: <http://prikoli-ru.ru/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:34:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
prikoli-ru.ru/wp-includes/css/dist/block-library/style.min.css?ver=8389012ffa970736cdf8b11d844c1d86
200 OK 12 kB URL HTTP/1.1 prikoli-ru.ru/wp-includes/css/dist/block-library/style.min.css?ver=8389012ffa970736cdf8b11d844c1d86
IP
File type ASCII text, with very long lines (43771)
Hash e5548800176e913a9084f47a3e1e04f6
eff4604acc5c26ae82a19188de2f98bf5b79d80c
a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
GET /wp-includes/css/dist/block-library/style.min.css?ver=8389012ffa970736cdf8b11d844c1d86 HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: text/css
Content-Length: 11681
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Oct 2022 12:11:13 GMT
ETag: "3bf6909-15b64-5ea48790efd66"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext
200 OK 1.1 kB URL HTTP/1.1 fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext
IP
Hash 731763634b9cf1f507f6f02b08313ba0
8d1f8315fdead03340c364b1e7606f7c521689f1
83f1b4fa33dcfe75aa7bef28e73005a1d3dda8d3c0fcb1c246a47f6e6e2b0a58
GET /css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 02 Dec 2022 04:34:23 GMT
Date: Fri, 02 Dec 2022 04:34:23 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
prikoli-ru.ru/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
200 OK 239 B URL HTTP/1.1 prikoli-ru.ru/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
IP
Hash 21fec527969cbcfec759744ce51f94c0
827130fb99b0005a5206028abfe82e93610184f2
fe2a280a5ffe9f5d3b1bf125035d478e46bae689a2f0cde07d48bef1ba7c74b1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70 HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: text/css
Content-Length: 239
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Tue, 12 Apr 2022 05:46:38 GMT
ETag: "aea1983-176-5dc6e959b2cb0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
prikoli-ru.ru/wp-content/themes/hitmag/css/font-awesome.min.css?ver=4.7.0
200 OK 7.1 kB URL HTTP/1.1 prikoli-ru.ru/wp-content/themes/hitmag/css/font-awesome.min.css?ver=4.7.0
IP
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hitmag/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: text/css
Content-Length: 7053
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 25 Jul 2018 06:20:44 GMT
ETag: "b192813-7918-571cce0e62700"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
prikoli-ru.ru/wp-content/themes/hitmag/js/navigation.js?ver=20151215
200 OK 1.2 kB URL HTTP/1.1 prikoli-ru.ru/wp-content/themes/hitmag/js/navigation.js?ver=20151215
IP
Hash c74ea8ceba70a1a947c93d977e69d6fa
762350870e820c8242f398b04fd38be80eedbbd8
50bb2580ff5f4caff9607a3d3d3cef2ee7a9f869cda36b8bc81762bd4166418e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hitmag/js/navigation.js?ver=20151215 HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: application/javascript
Content-Length: 1238
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 25 Jul 2018 06:20:50 GMT
ETag: "3bf2944-dd4-571cce141b480"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
prikoli-ru.ru/wp-content/themes/hitmag/css/magnific-popup.css?ver=8389012ffa970736cdf8b11d844c1d86
200 OK 1.8 kB URL HTTP/1.1 prikoli-ru.ru/wp-content/themes/hitmag/css/magnific-popup.css?ver=8389012ffa970736cdf8b11d844c1d86
IP
Hash 24d43b806e85342a40e2da6970fdfaa0
b365e6daf45244233ffac6681aa3dad08a26f2c5
dcf879e6dd283fcbef1dc4a0392fbd2ec5ea512b31a97f64ea3076fc392d784e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hitmag/css/magnific-popup.css?ver=8389012ffa970736cdf8b11d844c1d86 HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: text/css
Content-Length: 1816
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 25 Jul 2018 06:20:44 GMT
ETag: "b192814-1b27-571cce0e62700"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
prikoli-ru.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.2 kB URL HTTP/1.1 prikoli-ru.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: application/javascript
Content-Length: 4169
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Fri, 26 Feb 2021 18:06:50 GMT
ETag: "3bf6a99-2bd8-5bc4121e0d18a"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
prikoli-ru.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
200 OK 31 kB URL HTTP/1.1 prikoli-ru.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: application/javascript
Content-Length: 30908
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Tue, 12 Apr 2022 05:48:55 GMT
ETag: "3bf1883-15db1-5dc6e9dcef002"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
prikoli-ru.ru/wp-content/themes/hitmag/js/skip-link-focus-fix.js?ver=20151215
200 OK 416 B URL HTTP/1.1 prikoli-ru.ru/wp-content/themes/hitmag/js/skip-link-focus-fix.js?ver=20151215
IP
Hash e6f53264ebf762f651ef3c426aba7d7a
c94c31f4cdc7976febd8b722771d433fcd460d87
e5dab0bbdb24e72cded213dba7acb5e41a11e2a317279a046e402d1146512404
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hitmag/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: application/javascript
Content-Length: 416
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 25 Jul 2018 06:20:50 GMT
ETag: "3bf2948-2ab-571cce141b480"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
prikoli-ru.ru/wp-content/themes/hitmag/js/jquery.flexslider-min.js?ver=8389012ffa970736cdf8b11d844c1d86
200 OK 6.4 kB URL HTTP/1.1 prikoli-ru.ru/wp-content/themes/hitmag/js/jquery.flexslider-min.js?ver=8389012ffa970736cdf8b11d844c1d86
IP
File type ASCII text, with very long lines (22239)
Hash b980f194ea9b0dc823545fb14935fbd7
c1df939f20f62c6dc0beb3fd5a63f5b192c10c6c
9160cf122e658b625cbd58bacb380394fac51d4d29fe604deb1f94becf237074
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hitmag/js/jquery.flexslider-min.js?ver=8389012ffa970736cdf8b11d844c1d86 HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: application/javascript
Content-Length: 6423
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 25 Jul 2018 06:20:50 GMT
ETag: "3bf2848-573e-571cce141b480"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
prikoli-ru.ru/wp-includes/js/wp-emoji-release.min.js?ver=8389012ffa970736cdf8b11d844c1d86
200 OK 5.0 kB URL HTTP/1.1 prikoli-ru.ru/wp-includes/js/wp-emoji-release.min.js?ver=8389012ffa970736cdf8b11d844c1d86
IP
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=8389012ffa970736cdf8b11d844c1d86 HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: application/javascript
Content-Length: 5009
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Oct 2022 12:11:14 GMT
ETag: "3bf6ba1-48b9-5ea487922665f"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
prikoli-ru.ru/wp-content/themes/hitmag/js/jquery.magnific-popup.min.js?ver=8389012ffa970736cdf8b11d844c1d86
200 OK 7.3 kB URL HTTP/1.1 prikoli-ru.ru/wp-content/themes/hitmag/js/jquery.magnific-popup.min.js?ver=8389012ffa970736cdf8b11d844c1d86
IP
File type ASCII text, with very long lines (20087)
Hash efa6db60af1529649bd3b95c4220e9ba
4b6b8cd07ee784e67c7702c147e0c80e0bb3bd90
5723d10c2697c434b25b904f2fcec179ad231ccaebc4c77daa7732c7949a1e99
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hitmag/js/jquery.magnific-popup.min.js?ver=8389012ffa970736cdf8b11d844c1d86 HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: application/javascript
Content-Length: 7346
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 25 Jul 2018 06:20:50 GMT
ETag: "3bf2942-4ef8-571cce141b480"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
prikoli-ru.ru/wp-content/themes/hitmag/style.css?ver=8389012ffa970736cdf8b11d844c1d86
200 OK 10 kB URL HTTP/1.1 prikoli-ru.ru/wp-content/themes/hitmag/style.css?ver=8389012ffa970736cdf8b11d844c1d86
IP
File type ASCII text, with very long lines (659)
Hash e6a76b9c0a96f218c888f263ad533a8c
10f8dafaac03e38ddee54bd7f6479814f2d9b117
c7d3e0efc757a6aedceb5ae03db3be57aaddabb143af72608ff600dcbb632d94
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hitmag/style.css?ver=8389012ffa970736cdf8b11d844c1d86 HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: text/css
Content-Length: 10523
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 25 Jul 2018 06:20:44 GMT
ETag: "b182570-d13f-571cce0e62700"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
prikoli-ru.ru/wp-content/themes/hitmag/css/flexslider.css?ver=8389012ffa970736cdf8b11d844c1d86
200 OK 1.5 kB URL HTTP/1.1 prikoli-ru.ru/wp-content/themes/hitmag/css/flexslider.css?ver=8389012ffa970736cdf8b11d844c1d86
IP
Hash c9523eb836a8bafaec0a56c6a7a282f4
013dfc025c059a1daeec7fb612a4dccf94f668c1
ba237850db0fc18e2b66e3d7b0c926a55f83183e1135201d6066a208c2655345
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hitmag/css/flexslider.css?ver=8389012ffa970736cdf8b11d844c1d86 HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: text/css
Content-Length: 1467
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 25 Jul 2018 06:20:44 GMT
ETag: "b192811-17d0-571cce0e62700"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
prikoli-ru.ru/wp-content/uploads/2018/08/7056311a10840f0a736ab20c6db7f85c.jpg
200 OK 19 kB URL HTTP/1.1 prikoli-ru.ru/wp-content/uploads/2018/08/7056311a10840f0a736ab20c6db7f85c.jpg
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2018:08:07 09:36:23], progressive, precision 8, 100x100, components 3\012- data
Hash 0f30feb34a3cb106986bd977e6c9046d
0597c49d056ade431624ffd2d9eddc194ce006f3
b959eed5788b048c6f2ae0af8b1c5941ae4f66a2c4d09675662dbd922a56f077
GET /wp-content/uploads/2018/08/7056311a10840f0a736ab20c6db7f85c.jpg HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: image/jpeg
Content-Length: 19047
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Thu, 09 Aug 2018 03:00:04 GMT
ETag: "3bf504b-4a67-572f7d2e0f500"
Accept-Ranges: bytes
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://prikoli-ru.ru
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23580
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 17:43:28 GMT
Expires: Wed, 29 Nov 2023 17:43:28 GMT
Cache-Control: public, max-age=31536000
Age: 211855
Last-Modified: Tue, 26 Apr 2022 15:48:56 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
200 OK 26 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 26240, version 1.0\012- data
Hash 4a90976686fcbd8296c7d7fccc04c273
bcb82e93ac7ad1fa2af6a37009a200f79f4cb4e5
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://prikoli-ru.ru
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 26240
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 25 Nov 2022 06:32:56 GMT
Expires: Sat, 25 Nov 2023 06:32:56 GMT
Cache-Control: public, max-age=31536000
Age: 597687
Last-Modified: Mon, 15 Aug 2022 18:14:37 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
200 OK 30 kB URL HTTP/1.1 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 29752, version 1.0\012- data
Hash ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://prikoli-ru.ru
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 29752
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 16:31:04 GMT
Expires: Wed, 29 Nov 2023 16:31:04 GMT
Cache-Control: public, max-age=31536000
Age: 216199
Last-Modified: Wed, 27 Apr 2022 17:05:11 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2
200 OK 18 kB URL HTTP/1.1 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 18200, version 1.0\012- data
Hash 8c7519686a5ddf20a3981e660a5f2610
3e0d73d14e4892b36fb5c6a9854c7d2e6bec005a
caeaf02fa4a8a45438c270767c4e50fc7f3ed5f94a4c90984eaacb87c2e8a693
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://prikoli-ru.ru
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 18200
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 05:29:58 GMT
Expires: Fri, 01 Dec 2023 05:29:58 GMT
Cache-Control: public, max-age=31536000
Age: 83065
Last-Modified: Wed, 27 Apr 2022 17:10:53 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://prikoli-ru.ru
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 19:26:02 GMT
Expires: Tue, 28 Nov 2023 19:26:02 GMT
Cache-Control: public, max-age=31536000
Age: 292101
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
200 OK 35 kB URL HTTP/1.1 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://prikoli-ru.ru
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 34852
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 02:07:55 GMT
Expires: Fri, 01 Dec 2023 02:07:55 GMT
Cache-Control: public, max-age=31536000
Age: 95188
Last-Modified: Wed, 27 Apr 2022 16:31:23 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
200 OK 23 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://prikoli-ru.ru
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23040
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 12:33:36 GMT
Expires: Fri, 01 Dec 2023 12:33:36 GMT
Cache-Control: public, max-age=31536000
Age: 57647
Last-Modified: Tue, 26 Apr 2022 15:56:42 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
200 OK 24 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 24408, version 1.0\012- data
Hash efee2d080d7bebdd2e0aeb2e030813a0
f8d38f9f9584e48c2e469877ebd94232265585f1
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
GET /s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://prikoli-ru.ru
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 24408
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 23:12:30 GMT
Expires: Wed, 29 Nov 2023 23:12:30 GMT
Cache-Control: public, max-age=31536000
Age: 192113
Last-Modified: Tue, 26 Apr 2022 15:50:25 GMT
Content-Type: font/woff2
prikoli-ru.ru/wp-content/themes/hitmag/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/1.1 prikoli-ru.ru/wp-content/themes/hitmag/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hitmag/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://prikoli-ru.ru/wp-content/themes/hitmag/css/font-awesome.min.css?ver=4.7.0
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: text/html
Content-Length: 77160
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 25 Jul 2018 06:20:48 GMT
ETag: "b1a2928-12d68-571cce1233000"
Accept-Ranges: bytes
prikoli-ru.ru/wp-content/uploads/2018/07/00.jpg
200 OK 52 kB URL HTTP/1.1 prikoli-ru.ru/wp-content/uploads/2018/07/00.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 799x292, components 3\012- data
Hash 43f4c47407736d9476b8c2f107ece84e
29f999d28c7350ed87c0d102116eaf92a47119de
637397e968b15846f72c3422bbb3e97a63afd8472f272668e725daeea7814245
GET /wp-content/uploads/2018/07/00.jpg HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: image/jpeg
Content-Length: 52326
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 25 Jul 2018 06:23:42 GMT
ETag: "3bf2c58-cc66-571cceb823780"
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 452dbfb734091e91a3589c4d7dd15f4b
661ac447618dae8bea4c5e09bcf1defa4c1799b0
590dded7098576b685a16a64881e112b1b742e1e1fae98464971fa8bb7d51847
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "590DDED7098576B685A16A64881E112B1B742E1E1FAE98464971FA8BB7D51847"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13815
Expires: Fri, 02 Dec 2022 08:24:38 GMT
Date: Fri, 02 Dec 2022 04:34:23 GMT
Connection: keep-alive
www.acint.net/aci.js
200 OK 7.5 kB IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1408)
Hash ae0aab6c5a2ae2e1168e74f6e6ae4741
2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://prikoli-ru.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 04:34:23 GMT
content-type: application/x-javascript
content-length: 7461
last-modified: Mon, 29 Nov 2021 13:21:32 GMT
etag: "61a4d3dc-1d25"
content-encoding: gzip
expires: Fri, 02 Dec 2022 16:34:23 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f642.svg
200 OK 525 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f642.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (525), with no line terminators
Hash da3651e59d6006dfa5fa07ec3102d1f3
682e14ed012f6da166aa1658921caf3482245903
943c44a0f3dc1aba84f5fbe8465baadbb90af66cd7be9f37ca07a39260357ad2
GET /images/core/emoji/14.0.0/svg/1f642.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://prikoli-ru.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: image/svg+xml
content-length: 525
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
prikoli-ru.ru/wp-content/uploads/2018/08/cab9b65b59fa8d301032cae109b43e84-135x93.jpg
200 OK 4.4 kB URL HTTP/1.1 prikoli-ru.ru/wp-content/uploads/2018/08/cab9b65b59fa8d301032cae109b43e84-135x93.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 135x93, components 3\012- data
Hash d70e4dfd49402b487c118e2f3cac3116
78df322915b0dd269a6819d596bc796e504c681d
ec9d600528b585b5cf00064351509b4cf328a1e9ceaa19347796694c6bceb5ff
GET /wp-content/uploads/2018/08/cab9b65b59fa8d301032cae109b43e84-135x93.jpg HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: image/jpeg
Content-Length: 4363
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 08 Aug 2018 23:00:20 GMT
ETag: "3bf5ef5-110b-572f479868900"
Accept-Ranges: bytes
prikoli-ru.ru/wp-content/uploads/2018/08/b11789d47fe2ee7678cd2d889c5583e5.jpg
200 OK 26 kB URL HTTP/1.1 prikoli-ru.ru/wp-content/uploads/2018/08/b11789d47fe2ee7678cd2d889c5583e5.jpg
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2018:08:07 08:09:56], progressive, precision 8, 100x100, components 3\012- data
Hash 9f4e17c837d9c13b9fa662255cd5e39e
86afaf061f821d963b1fb40bf1faeb02485cdd94
2f6b2c23f2ee6975e1dbc552dab3fbb072e92ffd014beb4a8d587e8a2c8855eb
GET /wp-content/uploads/2018/08/b11789d47fe2ee7678cd2d889c5583e5.jpg HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: image/jpeg
Content-Length: 25685
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Thu, 09 Aug 2018 03:00:02 GMT
ETag: "3bf5a94-6455-572f7d2c27080"
Accept-Ranges: bytes
prikoli-ru.ru/wp-content/uploads/2018/08/5843afd7157879b7d4569a8f6f56f1da-135x93.jpg
200 OK 3.8 kB URL HTTP/1.1 prikoli-ru.ru/wp-content/uploads/2018/08/5843afd7157879b7d4569a8f6f56f1da-135x93.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 135x93, components 3\012- data
Hash 46d0a1b6862589281b4cd618822e1931
2f9eb089d52a1dae127a72904ff8286bcef49690
357a5fc4ba521e2ddbd80bc36b9e0aff70671322140dfea081928265210c60ed
GET /wp-content/uploads/2018/08/5843afd7157879b7d4569a8f6f56f1da-135x93.jpg HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: image/jpeg
Content-Length: 3831
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 08 Aug 2018 15:00:18 GMT
ETag: "3bf4c1b-ef7-572edc4cae480"
Accept-Ranges: bytes
prikoli-ru.ru/wp-content/uploads/2018/08/8211be91775a5b420b5d8170afda0cd4.jpg
200 OK 24 kB URL HTTP/1.1 prikoli-ru.ru/wp-content/uploads/2018/08/8211be91775a5b420b5d8170afda0cd4.jpg
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2018:08:07 07:14:21], progressive, precision 8, 100x100, components 3\012- data
Hash 7cf57f8646c28ae6c71e595079a1c8a1
61daed93b43ee7623be433cf6a94a73328a00a5b
97c3097a6a644ff0707cc406796b49bfa2a21ebfbe20981446f824216ceeed09
GET /wp-content/uploads/2018/08/8211be91775a5b420b5d8170afda0cd4.jpg HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: image/jpeg
Content-Length: 24509
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Thu, 09 Aug 2018 03:00:04 GMT
ETag: "3bf5301-5fbd-572f7d2e0f500"
Accept-Ranges: bytes
prikoli-ru.ru/wp-content/uploads/2018/08/c5beba5c8911dbfdfdc1ef7192e3b4a2-348x215.jpg
200 OK 18 kB URL HTTP/1.1 prikoli-ru.ru/wp-content/uploads/2018/08/c5beba5c8911dbfdfdc1ef7192e3b4a2-348x215.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 348x215, components 3\012- data
Hash 1e3b8f52c107fd998d05a1164409318e
2bb9e676f4e85669bbf999726fc01b026bd8f930
1c92cf86e364fa13280d5484ea0a7feb6b10e3ce7173221dd627006d51deab0d
GET /wp-content/uploads/2018/08/c5beba5c8911dbfdfdc1ef7192e3b4a2-348x215.jpg HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: image/jpeg
Content-Length: 18476
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 08 Aug 2018 23:00:44 GMT
ETag: "3bf5e3d-482c-572f47af4bf00"
Accept-Ranges: bytes
prikoli-ru.ru/wp-content/uploads/2018/08/08245fe3aaa77406bc1a53e4500deba7-348x215.jpeg
200 OK 15 kB URL HTTP/1.1 prikoli-ru.ru/wp-content/uploads/2018/08/08245fe3aaa77406bc1a53e4500deba7-348x215.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 348x215, components 3\012- data
Hash c737bd569ca8fdd8eadb36a5e930549c
f6f3d2d1d61246d1fdc5149efa5061106aa2438c
0ab6a587a284a1093c2ac000beae3de898edebb756da8837a3903ac28b76673a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/08/08245fe3aaa77406bc1a53e4500deba7-348x215.jpeg HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:23 GMT
Content-Type: image/jpeg
Content-Length: 15269
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 08 Aug 2018 00:00:06 GMT
ETag: "3bf3e45-3ba5-572e1316d2d80"
Accept-Ranges: bytes
www.acint.net/mc/?dp=10
302 Moved Temporarily 142 B IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10
www.acint.net/hit/?v=0.4.0&uid=3d64fe38-a8da-4a20-abaa-ac009570fa9a&dp=10&tz=%2B00%3A00&nc=99140766&u=http%3A%2F%2Fprikoli-ru.ru%2F&r=&rs=1280x1024&t=%D0%9F%D0%A0%D0%98%D0%9A%D0%9E%D0%9B%D0%AB-%D0%A0%D0%A3%20%E2%80%94%20%D0%9F%D1%80%D0%B8%D0%BA%D0%BE%D0%BB%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D1%85%20%D0%B8%20%D0%BD%D0%B5%20%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE.&oE=1&oP=1&dT=2022-12-02T04%3A34%3A22.362&fu=3fd2ff72-d93f-403d-a0d5-3ff164079143
302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/hit/?v=0.4.0&uid=3d64fe38-a8da-4a20-abaa-ac009570fa9a&dp=10&tz=%2B00%3A00&nc=99140766&u=http%3A%2F%2Fprikoli-ru.ru%2F&r=&rs=1280x1024&t=%D0%9F%D0%A0%D0%98%D0%9A%D0%9E%D0%9B%D0%AB-%D0%A0%D0%A3%20%E2%80%94%20%D0%9F%D1%80%D0%B8%D0%BA%D0%BE%D0%BB%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D1%85%20%D0%B8%20%D0%BD%D0%B5%20%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE.&oE=1&oP=1&dT=2022-12-02T04%3A34%3A22.362&fu=3fd2ff72-d93f-403d-a0d5-3ff164079143
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /hit/?v=0.4.0&uid=3d64fe38-a8da-4a20-abaa-ac009570fa9a&dp=10&tz=%2B00%3A00&nc=99140766&u=http%3A%2F%2Fprikoli-ru.ru%2F&r=&rs=1280x1024&t=%D0%9F%D0%A0%D0%98%D0%9A%D0%9E%D0%9B%D0%AB-%D0%A0%D0%A3%20%E2%80%94%20%D0%9F%D1%80%D0%B8%D0%BA%D0%BE%D0%BB%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D1%85%20%D0%B8%20%D0%BD%D0%B5%20%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE.&oE=1&oP=1&dT=2022-12-02T04%3A34%3A22.362&fu=3fd2ff72-d93f-403d-a0d5-3ff164079143 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.4.0&uid=3d64fe38-a8da-4a20-abaa-ac009570fa9a&dp=10&tz=%2B00%3A00&nc=99140766&u=http%3A%2F%2Fprikoli-ru.ru%2F&r=&rs=1280x1024&t=%D0%9F%D0%A0%D0%98%D0%9A%D0%9E%D0%9B%D0%AB-%D0%A0%D0%A3%20%E2%80%94%20%D0%9F%D1%80%D0%B8%D0%BA%D0%BE%D0%BB%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D1%85%20%D0%B8%20%D0%BD%D0%B5%20%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE.&oE=1&oP=1&dT=2022-12-02T04%3A34%3A22.362&fu=3fd2ff72-d93f-403d-a0d5-3ff164079143
prikoli-ru.ru/wp-content/uploads/2018/07/Childish-Thumb-Up.png
200 OK 5.1 kB URL HTTP/1.1 prikoli-ru.ru/wp-content/uploads/2018/07/Childish-Thumb-Up.png
IP
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a0a59314321c2b82262290a46ce4b4b
26fd897e20b5d5877987d42031d7c361a1b56ca5
ce62a2a7974f7c348d14504932c55774afb9b086521e5c186f732dc37eb7163e
GET /wp-content/uploads/2018/07/Childish-Thumb-Up.png HTTP/1.1
Host: prikoli-ru.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
Cookie: fid=3fd2ff72-d93f-403d-a0d5-3ff164079143
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Type: image/png
Content-Length: 5130
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 25 Jul 2018 06:23:22 GMT
ETag: "3bf3908-140a-571ccea510a80"
Accept-Ranges: bytes
counter.yadro.ru/hit?t27.4;r;s1280*1024*24;uhttp%3A//prikoli-ru.ru/;h%u041F%u0420%u0418%u041A%u041E%u041B%u042B-%u0420%u0423%20%u2014%20%u041F%u0440%u0438%u043A%u043E%u043B%u044B%20%u0434%u043B%u044F%20%u0440%u0443%u0441%u0441%u043A%u0438%u0445%20%u0438%20%u043D%u0435%20%u0442%u043E%u043B%u044C%u043A%u043E.;0.9319959607707149
302 Moved Temporarily 32 B URL HTTP/1.1 counter.yadro.ru/hit?t27.4;r;s1280*1024*24;uhttp%3A//prikoli-ru.ru/;h%u041F%u0420%u0418%u041A%u041E%u041B%u042B-%u0420%u0423%20%u2014%20%u041F%u0440%u0438%u043A%u043E%u043B%u044B%20%u0434%u043B%u044F%20%u0440%u0443%u0441%u0441%u043A%u0438%u0445%20%u0438%20%u043D%u0435%20%u0442%u043E%u043B%u044C%u043A%u043E.;0.9319959607707149
IP
ASN #39134 United Network LLC
File type HTML document, ASCII text
Hash 3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
GET /hit?t27.4;r;s1280*1024*24;uhttp%3A//prikoli-ru.ru/;h%u041F%u0420%u0418%u041A%u041E%u041B%u042B-%u0420%u0423%20%u2014%20%u041F%u0440%u0438%u043A%u043E%u043B%u044B%20%u0434%u043B%u044F%20%u0440%u0443%u0441%u0441%u043A%u0438%u0445%20%u0438%20%u043D%u0435%20%u0442%u043E%u043B%u044C%u043A%u043E.;0.9319959607707149 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 302 Moved Temporarily
Date: Fri, 02 Dec 2022 04:34:24 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit?t27.4;r;s1280*1024*24;uhttp%3A//prikoli-ru.ru/;h%u041F%u0420%u0418%u041A%u041E%u041B%u042B-%u0420%u0423%20%u2014%20%u041F%u0440%u0438%u043A%u043E%u043B%u044B%20%u0434%u043B%u044F%20%u0440%u0443%u0441%u0441%u043A%u0438%u0445%20%u0438%20%u043D%u0435%20%u0442%u043E%u043B%u044C%u043A%u043E.;0.9319959607707149
Content-Length: 32
Expires: Wed, 01 Dec 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
www.acint.net/mc/?dp=10
302 Found 154 B IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://prikoli-ru.ru/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Fri, 02-Dec-22 04:44:24 GMT
aid=sAkJCmOJgFCw7gHyJkmmAuOi21RcZRn39zqc1gIvLCvqqoYD; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.4.0&uid=3d64fe38-a8da-4a20-abaa-ac009570fa9a&dp=10&tz=%2B00%3A00&nc=99140766&u=http%3A%2F%2Fprikoli-ru.ru%2F&r=&rs=1280x1024&t=%D0%9F%D0%A0%D0%98%D0%9A%D0%9E%D0%9B%D0%AB-%D0%A0%D0%A3%20%E2%80%94%20%D0%9F%D1%80%D0%B8%D0%BA%D0%BE%D0%BB%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D1%85%20%D0%B8%20%D0%BD%D0%B5%20%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE.&oE=1&oP=1&dT=2022-12-02T04%3A34%3A22.362&fu=3fd2ff72-d93f-403d-a0d5-3ff164079143
200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.4.0&uid=3d64fe38-a8da-4a20-abaa-ac009570fa9a&dp=10&tz=%2B00%3A00&nc=99140766&u=http%3A%2F%2Fprikoli-ru.ru%2F&r=&rs=1280x1024&t=%D0%9F%D0%A0%D0%98%D0%9A%D0%9E%D0%9B%D0%AB-%D0%A0%D0%A3%20%E2%80%94%20%D0%9F%D1%80%D0%B8%D0%BA%D0%BE%D0%BB%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D1%85%20%D0%B8%20%D0%BD%D0%B5%20%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE.&oE=1&oP=1&dT=2022-12-02T04%3A34%3A22.362&fu=3fd2ff72-d93f-403d-a0d5-3ff164079143
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.4.0&uid=3d64fe38-a8da-4a20-abaa-ac009570fa9a&dp=10&tz=%2B00%3A00&nc=99140766&u=http%3A%2F%2Fprikoli-ru.ru%2F&r=&rs=1280x1024&t=%D0%9F%D0%A0%D0%98%D0%9A%D0%9E%D0%9B%D0%AB-%D0%A0%D0%A3%20%E2%80%94%20%D0%9F%D1%80%D0%B8%D0%BA%D0%BE%D0%BB%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D1%85%20%D0%B8%20%D0%BD%D0%B5%20%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE.&oE=1&oP=1&dT=2022-12-02T04%3A34%3A22.362&fu=3fd2ff72-d93f-403d-a0d5-3ff164079143 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://prikoli-ru.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=fwAAAWOJgFDBEwIsJXcYArBQNjXy7X6IIfS6caHId+Tvd4/E; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 04:08:57 GMT
cache-control: public,max-age=3600
age: 1527
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash a6cc31bacb8456eb10322ecdaf13659c
248da31b429ac81c7bda3b4dbe5d34d55ea43b73
2e823b2418135f265c30d4e504ea5204366366e9e8260a62eba552dabde2cca2
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 06 Dec 2022 03:05:15 GMT
ETag: "248da31b429ac81c7bda3b4dbe5d34d55ea43b73"
Last-Modified: Fri, 02 Dec 2022 03:05:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2389
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7731599628d0fac0-OSL
ocsp.digicert.com/
200 OK 471 B IP
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1941
Cache-Control: max-age=104686
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:34:24 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:39:10 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
counter.yadro.ru/hit?t27.4;r;s1280*1024*24;uhttp%3A//prikoli-ru.ru/;h%u041F%u0420%u0418%u041A%u041E%u041B%u042B-%u0420%u0423%20%u2014%20%u041F%u0440%u0438%u043A%u043E%u043B%u044B%20%u0434%u043B%u044F%20%u0440%u0443%u0441%u0441%u043A%u0438%u0445%20%u0438%20%u043D%u0435%20%u0442%u043E%u043B%u044C%u043A%u043E.;0.9319959607707149
200 OK 641 B URL HTTP/1.1 counter.yadro.ru/hit?t27.4;r;s1280*1024*24;uhttp%3A//prikoli-ru.ru/;h%u041F%u0420%u0418%u041A%u041E%u041B%u042B-%u0420%u0423%20%u2014%20%u041F%u0440%u0438%u043A%u043E%u043B%u044B%20%u0434%u043B%u044F%20%u0440%u0443%u0441%u0441%u043A%u0438%u0445%20%u0438%20%u043D%u0435%20%u0442%u043E%u043B%u044C%u043A%u043E.;0.9319959607707149
IP
ASN #39134 United Network LLC
File type GIF image data, version 89a, 88 x 120\012- data
Hash 762c4596c229a1f24332d99dc45b56f8
771169dad68573d6f4f1298b7c202ed92edf0ea4
d3e22e5640baffe969a6602f855397b18501a9f29217c6469e34890032d5b336
GET /hit?t27.4;r;s1280*1024*24;uhttp%3A//prikoli-ru.ru/;h%u041F%u0420%u0418%u041A%u041E%u041B%u042B-%u0420%u0423%20%u2014%20%u041F%u0440%u0438%u043A%u043E%u043B%u044B%20%u0434%u043B%u044F%20%u0440%u0443%u0441%u0441%u043A%u0438%u0445%20%u0438%20%u043D%u0435%20%u0442%u043E%u043B%u044C%u043A%u043E.;0.9319959607707149 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://prikoli-ru.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Type: image/gif
Content-Length: 641
Connection: keep-alive
Expires: Wed, 01 Dec 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
a.utraff.com/sync?ssp=sape
204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=sape
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Sun, 01 Jan 2023 07:34:24 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Sun, 01 Jan 2023 07:34:24 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DsdZn90y2sgxpH5T3xdLcmkMTdM8T6XjT%2BFj0zUW6zkAhwwRYr%2F%2BisByeous5kV3mB3lj7vAvCmuJF885EJxEbS8W51ISEfwzFQ0mo4C9fnhwERyWwrAUOoczAmTKkI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77315996abcab506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 5607af58e6bab6fcfc6f4b16fc32a5d4
177a805e4d4ddac6d3c807e695ad4ecc7332b4b6
c953d1199663f3f4459283e59349693d07f6ae0909b5783301661d15d8253288
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3455
Cache-Control: max-age=156961
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:34:24 GMT
Etag: "638934f2-118"
Expires: Sun, 04 Dec 2022 00:10:25 GMT
Last-Modified: Thu, 01 Dec 2022 23:12:50 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 49bfe24b1f8d50f0bc3c5fcff6a38074
d734c4c1ada9dfd68271b4eb3a9b7961e7c6cfbb
89afdea7df522abcfc470545e9d79d42ace142b3ceff2702f37a53531a8cf53b
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 06 Dec 2022 01:28:43 GMT
ETag: "d734c4c1ada9dfd68271b4eb3a9b7961e7c6cfbb"
Last-Modified: Fri, 02 Dec 2022 01:28:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3044
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773159977902fac0-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3747230b8ff278d9eb5624227d0e022c
6213d1d4c79dbcc205b78c47d3069ddfcfd9261c
88e27c1ca5b8c53ec82d04338c64e88ae931e2551c28c5025aff64268e61846a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88E27C1CA5B8C53EC82D04338C64E88AE931E2551C28C5025AFF64268E61846A"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14201
Expires: Fri, 02 Dec 2022 08:31:05 GMT
Date: Fri, 02 Dec 2022 04:34:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9d8826b25f34b06c8e8e429a0bfbe2de
735bf7d5ba8a596a5575696d3dd3d04f418fa442
234b943fc5baa922c0c87a98085a1ce506146c1460d1db179f16b45809778cf0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "234B943FC5BAA922C0C87A98085A1CE506146C1460D1DB179F16B45809778CF0"
Last-Modified: Wed, 30 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12322
Expires: Fri, 02 Dec 2022 07:59:46 GMT
Date: Fri, 02 Dec 2022 04:34:24 GMT
Connection: keep-alive
dm-eu.hybrid.ai/match?id=106&vid=0100007F508089632C0213C102187725
204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=0100007F508089632C0213C102187725
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=0100007F508089632C0213C102187725 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 02 Dec 2022 04:34:24 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=ede0a094385a1205644b; Expires=Sat, 02 Dec 2023 04:34:23 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dec3bbeb33096b6277bd341741303788
8234a438495aafdddaa78667f254571d59fecf3d
85a7dd2d8555bf42425da8cbeb44d5c1ccf87a0f17d8090b037cb2e3dc2d7833
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85A7DD2D8555BF42425DA8CBEB44D5C1CCF87A0F17D8090B037CB2E3DC2D7833"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10644
Expires: Fri, 02 Dec 2022 07:31:48 GMT
Date: Fri, 02 Dec 2022 04:34:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ba2c74384048845e67ea414a305f1b3d
f199f6d359b0a0f894e63ede45b8f1a0f81e2f05
0033f5a92be8b7b3f561af35a3efffc60f2469da3985ba66f02809895f98bc64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0033F5A92BE8B7B3F561AF35A3EFFFC60F2469DA3985BA66F02809895F98BC64"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4565
Expires: Fri, 02 Dec 2022 05:50:29 GMT
Date: Fri, 02 Dec 2022 04:34:24 GMT
Connection: keep-alive
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash abdf67fff37fd26d0fc32784e9b00b5b
705fbb711d25a4855104b329558bc4ed3fe7ac71
d07020a8075df1b9f8bbf7b4040ecb5f7a9b33a3fe46baf29c4a6627115672ea
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 06 Dec 2022 02:48:54 GMT
ETag: "705fbb711d25a4855104b329558bc4ed3fe7ac71"
Last-Modified: Fri, 02 Dec 2022 02:48:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 168
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77315997ea73b517-OSL
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F508089632C0213C102187725
302 Found 0 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F508089632C0213C102187725
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F508089632C0213C102187725 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 04:34:24 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=994daa40-71fa-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 02 Dec 2023 04:34:24 GMT; SameSite=None; Secure
uid-legacy=994daa40-71fa-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 02 Dec 2023 04:34:24 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F508089632C0213C102187725&cs=1
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 690c53b951993a620aea0971ef0ff5b3
d4f990127daa5397988e7014d64c29140c0c9a20
4e7d3136a60293c6e7e0e451c7f20ee21ae017abe6d48c60d9fad2461dafb9dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E7D3136A60293C6E7E0E451C7F20EE21AE017ABE6D48C60D9FAD2461DAFB9DD"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5767
Expires: Fri, 02 Dec 2022 06:10:31 GMT
Date: Fri, 02 Dec 2022 04:34:24 GMT
Connection: keep-alive
sync.republer.com/match?dsp=sape
204 No Content 0 B URL HTTP/2 sync.republer.com/match?dsp=sape
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?dsp=sape HTTP/1.1
Host: sync.republer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 02 Dec 2022 04:34:24 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2
sync.dmp.otm-r.com/match/sape?id=0100007F508089632C0213C102187725
204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=0100007F508089632C0213C102187725
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0100007F508089632C0213C102187725 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.17.6
date: Fri, 02 Dec 2022 04:34:24 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 35f2660e8e0bb2db4badbcb32e85c084
28b45acf63e313fd2aff2282ac96329506228f1e
325b00d4f02a6740f30be5b2a462365e6fb234b9863c15c77681957919174aa0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "325B00D4F02A6740F30BE5B2A462365E6FB234B9863C15C77681957919174AA0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10822
Expires: Fri, 02 Dec 2022 07:34:46 GMT
Date: Fri, 02 Dec 2022 04:34:24 GMT
Connection: keep-alive
ut.rktch.com/matchspm?pi=1000005&pui=0100007F508089632C0213C102187725
302 Found 0 B URL HTTP/1.1 ut.rktch.com/matchspm?pi=1000005&pui=0100007F508089632C0213C102187725
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /matchspm?pi=1000005&pui=0100007F508089632C0213C102187725 HTTP/1.1
Host: ut.rktch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=ffa0b0c6cbcac6de3b572bdbf6a1e61ec701; Max-Age=2592000; Expires=Sun, 01 Jan 2023 04:34:24 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fcda4541830adb0b51a55d5023f0802c
09dbb3a30d73fde250bf6d762b6d6c8382d3ae48
e9cc5817294bc775bc663924c3f81e27e8d7c4059ab1ac7fe2df1065d8cb7ec7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9CC5817294BC775BC663924C3F81E27E8D7C4059AB1AC7FE2DF1065D8CB7EC7"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6059
Expires: Fri, 02 Dec 2022 06:15:23 GMT
Date: Fri, 02 Dec 2022 04:34:24 GMT
Connection: keep-alive
www.acint.net/match?dp=129&euid=fb39xlxhfh
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=fb39xlxhfh
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=fb39xlxhfh HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOJgFDBEwIsJXcYArBQNjXy7X6IIfS6caHId+Tvd4/E; cSyncDp7v2=1669955664; cSyncDp14v3=1669955664; cSyncDp17=1669955664; cSyncDp32=1669955664; cSyncDp45v3=1669955664; cSyncDp53=1669955664; cSyncDp54v2=1669955664; cSyncDp62=1669955664; cSyncDp67v2=1669955664; cSyncDp68=1669955664; cSyncDp71=1669955664; cSyncDp77=1669955664; cSyncDp84=1669955664; cSyncDp85=1669955664; cSyncDp95v3=1669955664; cSyncDp101=1669955664; cSyncDp104v2=1669955664; cSyncDp107=1669955664; cSyncDp110=1669955664; cSyncDp111v2=1669955664; cSyncDp112v2=1669955664; cSyncDp125v2=1669955664; cSyncDp126=1669955664; cSyncDp127=1669955664; cSyncDp129=1669955664; cSyncDp136v2=1669955664; cSyncDp138=1669955664; cSyncDp146=1669955664; cSyncDp148=1669955664; cSyncDp149v2=1669955664; cSyncDp151=1669955664; cSyncDp178=1669955664; cSyncDp179=1669955664; cSyncDp186=1669955664; cSyncDp221=1669955664
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
0100007f508089632c0213c102187725-sp.ops.beeline.ru/p?ssp=sp&id=0100007F508089632C0213C102187725
301 Moved Permanently 0 B URL HTTP/2 0100007f508089632c0213c102187725-sp.ops.beeline.ru/p?ssp=sp&id=0100007F508089632C0213C102187725
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&id=0100007F508089632C0213C102187725 HTTP/1.1
Host: 0100007f508089632c0213c102187725-sp.ops.beeline.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 02 Dec 2022 04:34:24 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=0bcf7ca7-0e92-4b39-9ceb-8a9b7a3837b9
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=0bcf7ca7-0e92-4b39-9ceb-8a9b7a3837b9; expires=Thu, 23 Nov 2023 04:34:24 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.30
X-Firefox-Spdy: h2
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=4002420A508089632101CC2A02A3C638
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkICQGOJgFAqzAEhOMajAomx/kXkMJ4PDyEgjZ7eEKCw/ANP; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
s.uuidksinc.net/match/396/?remote_uid=0100007F508089632C0213C102187725
302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=0100007F508089632C0213C102187725
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=0100007F508089632C0213C102187725 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Fri, 02 Dec 2022 04:34:24 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=LiHMikOOcvVSSXbwac4U
set-cookie: jcsuuid=LiHMikOOcvVSSXbwac4U; expires=Sat, 02 Dec 2023 04:34:24 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10&tc=1
200 OK 1.5 kB URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 7fe6daff7b1375e757fb3cc31c49394d
cfaea73dfea1b013652c0a36d7d7c28c528f149b
322047b0c9a47582726afccf76d27a654e57d62590fdc1b883da671979b7ab36
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://prikoli-ru.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOJgFDBEwIsJXcYArBQNjXy7X6IIfS6caHId+Tvd4/E
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1669955664; expires=Sat, 03-Dec-22 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp54v2=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp77=1669955664; expires=Fri, 16-Dec-22 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp84=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1669955664; expires=Fri, 16-Dec-22 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp111v2=1669955664; expires=Fri, 16-Dec-22 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp112v2=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v2=1669955664; expires=Sat, 17-Dec-22 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp138=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp179=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1669955664; expires=Sun, 01-Jan-23 04:34:24 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F508089632C0213C102187725&cs=1
200 OK 35 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F508089632C0213C102187725&cs=1
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F508089632C0213C102187725&cs=1 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=994daa40-71fa-11ed-acfd-901b0e8b2a6e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: image/gif
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=994daa40-71fa-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 02 Dec 2023 04:34:24 GMT; SameSite=None; Secure
uid-legacy=994daa40-71fa-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 02 Dec 2023 04:34:24 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 13a1065295c3cf50b7cbef43763cc1c4
5f45040a339522fef0428c29e418815434468a1b
ddd406868dbe4e78adadf55b2d2edf8617481d32d335f008331caaaa94e1012d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DDD406868DBE4E78ADADF55B2D2EDF8617481D32D335F008331CAAAA94E1012D"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14607
Expires: Fri, 02 Dec 2022 08:37:51 GMT
Date: Fri, 02 Dec 2022 04:34:24 GMT
Connection: keep-alive
sync.upravel.com/sape/sync
302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1669955664664;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1669955664664;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 35f2660e8e0bb2db4badbcb32e85c084
28b45acf63e313fd2aff2282ac96329506228f1e
325b00d4f02a6740f30be5b2a462365e6fb234b9863c15c77681957919174aa0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "325B00D4F02A6740F30BE5B2A462365E6FB234B9863C15C77681957919174AA0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10822
Expires: Fri, 02 Dec 2022 07:34:46 GMT
Date: Fri, 02 Dec 2022 04:34:24 GMT
Connection: keep-alive
sync.bumlam.com/?src=sap1&uid=0100007F508089632C0213C102187725
302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=0100007F508089632C0213C102187725
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=0100007F508089632C0213C102187725 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ5OTU5MTU1Ni03MWZhLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Thu, 27 Nov 2042 04:34:24 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjQgKacBmIgMDEwMDAwN0Y1MDgwODk2MzJDMDIxM0MxMDIxODc3MjWiARCZWRVWcfoR7YbgACWQwGR8
ETag: 99591556-71fa-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
acint.net/match?dp=110&euid=0ab587fdd79b4dfbacd1f8b22c672f0f
200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=0ab587fdd79b4dfbacd1f8b22c672f0f
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=0ab587fdd79b4dfbacd1f8b22c672f0f HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOJgFDBEwIsJXcYArBQNjXy7X6IIfS6caHId+Tvd4/E; cSyncDp7v2=1669955664; cSyncDp14v3=1669955664; cSyncDp17=1669955664; cSyncDp32=1669955664; cSyncDp45v3=1669955664; cSyncDp53=1669955664; cSyncDp54v2=1669955664; cSyncDp62=1669955664; cSyncDp67v2=1669955664; cSyncDp68=1669955664; cSyncDp71=1669955664; cSyncDp77=1669955664; cSyncDp84=1669955664; cSyncDp85=1669955664; cSyncDp95v3=1669955664; cSyncDp101=1669955664; cSyncDp104v2=1669955664; cSyncDp107=1669955664; cSyncDp110=1669955664; cSyncDp111v2=1669955664; cSyncDp112v2=1669955664; cSyncDp125v2=1669955664; cSyncDp126=1669955664; cSyncDp127=1669955664; cSyncDp129=1669955664; cSyncDp136v2=1669955664; cSyncDp138=1669955664; cSyncDp146=1669955664; cSyncDp148=1669955664; cSyncDp149v2=1669955664; cSyncDp151=1669955664; cSyncDp178=1669955664; cSyncDp179=1669955664; cSyncDp186=1669955664; cSyncDp221=1669955664
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mediatoday.ru/core/match.gif?s=32&id=0100007F508089632C0213C102187725
200 OK 43 B URL HTTP/2 mediatoday.ru/core/match.gif?s=32&id=0100007F508089632C0213C102187725
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /core/match.gif?s=32&id=0100007F508089632C0213C102187725 HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.2
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUm3lzLPbp3RbaF; expires=Mon, 29-Nov-2032 04:34:24 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash df027e5b54fe62d3886c6e32a20b8aa3
7d688bad1c351bbde75e7654eff8c371fb80fc3f
6aa339a9b6221ad68783e801fbd9b9c0f551840bc82a7f6a1ea347b8b4215ca2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA339A9B6221AD68783E801FBD9B9C0F551840BC82A7F6A1EA347B8B4215CA2"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4577
Expires: Fri, 02 Dec 2022 05:50:41 GMT
Date: Fri, 02 Dec 2022 04:34:24 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: a8gc7ZELAjcXaPp0NvNQWQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: U7K6DVGxoz7P1izzHzew5+4AQlk=
www.acint.net/match?dp=111&euid=0bcf7ca7-0e92-4b39-9ceb-8a9b7a3837b9
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=111&euid=0bcf7ca7-0e92-4b39-9ceb-8a9b7a3837b9
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=111&euid=0bcf7ca7-0e92-4b39-9ceb-8a9b7a3837b9 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOJgFDBEwIsJXcYArBQNjXy7X6IIfS6caHId+Tvd4/E; cSyncDp7v2=1669955664; cSyncDp14v3=1669955664; cSyncDp17=1669955664; cSyncDp32=1669955664; cSyncDp45v3=1669955664; cSyncDp53=1669955664; cSyncDp54v2=1669955664; cSyncDp62=1669955664; cSyncDp67v2=1669955664; cSyncDp68=1669955664; cSyncDp71=1669955664; cSyncDp77=1669955664; cSyncDp84=1669955664; cSyncDp85=1669955664; cSyncDp95v3=1669955664; cSyncDp101=1669955664; cSyncDp104v2=1669955664; cSyncDp107=1669955664; cSyncDp110=1669955664; cSyncDp111v2=1669955664; cSyncDp112v2=1669955664; cSyncDp125v2=1669955664; cSyncDp126=1669955664; cSyncDp127=1669955664; cSyncDp129=1669955664; cSyncDp136v2=1669955664; cSyncDp138=1669955664; cSyncDp146=1669955664; cSyncDp148=1669955664; cSyncDp149v2=1669955664; cSyncDp151=1669955664; cSyncDp178=1669955664; cSyncDp179=1669955664; cSyncDp186=1669955664; cSyncDp221=1669955664
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/check?sspuid=0100007F508089632C0213C102187725
302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/check?sspuid=0100007F508089632C0213C102187725
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/check?sspuid=0100007F508089632C0213C102187725 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape
acint.net/match?dp=14&euid=4002420A508089632101CC2A02A3C638
200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=4002420A508089632101CC2A02A3C638
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=4002420A508089632101CC2A02A3C638 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOJgFDBEwIsJXcYArBQNjXy7X6IIfS6caHId+Tvd4/E; cSyncDp7v2=1669955664; cSyncDp14v3=1669955664; cSyncDp17=1669955664; cSyncDp32=1669955664; cSyncDp45v3=1669955664; cSyncDp53=1669955664; cSyncDp54v2=1669955664; cSyncDp62=1669955664; cSyncDp67v2=1669955664; cSyncDp68=1669955664; cSyncDp71=1669955664; cSyncDp77=1669955664; cSyncDp84=1669955664; cSyncDp85=1669955664; cSyncDp95v3=1669955664; cSyncDp101=1669955664; cSyncDp104v2=1669955664; cSyncDp107=1669955664; cSyncDp110=1669955664; cSyncDp111v2=1669955664; cSyncDp112v2=1669955664; cSyncDp125v2=1669955664; cSyncDp126=1669955664; cSyncDp127=1669955664; cSyncDp129=1669955664; cSyncDp136v2=1669955664; cSyncDp138=1669955664; cSyncDp146=1669955664; cSyncDp148=1669955664; cSyncDp149v2=1669955664; cSyncDp151=1669955664; cSyncDp178=1669955664; cSyncDp179=1669955664; cSyncDp186=1669955664; cSyncDp221=1669955664
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=127&euid=LiHMikOOcvVSSXbwac4U
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=LiHMikOOcvVSSXbwac4U
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=LiHMikOOcvVSSXbwac4U HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOJgFDBEwIsJXcYArBQNjXy7X6IIfS6caHId+Tvd4/E; cSyncDp7v2=1669955664; cSyncDp14v3=1669955664; cSyncDp17=1669955664; cSyncDp32=1669955664; cSyncDp45v3=1669955664; cSyncDp53=1669955664; cSyncDp54v2=1669955664; cSyncDp62=1669955664; cSyncDp67v2=1669955664; cSyncDp68=1669955664; cSyncDp71=1669955664; cSyncDp77=1669955664; cSyncDp84=1669955664; cSyncDp85=1669955664; cSyncDp95v3=1669955664; cSyncDp101=1669955664; cSyncDp104v2=1669955664; cSyncDp107=1669955664; cSyncDp110=1669955664; cSyncDp111v2=1669955664; cSyncDp112v2=1669955664; cSyncDp125v2=1669955664; cSyncDp126=1669955664; cSyncDp127=1669955664; cSyncDp129=1669955664; cSyncDp136v2=1669955664; cSyncDp138=1669955664; cSyncDp146=1669955664; cSyncDp148=1669955664; cSyncDp149v2=1669955664; cSyncDp151=1669955664; cSyncDp178=1669955664; cSyncDp179=1669955664; cSyncDp186=1669955664; cSyncDp221=1669955664
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=95&euid=LZZBPOTI
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=LZZBPOTI
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=LZZBPOTI HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOJgFDBEwIsJXcYArBQNjXy7X6IIfS6caHId+Tvd4/E; cSyncDp7v2=1669955664; cSyncDp14v3=1669955664; cSyncDp17=1669955664; cSyncDp32=1669955664; cSyncDp45v3=1669955664; cSyncDp53=1669955664; cSyncDp54v2=1669955664; cSyncDp62=1669955664; cSyncDp67v2=1669955664; cSyncDp68=1669955664; cSyncDp71=1669955664; cSyncDp77=1669955664; cSyncDp84=1669955664; cSyncDp85=1669955664; cSyncDp95v3=1669955664; cSyncDp101=1669955664; cSyncDp104v2=1669955664; cSyncDp107=1669955664; cSyncDp110=1669955664; cSyncDp111v2=1669955664; cSyncDp112v2=1669955664; cSyncDp125v2=1669955664; cSyncDp126=1669955664; cSyncDp127=1669955664; cSyncDp129=1669955664; cSyncDp136v2=1669955664; cSyncDp138=1669955664; cSyncDp146=1669955664; cSyncDp148=1669955664; cSyncDp149v2=1669955664; cSyncDp151=1669955664; cSyncDp178=1669955664; cSyncDp179=1669955664; cSyncDp186=1669955664; cSyncDp221=1669955664
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
nr.bidderstack.com/sape/cm?user_id=0100007F508089632C0213C102187725
200 OK 44 B URL HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=0100007F508089632C0213C102187725
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
GET /sape/cm?user_id=0100007F508089632C0213C102187725 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=72bf9d3b-caef-4782-8562-fba60093bab9; domain=.bidderstack.com; path=/; expires=Sat, 02-Dec-2023 04:34:24 GMT;
Access-Control-Allow-Credentials: true
match.new-programmatic.com/userbind?src=sape&id=0100007F508089632C0213C102187725
204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=0100007F508089632C0213C102187725
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=0100007F508089632C0213C102187725 HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Fri, 02 Dec 2022 04:16:23 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F508089632C0213C102187725
302 Found 0 B URL HTTP/2 stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F508089632C0213C102187725
IP
ASN #201009 Centre of server systems Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge_gpsid/?sid=50&id=0100007F508089632C0213C102187725 HTTP/1.1
Host: stat.adlabs.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 04:34:24 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007F508089632C0213C102187725
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1669955664664
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=c1695fa6-b398-4628-9b36-009a0e5cc950;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=c1695fa6-b398-4628-9b36-009a0e5cc950;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=c1695fa6-b398-4628-9b36-009a0e5cc950
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&s_data=CAIQARjQgKacBmIgMDEwMDAwN0Y1MDgwODk2MzJDMDIxM0MxMDIxODc3MjWiARCZWRVWcfoR7YbgACWQwGR8
200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARjQgKacBmIgMDEwMDAwN0Y1MDgwODk2MzJDMDIxM0MxMDIxODc3MjWiARCZWRVWcfoR7YbgACWQwGR8
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARjQgKacBmIgMDEwMDAwN0Y1MDgwODk2MzJDMDIxM0MxMDIxODc3MjWiARCZWRVWcfoR7YbgACWQwGR8 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ5OTU5MTU1Ni03MWZhLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ5OTU5MTU1Ni03MWZhLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Thu, 27 Nov 2042 04:34:24 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
cs.agency2.ru/p?ssp=sp&uid=0100007F508089632C0213C102187725
301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=0100007F508089632C0213C102187725
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=0100007F508089632C0213C102187725 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=5013e235-15d2-494c-9d61-cf9617fea1d3
Set-Cookie: uuid=5013e235-15d2-494c-9d61-cf9617fea1d3; expires=Thu, 23 Nov 2023 04:34:24 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
sync.bumlam.com/?src=sape
302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ5OTU5MTU1Ni03MWZhLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ5OTU5MTU1Ni03MWZhLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Thu, 27 Nov 2042 04:34:24 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=99591556-71fa-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
www.acint.net/match?dp=71&euid=c1695fa6-b398-4628-9b36-009a0e5cc950
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=c1695fa6-b398-4628-9b36-009a0e5cc950
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=c1695fa6-b398-4628-9b36-009a0e5cc950 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOJgFDBEwIsJXcYArBQNjXy7X6IIfS6caHId+Tvd4/E; cSyncDp7v2=1669955664; cSyncDp14v3=1669955664; cSyncDp17=1669955664; cSyncDp32=1669955664; cSyncDp45v3=1669955664; cSyncDp53=1669955664; cSyncDp54v2=1669955664; cSyncDp62=1669955664; cSyncDp67v2=1669955664; cSyncDp68=1669955664; cSyncDp71=1669955664; cSyncDp77=1669955664; cSyncDp84=1669955664; cSyncDp85=1669955664; cSyncDp95v3=1669955664; cSyncDp101=1669955664; cSyncDp104v2=1669955664; cSyncDp107=1669955664; cSyncDp110=1669955664; cSyncDp111v2=1669955664; cSyncDp112v2=1669955664; cSyncDp125v2=1669955664; cSyncDp126=1669955664; cSyncDp127=1669955664; cSyncDp129=1669955664; cSyncDp136v2=1669955664; cSyncDp138=1669955664; cSyncDp146=1669955664; cSyncDp148=1669955664; cSyncDp149v2=1669955664; cSyncDp151=1669955664; cSyncDp178=1669955664; cSyncDp179=1669955664; cSyncDp186=1669955664; cSyncDp221=1669955664
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/sync_ok?guid=99591556-71fa-11ed-86e0-002590c0647c
302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/sync_ok?guid=99591556-71fa-11ed-86e0-002590c0647c
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/sync_ok?guid=99591556-71fa-11ed-86e0-002590c0647c HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ5OTU5MTU1Ni03MWZhLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://99591556-71fa-11ed-86e0-002590c0647c.n2.sync.bumlam.com/?src=sape
www.acint.net/match?dp=186&euid=5013e235-15d2-494c-9d61-cf9617fea1d3
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=5013e235-15d2-494c-9d61-cf9617fea1d3
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=5013e235-15d2-494c-9d61-cf9617fea1d3 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOJgFDBEwIsJXcYArBQNjXy7X6IIfS6caHId+Tvd4/E; cSyncDp7v2=1669955664; cSyncDp14v3=1669955664; cSyncDp17=1669955664; cSyncDp32=1669955664; cSyncDp45v3=1669955664; cSyncDp53=1669955664; cSyncDp54v2=1669955664; cSyncDp62=1669955664; cSyncDp67v2=1669955664; cSyncDp68=1669955664; cSyncDp71=1669955664; cSyncDp77=1669955664; cSyncDp84=1669955664; cSyncDp85=1669955664; cSyncDp95v3=1669955664; cSyncDp101=1669955664; cSyncDp104v2=1669955664; cSyncDp107=1669955664; cSyncDp110=1669955664; cSyncDp111v2=1669955664; cSyncDp112v2=1669955664; cSyncDp125v2=1669955664; cSyncDp126=1669955664; cSyncDp127=1669955664; cSyncDp129=1669955664; cSyncDp136v2=1669955664; cSyncDp138=1669955664; cSyncDp146=1669955664; cSyncDp148=1669955664; cSyncDp149v2=1669955664; cSyncDp151=1669955664; cSyncDp178=1669955664; cSyncDp179=1669955664; cSyncDp186=1669955664; cSyncDp221=1669955664
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 6b9efc56a5c83007514905bc0fbb010e
9133a19f469b8cc3d2fb36399c0955554b0fe1da
d0c5cd5deea1f0b5e77402c785309b5088f732f05ddb5a2ef90f66541c4f0aa5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 15:41:02 GMT
Expires: Tue, 06 Dec 2022 15:41:01 GMT
Etag: "9133a19f469b8cc3d2fb36399c0955554b0fe1da"
Cache-Control: max-age=384996,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77315998089ab4ed-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b37388c5377b1c2d45acb58628d011ce
810f4fd8ce20869c6bb9347f10913766c7595936
3de70402913d9e806db7365e19f90ae03251548e03777f9ddd3980db8873d46a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3DE70402913D9E806DB7365E19F90AE03251548E03777F9DDD3980DB8873D46A"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6362
Expires: Fri, 02 Dec 2022 06:20:26 GMT
Date: Fri, 02 Dec 2022 04:34:24 GMT
Connection: keep-alive
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash 42e023cb1ef67f3b7c006fd5f0ca3c1d
cbbc90973fc04e77aa2638dfcf65e2ef14952b3f
e2bd0b41b38d224561e25c0cabcac16525ef03eebb30d69621784663b8d86ad1
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=da57f45e-0e9d-4122-550c-7fe1aac45112
serverid: TODO
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash ffea812856bc24a6463d3d67e2a07ef8
ca11e04261441a6a1baf10061acaf2ec8bd947ea
8d18599c6db1f4613bdf981433065d8847e89bf4ab2a6dac5b9d583189ff518c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 23:26:48 GMT
Expires: Wed, 07 Dec 2022 23:26:47 GMT
Etag: "ca11e04261441a6a1baf10061acaf2ec8bd947ea"
Cache-Control: max-age=499342,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7731599869b4b518-OSL
www.acint.net/match?dp=126&euid=da57f45e-0e9d-4122-550c-7fe1aac45112
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=da57f45e-0e9d-4122-550c-7fe1aac45112
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=da57f45e-0e9d-4122-550c-7fe1aac45112 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOJgFDBEwIsJXcYArBQNjXy7X6IIfS6caHId+Tvd4/E; cSyncDp7v2=1669955664; cSyncDp14v3=1669955664; cSyncDp17=1669955664; cSyncDp32=1669955664; cSyncDp45v3=1669955664; cSyncDp53=1669955664; cSyncDp54v2=1669955664; cSyncDp62=1669955664; cSyncDp67v2=1669955664; cSyncDp68=1669955664; cSyncDp71=1669955664; cSyncDp77=1669955664; cSyncDp84=1669955664; cSyncDp85=1669955664; cSyncDp95v3=1669955664; cSyncDp101=1669955664; cSyncDp104v2=1669955664; cSyncDp107=1669955664; cSyncDp110=1669955664; cSyncDp111v2=1669955664; cSyncDp112v2=1669955664; cSyncDp125v2=1669955664; cSyncDp126=1669955664; cSyncDp127=1669955664; cSyncDp129=1669955664; cSyncDp136v2=1669955664; cSyncDp138=1669955664; cSyncDp146=1669955664; cSyncDp148=1669955664; cSyncDp149v2=1669955664; cSyncDp151=1669955664; cSyncDp178=1669955664; cSyncDp179=1669955664; cSyncDp186=1669955664; cSyncDp221=1669955664
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
adlmerge.com/merge_gpsid/?sid=50&id=0100007F508089632C0213C102187725
200 OK 546 B URL HTTP/2 adlmerge.com/merge_gpsid/?sid=50&id=0100007F508089632C0213C102187725
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58c6d7eaa160b2b5c72e1f612dac346c
8b79e24b7ce0df1cb456c4a1ca6dbff275ace76a
b4956c323111054378042ae903deb42f5a5e0818dc8c7a0c9a5e67b043af1557
GET /merge_gpsid/?sid=50&id=0100007F508089632C0213C102187725 HTTP/1.1
Host: adlmerge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Fri, 02 Dec 2022 04:34:24 GMT
content-type: image/gif
iseu: eu
X-Firefox-Spdy: h2
dmp.gotechnology.io/match/sape?id=0100007F508089632C0213C102187725
302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=0100007F508089632C0213C102187725
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0100007F508089632C0213C102187725 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 04:34:24 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=0100007F508089632C0213C102187725&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
99591556-71fa-11ed-86e0-002590c0647c.n2.sync.bumlam.com/?src=sape
302 Moved Temporarily 0 B URL HTTP/1.1 99591556-71fa-11ed-86e0-002590c0647c.n2.sync.bumlam.com/?src=sape
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: 99591556-71fa-11ed-86e0-002590c0647c.n2.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ5OTU5MTU1Ni03MWZhLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Length: 0
Connection: close
Location: https://pix.bumlam.com/sync/sape/done
dmp.gotechnology.io/match/sape?id=0100007F508089632C0213C102187725&chk=1
302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=0100007F508089632C0213C102187725&chk=1
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0100007F508089632C0213C102187725&chk=1 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 04:34:24 GMT
content-length: 0
location: https://an.yandex.ru/mapuid/gonetdspis/Mzk2YTk2OWM2MWIyNzA0ZA
set-cookie: pid=Mzk2YTk2OWM2MWIyNzA0ZA; expires=Sat, 02 Dec 2023 04:34:24 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/done
200 OK 43 B URL HTTP/1.1 pix.bumlam.com/sync/sape/done
IP
ASN #44066 diva-e Datacenters GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ5OTU5MTU1Ni03MWZhLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 98e3dcfb5ac627864af4b92ab8d8e596
10fce8f05f71f3218fb00c08dd6ef3fb0cef8012
49f919aa50a664aafce9c78cb81945dee0d8c1cd245e1a80128271778a6e8332
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 06 Dec 2022 01:53:03 GMT
ETag: "10fce8f05f71f3218fb00c08dd6ef3fb0cef8012"
Last-Modified: Fri, 02 Dec 2022 01:53:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 558
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7731599acc34b517-OSL
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-5528638195; expires=Sun, 01 Dec 2024 04:34:25 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5528638195
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5528638195
302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5528638195
IP
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5528638195 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Sun, 01 Dec 2024 04:34:25 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:34:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
302 Found 1.4 kB URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP
ASN #48096 Enterprise Cloud Ltd.
Hash 98e3dcfb5ac627864af4b92ab8d8e596
10fce8f05f71f3218fb00c08dd6ef3fb0cef8012
49f919aa50a664aafce9c78cb81945dee0d8c1cd245e1a80128271778a6e8332
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=0ab587fdd79b4dfbacd1f8b22c672f0f
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=0ab587fdd79b4dfbacd1f8b22c672f0f; expires=Fri, 01 Dec 2023 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Fri, 02 Dec 2022 04:34:24 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf1CAiWMsAhPBAhh3JQ
200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf1CAiWMsAhPBAhh3JQ
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf1CAiWMsAhPBAhh3JQ HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Fri, 02 Dec 2022 04:34:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
200 OK 937 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 2b815982e70f82073d5d4ac3d162058e
d26c29e9789f09183bbf0aabf7c03de57bd65d8e
59b95ee2272c30b12d8c318e7528911c1dd068372efd6973c9ab26e952afc243
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Type: application/ocsp-response
Content-Length: 937
Connection: keep-alive
Expires: Tue, 06 Dec 2022 00:48:46 GMT
ETag: "d26c29e9789f09183bbf0aabf7c03de57bd65d8e"
Last-Modified: Fri, 02 Dec 2022 00:48:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2807
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7731599b7c9fb517-OSL
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F508089632C0213C102187725
200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F508089632C0213C102187725
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F508089632C0213C102187725 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
ocsp.sectigo.com/
200 OK 472 B IP
Hash 234a4a3c9c97d9e0e2cf3ad636b261a2
c86bd7e17dadc388154f74cb8cf8428afb2e5cd1
03c44be1aeb057ccc44b023524358f834522f123189eafdc01a9d5e06b16e225
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 04:09:16 GMT
Expires: Tue, 06 Dec 2022 04:09:15 GMT
Etag: "c86bd7e17dadc388154f74cb8cf8428afb2e5cd1"
Cache-Control: max-age=343489,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7731599b5af6b518-OSL
ocsp.globalsign.com/gseccovsslca2018
200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash f6dc8f0b235dbb1c95a7ac1a28f020ab
3427a6ab59b74520063a7b9cc56ab08c3e2a42df
e95d8a671f146229b0a908ef9db427a40916f3de5dc9ea9492e3b3310bfd1eed
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Tue, 06 Dec 2022 03:04:28 GMT
ETag: "3427a6ab59b74520063a7b9cc56ab08c3e2a42df"
Last-Modified: Fri, 02 Dec 2022 03:04:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 154
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7731599b8ca4b517-OSL
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOJgFDBEwIsJXcYArBQNjXy7X6IIfS6caHId+Tvd4/E; cSyncDp7v2=1669955664; cSyncDp14v3=1669955664; cSyncDp17=1669955664; cSyncDp32=1669955664; cSyncDp45v3=1669955664; cSyncDp53=1669955664; cSyncDp54v2=1669955664; cSyncDp62=1669955664; cSyncDp67v2=1669955664; cSyncDp68=1669955664; cSyncDp71=1669955664; cSyncDp77=1669955664; cSyncDp84=1669955664; cSyncDp85=1669955664; cSyncDp95v3=1669955664; cSyncDp101=1669955664; cSyncDp104v2=1669955664; cSyncDp107=1669955664; cSyncDp110=1669955664; cSyncDp111v2=1669955664; cSyncDp112v2=1669955664; cSyncDp125v2=1669955664; cSyncDp126=1669955664; cSyncDp127=1669955664; cSyncDp129=1669955664; cSyncDp136v2=1669955664; cSyncDp138=1669955664; cSyncDp146=1669955664; cSyncDp148=1669955664; cSyncDp149v2=1669955664; cSyncDp151=1669955664; cSyncDp178=1669955664; cSyncDp179=1669955664; cSyncDp186=1669955664; cSyncDp221=1669955664
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Fri, 02 Dec 2022 04:34:25 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F508089632C0213C102187725
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash d10797e393411da0300920382f80c29b
4df54446a3782e9420a7ce22b0d16ee085d7a197
90f9cdf1c99af3e82f0d921ced1ddba3b61f68951116b023b1bcc62a592a0345
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 06 Dec 2022 00:52:42 GMT
ETag: "4df54446a3782e9420a7ce22b0d16ee085d7a197"
Last-Modified: Fri, 02 Dec 2022 00:52:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1128
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7731599ba9a7fac0-OSL
ocsp.usertrust.com/
200 OK 472 B IP
Hash 153dd5a5276a3445d22209a861993bf9
516f65ea2fba9bce0c21e2d2284442cda28d1168
66b9807a7769711550f93cef1df1648522a2ce6390fbc2fcb6830c8dc65f36f4
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 16:18:18 GMT
Expires: Thu, 08 Dec 2022 16:18:17 GMT
Etag: "516f65ea2fba9bce0c21e2d2284442cda28d1168"
Cache-Control: max-age=602537,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 716
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7731599bbb67b51b-OSL
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F508089632C0213C102187725
302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F508089632C0213C102187725
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=0100007F508089632C0213C102187725 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=0100007F508089632C0213C102187725&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 02 Dec 2023 04:34:25 GMT; Path=/; Domain=.betweendigital.com
tuuid=2e472909-d827-5250-871d-b81be494384a; Max-Age=31536000; Expires=Sat, 02 Dec 2023 04:34:25 GMT; Path=/; Domain=.betweendigital.com
ut=Y4mAUQAE0mDjfx4ZOdj9vnZ1avt0fcC9MBPeKA==; Max-Age=31536000; Expires=Sat, 02 Dec 2023 04:34:25 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 6e89aeee516acc4219e9f5501bb8498b
fb9de3fdf1931ae95dbf2ef62c8cc0697a7bbd59
b5000556fc6162feb6cf1d1fd51d082d19453f89162aab7e414e3aa44efaae0f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 04:34:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 21:55:03 GMT
Expires: Fri, 02 Dec 2022 21:55:03 GMT
ETag: "fb9de3fdf1931ae95dbf2ef62c8cc0697a7bbd59"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
200 OK 0 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP
ASN #36057 WEBAIR-INTERNET-MTL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Length: 0
Connection: close
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F508089632C0213C102187725
200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F508089632C0213C102187725
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F508089632C0213C102187725 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 674eca21ed90ea7acfdd820a4eb849d6
8c110a96fe313900cfccbedad3dda3e8e7bfad41
abadd9a3ddb9fc0b9d1f2ffb86f4c9a8c340a6ced4a6d21057c8159f897ed185
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ABADD9A3DDB9FC0B9D1F2FFB86F4C9A8C340A6CED4A6D21057C8159F897ED185"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16464
Expires: Fri, 02 Dec 2022 09:08:49 GMT
Date: Fri, 02 Dec 2022 04:34:25 GMT
Connection: keep-alive
ad.mail.ru/cm.gif?p=48&id=0100007F508089632C0213C102187725
200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=0100007F508089632C0213C102187725
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=0100007F508089632C0213C102187725 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:34:25 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=1n2baF0RW9YE002BzP2vGBoE:::0-0-0-8a3d911:CAASELTLmXQn08ONp6iBThoLYfcaYInkDC9JiH71H-qcBjXPiJqqCBzhmQ-63_KGuDXLeJuKfqyHCbuILhAm1iIOhocuQEDuYnPDyqmOsMGz_2icOvGTz7klR3YhN_1iS9fffhPkT8RTaerBSmW7ULbVPQzP5g; path=/; expires=Sun, 03-Dec-23 04:34:25 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Fri, 02 Dec 2022 10:34:25 GMT
cache-control: max-age=21600
last-modified: Fri, 02 Dec 2022 04:34:25 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F508089632C0213C102187725&crf=1
200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F508089632C0213C102187725&crf=1
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=0100007F508089632C0213C102187725&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 02 Dec 2023 04:34:25 GMT; Path=/; Domain=.betweendigital.com
tuuid=fa84b1a2-7c9a-5250-a8c9-4027cb40c076; Max-Age=31536000; Expires=Sat, 02 Dec 2023 04:34:25 GMT; Path=/; Domain=.betweendigital.com
ut=Y4mAUQAFU0itYeQCkGC07n_3ddgXwppSrmZWUg==; Max-Age=31536000; Expires=Sat, 02 Dec 2023 04:34:25 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
302 Found 0 B URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Fri, 02 Dec 2022 04:34:24 GMT
x-request-id: 879a00fe-d52f-4328-b82a-419b6c6d8f60
set-cookie: bvuid=fb39xlxhfh; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=fb39xlxhfh; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=fb39xlxhfh
X-Firefox-Spdy: h2
sape-sync.rutarget.ru/sync
302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP
ASN #208677 Cloud technology Limited (Ltd.)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=6A7ZWFp6xdXI
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=6A7ZWFp6xdXI; Path=/; Domain=.rutarget.ru; Expires=Wed, 31 May 2023 04:34:25 GMT; SameSite=None; Secure
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash dc80e2dfdc2859ac18ad2181c322eeb6
75536c44aaf38d81d2de47a7814dd871f2303bd8
c7c92ff9cdacf9034779b36ef2b4f21f6145fc9004acee796ad140a81429e3e3
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 06 Dec 2022 02:07:14 GMT
ETag: "75536c44aaf38d81d2de47a7814dd871f2303bd8"
Last-Modified: Fri, 02 Dec 2022 02:07:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2946
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7731599c1ce8b517-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 234a4a3c9c97d9e0e2cf3ad636b261a2
c86bd7e17dadc388154f74cb8cf8428afb2e5cd1
03c44be1aeb057ccc44b023524358f834522f123189eafdc01a9d5e06b16e225
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 04:09:16 GMT
Expires: Tue, 06 Dec 2022 04:09:15 GMT
Etag: "c86bd7e17dadc388154f74cb8cf8428afb2e5cd1"
Cache-Control: max-age=343489,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7731599ae9eab4ed-OSL
status.thawte.com/
200 OK 471 B IP
Hash cb8eb24963aba6ce60efa5ea0ea4d051
06a817a65e9fde341cea2d1f8c3049d8d4caabe9
6032e932ba28bf4de4c744c4ff85a315207dd11470e3cd078838ebb92d6c9536
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1921
Cache-Control: max-age=151476
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:34:25 GMT
Etag: "63892584-1d7"
Expires: Sat, 03 Dec 2022 22:39:01 GMT
Last-Modified: Thu, 01 Dec 2022 22:07:00 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
tag.digitaltarget.ru/adcm.js
200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Fri, 02 Dec 2022 04:04:30 GMT
Connection: keep-alive
ETag: "6389794e-beb"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 04:34:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1797812294
204 No Content 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1797812294
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1797812294 HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Weborama Collect Frontend
date: Fri, 02 Dec 2022 04:34:24 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Fri, 02 Dec 2022 04:34:25 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.acint.net/match?dp=104&euid=6A7ZWFp6xdXI
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=6A7ZWFp6xdXI
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=6A7ZWFp6xdXI HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOJgFDBEwIsJXcYArBQNjXy7X6IIfS6caHId+Tvd4/E; cSyncDp7v2=1669955664; cSyncDp14v3=1669955664; cSyncDp17=1669955664; cSyncDp32=1669955664; cSyncDp45v3=1669955664; cSyncDp53=1669955664; cSyncDp54v2=1669955664; cSyncDp62=1669955664; cSyncDp67v2=1669955664; cSyncDp68=1669955664; cSyncDp71=1669955664; cSyncDp77=1669955664; cSyncDp84=1669955664; cSyncDp85=1669955664; cSyncDp95v3=1669955664; cSyncDp101=1669955664; cSyncDp104v2=1669955664; cSyncDp107=1669955664; cSyncDp110=1669955664; cSyncDp111v2=1669955664; cSyncDp112v2=1669955664; cSyncDp125v2=1669955664; cSyncDp126=1669955664; cSyncDp127=1669955664; cSyncDp129=1669955664; cSyncDp136v2=1669955664; cSyncDp138=1669955664; cSyncDp146=1669955664; cSyncDp148=1669955664; cSyncDp149v2=1669955664; cSyncDp151=1669955664; cSyncDp178=1669955664; cSyncDp179=1669955664; cSyncDp186=1669955664; cSyncDp221=1669955664
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 04:34:25 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 02 Dec 2023 04:34:25 GMT; Path=/; Domain=.betweendigital.com
tuuid=430ea91c-aa03-5250-9404-cc9af78d4ccb; Max-Age=31536000; Expires=Sat, 02 Dec 2023 04:34:25 GMT; Path=/; Domain=.betweendigital.com
ut=Y4mAUQAFDPgIeaApHjsLtN2ko09FT23DxUkbzw==; Max-Age=31536000; Expires=Sat, 02 Dec 2023 04:34:25 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
sm.rtb.mts.ru/p?ssp=sape&id=0100007F508089632C0213C102187725
301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=0100007F508089632C0213C102187725
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=0100007F508089632C0213C102187725 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F508089632C0213C102187725
Set-Cookie: dspid=efc068ad-0d0c-4a37-9960-64618cdd1aef; expires=Thu, 23 Nov 2023 04:34:25 GMT; domain=.mts.ru; path=/; secure; SameSite=None
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 02 Dec 2023 04:34:25 GMT; Path=/; Domain=.betweendigital.com
tuuid=b1e94632-a5d4-5250-878d-8233e4040262; Max-Age=31536000; Expires=Sat, 02 Dec 2023 04:34:25 GMT; Path=/; Domain=.betweendigital.com
ut=Y4mAUQAFCRAKKlo8zfdYbPD6yu2eeVLYNWURCw==; Max-Age=31536000; Expires=Sat, 02 Dec 2023 04:34:25 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=0100007F508089632C0213C102187725
302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0100007F508089632C0213C102187725
IP
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=0100007F508089632C0213C102187725 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 04:34:25 GMT
content-length: 0
x-backend-id: f23-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=MHp3I09MicC.AikABlGE0R09wQ;Path=/;Domain=.adhigh.net;Expires=Sat, 02-Dec-2023 04:34:25 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=0100007F508089632C0213C102187725&bounced=1
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 6e89aeee516acc4219e9f5501bb8498b
fb9de3fdf1931ae95dbf2ef62c8cc0697a7bbd59
b5000556fc6162feb6cf1d1fd51d082d19453f89162aab7e414e3aa44efaae0f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 21:55:03 GMT
Expires: Fri, 02 Dec 2022 21:55:03 GMT
ETag: "fb9de3fdf1931ae95dbf2ef62c8cc0697a7bbd59"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F508089632C0213C102187725
200 OK 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F508089632C0213C102187725
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=30&exu=0100007F508089632C0213C102187725 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tag.digitaltarget.ru/processor.js?i=626509055728638
200 OK 16 kB URL HTTP/1.1 tag.digitaltarget.ru/processor.js?i=626509055728638
IP
File type ASCII text, with very long lines (15897), with no line terminators
Hash c9571a7ce0a22f154c74bdc8e35523e0
101feba577e71fc076ea5bf3f4af08b5d3fe988d
51cf59da6b7e03337540ee3ab9f8e135ff2ead958475c1bacc8683df57823fb0
GET /processor.js?i=626509055728638 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Type: application/javascript
Content-Length: 15897
Last-Modified: Fri, 02 Dec 2022 04:04:31 GMT
Connection: keep-alive
ETag: "6389794f-3e19"
Accept-Ranges: bytes
px.adhigh.net/p/cm/sape?u=0100007F508089632C0213C102187725&bounced=1
200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0100007F508089632C0213C102187725&bounced=1
IP
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=0100007F508089632C0213C102187725&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 04:34:25 GMT
content-type: image/gif
content-length: 49
x-backend-id: f23-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 94761464ba8a8f704548cecc2ce63423
38d09e0ce1f8bcf76c31c1f27bc823e8453c6d85
51c92436ab7e9890dba871ca7f0d0eb6e4b3fc1ae9217e30ba9960eaa7e5c735
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 14:18:43 GMT
Expires: Tue, 06 Dec 2022 14:18:42 GMT
Etag: "38d09e0ce1f8bcf76c31c1f27bc823e8453c6d85"
Cache-Control: max-age=380056,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7731599bfb40b518-OSL
x01.aidata.io/0.gif?pid=9401454&id=0100007F508089632C0213C102187725
302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=0100007F508089632C0213C102187725
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=0100007F508089632C0213C102187725 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 04:34:25 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=0100007F508089632C0213C102187725&bounce=1
expires: Fri, 02 Dec 2022 04:34:24 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Fri, 02 Dec 2022 04:34:24 GMT
set-cookie: __upin=eIJQsrtKpe621LemaHEIeQ;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1669955665;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=0100007F508089632C0213C102187725&bounce=1
204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=0100007F508089632C0213C102187725&bounce=1
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=0100007F508089632C0213C102187725&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 02 Dec 2022 04:34:25 GMT
expires: Fri, 02 Dec 2022 04:34:24 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Fri, 02 Dec 2022 04:34:24 GMT
set-cookie: __upin=bFZQGndI4VB2A5uub7Hz5Q;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1669955665;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ee5415c1cb989c2bec53f15dd7dad91c
433bc8f85b6266d168dee0bf62a698946edd75ce
3e4f85c376a23536751f707fb6c73d81628081a3d31cbad6b541d58395735988
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E4F85C376A23536751F707FB6C73D81628081A3D31CBAD6B541D58395735988"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=650
Expires: Fri, 02 Dec 2022 04:45:15 GMT
Date: Fri, 02 Dec 2022 04:34:25 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ee5415c1cb989c2bec53f15dd7dad91c
433bc8f85b6266d168dee0bf62a698946edd75ce
3e4f85c376a23536751f707fb6c73d81628081a3d31cbad6b541d58395735988
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E4F85C376A23536751F707FB6C73D81628081A3D31CBAD6B541D58395735988"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=650
Expires: Fri, 02 Dec 2022 04:45:15 GMT
Date: Fri, 02 Dec 2022 04:34:25 GMT
Connection: keep-alive
dmg.digitaltarget.ru/1/1093/i/i?i=813111272536328.125289285636914&a=77&e=0100007F508089632C0213C102187725&pref=http%3A%2F%2Fprikoli-ru.ru%2F&c=ss:77.up:0100007F508089632C0213C102187725.sync:up.xdua:duENdE3uP6_ZacvPpswGQrPF.xps:xpsgVhACVu7VoP3u1at5WFeuB.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=813111272536328.125289285636914&a=77&e=0100007F508089632C0213C102187725&pref=http%3A%2F%2Fprikoli-ru.ru%2F&c=ss:77.up:0100007F508089632C0213C102187725.sync:up.xdua:duENdE3uP6_ZacvPpswGQrPF.xps:xpsgVhACVu7VoP3u1at5WFeuB.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=813111272536328.125289285636914&a=77&e=0100007F508089632C0213C102187725&pref=http%3A%2F%2Fprikoli-ru.ru%2F&c=ss:77.up:0100007F508089632C0213C102187725.sync:up.xdua:duENdE3uP6_ZacvPpswGQrPF.xps:xpsgVhACVu7VoP3u1at5WFeuB.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669955665594&i=813111272536328.125289285636914&a=77&e=0100007F508089632C0213C102187725&pref=http%3A%2F%2Fprikoli-ru.ru%2F&c=ss:77.up:0100007F508089632C0213C102187725.sync:up.xdua:duENdE3uP6_ZacvPpswGQrPF.xps:xpsgVhACVu7VoP3u1at5WFeuB.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=89K2OL9cO0gtaa77WYYA; Max-Age=93312000; Expires=Sun, 16 Nov 2025 04:34:25 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
an.yandex.ru/mapuid/gonetdspis/Mzk2YTk2OWM2MWIyNzA0ZA?redir-setuniq=1
200 OK 50 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/Mzk2YTk2OWM2MWIyNzA0ZA?redir-setuniq=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash bef53a5c76b7ad469692178eeaeb08d8
aaae1c11fa0b5a086770957c8857d3937ed653e9
be24bb564cc16e1fe9113f63db905a1b7a3a653c6642f0c27d5e823729a99ee3
GET /mapuid/gonetdspis/Mzk2YTk2OWM2MWIyNzA0ZA?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Fri, 02 Dec 2022 04:34:25 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02 Dec 2022 04:34:25 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 02 Dec 2022 04:34:25 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669955665594&i=813111272536328.125289285636914&a=77&e=0100007F508089632C0213C102187725&pref=http%3A%2F%2Fprikoli-ru.ru%2F&c=ss:77.up:0100007F508089632C0213C102187725.sync:up.xdua:duENdE3uP6_ZacvPpswGQrPF.xps:xpsgVhACVu7VoP3u1at5WFeuB.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669955665594&i=813111272536328.125289285636914&a=77&e=0100007F508089632C0213C102187725&pref=http%3A%2F%2Fprikoli-ru.ru%2F&c=ss:77.up:0100007F508089632C0213C102187725.sync:up.xdua:duENdE3uP6_ZacvPpswGQrPF.xps:xpsgVhACVu7VoP3u1at5WFeuB.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1669955665594&i=813111272536328.125289285636914&a=77&e=0100007F508089632C0213C102187725&pref=http%3A%2F%2Fprikoli-ru.ru%2F&c=ss:77.up:0100007F508089632C0213C102187725.sync:up.xdua:duENdE3uP6_ZacvPpswGQrPF.xps:xpsgVhACVu7VoP3u1at5WFeuB.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 14
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669955665595&i=813111272536328.235045100833072&a=77&e=0100007F508089632C0213C102187725&pref=http%3A%2F%2Fprikoli-ru.ru%2F&c=ss:77.up:0100007F508089632C0213C102187725.sync:up.xdua:duENdE3uP6_ZacvPpswGQrPF.xps:xpsgVhACVu7VoP3u1at5WFeuB.dn:acint__net.adcm:hit.tg:adcmjs_noorient
200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669955665595&i=813111272536328.235045100833072&a=77&e=0100007F508089632C0213C102187725&pref=http%3A%2F%2Fprikoli-ru.ru%2F&c=ss:77.up:0100007F508089632C0213C102187725.sync:up.xdua:duENdE3uP6_ZacvPpswGQrPF.xps:xpsgVhACVu7VoP3u1at5WFeuB.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1669955665595&i=813111272536328.235045100833072&a=77&e=0100007F508089632C0213C102187725&pref=http%3A%2F%2Fprikoli-ru.ru%2F&c=ss:77.up:0100007F508089632C0213C102187725.sync:up.xdua:duENdE3uP6_ZacvPpswGQrPF.xps:xpsgVhACVu7VoP3u1at5WFeuB.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 04:34:25 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 13
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8688
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 04:34:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8688
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 04:34:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321bfec8-0690-49d3-ba43-a2899f137b6b.jpeg
200 OK 1.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321bfec8-0690-49d3-ba43-a2899f137b6b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 367a113e3826442861c63ba501d2d67d
764f6910ecc1ee436a70aa83f5bd363c2e500341
5e5cc53aba99e68211c86a2fd83ac4a023d1c82875d60a09d52875ef129cbb71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F321bfec8-0690-49d3-ba43-a2899f137b6b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 1654
x-amzn-requestid: 537d523f-a3fb-4514-bda5-ecc834c1ed39
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgBEFNIAMFTjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891dff-0c12ccea20e953c236ca2b1b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IXNpFJsiqPvrg8f-op2tcIVW2qoV7ZPm12wsTTXfYu0369N4Csy8BA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:56 GMT
age: 25170
etag: "764f6910ecc1ee436a70aa83f5bd363c2e500341"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25c68d8b1fae82820f93efca500fd848
45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48
f0ec6b6f6ba0a931c9b71f5bc7ad1e5b89c8e4d8b7441f35eeebfba418d0e588
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6882
x-amzn-requestid: 6b5f15a5-c15b-46bf-9fd5-5d013d37a0eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGfrG3WIAMFc9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891dfd-6038ca700dfb4489230c2683;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2O6x-8-ESFDtlhcjVyGxEXCZcLbbfhsCVQeX02lbNMupPWmM-fKuLA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:54 GMT
age: 25172
etag: "45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 24270
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F474ccac4-fb8f-4a01-8195-4840a857fbe7.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F474ccac4-fb8f-4a01-8195-4840a857fbe7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65bcc96d51cd1a45dd61a4dddef0b529
5ebd592fe35d0479855700baf8525a621d2eec2e
11bfdb9b2f9730e35596e636b0f75e819a70edef0488e671ac82d1bf53e56868
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F474ccac4-fb8f-4a01-8195-4840a857fbe7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8159
x-amzn-requestid: ed2fb67a-2113-4240-978e-e7c978a3ca3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgVH1KIAMFjOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-0c4966b87f844ec3624e9dae;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ilP6IS-DUqN7rKZB9m8EX900E5Edscm8DkK0SMKPkJqvyCJ7M1kZoA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:58 GMT
age: 25168
etag: "5ebd592fe35d0479855700baf8525a621d2eec2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 498ab4412ed5cf977bc23e4e870894b0
23753fe8af09ec8ffa10eed4d201a71833885c99
036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tuKmV_nb4HVbqkhtCnZY3b33VB-bB6UxaBl6HsY_JgWesbUB8SPt-g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:09:38 GMT
age: 23088
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e65083422468e512aa73eb68f20b2ec
73884daab5e71e4917637b3679c0bb5a1f0447de
f0d97bb9e3f01bbdbe91ba1f9b6ea0f649c66192383c51fe5c7ca9ac2a38ebdb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9719
x-amzn-requestid: c4ba3502-e191-40fa-8ae0-71dc6f733db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPjhHE8woAMFyKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382e606-70ab0e5523c91e5420efec78;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:22:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oBn917CDV6DjSs9TAL2iBU0Rn8_f8ny1rAVXrbI9KML2P7pxusbdjA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 03:43:52 GMT
age: 3034
etag: "73884daab5e71e4917637b3679c0bb5a1f0447de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.acint.net/ping/?v=0.4.0&uid=3d64fe38-a8da-4a20-abaa-ac009570fa9a&dp=10&tz=%2B00%3A00&nc=58098049&dT=2022-12-02T04%3A34%3A25.364
302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/ping/?v=0.4.0&uid=3d64fe38-a8da-4a20-abaa-ac009570fa9a&dp=10&tz=%2B00%3A00&nc=58098049&dT=2022-12-02T04%3A34%3A25.364
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ping/?v=0.4.0&uid=3d64fe38-a8da-4a20-abaa-ac009570fa9a&dp=10&tz=%2B00%3A00&nc=58098049&dT=2022-12-02T04%3A34%3A25.364 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://prikoli-ru.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 02 Dec 2022 04:34:27 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/ping/?v=0.4.0&uid=3d64fe38-a8da-4a20-abaa-ac009570fa9a&dp=10&tz=%2B00%3A00&nc=58098049&dT=2022-12-02T04%3A34%3A25.364
www.acint.net/ping/?v=0.4.0&uid=3d64fe38-a8da-4a20-abaa-ac009570fa9a&dp=10&tz=%2B00%3A00&nc=58098049&dT=2022-12-02T04%3A34%3A25.364
200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.4.0&uid=3d64fe38-a8da-4a20-abaa-ac009570fa9a&dp=10&tz=%2B00%3A00&nc=58098049&dT=2022-12-02T04%3A34%3A25.364
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.4.0&uid=3d64fe38-a8da-4a20-abaa-ac009570fa9a&dp=10&tz=%2B00%3A00&nc=58098049&dT=2022-12-02T04%3A34%3A25.364 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://prikoli-ru.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOJgFDBEwIsJXcYArBQNjXy7X6IIfS6caHId+Tvd4/E; cSyncDp7v2=1669955664; cSyncDp14v3=1669955664; cSyncDp17=1669955664; cSyncDp32=1669955664; cSyncDp45v3=1669955664; cSyncDp53=1669955664; cSyncDp54v2=1669955664; cSyncDp62=1669955664; cSyncDp67v2=1669955664; cSyncDp68=1669955664; cSyncDp71=1669955664; cSyncDp77=1669955664; cSyncDp84=1669955664; cSyncDp85=1669955664; cSyncDp95v3=1669955664; cSyncDp101=1669955664; cSyncDp104v2=1669955664; cSyncDp107=1669955664; cSyncDp110=1669955664; cSyncDp111v2=1669955664; cSyncDp112v2=1669955664; cSyncDp125v2=1669955664; cSyncDp126=1669955664; cSyncDp127=1669955664; cSyncDp129=1669955664; cSyncDp136v2=1669955664; cSyncDp138=1669955664; cSyncDp146=1669955664; cSyncDp148=1669955664; cSyncDp149v2=1669955664; cSyncDp151=1669955664; cSyncDp178=1669955664; cSyncDp179=1669955664; cSyncDp186=1669955664; cSyncDp221=1669955664
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 04:34:27 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/0100007F508089632C0213C102187725?redir-setuniq=1
200 OK 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/0100007F508089632C0213C102187725?redir-setuniq=1
IP
GET /mapuid/sapeis/0100007F508089632C0213C102187725?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Fri, 02 Dec 2022 04:34:25 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02 Dec 2022 04:34:25 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 02 Dec 2022 04:34:25 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/Mzk2YTk2OWM2MWIyNzA0ZA
302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/Mzk2YTk2OWM2MWIyNzA0ZA
IP
GET /mapuid/gonetdspis/Mzk2YTk2OWM2MWIyNzA0ZA HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/gonetdspis/Mzk2YTk2OWM2MWIyNzA0ZA?redir-setuniq=1
date: Fri, 02 Dec 2022 04:34:25 GMT
set-cookie: yandexuid=6126962641669955665; domain=.yandex.ru; path=/; expires=Mon, 29-Nov-2032 04:34:25 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02 Dec 2022 04:34:25 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 02 Dec 2022 04:34:25 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/0100007F508089632C0213C102187725
302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/0100007F508089632C0213C102187725
IP
GET /mapuid/sapeis/0100007F508089632C0213C102187725 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/0100007F508089632C0213C102187725?redir-setuniq=1
date: Fri, 02 Dec 2022 04:34:25 GMT
set-cookie: yandexuid=3247851181669955665; domain=.yandex.ru; path=/; expires=Mon, 29-Nov-2032 04:34:25 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02 Dec 2022 04:34:25 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 02 Dec 2022 04:34:25 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
81.177.140.243
23.88.12.14
34.120.237.76
31.220.27.155
46.243.142.48
104.18.21.226
93.184.220.29
188.42.196.115
23.36.77.32