Report - www.chersonesos.org/?p=ct

Report Overview

Submitted URL
www.chersonesos.org/?p=ct_map35
IP
185.9.147.100
ASN
#56694 LLC Smart Ape
Submitted
2022-09-21 10:41:27
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cs.agency2.ru	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	721 B	23.111.107.44
an.yandex.ru	2577	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	832 B	1.1 kB	213.180.193.90
top-fwz1.mail.ru	8936	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	921 B	2.7 kB	95.163.52.67
status.thawte.com	5123	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
s.uuidksinc.net	3423	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	322 B	31.220.27.134
ads.betweendigital.com	1571	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	2.4 kB	188.42.191.196
mc.yandex.ru	2672	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	61 kB	87.250.251.119
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	1.8 kB	93.184.220.29
acint.net	22962	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	780 B	185.12.125.26
89b803c14dea2a63dc036c67029ca6f2-sp.ops.beeline.ru	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	437 B	828 B	37.9.245.57
ocsp.usertrust.com	899	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	330 B	1.0 kB	172.64.155.188
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.2 kB	17 kB	23.36.76.226
sync.1dmp.io	10017	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	1.2 kB	136.243.148.229
adlmerge.com	146521	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	424 B	644 B	95.211.66.35
sync.dmp.otm-r.com	19534	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	407 B	134 B	138.201.65.74
dmg.digitaltarget.ru	21471	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	3.2 kB	185.15.175.145
yastatic.net	72282	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	309 B	5.4 kB	178.154.131.215
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	662 B	1.4 kB	142.250.74.3
ssp.bidvol.com	31817	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	631 B	65.109.23.99
tag.digitaltarget.ru	98193	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	720 B	19 kB	185.15.175.174
px.adhigh.net	10272	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	824 B	1.0 kB	193.232.150.60
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
www.acint.net	29072	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	17 kB	20 kB	185.12.125.26
ads.adlook.me	43352	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	430 B	319 B	5.200.43.131
sync.adkernel.com	4993	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	457 B	107 B	77.245.57.72
5c84e6de-55c4-4bba-8064-951442aa780d.sync.upravel.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	609 B	840 B	136.243.48.22
ad.mail.ru	7643	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	756 B	95.163.41.56
sm.rtb.mts.ru	27154	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	443 B	217.66.147.165
dmp.gotechnology.io	48839	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	408 B	234 B	142.132.209.136
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
yandex.st	46311	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	269 B	14 kB	178.154.131.215
sync.upravel.com	28097	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	866 B	1.8 kB	88.198.16.238
match.new-programmatic.com	33613	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	422 B	213 B	217.65.2.150
exchange.buzzoola.com	18389	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	471 B	382 B	88.198.31.232
www.chersonesos.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.0 kB	289 kB	185.9.147.100
status.geotrust.com	3662	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	331 B	545 B	93.184.220.29
stat.adlabs.ru	200922	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	191 B	109.248.237.37
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	62 kB	34.120.237.76
a.utraff.com	39874	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.1 kB	104.21.59.66
nr.bidderstack.com	352019	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409 B	349 B	148.251.217.100
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	690 B	3.8 kB	104.18.20.226
sape-sync.rutarget.ru	173587	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	409 B	188.72.107.156
d5.ca.b2.a1.top.list.ru	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	974 B	95.163.52.67
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.237.239.70
cm.g.doubleclick.net	202	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	435 B	657 B	142.250.74.34
fcgi4.gnezdo.ru	69027	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	419 B	284 B	93.95.102.105
ssp.adriver.ru	12439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	857 B	376 B	195.209.111.13
x01.aidata.io	12188	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	841 B	1.3 kB	89.108.119.43
tech.rtb.mts.ru	27360	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	358 B	637 B	213.87.44.187
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
sync.republer.com	45392	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	133 B	23.88.82.46
sync.bumlam.com	3243	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	932 B	1.2 kB	31.172.81.159
ssp-rtb.sape.ru	31166	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	435 B	773 B	193.3.184.135
ssp.bestssp.com	90974	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	426 B	302 B	185.147.80.35
mediatoday.ru	136083	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	411 B	521 B	139.45.228.100
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	984 B	2.9 kB	104.18.32.68
ad.adriver.ru	19548	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	851 B	1.4 kB	195.209.108.38
counter.yadro.ru	7275	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	1.1 kB	88.212.202.52
dm-eu.hybrid.ai	28847	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	407 B	460 B	37.18.103.21
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	10 kB	104.18.20.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-21	medium	www.chersonesos.org/scripts/rus_menu.js	Malware
2022-09-21	medium	www.chersonesos.org/js/functions.js	Malware
2022-09-21	medium	www.chersonesos.org/scripts/fw_menu.js	Malware
2022-09-21	medium	www.chersonesos.org/js/fancybox/jquery.fancybox.js	Malware
2022-09-21	medium	www.chersonesos.org/js/jquery-1.11.0.min.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (38)

	URL	Size	First Seen	Last Seen
	www.chersonesos.org/?p=ct_map35	250 B	2023-03-07	2024-04-25
Pretty URL www.chersonesos.org/?p=ct_map35 IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:22 Last Seen2024-04-25 23:33:23 Times Seen620 Hash 537357420024d824760d7686fbdf31fe 5e14660b667fdc602c82300ccf3253afc242e4bb ca2f5769fc415a62dd2cd8af83b9b64604715e602f6de4c7741f9992a7003a29 Loading...

	www.chersonesos.org/scripts/fw_menu.js	33 kB	2023-03-07	2023-03-07
Pretty URL www.chersonesos.org/scripts/fw_menu.js IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash c3ea9809cc481d1d4a65bd0ff96611e6 a29883bfb66741f475267056dca66a9b8ea2a729 49b657ae2310f2f7843161e84e8722100e6ed035118ebac414ebd6e88ba47051 Loading...

	www.chersonesos.org/js/fancybox/jquery.fancybox.js	49 kB	2023-03-07	2024-04-22
Pretty URL www.chersonesos.org/js/fancybox/jquery.fancybox.js IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:55 Last Seen2024-04-22 11:43:57 Times Seen1260 Hash 921e9cb04ad6e2559869ec845c5be39b 1cf3d47b5ccb7cb6e9019c64f2a88d03a64853e4 6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65 Loading...

	www.chersonesos.org/?p=ct_map35	529 B	2023-03-07	2023-03-07
Pretty URL www.chersonesos.org/?p=ct_map35 IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash 3526d07ed0ccab601b73f9c113f1f457 50333a82417865bf6b4740532a90134ebf3f7d27 a400b0473a439d9151dcfc3974b259d9650f2b1d4e60ceda159f66ca92ae6c82 Loading...

	www.chersonesos.org/?p=ct_map35	49 B	2023-03-07	2023-03-07
Pretty URL www.chersonesos.org/?p=ct_map35 IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash 89bdbd5f150751c05be7fc826fb98c33 5f6485bd898775f09c967b5e50c08dea9f52941b 7af1fed20f738a143e7a7090f15bf863f27d051bae80374bbbc6d51c218592df Loading...

	mc.yandex.ru/metrika/watch.js	162 kB	2023-03-07	2023-03-07
Pretty URL mc.yandex.ru/metrika/watch.js IP 87.250.251.119 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:41:00 Last Seen2023-03-07 23:49:17 Times Seen1 Hash 375e5722fd0e0a167f5bd21f6f756008 d8a9125e7387d254e9d904d878beb0d8f9023f89 40994016ecb983f0c21073d0770628fa7b64d01208c56596aa4e562da301c971 Loading...

	www.chersonesos.org/js/jquery-1.11.0.min.js	96 kB	2023-03-07	2024-04-26
Pretty URL www.chersonesos.org/js/jquery-1.11.0.min.js IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-04-26 04:22:27 Times Seen18530 Hash 8fc25e27d42774aeae6edbc0a18b72aa b66ed708717bf0b4a005a4d0113af8843ef3b8ff b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Loading...

	www.chersonesos.org/?p=ct_map35	131 B	2023-03-07	2023-03-07
Pretty URL www.chersonesos.org/?p=ct_map35 IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash f31d45eac1c54df201f5bcbca9bd4b29 559e706699457826b019f9f6b8ae177fdbe57ad4 eb3a69cc0c8f63c63db248915972d73c437c53cc013f48a6229a69eb404dfa00 Loading...

	tag.digitaltarget.ru/processor.js?i=55607016929651	16 kB	2023-03-07	2023-03-17
Pretty URL tag.digitaltarget.ru/processor.js?i=55607016929651 IP 185.15.175.174 ASN #43226 SafeData LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:06:38 Last Seen2023-03-17 12:39:11 Times Seen1 Hash 9d8bbf9b7d1aaed9a324a9cf9977dda4 d3365fba7f95ca11a9564b373162d1ddb06fcdbd 0935447866da8ca59df7d65710e0b68377a6dbc62c761e83ebfc83998f905788 Loading...

	www.chersonesos.org/?p=ct_map35	145 B	2023-03-07	2023-03-07
Pretty URL www.chersonesos.org/?p=ct_map35 IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash bf4908d2413b1f54408fdef36b3efa5c d6c5e5fd598c2aecde3326ee8d28ce4f26b6402a 8f4f6346124abc6382481901548e9c1ebc91e047e4a9a600bb54463b79d05fad Loading...

	www.chersonesos.org/?p=ct_map35	143 B	2023-03-07	2023-03-07
Pretty URL www.chersonesos.org/?p=ct_map35 IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash 1d9d7d9c3ce29648ad54a2a03d71473c dcd1e358aadd250c30488d2d7dc0769883e670b2 97eb4e466f165a35bb879621ce0fd62d0bab4f303b5dc960b4b67dd5b75132d1 Loading...

	www.chersonesos.org/?p=ct_map35	144 B	2023-03-07	2023-03-07
Pretty URL www.chersonesos.org/?p=ct_map35 IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash 98e75cabb7bc24a754fc7a02c619c443 7f39048db24254072788ba1979f6873509a29283 4fcecaece3ecc6a0e4e04f1dd01ffef2a3cbe2a0ddfddfcf4dfba0b644cf6f49 Loading...

	www.chersonesos.org/?p=ct_map35	448 B	2023-03-07	2023-03-07
Pretty URL www.chersonesos.org/?p=ct_map35 IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash 704d4f1581e7b0062d671d92585747fc da250b3af0112b4034f8df8b767775b4f9ac292b 61c890ed31960d386e34afce4762a3b4f213f2eef8349b1ecbf95df8faaab93e Loading...

	www.acint.net/aci.js	23 kB	2023-03-07	2023-03-17
Pretty URL www.acint.net/aci.js IP 185.12.125.26 ASN #50214 QWARTA LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2023-03-17 20:29:36 Times Seen1 Hash 296c412bb908c9c3dce5d63fdd740fbc d00fa58ccedf948ecba31f911399c35483db13ad a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33 Loading...

	tag.digitaltarget.ru/adcm.js	3.1 kB	2023-03-07	2023-05-06
Pretty URL tag.digitaltarget.ru/adcm.js IP 185.15.175.174 ASN #43226 SafeData LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2023-05-06 00:46:41 Times Seen299 Hash e7097284185069f52fc736bcd50cda13 1cdfdf2d869841202079ddf91e0a00a8610812e6 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80 Loading...

	www.chersonesos.org/?p=ct_map35	206 B	2023-03-07	2023-03-07
Pretty URL www.chersonesos.org/?p=ct_map35 IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash 5e90ae96db6918d542daa151d4db3807 2b1ea47116658cc6440b6bdf4c552a9bb8397219 c4ad34dcb253e0cba6590af927db6c3799adb49c10b27c2627ad5a4172172c55 Loading...

	www.chersonesos.org/scripts/rus_menu.js	6.9 kB	2023-03-07	2023-03-07
Pretty URL www.chersonesos.org/scripts/rus_menu.js IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash 9571f8897ea86a7f1725334aa2d9e296 6fd79886536bb66ab150c58bbe0dfb85f5b447e9 8bc1c6526c669449a5d8ba7a84d9c138e958ee40f0e120e004ac2d82ec0d19af Loading...

	www.chersonesos.org/?p=ct_map35	152 B	2023-03-07	2023-03-07
Pretty URL www.chersonesos.org/?p=ct_map35 IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash 1e343a9741d948113e50363261437ff2 dd68d87ec73d8f2b4a6207769e8026bb14dacb6b 3f979a0ab1a3e354684eda6ab25dc7b2682e8726159c42009af1ab2c0e737c8d Loading...

	www.chersonesos.org/?p=ct_map35	56 B	2023-03-07	2023-03-07
Pretty URL www.chersonesos.org/?p=ct_map35 IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash b40916e1980581a2714601ff0b203ec3 0cc367febbb6e90cc5591de2ea493e894930e38f e12fdaee29e57b8e063c097c41a7b4184a5352677facb46580668c1006105f77 Loading...

	www.chersonesos.org/?p=ct_map35	144 B	2023-03-07	2023-03-07
Pretty URL www.chersonesos.org/?p=ct_map35 IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash a3d8c5dcdb4cc2360637cc30b3b02404 509b15b1f4a1a6cfb5e4db6db6cc726c05dcac8d a538e4f875ab1eb502cef537fdf862f24c2f2bced92df4cb81f990fb0e0e92b1 Loading...

	www.acint.net/mc/?dp=10&tc=1	199 B	2023-03-07	2023-03-07
Pretty URL www.acint.net/mc/?dp=10&tc=1 IP 185.12.125.26 ASN #50214 QWARTA LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash e04f3267ed2cb44dfb2edc9477c05647 ff9691692730151a2d9b0dac806ef52fd402dcff bc41829b6d4f881634555931e89b34c2894bda2279aeaab2a689388d394d3201 Loading...

	www.chersonesos.org/?p=ct_map35	142 B	2023-03-07	2023-03-07
Pretty URL www.chersonesos.org/?p=ct_map35 IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash f791ce46744e8a82a77b53ad1adbaba4 3549bc53fd39131f384f166f79fb1c01b7b8417f 5ecd0d0724dd9c130536d56912dc97bbefcab1d8eeb2810e939ad7acf61964f6 Loading...

	www.chersonesos.org/?p=ct_map35	116 B	2023-03-07	2023-03-07
Pretty URL www.chersonesos.org/?p=ct_map35 IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash 5e8dce10b945f289439e25c0a4155e8b cfd3b1a3894c9abd2f4bf38390536bfd6246f8be e779783cd8dc91c97a5b68c6dbab4b28d8c23c0a2c0bd8cd2fb27f650d5c2698 Loading...

	yandex.st/share/share.js	54 kB	2023-03-07	2024-04-26
Pretty URL yandex.st/share/share.js IP 178.154.131.215 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:03 Last Seen2024-04-26 04:31:58 Times Seen776 Hash db7132f94e4730c128b638f72b46c899 4af3ebc52a01e5becd92d3f3d59f21c019e62519 944979b576ee52348d5c63d35f566c11df26f70ed15d2ceba61180662a49b114 Loading...

	www.chersonesos.org/js/functions.js	171 B	2023-03-07	2023-03-07
Pretty URL www.chersonesos.org/js/functions.js IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash ec1044dab977233ad1542845205c47cd 15615f10d470477b48a1b729c95e6b454fb06c2d 88528a08a06c7366b362974b7f5edda5005d5c8be2609cc4d5352d91739047e7 Loading...

	www.chersonesos.org/?p=ct_map35	201 B	2023-03-07	2023-03-07
Pretty URL www.chersonesos.org/?p=ct_map35 IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash 27a9c69818fc6a6b4ca3b3e35208609e 456de9947124b9ea21d583861e5f0e25e0462a99 64c5fa30c7eb7ce8d361202fdb3af59c6d6eb681c08ae6816db9441b3c06d0a2 Loading...

	www.chersonesos.org/?p=ct_map35	143 B	2023-03-07	2023-03-07
Pretty URL www.chersonesos.org/?p=ct_map35 IP 185.9.147.100 ASN #56694 LLC Smart Ape Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash 62156d01b5618f1117cca4e8fd8e9f0c dba2fbc8dc6af986a92d820d9e08a117e968df1d bad0ca809a51266879d063d36bdfd9dbbc20513214ce3bbbd16e6014e7935998 Loading...

		Size	First Seen	Last Seen
	#1 Write - 4f9751e27bebd590974a3d897c558252	119 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash 4f9751e27bebd590974a3d897c558252 8ccd3403b1d371c2ea79089a1519d9043c95fd3c 638d13d5cf9bcf46f088c7e63ac1ab6153a0c4f5c29ce97c3a56bae7d2fbf9b5 Loading...

	#2 Write - b76308a6bd1e71251c2d68316623c4a2	111 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash b76308a6bd1e71251c2d68316623c4a2 8a6240ac3642f9245bcb550b2823a94e520d83d3 ff3cfb91ac87c6c7b001b1db261c9def5515dba4aacad4110d09f67ce7c95f2a Loading...

	#3 Write - db8461e20eed07c9e7a588ca842e1f5a	112 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash db8461e20eed07c9e7a588ca842e1f5a 9470784678f84debbad0d6b2e4dcca1fbc03ef2a d56e00f4b54928bcda62b64bd22f31a63ad153035d5254f06006fa6bc2ec1757 Loading...

	#4 Write - b603fb0f562b65ee396258abd6978c07	110 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash b603fb0f562b65ee396258abd6978c07 d1ec1e70f5ef76ae6d703816a0d3d1efdf52cac0 d70372a157f58f3a4053ad964c7e9b8ec995539067b061aaa0f1760a8d82dd21 Loading...

	#5 Write - 9c32b216b135abdc1c6302a84530939e	110 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash 9c32b216b135abdc1c6302a84530939e 6d7bbc5327055b3f4a48d975b8c073e66b1e07da 1671cf7778960e86595ae51fb06a4c9e38a9fb7be8a20a0b245ec487be1ef28c Loading...

	#6 Write - a0bb1d01b2e13f9b8a2e2421576f190e	5 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:10:37 Last Seen2024-04-25 09:39:22 Times Seen564 Hash a0bb1d01b2e13f9b8a2e2421576f190e eb9f842bdd238587dd0b382ed6110d9f8d642950 454d2afd4b550c2fa634518d303c473a5ca5605ff9aec05eeef33b88fd4cbcd9 Loading...

	#7 Write - d98a8d7d6e12e6eee4152046aa40cfcd	32 B	2023-03-07	2023-11-02
Pretty Observations First Seen2023-03-07 15:35:28 Last Seen2023-11-02 11:56:10 Times Seen4 Hash d98a8d7d6e12e6eee4152046aa40cfcd baeff253290bc6f62e1e8309d076d6fb8d182b56 c887c2c24ec58c642c1cfc953c9bafa687207a5305adc9b214dfe9aebbb55782 Loading...

	#8 Write - befb95106cb4eacd38149f2dfe874418	111 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash befb95106cb4eacd38149f2dfe874418 c46577f66aabf9b6448ee6f1d763714466bc5434 5d213d3edd30da3e9e66903a9d8eee2c5d62c0e13d620d151a1eda37f9b23e8d Loading...

	#9 Write - 455ebb3e121371c452a78de8c7cbd4ad	109 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash 455ebb3e121371c452a78de8c7cbd4ad ec558c8ea265b90998de9c405749288770836a69 df87f5e228d338a5b8e97b51ecd3966c70cbd426d46215c8095ab7d9ee6b655c Loading...

	#10 Write - f384bb770cbdd95980d63f9ea4190749	532 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash f384bb770cbdd95980d63f9ea4190749 3c4ba5a711aca3e3c1d7770d118e7870764aeef9 d809da581b1d7c14664e4fc0f3d12a15505187aedc7361c27981af310044ee27 Loading...

	#11 Write - 9e006ec4912b0e91c9258dc0aaa1a9b1	239 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 22:30:26 Last Seen2023-03-07 22:30:26 Times Seen1 Hash 9e006ec4912b0e91c9258dc0aaa1a9b1 426caacd3275c85bb5d216d2b61b874a5fe29cf3 bfdaf3e5fe373c3d48a78cc9a0a9678fc05201aa1189431685dc880a9e305a5b Loading...

HTTP Transactions (144)

URL IP Response Size

www.chersonesos.org/?p=ct_map35

185.9.147.100

200 OK

18 kB

URL HTTP/1.1
www.chersonesos.org/?p=ct_map35
IP
185.9.147.100:0
ASN
#56694 LLC Smart Ape

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (687), with CRLF, LF line terminators
Size
18 kB (17554 bytes)
Hash
5d7668d5e288b2e329bdc9c339bc9fb1
cf20c16b5b98ba528c926e6b56b8a517ae7b1041
ff8ef2280ef7751c1b651b5cc4c2afd53faf00ad6f8eb746ef25d69ad3238393

HTTP Headers

GET /?p=ct_map35 HTTP/1.1
Host: www.chersonesos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8455
Expires: Wed, 21 Sep 2022 13:02:11 GMT
Date: Wed, 21 Sep 2022 10:41:16 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 10:13:33 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: J8wQKDV8sIxK6sW4FqhYetF2EfVv8bI7_V4aU4849TLDrRQkqrfavQ==
Age: 1663

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 27goC5EBGhr52P9bp1FPveX3q-3mf_ukaK1_0SVQ79RUAD6rbwtS2w==
age: 21963
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 10:41:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.chersonesos.org/css/styles.css

185.9.147.100

200 OK

4.7 kB

URL HTTP/1.1
www.chersonesos.org/css/styles.css
IP
185.9.147.100:0
ASN
#56694 LLC Smart Ape

File type
ASCII text, with CRLF line terminators
Size
4.7 kB (4735 bytes)
Hash
eb329bbdbbd165bad95406c950f853cf
137daeb8b5db81efc37cdb9f4dd1fae56fedff31
5f486b0a280f5701dae82dc8d0a9673b9c7769791569955dfcb8289d5686cd86

HTTP Headers

GET /css/styles.css HTTP/1.1
Host: www.chersonesos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Type: text/css
Content-Length: 4735
Last-Modified: Wed, 22 Mar 2017 18:07:44 GMT
Connection: keep-alive
ETag: "58d2bd70-127f"
Accept-Ranges: bytes

www.chersonesos.org/scripts/rus_menu.js

185.9.147.100

200 OK

6.9 kB

URL HTTP/1.1
www.chersonesos.org/scripts/rus_menu.js
IP
185.9.147.100:0
ASN
#56694 LLC Smart Ape

File type
exported SGML document, Unicode text, UTF-8 text
Size
6.9 kB (6912 bytes)
Hash
9571f8897ea86a7f1725334aa2d9e296
6fd79886536bb66ab150c58bbe0dfb85f5b447e9
8bc1c6526c669449a5d8ba7a84d9c138e958ee40f0e120e004ac2d82ec0d19af

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /scripts/rus_menu.js HTTP/1.1
Host: www.chersonesos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 6912
Last-Modified: Tue, 12 Apr 2016 13:05:08 GMT
Connection: keep-alive
ETag: "570cf284-1b00"
Accept-Ranges: bytes

www.chersonesos.org/js/fancybox/jquery.fancybox.css

185.9.147.100

200 OK

4.9 kB

URL HTTP/1.1
www.chersonesos.org/js/fancybox/jquery.fancybox.css
IP
185.9.147.100:0
ASN
#56694 LLC Smart Ape

File type
ASCII text
Size
4.9 kB (4895 bytes)
Hash
6c55951ce1e3115711f63f99b7501f3a
5f163444617b6cf267342f06ac166a237bb62df9
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd

HTTP Headers

GET /js/fancybox/jquery.fancybox.css HTTP/1.1
Host: www.chersonesos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Type: text/css
Content-Length: 4895
Last-Modified: Tue, 12 Apr 2016 13:04:35 GMT
Connection: keep-alive
ETag: "570cf263-131f"
Accept-Ranges: bytes

www.chersonesos.org/js/functions.js

185.9.147.100

200 OK

171 B

URL HTTP/1.1
www.chersonesos.org/js/functions.js
IP
185.9.147.100:0
ASN
#56694 LLC Smart Ape

File type
ASCII text, with CRLF line terminators
Size
171 B (171 bytes)
Hash
ec1044dab977233ad1542845205c47cd
15615f10d470477b48a1b729c95e6b454fb06c2d
88528a08a06c7366b362974b7f5edda5005d5c8be2609cc4d5352d91739047e7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/functions.js HTTP/1.1
Host: www.chersonesos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 171
Last-Modified: Tue, 12 Apr 2016 13:04:33 GMT
Connection: keep-alive
ETag: "570cf261-ab"
Accept-Ranges: bytes

yandex.st/share/share.js

178.154.131.215

200 OK

14 kB

URL HTTP/1.1
yandex.st/share/share.js
IP
178.154.131.215:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 text, with very long lines (32058)
Size
14 kB (13696 bytes)
Hash
0846935dee0d2ebbb7af7cbce113d5b8
f07346e034d5ad76aa90b38e195500574aafbb4e
2b682e5417a0a08596a80bc834ffeb32948d54373b4020d54fac626e559c1270

HTTP Headers

GET /share/share.js HTTP/1.1
Host: yandex.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=216013
Content-Encoding: gzip
Etag: W/"db7132f94e4730c128b638f72b46c899"
Expires: Fri, 23 Sep 2022 22:41:00 GMT
Last-Modified: Wed, 24 Oct 2018 16:00:42 GMT
NEL: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Report-To: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Nginx-Request-Id: 396f2fcca0a13194

www.chersonesos.org/scripts/fw_menu.js

185.9.147.100

200 OK

33 kB

URL HTTP/1.1
www.chersonesos.org/scripts/fw_menu.js
IP
185.9.147.100:0
ASN
#56694 LLC Smart Ape

File type
exported SGML document, ASCII text, with very long lines (306)
Size
33 kB (33219 bytes)
Hash
c3ea9809cc481d1d4a65bd0ff96611e6
a29883bfb66741f475267056dca66a9b8ea2a729
49b657ae2310f2f7843161e84e8722100e6ed035118ebac414ebd6e88ba47051

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /scripts/fw_menu.js HTTP/1.1
Host: www.chersonesos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 33219
Last-Modified: Tue, 12 Apr 2016 13:05:07 GMT
Connection: keep-alive
ETag: "570cf283-81c3"
Accept-Ranges: bytes

www.chersonesos.org/js/fancybox/jquery.fancybox.js

185.9.147.100

200 OK

49 kB

URL HTTP/1.1
www.chersonesos.org/js/fancybox/jquery.fancybox.js
IP
185.9.147.100:0
ASN
#56694 LLC Smart Ape

File type
ASCII text
Size
49 kB (48706 bytes)
Hash
921e9cb04ad6e2559869ec845c5be39b
1cf3d47b5ccb7cb6e9019c64f2a88d03a64853e4
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/fancybox/jquery.fancybox.js HTTP/1.1
Host: www.chersonesos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 48706
Last-Modified: Tue, 12 Apr 2016 13:04:35 GMT
Connection: keep-alive
ETag: "570cf263-be42"
Accept-Ranges: bytes

www.chersonesos.org/js/jquery-1.11.0.min.js

185.9.147.100

200 OK

96 kB

URL HTTP/1.1
www.chersonesos.org/js/jquery-1.11.0.min.js
IP
185.9.147.100:0
ASN
#56694 LLC Smart Ape

File type
ASCII text, with very long lines (32341)
Size
96 kB (96381 bytes)
Hash
8fc25e27d42774aeae6edbc0a18b72aa
b66ed708717bf0b4a005a4d0113af8843ef3b8ff
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/jquery-1.11.0.min.js HTTP/1.1
Host: www.chersonesos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 96381
Last-Modified: Tue, 12 Apr 2016 13:04:33 GMT
Connection: keep-alive
ETag: "570cf261-1787d"
Accept-Ranges: bytes

www.chersonesos.org/images/mint.jpg

185.9.147.100

200 OK

11 kB

URL HTTP/1.1
www.chersonesos.org/images/mint.jpg
IP
185.9.147.100:0
ASN
#56694 LLC Smart Ape

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 300x203, components 3\012- data
Size
11 kB (10775 bytes)
Hash
a16c37394b5111f0e4ececf9a1b1aa5f
17b7de59b121bd3fa4a4c03f87f4b62229f8e6ed
c608b1aff3ae836b763d3e1275c3b4c094a898ede30b6229c9ff0cd810577ae8

HTTP Headers

GET /images/mint.jpg HTTP/1.1
Host: www.chersonesos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Type: image/jpeg
Content-Length: 10775
Last-Modified: Tue, 12 Apr 2016 12:52:41 GMT
Connection: keep-alive
ETag: "570cef99-2a17"
Accept-Ranges: bytes

www.chersonesos.org/images/rus_object-razdeli.jpg

185.9.147.100

200 OK

4.9 kB

URL HTTP/1.1
www.chersonesos.org/images/rus_object-razdeli.jpg
IP
185.9.147.100:0
ASN
#56694 LLC Smart Ape

File type
JPEG image data, baseline, precision 8, 280x50, components 3\012- data
Size
4.9 kB (4929 bytes)
Hash
14587bdd75db30bf26ec678195cf53c2
754f65df875a1eaafa13aaaedfbb9c8166abc6bd
a29af576cb700d242e1b0a9a0d3428434eadf8d782c434a0873785d3269ec289

HTTP Headers

GET /images/rus_object-razdeli.jpg HTTP/1.1
Host: www.chersonesos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Type: image/jpeg
Content-Length: 4929
Last-Modified: Tue, 12 Apr 2016 12:53:26 GMT
Connection: keep-alive
ETag: "570cefc6-1341"
Accept-Ranges: bytes

www.chersonesos.org/arrows.gif

185.9.147.100

200 OK

54 B

URL HTTP/1.1
www.chersonesos.org/arrows.gif
IP
185.9.147.100:0
ASN
#56694 LLC Smart Ape

File type
GIF image data, version 89a, 8 x 8\012- data
Size
54 B (54 bytes)
Hash
4d61ba12cc50f0b4fa85cfc89447c305
a3926a50fd194ac175dc2b149e0aafb8aed7d350
a2755ab742409b06389c9d8067b45b7b874ba059480373b06874e288c56de1c7

HTTP Headers

GET /arrows.gif HTTP/1.1
Host: www.chersonesos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Type: image/gif
Content-Length: 54
Last-Modified: Thu, 02 Feb 2006 11:21:10 GMT
Connection: keep-alive
ETag: "43e1eb26-36"
Accept-Ranges: bytes

www.chersonesos.org/images/background_rus.jpg

185.9.147.100

200 OK

56 kB

URL HTTP/1.1
www.chersonesos.org/images/background_rus.jpg
IP
185.9.147.100:0
ASN
#56694 LLC Smart Ape

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x195, components 3\012- data
Size
56 kB (56027 bytes)
Hash
bdc105eb3dad9dad1d2d3916cb8a80c8
c58fb4f9a7a54fdcbd7212b18dc138aef42d6e3e
d305e2d70e826185241b58570b52fe14aead775a172a6530ad882b4143f20333

HTTP Headers

GET /images/background_rus.jpg HTTP/1.1
Host: www.chersonesos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Type: image/jpeg
Content-Length: 56027
Last-Modified: Tue, 12 Apr 2016 12:45:32 GMT
Connection: keep-alive
ETag: "570cedec-dadb"
Accept-Ranges: bytes

yastatic.net/share/static/b-share-icon.png

178.154.131.215

200 OK

4.6 kB

URL HTTP/1.1
yastatic.net/share/static/b-share-icon.png
IP
178.154.131.215:0
ASN
#13238 YANDEX LLC

File type
PNG image data, 16 x 493, 8-bit colormap, non-interlaced\012- data
Size
4.6 kB (4637 bytes)
Hash
24bc3d4a0d287d95c0fb2ec150c1776e
53b50aca31779f1d2082384c113cb8bd12392dca
4518d4c73cc79f597d32c09c25b38ef44da466f502c31e2023d1005f2f899713

HTTP Headers

GET /share/static/b-share-icon.png HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Type: image/png
Content-Length: 4637
Connection: keep-alive
Keep-Alive: timeout=5
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=216009
Etag: "24bc3d4a0d287d95c0fb2ec150c1776e"
Expires: Fri, 23 Sep 2022 22:38:26 GMT
Last-Modified: Wed, 24 Oct 2018 16:00:42 GMT
NEL: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Report-To: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Nginx-Request-Id: 69c96a99f369bf3e
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ae3550207b517f54a959cb47227740e5
00c130d8aa6edcfb76ea2952caad9a2f7281559a
44856bfb834a500b1c55837358b97b8d4961ea56101516b1e332e6369b102d1e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44856BFB834A500B1C55837358B97B8D4961EA56101516B1E332E6369B102D1E"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14725
Expires: Wed, 21 Sep 2022 14:46:42 GMT
Date: Wed, 21 Sep 2022 10:41:17 GMT
Connection: keep-alive

www.acint.net/aci.js

185.12.125.26

200 OK

7.5 kB

URL HTTP/2
www.acint.net/aci.js
IP
185.12.125.26:0
ASN
#50214 QWARTA LLC

File type
ASCII text, with very long lines (1408)
Size
7.5 kB (7461 bytes)
Hash
ae0aab6c5a2ae2e1168e74f6e6ae4741
2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de

HTTP Headers

GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.chersonesos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 10:41:17 GMT
content-type: application/x-javascript
content-length: 7461
last-modified: Mon, 16 May 2022 07:14:50 GMT
etag: "6281f9ea-1d25"
content-encoding: gzip
expires: Wed, 21 Sep 2022 22:41:17 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2

www.chersonesos.org/favicon.ico

185.9.147.100

200 OK

1.4 kB

URL HTTP/1.1
www.chersonesos.org/favicon.ico
IP
185.9.147.100:0
ASN
#56694 LLC Smart Ape

File type
MS Windows icon resource - 1 icon, 16x16\012- data
Size
1.4 kB (1406 bytes)
Hash
797e9fa8cd6a169f9f6ddd8c370915b9
07d518701f0be5d1012ac182e53bcd94f311f072
f411a6c2a1b4811cd5293338eb049ca1a42cd131527aa5457b78669620e65790

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.chersonesos.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 1406
Connection: keep-alive
Last-Modified: Tue, 13 Nov 2012 17:52:57 GMT
ETag: "57e-4ce6416897040"
Accept-Ranges: bytes

counter.yadro.ru/hit?t16.2;r;s1280*1024*24;uhttp%3A//www.chersonesos.org/%3Fp%3Dct_map35;i%u0416%u0436%u041C%u043E%u043D%u0435%u0442%u043D%u044B%u0439%20%u0434%u0432%u043E%u0440%20-%20%u0413%u043E%u0440%u043E%u0434%u0438%u0449%u0435%20-%20%u041E%20%u0425%u0435%u0440%u0441%u043E%u043D%u0435%u0441%u0435;0.9102738573072036

88.212.202.52

302 Moved Temporarily

32 B

URL HTTP/1.1
counter.yadro.ru/hit?t16.2;r;s1280*1024*24;uhttp%3A//www.chersonesos.org/%3Fp%3Dct_map35;i%u0416%u0436%u041C%u043E%u043D%u0435%u0442%u043D%u044B%u0439%20%u0434%u0432%u043E%u0440%20-%20%u0413%u043E%u0440%u043E%u0434%u0438%u0449%u0435%20-%20%u041E%20%u0425%u0435%u0440%u0441%u043E%u043D%u0435%u0441%u0435;0.9102738573072036
IP
88.212.202.52:0
ASN
#39134 United Network LLC

File type
HTML document, ASCII text
Size
32 B (32 bytes)
Hash
3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254

HTTP Headers

GET /hit?t16.2;r;s1280*1024*24;uhttp%3A//www.chersonesos.org/%3Fp%3Dct_map35;i%u0416%u0436%u041C%u043E%u043D%u0435%u0442%u043D%u044B%u0439%20%u0434%u0432%u043E%u0440%20-%20%u0413%u043E%u0440%u043E%u0434%u0438%u0449%u0435%20-%20%u041E%20%u0425%u0435%u0440%u0441%u043E%u043D%u0435%u0441%u0435;0.9102738573072036 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/

HTTP/1.1 302 Moved Temporarily
Date: Wed, 21 Sep 2022 10:41:17 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit?t16.2;r;s1280*1024*24;uhttp%3A//www.chersonesos.org/%3Fp%3Dct_map35;i%u0416%u0436%u041C%u043E%u043D%u0435%u0442%u043D%u044B%u0439%20%u0434%u0432%u043E%u0440%20-%20%u0413%u043E%u0440%u043E%u0434%u0438%u0449%u0435%20-%20%u041E%20%u0425%u0435%u0440%u0441%u043E%u043D%u0435%u0441%u0435;0.9102738573072036
Content-Length: 32
Expires: Mon, 20 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 10:03:22 GMT
Expires: Wed, 21 Sep 2022 10:46:06 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bPG1EQRKCmavWDOCIK_nCrTYWdUmPGiRiWUAzwXXMw6PdymDSrHZ-g==
Age: 2275

www.acint.net/hit/?v=0.4.0&uid=bdec349b-015c-4f17-9038-1d3c7014bf26&dp=10&tz=%2B00%3A00&nc=41076712&u=http%3A%2F%2Fwww.chersonesos.org%2F%3Fp%3Dct_map35&r=&rs=1280x1024&t=%D0%9C%D0%BE%D0%BD%D0%B5%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B2%D0%BE%D1%80%20-%20%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D0%B8%D1%89%D0%B5%20-%20%D0%9E%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B5%D1%81%D0%B5&oE=1&oP=1&dT=2022-09-21T10%3A41%3A17.584&fu=7449aca7-6bc6-4d1a-a662-17d1b30355f8

185.12.125.26

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/hit/?v=0.4.0&uid=bdec349b-015c-4f17-9038-1d3c7014bf26&dp=10&tz=%2B00%3A00&nc=41076712&u=http%3A%2F%2Fwww.chersonesos.org%2F%3Fp%3Dct_map35&r=&rs=1280x1024&t=%D0%9C%D0%BE%D0%BD%D0%B5%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B2%D0%BE%D1%80%20-%20%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D0%B8%D1%89%D0%B5%20-%20%D0%9E%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B5%D1%81%D0%B5&oE=1&oP=1&dT=2022-09-21T10%3A41%3A17.584&fu=7449aca7-6bc6-4d1a-a662-17d1b30355f8
IP
185.12.125.26:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /hit/?v=0.4.0&uid=bdec349b-015c-4f17-9038-1d3c7014bf26&dp=10&tz=%2B00%3A00&nc=41076712&u=http%3A%2F%2Fwww.chersonesos.org%2F%3Fp%3Dct_map35&r=&rs=1280x1024&t=%D0%9C%D0%BE%D0%BD%D0%B5%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B2%D0%BE%D1%80%20-%20%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D0%B8%D1%89%D0%B5%20-%20%D0%9E%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B5%D1%81%D0%B5&oE=1&oP=1&dT=2022-09-21T10%3A41%3A17.584&fu=7449aca7-6bc6-4d1a-a662-17d1b30355f8 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.4.0&uid=bdec349b-015c-4f17-9038-1d3c7014bf26&dp=10&tz=%2B00%3A00&nc=41076712&u=http%3A%2F%2Fwww.chersonesos.org%2F%3Fp%3Dct_map35&r=&rs=1280x1024&t=%D0%9C%D0%BE%D0%BD%D0%B5%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B2%D0%BE%D1%80%20-%20%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D0%B8%D1%89%D0%B5%20-%20%D0%9E%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B5%D1%81%D0%B5&oE=1&oP=1&dT=2022-09-21T10%3A41%3A17.584&fu=7449aca7-6bc6-4d1a-a662-17d1b30355f8

www.acint.net/mc/?dp=10

185.12.125.26

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/mc/?dp=10
IP
185.12.125.26:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10

www.acint.net/mc/?dp=10

185.12.125.26

302 Found

154 B

URL HTTP/2
www.acint.net/mc/?dp=10
IP
185.12.125.26:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.chersonesos.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Wed, 21 Sep 2022 10:41:17 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Wed, 21-Sep-22 10:51:17 GMT
aid=fwAAAWMq6k1QMACxhmNfAsET2cpRWQZJK171gHvkkFb772Vl; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

185.12.125.26

200 OK

43 B

URL HTTP/2
www.acint.net/hit/?v=0.4.0&uid=bdec349b-015c-4f17-9038-1d3c7014bf26&dp=10&tz=%2B00%3A00&nc=41076712&u=http%3A%2F%2Fwww.chersonesos.org%2F%3Fp%3Dct_map35&r=&rs=1280x1024&t=%D0%9C%D0%BE%D0%BD%D0%B5%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B2%D0%BE%D1%80%20-%20%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D0%B8%D1%89%D0%B5%20-%20%D0%9E%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B5%D1%81%D0%B5&oE=1&oP=1&dT=2022-09-21T10%3A41%3A17.584&fu=7449aca7-6bc6-4d1a-a662-17d1b30355f8
IP
185.12.125.26:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hit/?v=0.4.0&uid=bdec349b-015c-4f17-9038-1d3c7014bf26&dp=10&tz=%2B00%3A00&nc=41076712&u=http%3A%2F%2Fwww.chersonesos.org%2F%3Fp%3Dct_map35&r=&rs=1280x1024&t=%D0%9C%D0%BE%D0%BD%D0%B5%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B2%D0%BE%D1%80%20-%20%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D0%B8%D1%89%D0%B5%20-%20%D0%9E%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B5%D1%81%D0%B5&oE=1&oP=1&dT=2022-09-21T10%3A41%3A17.584&fu=7449aca7-6bc6-4d1a-a662-17d1b30355f8 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.chersonesos.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 10:41:17 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/watch.js

87.250.251.119

302 Moved temporarily

0 B

URL HTTP/1.1
mc.yandex.ru/metrika/watch.js
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/

HTTP/1.1 302 Moved temporarily
Content-Length: 0
Location: https://mc.yandex.ru/metrika/watch.js

88.212.202.52

200 OK

214 B

URL HTTP/1.1
counter.yadro.ru/hit?t16.2;r;s1280*1024*24;uhttp%3A//www.chersonesos.org/%3Fp%3Dct_map35;i%u0416%u0436%u041C%u043E%u043D%u0435%u0442%u043D%u044B%u0439%20%u0434%u0432%u043E%u0440%20-%20%u0413%u043E%u0440%u043E%u0434%u0438%u0449%u0435%20-%20%u041E%20%u0425%u0435%u0440%u0441%u043E%u043D%u0435%u0441%u0435;0.9102738573072036
IP
88.212.202.52:0
ASN
#39134 United Network LLC

File type
GIF image data, version 89a, 88 x 31\012- data
Size
214 B (214 bytes)
Hash
993dd5b335e78a4cb78a9a6e81c8ac8d
6c53370242962a60e64d264510cf07bf8215f45e
e3ca311ef85dfd77fd1008b0cd4014ed5a59053d4d5f2fe7bf06ea7407fd7ac0

HTTP Headers

GET /hit?t16.2;r;s1280*1024*24;uhttp%3A//www.chersonesos.org/%3Fp%3Dct_map35;i%u0416%u0436%u041C%u043E%u043D%u0435%u0442%u043D%u044B%u0439%20%u0434%u0432%u043E%u0440%20-%20%u0413%u043E%u0440%u043E%u0434%u0438%u0449%u0435%20-%20%u041E%20%u0425%u0435%u0440%u0441%u043E%u043D%u0435%u0441%u0435;0.9102738573072036 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.chersonesos.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Type: image/gif
Content-Length: 214
Connection: keep-alive
Expires: Mon, 20 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400

d5.ca.b2.a1.top.list.ru/counter?id=1221995;t=51;js=13;r=;j=false;s=1280*1024;d=24;rand=0.32849768360931497

95.163.52.67

302 Moved Temporarily

0 B

URL HTTP/1.1
d5.ca.b2.a1.top.list.ru/counter?id=1221995;t=51;js=13;r=;j=false;s=1280*1024;d=24;rand=0.32849768360931497
IP
95.163.52.67:0
ASN
#47764 Mail.Ru LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /counter?id=1221995;t=51;js=13;r=;j=false;s=1280*1024;d=24;rand=0.32849768360931497 HTTP/1.1
Host: d5.ca.b2.a1.top.list.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://top-fwz1.mail.ru/counter?id=1221995;t=51;js=13;r=;j=false;s=1280*1024;d=24;rand=0.32849768360931497;ver=30
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: private, no-cache, no-store, max-age=0
Pragma: no-cache
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
Accept-CH-Lifetime: 86400

dm-eu.hybrid.ai/match?id=106&vid=89B803C14DEA2A63DC036C67029CA6F2

37.18.103.21

204 No Content

0 B

URL HTTP/2
dm-eu.hybrid.ai/match?id=106&vid=89B803C14DEA2A63DC036C67029CA6F2
IP
37.18.103.21:0
ASN
#205675 Hybrid LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?id=106&vid=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Wed, 21 Sep 2022 10:41:17 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=3f903e8f165630979949; expires=Thu, 21 Sep 2023 10:41:16 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 527
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2

ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D

5.200.43.131

302 Found

0 B

URL HTTP/2
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP
5.200.43.131:0
ASN
#48096 Enterprise Cloud Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=5826f705795c4faf8cb1a53e64411a2a
server: Kestrel
set-cookie: adlm_userId=5826f705795c4faf8cb1a53e64411a2a; expires=Wed, 20 Sep 2023 21:00:00 GMT; path=/; SameSite=None; secure
date: Wed, 21 Sep 2022 10:41:17 GMT
content-length: 0
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
384432327e59911893dde92354ad4004
9072301d1849be2ae1124b82d6e8a5ff813c6fed
47dc57891100bb43fefd0e8a5ea71455f31488cfc947245a4082bdd9dc438a9a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3680
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:41:18 GMT
Last-Modified: Wed, 21 Sep 2022 09:39:58 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3819
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:41:18 GMT
Last-Modified: Wed, 21 Sep 2022 09:37:39 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2b58c5887c6aecbdb30df3f3543a7913
ba6105daae677b907e0eda34ae06ce921dd97687
a13695745612e9f0feaf5b58cbab183b166956c0e84b94148d230e12725b9c66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A13695745612E9F0FEAF5B58CBAB183B166956C0E84B94148D230E12725B9C66"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8046
Expires: Wed, 21 Sep 2022 12:55:24 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6cccf97799244ecc00dd257aaa5fea3a
5e0f5f35902f2c10f420ccfafd23fd8f8fa6325c
c9d5840fc9dea3d55d10247f043b47715557416539db5856830be0275ebd1224

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9D5840FC9DEA3D55D10247F043B47715557416539DB5856830BE0275EBD1224"
Last-Modified: Mon, 19 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15969
Expires: Wed, 21 Sep 2022 15:07:27 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

sync.upravel.com/sape/sync

88.198.16.238

302 Found

0 B

URL HTTP/2
sync.upravel.com/sape/sync
IP
88.198.16.238:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1663756878052;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1663756878052;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

ocsp.globalsign.com/gseccovsslca2018

104.18.20.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
b8f797555ee98a3d1c6283a6b1328aa2
0a0baabfc909038da1590b05e9549608506200c8
6bc839099c7734a0b10334bb12fd58fc3b22b8b1873b084c531f76876421c9c6

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sun, 25 Sep 2022 07:01:51 GMT
ETag: "0a0baabfc909038da1590b05e9549608506200c8"
Last-Modified: Wed, 21 Sep 2022 07:01:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3212
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e23007fdb00b3d-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
276999a09ea6d06c17bc17b0ac794a81
a5c49feff7e6055da2ad692188124bb7d265fb22
e75315ecf71f2d2c0bba377f986399db9653201d0e22c93f1d6a3af0aaf64190

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E75315ECF71F2D2C0BBA377F986399DB9653201D0E22C93F1D6A3AF0AAF64190"
Last-Modified: Mon, 19 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7042
Expires: Wed, 21 Sep 2022 12:38:40 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D

193.3.184.135

302 Moved Temporarily

142 B

URL HTTP/1.1
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP
193.3.184.135:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=AAB803C14EEA2A6324006D1002B63F3D
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=wQO4qmMq6k4QbQAkPT+2Ag7gl54IGzLb7ic6KG8FPG3Wa2HF; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None

ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D

185.147.80.35

302 Found

0 B

URL HTTP/1.1
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP
185.147.80.35:0
ASN
#41722 Miran Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Wed, 21 Sep 2022 10:41:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=CGZXEHXD
Set-Cookie: uid=CGZXEHXD; Expires=Wed, 21 Sep 2032 00:00:00 GMT; mf2=1; Expires=Fri, 21 Oct 2022 00:00:00 GMT;

sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C14DEA2A63DC036C67029CA6F2

136.243.148.229

302 Found

0 B

URL HTTP/2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C14DEA2A63DC036C67029CA6F2
IP
136.243.148.229:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=ec9fd273-3999-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 21 Sep 2023 10:41:18 GMT; SameSite=None; Secure
uid-legacy=ec9fd273-3999-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 21 Sep 2023 10:41:18 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C14DEA2A63DC036C67029CA6F2&cs=1
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
869ed8950bdd219f27266bf3d1bdc8ce
d61f42476d49efb77a5362496e0001ae83be66a0
718eed71973d15305e0894498be069c630b67bcad72a6c1a1872bfdf99e97f4b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "718EED71973D15305E0894498BE069C630B67BCAD72A6C1A1872BFDF99E97F4B"
Last-Modified: Mon, 19 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1844
Expires: Wed, 21 Sep 2022 11:12:02 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

a.utraff.com/sync?ssp=sape

104.21.59.66

204 No Content

0 B

URL HTTP/2
a.utraff.com/sync?ssp=sape
IP
104.21.59.66:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync?ssp=sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Wed, 21 Sep 2022 10:41:18 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Fri, 21 Oct 2022 13:41:18 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Fri, 21 Oct 2022 13:41:18 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJjef%2FCeLiM4vhB4kZ4lOJWZVbtgYmcC7pAjEEb47XoKXD6z4eFgEBD4gYAFMaSOPNwkB5y3%2FfIVbG9UJyUskQtX2qYAhEChhNGZ6LVJyVLE53K%2FBDzgU6KWEqotU30%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e23007f808b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7973e43a3957a75694985fcc5c484cb8
4265e8e96c4e8cdeeaec644aad32f575286147f2
e28b5cb66252a18d25fcca8e24bfcdaaa5f93bc9ae8db726b28cb4af50867e21

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E28B5CB66252A18D25FCCA8E24BFCDAAA5F93BC9AE8DB726B28CB4AF50867E21"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11001
Expires: Wed, 21 Sep 2022 13:44:39 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

acint.net/match?dp=110&euid=5826f705795c4faf8cb1a53e64411a2a

185.12.125.26

200 OK

43 B

URL HTTP/2
acint.net/match?dp=110&euid=5826f705795c4faf8cb1a53e64411a2a
IP
185.12.125.26:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=110&euid=5826f705795c4faf8cb1a53e64411a2a HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 10:41:18 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sync.republer.com/match?dsp=sape

23.88.82.46

204 No Content

0 B

URL HTTP/2
sync.republer.com/match?dsp=sape
IP
23.88.82.46:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?dsp=sape HTTP/1.1
Host: sync.republer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da4dc3f7b3c6aeab3518f9c4e56c30b3
f02f3cf8f3cc1fe18a67970da504fa40a1a2c65f
7b67202e50ee8511eb36fad0ccadf6b6debe8169c3925c48bc1b5f1aae26bc13

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B67202E50EE8511EB36FAD0CCADF6B6DEBE8169C3925C48BC1B5F1AAE26BC13"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19176
Expires: Wed, 21 Sep 2022 16:00:54 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

acint.net/match?dp=14&euid=AAB803C14EEA2A6324006D1002B63F3D

185.12.125.26

200 OK

43 B

URL HTTP/2
acint.net/match?dp=14&euid=AAB803C14EEA2A6324006D1002B63F3D
IP
185.12.125.26:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=14&euid=AAB803C14EEA2A6324006D1002B63F3D HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 10:41:18 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=95&euid=CGZXEHXD

185.12.125.26

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=95&euid=CGZXEHXD
IP
185.12.125.26:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=95&euid=CGZXEHXD HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 10:41:18 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6c7ca79d72f3bb10c15342f56e9ada97
faa1ae6c5664dbc8fb0a61607bad123c33230c70
9ff0f01363dbfb8a16c5ba064b6ad8aaaf50c69cd6181e65c41ac1e46cf891ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FF0F01363DBFB8A16C5BA064B6AD8AAAF50C69CD6181E65C41AC1E46CF891AD"
Last-Modified: Tue, 20 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17443
Expires: Wed, 21 Sep 2022 15:32:01 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

s.uuidksinc.net/match/396/?remote_uid=89B803C14DEA2A63DC036C67029CA6F2

31.220.27.134

302 Found

0 B

URL HTTP/2
s.uuidksinc.net/match/396/?remote_uid=89B803C14DEA2A63DC036C67029CA6F2
IP
31.220.27.134:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/396/?remote_uid=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.19.0
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=6QNgpQU4LKaO3HzmpFxg
set-cookie: jcsuuid=6QNgpQU4LKaO3HzmpFxg; expires=Thu, 21 Sep 2023 10:41:18 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0

88.198.16.238

302 Found

0 B

URL HTTP/2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP
88.198.16.238:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1663756878052
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-type: image/png
content-length: 0
location: https://5c84e6de-55c4-4bba-8064-951442aa780d.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
set-cookie: user_id=5c84e6de-55c4-4bba-8064-951442aa780d;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=5c84e6de-55c4-4bba-8064-951442aa780d;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C14DEA2A63DC036C67029CA6F2&cs=1

136.243.148.229

200 OK

35 B

URL HTTP/2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C14DEA2A63DC036C67029CA6F2&cs=1
IP
136.243.148.229:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C14DEA2A63DC036C67029CA6F2&cs=1 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=ec9fd273-3999-11ed-acfd-901b0e8b2a6e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-type: image/gif
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=ec9fd273-3999-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 21 Sep 2023 10:41:18 GMT; SameSite=None; Secure
uid-legacy=ec9fd273-3999-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 21 Sep 2023 10:41:18 GMT
X-Firefox-Spdy: h2

match.new-programmatic.com/userbind?src=sape&id=89B803C14DEA2A63DC036C67029CA6F2

217.65.2.150

204 No Content

0 B

URL HTTP/1.1
match.new-programmatic.com/userbind?src=sape&id=89B803C14DEA2A63DC036C67029CA6F2
IP
217.65.2.150:0
ASN
#3175 Filanco LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userbind?src=sape&id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.18.0
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d55db53fcebb4f51429de306e63545a7
87522c33be4f0a7767dd60551ab9cfc9958e9e4d
0c3b6835b2e7aa2bb66466305608b1ab6236431fadafa3a6fe32530f516dc23a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C3B6835B2E7AA2BB66466305608B1AB6236431FADAFA3A6FE32530F516DC23A"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7905
Expires: Wed, 21 Sep 2022 12:53:03 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

status.geotrust.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
status.geotrust.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3a67d25e1c7782b71e18d99fbc19143c
7ca3c086aa1e8071fd95e9b76e0a775b3b79f81c
b93e7d30cc78f935e16755e61c75946da734a077949d105f31b3ec6e80231cca

HTTP Headers

POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4852
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:41:18 GMT
Last-Modified: Wed, 21 Sep 2022 09:20:26 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279

www.acint.net/match?dp=127&euid=6QNgpQU4LKaO3HzmpFxg

185.12.125.26

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=127&euid=6QNgpQU4LKaO3HzmpFxg
IP
185.12.125.26:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=127&euid=6QNgpQU4LKaO3HzmpFxg HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 10:41:18 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
08d4db29c429e6f937cc4fcd718b0bfe
a82efa1179f9853eea82e25f8a575a0cd58aa5a7
33cc7e1528cd3c0358c442656146c740469bdf1f68facb8d3171af0fd9f76b67

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "33CC7E1528CD3C0358C442656146C740469BDF1F68FACB8D3171AF0FD9F76B67"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6428
Expires: Wed, 21 Sep 2022 12:28:26 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

nr.bidderstack.com/sape/cm?user_id=89B803C14DEA2A63DC036C67029CA6F2

148.251.217.100

200 OK

44 B

URL HTTP/1.1
nr.bidderstack.com/sape/cm?user_id=89B803C14DEA2A63DC036C67029CA6F2
IP
148.251.217.100:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
44 B (44 bytes)
Hash
f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

HTTP Headers

GET /sape/cm?user_id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=812d9557-b68d-4d41-9391-456046a60a9b; domain=.bidderstack.com; path=/; expires=Thu, 21-Sep-2023 10:41:18 GMT;
Access-Control-Allow-Credentials: true

sync.bumlam.com/?src=sap1&uid=89B803C14DEA2A63DC036C67029CA6F2

31.172.81.159

302 Moved Temporarily

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sap1&uid=89B803C14DEA2A63DC036C67029CA6F2
IP
31.172.81.159:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sap1&uid=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRlY2FkNjEwNi0zOTk5LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Tue, 16 Sep 2042 10:41:18 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjO1KuZBmIgODlCODAzQzE0REVBMkE2M0RDMDM2QzY3MDI5Q0E2RjKiARDsrWEGOZkR7YbgACWQwGR8
ETag: ecad6106-3999-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
1ac3f4fae3e6921a7230804b23acee49
e1603f0e1b0ed0ab64d13d4f7f9ef40a18d4fc2b
3b2b7034a7a1a0d27b365532b5cdede5302fc2cac1ed13162da1b366317d8e5a

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 25 Sep 2022 09:00:34 GMT
ETag: "e1603f0e1b0ed0ab64d13d4f7f9ef40a18d4fc2b"
Last-Modified: Wed, 21 Sep 2022 09:00:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1859
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e23008c8b7b4ff-OSL

www.acint.net/match?dp=129&euid=6e0otjtl16

185.12.125.26

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=129&euid=6e0otjtl16
IP
185.12.125.26:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=129&euid=6e0otjtl16 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 10:41:18 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

stat.adlabs.ru/merge_gpsid/?sid=50&id=89B803C14DEA2A63DC036C67029CA6F2

109.248.237.37

302 Found

0 B

URL HTTP/2
stat.adlabs.ru/merge_gpsid/?sid=50&id=89B803C14DEA2A63DC036C67029CA6F2
IP
109.248.237.37:0
ASN
#201009 Centre of server systems Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /merge_gpsid/?sid=50&id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: stat.adlabs.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=89B803C14DEA2A63DC036C67029CA6F2
X-Firefox-Spdy: h2

cs.agency2.ru/p?ssp=sp&uid=89B803C14DEA2A63DC036C67029CA6F2

23.111.107.44

301 Moved Permanently

0 B

URL HTTP/1.1
cs.agency2.ru/p?ssp=sp&uid=89B803C14DEA2A63DC036C67029CA6F2
IP
23.111.107.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sp&uid=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=0be9b619-84bb-4daf-931b-e779ad19b6f7
Set-Cookie: uuid=0be9b619-84bb-4daf-931b-e779ad19b6f7; expires=Tue, 12 Sep 2023 10:41:18 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
384432327e59911893dde92354ad4004
9072301d1849be2ae1124b82d6e8a5ff813c6fed
47dc57891100bb43fefd0e8a5ea71455f31488cfc947245a4082bdd9dc438a9a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3680
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:41:18 GMT
Last-Modified: Wed, 21 Sep 2022 09:39:58 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279

push.services.mozilla.com/

44.237.239.70

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.237.239.70:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GSy02MdS4HOd90lxuuLFHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rMAIFLclx0QZhqFR8YR7wrFhvWU=

top-fwz1.mail.ru/counter?id=1221995;t=51;js=13;r=;j=false;s=1280*1024;d=24;rand=0.32849768360931497;ver=30

95.163.52.67

302 Found

0 B

URL HTTP/2
top-fwz1.mail.ru/counter?id=1221995;t=51;js=13;r=;j=false;s=1280*1024;d=24;rand=0.32849768360931497;ver=30
IP
95.163.52.67:0
ASN
#47764 Mail.Ru LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /counter?id=1221995;t=51;js=13;r=;j=false;s=1280*1024;d=24;rand=0.32849768360931497;ver=30 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.chersonesos.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?id=1221995;t=51;js=13;r=;j=false;s=1280*1024;d=24;rand=0.32849768360931497;ver=30
set-cookie: FTID=1RMYgQ0tkIIC:1663756878:1221995:::; path=/; expires=Fri, 22-Sep-23 10:41:18 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
a2e812044128f3a98fbd7fda6a36e44d
6a701d845c7a70b1dd10d7f5e047011ae3689360
763986ad47e03273f158fa35b26da01d56de2460e8c1321a3fbea96fe22eb7f7

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 25 Sep 2022 06:21:39 GMT
ETag: "6a701d845c7a70b1dd10d7f5e047011ae3689360"
Last-Modified: Wed, 21 Sep 2022 06:21:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2529
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e230090f020b3d-OSL

mediatoday.ru/core/match.gif?s=32&id=89B803C14DEA2A63DC036C67029CA6F2

139.45.228.100

200 OK

43 B

URL HTTP/2
mediatoday.ru/core/match.gif?s=32&id=89B803C14DEA2A63DC036C67029CA6F2
IP
139.45.228.100:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /core/match.gif?s=32&id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 21 Sep 2022 10:41:18 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUl4Tk1sSJV78my; expires=Sat, 18-Sep-2032 10:41:18 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2

www.acint.net/match?dp=186&euid=0be9b619-84bb-4daf-931b-e779ad19b6f7

185.12.125.26

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=186&euid=0be9b619-84bb-4daf-931b-e779ad19b6f7
IP
185.12.125.26:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=186&euid=0be9b619-84bb-4daf-931b-e779ad19b6f7 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 10:41:18 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sync.dmp.otm-r.com/match/sape?id=89B803C14DEA2A63DC036C67029CA6F2

138.201.65.74

204 No Content

0 B

URL HTTP/2
sync.dmp.otm-r.com/match/sape?id=89B803C14DEA2A63DC036C67029CA6F2
IP
138.201.65.74:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/sape?id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx/1.17.4
date: Wed, 21 Sep 2022 10:41:18 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
b7a94989f12f648eec81340e4dd79f81
4ae50c94f39c12046d8522d440f5bb81781d4e9a
47c1d49b8357ed71a8cf8dc9fc0a120b64c65fa4f00a11b05616404729dd7d8e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 00:21:03 GMT
Expires: Sun, 25 Sep 2022 00:21:02 GMT
Etag: "4ae50c94f39c12046d8522d440f5bb81781d4e9a"
Cache-Control: max-age=307783,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e230080b4cb51b-OSL

sync.bumlam.com/?src=sap1&s_data=CAIQARjO1KuZBmIgODlCODAzQzE0REVBMkE2M0RDMDM2QzY3MDI5Q0E2RjKiARDsrWEGOZkR7YbgACWQwGR8

31.172.81.159

200 OK

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sap1&s_data=CAIQARjO1KuZBmIgODlCODAzQzE0REVBMkE2M0RDMDM2QzY3MDI5Q0E2RjKiARDsrWEGOZkR7YbgACWQwGR8
IP
31.172.81.159:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sap1&s_data=CAIQARjO1KuZBmIgODlCODAzQzE0REVBMkE2M0RDMDM2QzY3MDI5Q0E2RjKiARDsrWEGOZkR7YbgACWQwGR8 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRlY2FkNjEwNi0zOTk5LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRlY2FkNjEwNi0zOTk5LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Tue, 16 Sep 2042 10:41:18 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

top-fwz1.mail.ru/counter2?id=1221995;t=51;js=13;r=;j=false;s=1280*1024;d=24;rand=0.32849768360931497;ver=30

95.163.52.67

200 OK

630 B

URL HTTP/2
top-fwz1.mail.ru/counter2?id=1221995;t=51;js=13;r=;j=false;s=1280*1024;d=24;rand=0.32849768360931497;ver=30
IP
95.163.52.67:0
ASN
#47764 Mail.Ru LLC

File type
GIF image data, version 87a, 88 x 31\012- data
Size
630 B (630 bytes)
Hash
091f148ecb0ea5ff0722971874baa230
e34a7edacf6c48b998e55ccaf476215ab75c3a9d
f921adaa98a953fcc26356f075d10139f76d02502d03d0bf2ecc33e676c6933d

HTTP Headers

GET /counter2?id=1221995;t=51;js=13;r=;j=false;s=1280*1024;d=24;rand=0.32849768360931497;ver=30 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.chersonesos.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-type: image/gif
content-length: 630
set-cookie: FTID=1RMYgQ0tkIIC:1663756878:1221995:::; path=/; expires=Fri, 22-Sep-23 10:41:18 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7dac52c8875f8ee9a985c4b24cf0ca34
6f0cfe099f389167c4660ab1eab1be5dd9a0b3a5
9d9e74f7121399f63901dda5622e7ae4e2199c44358a421780c2b1c2fc41114d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D9E74F7121399F63901DDA5622E7AE4E2199C44358A421780C2B1C2FC41114D"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12198
Expires: Wed, 21 Sep 2022 14:04:36 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

mc.yandex.ru/metrika/watch.js

87.250.251.119

200 OK

57 kB

URL HTTP/2
mc.yandex.ru/metrika/watch.js
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (570)
Size
57 kB (56984 bytes)
Hash
586a53abefa89b60f73e53e4f44e6f2f
d4c50345603590468c539f46853ce78140f7664a
8472faf943b35943b628eb70fb721ec98aa217d2526631f884f117994c2a8095

HTTP Headers

GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.chersonesos.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 56984
date: Wed, 21 Sep 2022 10:41:18 GMT
access-control-allow-origin: *
etag: "63295b76-de98"
expires: Wed, 21 Sep 2022 11:41:18 GMT
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D

88.198.31.232

301 Moved Permanently

115 B

URL HTTP/2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP
88.198.31.232:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text
Size
115 B (115 bytes)
Hash
69e1a7e5772be8a4c7b88d4ce5b39b5b
6a4c0d3539958d431179cf5984bffa32ce35d3fe
fc98d4728c121790af14593d5d9faf8dfd262fea31a9a753a5a8bcdf9ad39875

HTTP Headers

GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=b54b0ba1-219b-4084-5b48-4eb859cd7f17
serverid: TODO
X-Firefox-Spdy: h2

www.acint.net/match?dp=126&euid=b54b0ba1-219b-4084-5b48-4eb859cd7f17

185.12.125.26

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=126&euid=b54b0ba1-219b-4084-5b48-4eb859cd7f17
IP
185.12.125.26:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=126&euid=b54b0ba1-219b-4084-5b48-4eb859cd7f17 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 10:41:18 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

89b803c14dea2a63dc036c67029ca6f2-sp.ops.beeline.ru/p?ssp=sp&id=89B803C14DEA2A63DC036C67029CA6F2

37.9.245.57

301 Moved Permanently

0 B

URL HTTP/2
89b803c14dea2a63dc036c67029ca6f2-sp.ops.beeline.ru/p?ssp=sp&id=89B803C14DEA2A63DC036C67029CA6F2
IP
37.9.245.57:0
ASN
#16345 PVimpelCom

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sp&id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: 89b803c14dea2a63dc036c67029ca6f2-sp.ops.beeline.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=9d1c215c-24ef-41d3-82e0-13b7e13ec915
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=9d1c215c-24ef-41d3-82e0-13b7e13ec915; expires=Tue, 12 Sep 2023 10:41:18 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.31
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
c5684fa24debcdd55cb7b6ea4e52de52
72dd5651384cd773852d35bdacce2cce2af4f03e
2c5e85a611daf54ab76aa6530645e2b27d6dc3b1ef2ccfc18351dcaf5162ec2d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 11:26:46 GMT
Expires: Sun, 25 Sep 2022 11:26:45 GMT
Etag: "72dd5651384cd773852d35bdacce2cce2af4f03e"
Cache-Control: max-age=347726,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e230091838b524-OSL

www.acint.net/match?dp=111&euid=9d1c215c-24ef-41d3-82e0-13b7e13ec915

185.12.125.26

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=111&euid=9d1c215c-24ef-41d3-82e0-13b7e13ec915
IP
185.12.125.26:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=111&euid=9d1c215c-24ef-41d3-82e0-13b7e13ec915 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 10:41:18 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/advert.gif

87.250.251.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.chersonesos.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Wed, 21 Sep 2022 10:41:18 GMT
access-control-allow-origin: *
etag: "63295b76-2b"
expires: Wed, 21 Sep 2022 11:41:18 GMT
accept-ranges: bytes
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/26812653?wmode=7&page-url=http%3A%2F%2Fwww.chersonesos.org%2F%3Fp%3Dct_map35&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.11.0%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1347084678311%3Ahid%3A146048660%3Az%3A0%3Ai%3A20220921104118%3Aet%3A1663756878%3Ac%3A1%3Arn%3A168226262%3Arqn%3A1%3Au%3A1663756878180769721%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A11%2C44%2C63%2C45%2C-5%2C0%2C%2C570%2C35%2C%2C%2C%2C834%3Ans%3A1663756876573%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663756878%3At%3A%D0%9C%D0%BE%D0%BD%D0%B5%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B2%D0%BE%D1%80%20-%20%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D0%B8%D1%89%D0%B5%20-%20%D0%9E%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B5%D1%81%D0%B5&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)

87.250.251.119

302 Found

407 B

URL HTTP/2
mc.yandex.ru/watch/26812653?wmode=7&page-url=http%3A%2F%2Fwww.chersonesos.org%2F%3Fp%3Dct_map35&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.11.0%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1347084678311%3Ahid%3A146048660%3Az%3A0%3Ai%3A20220921104118%3Aet%3A1663756878%3Ac%3A1%3Arn%3A168226262%3Arqn%3A1%3Au%3A1663756878180769721%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A11%2C44%2C63%2C45%2C-5%2C0%2C%2C570%2C35%2C%2C%2C%2C834%3Ans%3A1663756876573%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663756878%3At%3A%D0%9C%D0%BE%D0%BD%D0%B5%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B2%D0%BE%D1%80%20-%20%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D0%B8%D1%89%D0%B5%20-%20%D0%9E%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B5%D1%81%D0%B5&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Size
407 B (407 bytes)
Hash
b5992fc0cfe73a8152f1186e0b3b2b97
19619893b40188993a66449a918c7a9f4d2f9e6c
1f38c19346f97a1de7b0f18b680608e4e9e95f10976987eb11a953bc790fdc7d

HTTP Headers

GET /watch/26812653?wmode=7&page-url=http%3A%2F%2Fwww.chersonesos.org%2F%3Fp%3Dct_map35&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.11.0%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1347084678311%3Ahid%3A146048660%3Az%3A0%3Ai%3A20220921104118%3Aet%3A1663756878%3Ac%3A1%3Arn%3A168226262%3Arqn%3A1%3Au%3A1663756878180769721%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A11%2C44%2C63%2C45%2C-5%2C0%2C%2C570%2C35%2C%2C%2C%2C834%3Ans%3A1663756876573%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663756878%3At%3A%D0%9C%D0%BE%D0%BD%D0%B5%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B2%D0%BE%D1%80%20-%20%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D0%B8%D1%89%D0%B5%20-%20%D0%9E%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B5%D1%81%D0%B5&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.chersonesos.org
Connection: keep-alive
Referer: http://www.chersonesos.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: /watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fwww.chersonesos.org%2F%3Fp%3Dct_map35&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.11.0%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1347084678311%3Ahid%3A146048660%3Az%3A0%3Ai%3A20220921104118%3Aet%3A1663756878%3Ac%3A1%3Arn%3A168226262%3Arqn%3A1%3Au%3A1663756878180769721%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A11%2C44%2C63%2C45%2C-5%2C0%2C%2C570%2C35%2C%2C%2C%2C834%3Ans%3A1663756876573%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663756878%3At%3A%D0%9C%D0%BE%D0%BD%D0%B5%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B2%D0%BE%D1%80%20-%20%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D0%B8%D1%89%D0%B5%20-%20%D0%9E%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B5%D1%81%D0%B5&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 21 Sep 2022 10:41:18 GMT
access-control-allow-origin: http://www.chersonesos.org
set-cookie: yandexuid=2577536531663756878; Expires=Thu, 21-Sep-2023 10:41:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2577536531663756878; Expires=Thu, 21-Sep-2023 10:41:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2276270541663756878; Path=/; SameSite=None; Secure
i=m2HUGi+yaOzZjcQyQE44pyM0N76g4J0mCdbV+MEd5i0IZpgInKO1mKOlDuR3AowZnkYsZFLcCam8e47EevtJlxbeTX8=; Expires=Sat, 18-Sep-2032 10:41:17 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695292878.yrts.1663756878#1695292878.yrtsi.1663756878; Expires=Thu, 21-Sep-2023 10:41:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21-Sep-2022 10:41:18 GMT
last-modified: Wed, 21-Sep-2022 10:41:18 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:41:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
3796af71f8152e32fa0d79eda422767d
6899c7c4d5fedffd6f69b1883cd640357fad4042
efbbdd96987db9007a40eb0acc5e854f15d2655f3cd6a8b89ad0c0497899ca06

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 25 Sep 2022 09:31:00 GMT
ETag: "6899c7c4d5fedffd6f69b1883cd640357fad4042"
Last-Modified: Wed, 21 Sep 2022 09:31:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1606
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e2300d2c150b3d-OSL

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
3796af71f8152e32fa0d79eda422767d
6899c7c4d5fedffd6f69b1883cd640357fad4042
efbbdd96987db9007a40eb0acc5e854f15d2655f3cd6a8b89ad0c0497899ca06

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 25 Sep 2022 09:31:00 GMT
ETag: "6899c7c4d5fedffd6f69b1883cd640357fad4042"
Last-Modified: Wed, 21 Sep 2022 09:31:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1606
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e2300d5c400b3d-OSL

cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=ibgDwU3qKmPcA2xnApym8g

142.250.74.34

200 OK

170 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=ibgDwU3qKmPcA2xnApym8g
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
170 B (170 bytes)
Hash
e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

HTTP Headers

GET /pixel?google_nid=agentstvo_sape_limited&google_hm=ibgDwU3qKmPcA2xnApym8g HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
date: Wed, 21 Sep 2022 10:41:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/89B803C14DEA2A63DC036C67029CA6F2

93.95.102.105

204 No Content

0 B

URL HTTP/2
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/89B803C14DEA2A63DC036C67029CA6F2
IP
93.95.102.105:0
ASN
#48347 JSC Mediasoft ekspert

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cookie_matching_ssp/Sape-dsp/89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
set-cookie: uid=XV9maWMq6k46qoY4Gn0zAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
0fa471221f8f5e1d23dff5de3d87dd0b
336a9c17de788b94418bf905bfa48115cfd4e7c7
87c425e6a8d4d0949fc636b934d7869cf76c14e30de2ae27b136de59a54eb94b

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 25 Sep 2022 09:31:30 GMT
ETag: "336a9c17de788b94418bf905bfa48115cfd4e7c7"
Last-Modified: Wed, 21 Sep 2022 09:31:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 785
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e2300d6e8fb4ff-OSL

ocsp.usertrust.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
ddbcbecfc057efc5818baa2d00bf3be9
81959b98f864c8b48587bae773c5a8a33748b4e2
745b010b944478b94b2f6d8dad754fb395abb7dede46876df67be8f0f2283fea

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 04:18:18 GMT
Expires: Mon, 26 Sep 2022 04:18:17 GMT
Etag: "81959b98f864c8b48587bae773c5a8a33748b4e2"
Cache-Control: max-age=600121,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 348
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e2300d7c8a0b3d-OSL

sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D

77.245.57.72

200 OK

0 B

URL HTTP/1.1
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP
77.245.57.72:0
ASN
#36057 WEBAIR-INTERNET-MTL

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 0
Connection: close

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
330a7be23b8bb6740b9cbeb4c71f4b10
38acf0c9f2d93466e4e7c78d8199a50b818c1730
a282bf1769eae099fc86f7a1bb4d2cc92e3098ec42d67463253d914a7cb2b650

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4341
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:41:18 GMT
Last-Modified: Wed, 21 Sep 2022 09:28:57 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691

195.209.108.38

302 Moved Temporarily

0 B

URL HTTP/1.1
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP
195.209.108.38:0
ASN
#52007 LLC AdRiver

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-4460424563; expires=Fri, 20 Sep 2024 10:41:18 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4460424563
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

5c84e6de-55c4-4bba-8064-951442aa780d.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19

136.243.48.22

302 Found

0 B

URL HTTP/2
5c84e6de-55c4-4bba-8064-951442aa780d.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
IP
136.243.48.22:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP/1.1
Host: 5c84e6de-55c4-4bba-8064-951442aa780d.sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1663756878052; user_id=5c84e6de-55c4-4bba-8064-951442aa780d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=5c84e6de-55c4-4bba-8064-951442aa780d;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=5c84e6de-55c4-4bba-8064-951442aa780d;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=5c84e6de-55c4-4bba-8064-951442aa780d
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=89B803C14DEA2A63DC036C67029CA6F2

195.209.111.13

200 OK

42 B

URL HTTP/1.1
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=89B803C14DEA2A63DC036C67029CA6F2
IP
195.209.111.13:0
ASN
#52007 LLC AdRiver

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cgi-bin/sync.cgi?dsp_id=153&external_id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
2dfd3681efb1f9a13c89875d48425c3d
92f1294ef39595dd86175b6bfc879bd2dabdb32a
952a4d2ae7dc2b18aafe20b053081a19bd782e9d4afcd8d065d313200f212801

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 25 Sep 2022 09:00:28 GMT
ETag: "92f1294ef39595dd86175b6bfc879bd2dabdb32a"
Last-Modified: Wed, 21 Sep 2022 09:00:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 315
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e2300dbcf90b3d-OSL

www.acint.net/match?dp=71&euid=5c84e6de-55c4-4bba-8064-951442aa780d

185.12.125.26

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=71&euid=5c84e6de-55c4-4bba-8064-951442aa780d
IP
185.12.125.26:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=71&euid=5c84e6de-55c4-4bba-8064-951442aa780d HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 10:41:19 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c9f43883942b62e69fddb651d99a3dd1
7c66254b2619fe098291f70ff23fccad3339b069
87cc1ed52f443895e5d7615695d2d1162e0bd93edf17990029727e52ce33256b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87CC1ED52F443895E5D7615695D2D1162E0BD93EDF17990029727E52CE33256B"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14834
Expires: Wed, 21 Sep 2022 14:48:33 GMT
Date: Wed, 21 Sep 2022 10:41:19 GMT
Connection: keep-alive

ad.mail.ru/cm.gif?p=48&id=89B803C14DEA2A63DC036C67029CA6F2

95.163.41.56

200 OK

43 B

URL HTTP/2
ad.mail.ru/cm.gif?p=48&id=89B803C14DEA2A63DC036C67029CA6F2
IP
95.163.41.56:0
ASN
#47764 Mail.Ru LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /cm.gif?p=48&id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=0TLQWI0kZf2C0020ep1cm62C:::0-0-0-845430e:CAASELWkZKlX5XBI2YAfIa6U_5caYHKFW77BBWhRaQlEsTiiVeDdnU714n7-KVCpplXBqoiOrA0yOkCadefpciJbMS-v4DPYE9JYJvvEsieZWPz224caI2nKRR1lbMLs5w7sTi4P68iND0NRsqNXWPDoXyln8Q; path=/; expires=Fri, 22-Sep-23 10:41:18 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Wed, 21 Sep 2022 16:41:18 GMT
cache-control: max-age=21600
last-modified: Wed, 21 Sep 2022 10:41:18 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:41:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sape-sync.rutarget.ru/sync

188.72.107.156

302 Moved Temporarily

0 B

URL HTTP/1.1
sape-sync.rutarget.ru/sync
IP
188.72.107.156:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=3WpUTtVkKXBR
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=3WpUTtVkKXBR; Path=/; Domain=.rutarget.ru; Expires=Mon, 20 Mar 2023 10:41:19 GMT; SameSite=None; Secure

ocsp.globalsign.com/gseccovsslca2018

104.18.20.226

200 OK

940 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
940 B (940 bytes)
Hash
b02346f5db6398d9a47911943eb374c6
cd78cb3571154e38b8c74e99fe8ccc999809e149
158c7492dcb3f5a463229842cb1f744dc8622b44d0777877d86ca4af62379a32

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Sun, 25 Sep 2022 09:32:15 GMT
ETag: "cd78cb3571154e38b8c74e99fe8ccc999809e149"
Last-Modified: Wed, 21 Sep 2022 09:32:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2703
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e2300dfd520b3d-OSL

ssp.bidvol.com/usersync?dspcsid=8&redirect=1

65.109.23.99

302 Found

0 B

URL HTTP/2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP
65.109.23.99:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.22.0
date: Wed, 21 Sep 2022 10:41:18 GMT
x-request-id: 5c5c5f01-e9f9-4c10-a95c-a8580654581e
set-cookie: bvuid=6e0otjtl16; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=6e0otjtl16; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=6e0otjtl16
X-Firefox-Spdy: h2

www.acint.net/mc/?dp=10&tc=1

185.12.125.26

200 OK

1.9 kB

URL HTTP/2
www.acint.net/mc/?dp=10&tc=1
IP
185.12.125.26:0
ASN
#50214 QWARTA LLC

File type
data
Size
1.9 kB (1939 bytes)
Hash
76d88356cdedfc32332176b5ddf05614
e6606beffdcc3819f27655aee9cee62356ed325b
d6c9388c3652ad68053f050d7f3c0713d006e5333266ae6102f9622c53038d5c

HTTP Headers

GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.chersonesos.org/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 10:41:17 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1663756877; expires=Thu, 22-Sep-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp54v2=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp77=1663756877; expires=Wed, 05-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp84=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1663756877; expires=Wed, 05-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp111v2=1663756877; expires=Wed, 05-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp112v2=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v2=1663756877; expires=Thu, 06-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp138=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp144=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp179=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2

tag.digitaltarget.ru/adcm.js

185.15.175.174

200 OK

3.1 kB

URL HTTP/1.1
tag.digitaltarget.ru/adcm.js
IP
185.15.175.174:0
ASN
#43226 SafeData LLC

File type
ASCII text, with very long lines (3051), with no line terminators
Size
3.1 kB (3051 bytes)
Hash
e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

HTTP Headers

GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Wed, 21 Sep 2022 10:34:35 GMT
Connection: keep-alive
ETag: "632ae8bb-beb"
Accept-Ranges: bytes

px.adhigh.net/p/cm/sape?u=89B803C14DEA2A63DC036C67029CA6F2

193.232.150.60

302 Found

0 B

URL HTTP/2
px.adhigh.net/p/cm/sape?u=89B803C14DEA2A63DC036C67029CA6F2
IP
193.232.150.60:0
ASN
#48061 Limited Liability Company GPM Digital Technologies

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/cm/sape?u=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 10:41:19 GMT
content-length: 0
x-backend-id: f20-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=LaEsZJ88hdH.AikABlGDX6NE2w;Path=/;Domain=.adhigh.net;Expires=Thu, 21-Sep-2023 10:41:19 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=89B803C14DEA2A63DC036C67029CA6F2&bounced=1
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=73&external_user_id=89B803C14DEA2A63DC036C67029CA6F2

188.42.191.196

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=73&external_user_id=89B803C14DEA2A63DC036C67029CA6F2
IP
188.42.191.196:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=73&external_user_id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=89B803C14DEA2A63DC036C67029CA6F2&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com
tuuid=d7d52708-b6eb-5208-85a5-0d2de68fe762; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com
ut=YyrqTwABsZhKYsA1H9dsj0lWb6hB7Pdy3rFN0g==; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

adlmerge.com/merge_gpsid/?sid=50&id=89B803C14DEA2A63DC036C67029CA6F2

95.211.66.35

200 OK

515 B

URL HTTP/2
adlmerge.com/merge_gpsid/?sid=50&id=89B803C14DEA2A63DC036C67029CA6F2
IP
95.211.66.35:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
515 B (515 bytes)
Hash
6cb509b886fe357fb4e131c64d06476a
5c00c9b63fbb8cd01c46d7322650f02e01a52a53
ce2a9a0e0a1947df4b556510e8beef65f6c1a6896bea335b4cbd6c9bcc4383ad

HTTP Headers

GET /merge_gpsid/?sid=50&id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: adlmerge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 21 Sep 2022 10:41:18 GMT
content-type: image/gif
iseu: eu
X-Firefox-Spdy: h2

www.acint.net/match?dp=104&euid=3WpUTtVkKXBR

185.12.125.26

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=104&euid=3WpUTtVkKXBR
IP
185.12.125.26:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=104&euid=3WpUTtVkKXBR HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 10:41:19 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D

188.42.191.196

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP
188.42.191.196:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com
tuuid=5efa22b6-c79d-5208-8c3f-d4c5ef153e8a; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com
ut=YyrqTwACXXh_U59IK0dZHgqvRconopw5AXFYRQ==; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

sm.rtb.mts.ru/match/second?ssp=30&exu=89B803C14DEA2A63DC036C67029CA6F2

217.66.147.165

301 Moved Permanently

0 B

URL HTTP/1.1
sm.rtb.mts.ru/match/second?ssp=30&exu=89B803C14DEA2A63DC036C67029CA6F2
IP
217.66.147.165:0
ASN
#29209 MTS PJSC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/second?ssp=30&exu=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://tech.rtb.mts.ru/

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
1095cbeab0f073ac21b542ece43906e4
6a95016d800f003c5a9be4fb1a806178aeb263b3
cea83b7581093c0900582f4034033ef7b759a15163cd164b513f7cc47de60694

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 14:18:44 GMT
Expires: Tue, 27 Sep 2022 14:18:43 GMT
Etag: "6a95016d800f003c5a9be4fb1a806178aeb263b3"
Cache-Control: max-age=530843,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e2300daa5ab523-OSL

px.adhigh.net/p/cm/sape?u=89B803C14DEA2A63DC036C67029CA6F2&bounced=1

193.232.150.60

200 OK

49 B

URL HTTP/2
px.adhigh.net/p/cm/sape?u=89B803C14DEA2A63DC036C67029CA6F2&bounced=1
IP
193.232.150.60:0
ASN
#48061 Limited Liability Company GPM Digital Technologies

File type
GIF image data, version 89a, 1 x 1\012- data
Size
49 B (49 bytes)
Hash
889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

HTTP Headers

GET /p/cm/sape?u=89B803C14DEA2A63DC036C67029CA6F2&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 10:41:19 GMT
content-type: image/gif
content-length: 49
x-backend-id: f20-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2

x01.aidata.io/0.gif?pid=9401454&id=89B803C14DEA2A63DC036C67029CA6F2

89.108.119.43

302 Found

0 B

URL HTTP/2
x01.aidata.io/0.gif?pid=9401454&id=89B803C14DEA2A63DC036C67029CA6F2
IP
89.108.119.43:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0.gif?pid=9401454&id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 10:41:19 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=89B803C14DEA2A63DC036C67029CA6F2&bounce=1
expires: Wed, 21 Sep 2022 10:41:18 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Wed, 21 Sep 2022 10:41:18 GMT
set-cookie: __upin=/JyH5GBBtaIzBLCCAwvssQ;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1663756879;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=73&external_user_id=89B803C14DEA2A63DC036C67029CA6F2&crf=1

188.42.191.196

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=73&external_user_id=89B803C14DEA2A63DC036C67029CA6F2&crf=1
IP
188.42.191.196:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=73&external_user_id=89B803C14DEA2A63DC036C67029CA6F2&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com
tuuid=33a392da-8065-5208-91ed-6af3f2c780bc; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com
ut=YyrqTwADwPD13HxVqG8wpbeB8HjX21n0VDVXGQ==; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1

188.42.191.196

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP
188.42.191.196:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com
tuuid=ec9fb7e5-9348-5208-874c-6bfce46681b3; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com
ut=YyrqTwADyMDsn3zYWZcf4h06sP7bteImSfjn0Q==; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

x01.aidata.io/0.gif?pid=9401454&id=89B803C14DEA2A63DC036C67029CA6F2&bounce=1

89.108.119.43

204 No Content

0 B

URL HTTP/2
x01.aidata.io/0.gif?pid=9401454&id=89B803C14DEA2A63DC036C67029CA6F2&bounce=1
IP
89.108.119.43:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0.gif?pid=9401454&id=89B803C14DEA2A63DC036C67029CA6F2&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 21 Sep 2022 10:41:19 GMT
expires: Wed, 21 Sep 2022 10:41:18 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Wed, 21 Sep 2022 10:41:18 GMT
set-cookie: __upin=4Xk4EcRPBUaea4S0XvhiqA;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1663756879;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4460424563

195.209.108.38

302 Moved Temporarily

40 B

URL HTTP/1.1
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4460424563
IP
195.209.108.38:0
ASN
#52007 LLC AdRiver

File type
ASCII text, with CRLF line terminators
Size
40 B (40 bytes)
Hash
251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b

HTTP Headers

GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4460424563 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Fri, 20 Sep 2024 10:41:19 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D

www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D

185.12.125.26

302 Found

154 B

URL HTTP/2
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP
185.12.125.26:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Wed, 21 Sep 2022 10:41:19 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=89B803C14DEA2A63DC036C67029CA6F2
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

tag.digitaltarget.ru/processor.js?i=55607016929651

185.15.175.174

200 OK

16 kB

URL HTTP/1.1
tag.digitaltarget.ru/processor.js?i=55607016929651
IP
185.15.175.174:0
ASN
#43226 SafeData LLC

File type
ASCII text, with very long lines (15892), with no line terminators
Size
16 kB (15892 bytes)
Hash
9d8bbf9b7d1aaed9a324a9cf9977dda4
d3365fba7f95ca11a9564b373162d1ddb06fcdbd
0935447866da8ca59df7d65710e0b68377a6dbc62c761e83ebfc83998f905788

HTTP Headers

GET /processor.js?i=55607016929651 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Type: application/javascript
Content-Length: 15892
Last-Modified: Wed, 21 Sep 2022 10:34:36 GMT
Connection: keep-alive
ETag: "632ae8bc-3e14"
Accept-Ranges: bytes

ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=89B803C14DEA2A63DC036C67029CA6F2

195.209.111.13

200 OK

42 B

URL HTTP/1.1
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=89B803C14DEA2A63DC036C67029CA6F2
IP
195.209.111.13:0
ASN
#52007 LLC AdRiver

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cgi-bin/sync.cgi?ssp_id=43&external_id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9135
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 10:41:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9135
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 10:41:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9135
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 10:41:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9135
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 10:41:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9135
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 10:41:19 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12654 bytes)
Hash
f7b780d39877eea116277625aaa01f1b
d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db
ca9d59056e0a3f512d36db11f4a4bd3109c2ce1e13b29b5f40dce84df079e71f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12654
x-amzn-requestid: efc99152-2b51-462d-b48b-67ba8263b1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOGVYoAMFcvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-00eeb6913e06ac151f293263;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wK03Lqow6u4lrQ3QI21klXXHGZqbKYathhCO87k0rZWBbF8o5YYjXw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:05:16 GMT
age: 12963
etag: "d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10244 bytes)
Hash
14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 14:38:21 GMT
age: 72178
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9201 bytes)
Hash
a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:43:18 GMT
age: 46681
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8826 bytes)
Hash
4eb6d1b35f680bfec656941b6167fd23
344c6000dbdafdb5105edc93a082d640c3e95ddc
67fc85fa0f1a55d57ab9db6f4c723fb9116ef3b2c5282dbdd42d9c37396bd7b9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8826
x-amzn-requestid: cf0c711e-4ec9-4f87-a60f-41374262a114
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYweUHIyoAMFYQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202df5-17ad5d4e25a754586e531d05;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:15:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OEbpCQXLpTCDZH4OlzVvvsc-bSgbsIoXRgX6f-nKVwJTL5-SVTCHeA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:56:09 GMT
age: 45910
etag: "344c6000dbdafdb5105edc93a082d640c3e95ddc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7507 bytes)
Hash
4d98acc059a69d51165fb5e0c7430ea3
09bd3300d710c3212483159f8398b84cde09da26
6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rq4QHCD4EubBKHyCj7jyKqpct5d7U33TvNufqj_w8mWunqQsouoh7w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:21:54 GMT
age: 44365
etag: "09bd3300d710c3212483159f8398b84cde09da26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6897 bytes)
Hash
8bae3a7a80ff40df1d701dfc925ddeff
91df60162a8322469cada0dd8eb93619f28aec1a
fab10c7ad4658bc191621d9f2042236a7b6e34448ce5215dde5b8d6a64b52952

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6897
x-amzn-requestid: 280a2e44-c21a-4d78-991b-3328e816d045
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YwWSpE0SoAMFaxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63299daa-55cb53491be78c4d5bed0462;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 11:02:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eNkM22Xu--qgJdsrH-UrTG5-Ie4nAsyLjiMaJ5ZKIz0bbw7cYrvFjw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 02:18:26 GMT
age: 30173
etag: "91df60162a8322469cada0dd8eb93619f28aec1a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

tech.rtb.mts.ru/

213.87.44.187

204 No Content

0 B

URL HTTP/1.1
tech.rtb.mts.ru/
IP
213.87.44.187:0
ASN
#13174 MTS PJSC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: tech.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Set-Cookie: mts_id=7a0a164a-8199-4feb-b49f-3ea44b04d1dd; Domain=mts.ru; expires=Fri, 30 Jul 2032 10:41:19 GMT; SameSite=None; Secure
mts_id_last_sync=1663756879; Domain=mts.ru; expires=Fri, 30 Jul 2032 10:41:19 GMT; SameSite=None; Secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d15eea4ee7bcab908fb1dca8e5e590c7
156cb5fc1e2fc5ea602880c2a8523a96c0145efd
7828b1f22addc2b108044b4a9b79ac64543ad2899c882b01413983739fd571da

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7828B1F22ADDC2B108044B4A9B79AC64543AD2899C882B01413983739FD571DA"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10980
Expires: Wed, 21 Sep 2022 13:44:19 GMT
Date: Wed, 21 Sep 2022 10:41:19 GMT
Connection: keep-alive

dmg.digitaltarget.ru/1/1093/i/i?i=995872473354382.760068391466566&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_noorient

185.15.175.145

307 Temporary Redirect

0 B

URL HTTP/1.1
dmg.digitaltarget.ru/1/1093/i/i?i=995872473354382.760068391466566&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
185.15.175.145:0
ASN
#43226 SafeData LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/1093/i/i?i=995872473354382.760068391466566&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=995872473354382.760068391466566&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=IZGzNbPamUpkkik7ul-l; Max-Age=93312000; Expires=Fri, 05 Sep 2025 10:41:19 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/1/1093/i/i?i=995872473354382.744254662777799&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

185.15.175.145

307 Temporary Redirect

0 B

URL HTTP/1.1
dmg.digitaltarget.ru/1/1093/i/i?i=995872473354382.744254662777799&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
185.15.175.145:0
ASN
#43226 SafeData LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/1093/i/i?i=995872473354382.744254662777799&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=995872473354382.744254662777799&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=qgGttyoad0xmyo77H5mA; Max-Age=93312000; Expires=Fri, 05 Sep 2025 10:41:19 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=995872473354382.744254662777799&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

185.15.175.145

200 OK

64 B

URL HTTP/1.1
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=995872473354382.744254662777799&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
185.15.175.145:0
ASN
#43226 SafeData LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8

HTTP Headers

GET /awg/custom/1093/i/i?call_source=awg&i=995872473354382.744254662777799&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 2
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=995872473354382.760068391466566&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_noorient

185.15.175.145

200 OK

64 B

URL HTTP/1.1
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=995872473354382.760068391466566&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
185.15.175.145:0
ASN
#43226 SafeData LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8

HTTP Headers

GET /awg/custom/1093/i/i?call_source=awg&i=995872473354382.760068391466566&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 2
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

www.acint.net/ping/?v=0.4.0&uid=bdec349b-015c-4f17-9038-1d3c7014bf26&dp=10&tz=%2B00%3A00&nc=99927179&dT=2022-09-21T10%3A41%3A20.595

185.12.125.26

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/ping/?v=0.4.0&uid=bdec349b-015c-4f17-9038-1d3c7014bf26&dp=10&tz=%2B00%3A00&nc=99927179&dT=2022-09-21T10%3A41%3A20.595
IP
185.12.125.26:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /ping/?v=0.4.0&uid=bdec349b-015c-4f17-9038-1d3c7014bf26&dp=10&tz=%2B00%3A00&nc=99927179&dT=2022-09-21T10%3A41%3A20.595 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 21 Sep 2022 10:41:20 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/ping/?v=0.4.0&uid=bdec349b-015c-4f17-9038-1d3c7014bf26&dp=10&tz=%2B00%3A00&nc=99927179&dT=2022-09-21T10%3A41%3A20.595

www.acint.net/ping/?v=0.4.0&uid=bdec349b-015c-4f17-9038-1d3c7014bf26&dp=10&tz=%2B00%3A00&nc=99927179&dT=2022-09-21T10%3A41%3A20.595

185.12.125.26

200 OK

43 B

URL HTTP/2
www.acint.net/ping/?v=0.4.0&uid=bdec349b-015c-4f17-9038-1d3c7014bf26&dp=10&tz=%2B00%3A00&nc=99927179&dT=2022-09-21T10%3A41%3A20.595
IP
185.12.125.26:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /ping/?v=0.4.0&uid=bdec349b-015c-4f17-9038-1d3c7014bf26&dp=10&tz=%2B00%3A00&nc=99927179&dT=2022-09-21T10%3A41%3A20.595 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.chersonesos.org/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 10:41:20 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

an.yandex.ru/mapuid/sapeis/89B803C14DEA2A63DC036C67029CA6F2?redir-setuniq=1

213.180.193.90

200 OK

0 B

URL HTTP/2
an.yandex.ru/mapuid/sapeis/89B803C14DEA2A63DC036C67029CA6F2?redir-setuniq=1
IP
213.180.193.90:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mapuid/sapeis/89B803C14DEA2A63DC036C67029CA6F2?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
timing-allow-origin: *
date: Wed, 21 Sep 2022 10:41:19 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21 Sep 2022 10:41:19 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 21 Sep 2022 10:41:19 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

dmp.gotechnology.io/match/sape?id=89B803C14DEA2A63DC036C67029CA6F2

142.132.209.136

408 Request Timeout

0 B

URL HTTP/2
dmp.gotechnology.io/match/sape?id=89B803C14DEA2A63DC036C67029CA6F2
IP
142.132.209.136:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /match/sape?id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 408 Request Timeout
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-type: text/plain; charset=utf-8
content-length: 15
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

an.yandex.ru/mapuid/sapeis/89B803C14DEA2A63DC036C67029CA6F2

213.180.193.90

302 Found

0 B

URL HTTP/2
an.yandex.ru/mapuid/sapeis/89B803C14DEA2A63DC036C67029CA6F2
IP
213.180.193.90:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mapuid/sapeis/89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/89B803C14DEA2A63DC036C67029CA6F2?redir-setuniq=1
date: Wed, 21 Sep 2022 10:41:19 GMT
set-cookie: yandexuid=8772509341663756879; domain=.yandex.ru; path=/; expires=Sat, 18-Sep-2032 10:41:19 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21 Sep 2022 10:41:19 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 21 Sep 2022 10:41:19 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (38)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations