Report - vladbard.blogspot.com/2017_11_30

Report Overview

Submitted URL
vladbard.blogspot.com/2017_11_30_archive.html
IP
216.58.207.193
ASN
#15169 GOOGLE
Submitted
2023-03-31 20:38:12
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-31T18:12:09Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-31T18:13:52Z	606 B	238 B	34.117.65.55
adx.com.ru	43296	2017-06-05T16:30:42Z	2023-04-01T06:48:40Z	886 B	1.3 kB	83.222.105.70
x01.aidata.io	12188	2016-03-31T17:36:46Z	2023-04-01T07:37:53Z	865 B	1.3 kB	89.108.119.43
efe5216e-d003-11ed-86e0-002590c0647c.n2.sync.bumlam.com	unknown	2023-03-31T22:38:04Z	2023-03-31T22:38:04Z	488 B	165 B	188.120.241.47
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-31T22:03:32Z	401 B	74 kB	142.250.74.72
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-31T19:19:20Z	695 B	452 B	216.239.32.36
acint.net	22962	2014-02-14T22:23:16Z	2023-04-01T06:48:41Z	2.6 kB	780 B	167.235.177.243
kimberlite.io	166512	2017-09-14T07:18:59Z	2023-04-01T06:48:40Z	417 B	655 B	89.108.127.68
exchange.buzzoola.com	18389	2014-10-17T17:20:27Z	2023-04-01T06:48:40Z	483 B	382 B	116.202.236.172
sync.programmatica.com	unknown	2022-12-17T02:18:07Z	2023-04-01T06:48:40Z	461 B	413 B	167.235.117.42
redirect.frontend.weborama.fr	8348	2017-05-04T17:00:27Z	2023-04-01T06:48:42Z	1.2 kB	1.5 kB	35.190.24.218
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-31T18:12:04Z	7.4 kB	20 kB	23.36.77.32
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-31T07:51:33Z	3.8 kB	70 kB	34.120.237.76
ssp.bestssp.com	90974	2017-06-10T10:55:20Z	2023-04-01T07:37:56Z	438 B	361 B	185.147.80.35
dm-eu.hybrid.ai	28847	2021-01-25T12:48:59Z	2023-03-31T09:06:04Z	419 B	528 B	37.230.131.22
pix.bumlam.com	92002	2022-03-29T11:19:43Z	2023-04-01T06:48:40Z	1.4 kB	2.1 kB	31.172.81.172
ads.betweendigital.com	1571	2012-10-30T06:08:04Z	2023-04-01T06:48:40Z	3.0 kB	3.8 kB	188.42.34.64
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-31T18:17:08Z	935 B	75 kB	104.18.10.207
ssp-rtb.sape.ru	31166	2016-02-02T18:01:03Z	2023-04-01T06:48:40Z	447 B	773 B	193.3.184.211
sync.gonet-ads.com	unknown	2023-02-03T12:32:31Z	2023-04-01T06:48:40Z	422 B	459 B	188.42.105.220
ocsp.usertrust.com	899	2012-05-21T17:43:18Z	2023-03-31T18:15:06Z	1.0 kB	3.0 kB	104.18.32.68
sm.rtb.mts.ru	27154	2019-03-26T15:10:01Z	2023-04-01T06:48:40Z	838 B	1.0 kB	217.66.147.34
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-31T23:45:41Z	1.7 kB	4.6 kB	172.64.155.188
sync.dmp.otm-r.com	19534	2017-02-03T08:19:51Z	2023-03-31T16:55:18Z	419 B	134 B	195.201.106.117
sape-sync.rutarget.ru	173587	2018-08-07T16:11:47Z	2023-04-01T06:48:40Z	380 B	409 B	46.243.142.239
an.yandex.ru	2577	2017-01-30T06:11:51Z	2023-03-24T18:22:03Z	856 B	14 kB	87.250.250.90
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-31T18:14:44Z	782 B	2.4 kB	35.241.9.150
vladbard.blogspot.com	unknown	2014-07-29T01:44:45Z	2023-03-31T20:54:56Z	850 B	70 kB	216.58.207.193
sync.bumlam.com	3243	2015-08-10T23:04:25Z	2023-04-01T06:48:40Z	1.4 kB	1.9 kB	31.172.81.158
mc.yandex.ru	2672	2012-05-21T11:38:30Z	2023-03-31T22:18:10Z	6.8 kB	84 kB	87.250.250.119
ad.mail.ru	7643	2012-06-22T21:38:09Z	2023-04-01T03:58:27Z	412 B	756 B	95.163.41.56
dmg.digitaltarget.ru	21471	2015-04-23T16:50:51Z	2023-04-01T03:57:46Z	3.6 kB	4.6 kB	185.15.175.148
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-31T21:42:43Z	378 B	21 kB	216.239.34.178
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-31T18:13:24Z	5.4 kB	27 kB	104.18.21.226
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-31T20:23:24Z	815 B	3.0 kB	142.250.74.106
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-31T21:23:20Z	398 B	35 kB	142.250.74.42
imgprx.livejournal.net	373377	2017-08-25T16:48:53Z	2023-03-29T12:50:11Z	1.0 kB	384 B	81.19.74.33
sync.1dmp.io	10017	2016-02-09T12:52:58Z	2023-04-01T06:48:40Z	502 B	230 B	87.242.89.90
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-31T18:12:03Z	4.5 kB	9.1 kB	142.250.74.131
img1.blogblog.com	65460	2012-05-22T09:35:04Z	2023-03-30T16:16:57Z	414 B	823 B	142.250.74.41
3.bp.blogspot.com	11048	2012-05-21T18:26:21Z	2023-03-31T11:55:26Z	1.0 kB	86 kB	142.250.74.161
s.uuidksinc.net	3423	2015-07-20T14:00:35Z	2023-04-01T06:48:40Z	424 B	322 B	185.98.54.153
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-31T18:42:09Z	616 B	597 B	64.233.161.155
a.utraff.com	39874	2019-02-27T11:01:37Z	2023-04-01T06:48:40Z	380 B	1.1 kB	104.21.59.66
ad.a-ads.com	26970	2013-04-19T23:54:57Z	2023-04-01T01:25:51Z	487 B	5.1 kB	78.46.174.169
ssp.bidvol.com	31817	2020-02-22T13:37:29Z	2023-04-01T06:48:40Z	398 B	1.1 kB	65.109.65.188
ssp.adriver.ru	12439	2014-01-10T14:39:33Z	2023-04-01T06:48:40Z	881 B	376 B	81.222.128.216
www.acint.net	29072	2014-02-14T22:23:16Z	2023-04-01T06:48:39Z	16 kB	32 kB	167.235.177.243
ic.pics.livejournal.com	133080	2012-07-20T18:04:48Z	2023-03-29T19:02:44Z	423 B	97 kB	5.101.71.73
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-31T18:29:50Z	1.1 kB	5.7 kB	104.18.20.226
nr.bidderstack.com	352019	2019-02-11T15:43:50Z	2023-04-01T06:48:40Z	421 B	381 B	23.88.12.14
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-31T18:18:04Z	413 B	5.9 kB	34.160.144.191
www.blogger.com	8975	2012-05-22T09:35:03Z	2023-03-31T18:35:17Z	417 B	8.5 kB	142.250.74.41
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-31T20:44:48Z	2.9 kB	110 kB	216.58.207.227
sync.upravel.com	28097	2017-05-29T11:13:46Z	2023-04-01T06:48:40Z	890 B	1.7 kB	148.251.236.118
px.adhigh.net	10272	2013-01-03T22:02:08Z	2023-04-01T03:58:27Z	848 B	1.0 kB	194.190.76.41
match.new-programmatic.com	33613	2020-02-18T21:50:06Z	2023-03-31T17:11:18Z	434 B	213 B	217.65.2.150
static.a-ads.com	34827	2013-06-01T18:47:05Z	2023-04-01T05:04:08Z	431 B	500 kB	78.46.174.169
ev.adriver.ru	unknown	2023-01-27T12:00:35Z	2023-04-01T06:48:40Z	875 B	1.4 kB	195.209.108.58
ads.adlook.me	43352	2018-11-28T13:50:19Z	2023-04-01T03:57:45Z	488 B	461 B	5.101.76.186
unitraffic.net	unknown	2022-04-16T10:14:37Z	2023-03-25T14:08:41Z	773 B	7.0 kB	85.208.187.144
1.bp.blogspot.com	8403	2012-05-21T15:44:19Z	2023-03-31T19:37:39Z	480 B	106 kB	142.250.74.161
counter.yadro.ru	7275	2014-09-09T20:41:17Z	2023-03-31T19:05:52Z	503 B	748 B	88.212.202.52
sync.adkernel.com	4993	2017-04-19T11:25:22Z	2023-04-01T03:57:45Z	469 B	158 B	77.245.57.72
tag.digitaltarget.ru	98193	2015-07-21T16:24:58Z	2023-04-01T06:48:40Z	384 B	16 kB	185.15.175.146

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-31	medium	vladbard.blogspot.com/2017_11_30_archive.html	Malware
2023-03-31	medium	vladbard.blogspot.com/2017_11_30_archive.html	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (27)

	URL	Size	First Seen	Last Seen
	vladbard.blogspot.com/2017_11_30_archive.html	537 B	2023-03-26	2023-06-17
Pretty URL vladbard.blogspot.com/2017_11_30_archive.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 03:23:21 Last Seen2023-06-17 17:15:37 Times Seen19 Hash dd24bf5240a53548cf64335c62338f8d 7afcfec4fc07850fa88f833530d13a4cdff8b592 b7d4752a5fb81b8ac12f87c28a8d95bbb883943aeed8fc6a451ce3d89fa3a3fa Loading...

	vladbard.blogspot.com/2017_11_30_archive.html	21 kB	2023-03-26	2023-06-17
Pretty URL vladbard.blogspot.com/2017_11_30_archive.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 03:23:21 Last Seen2023-06-17 17:15:38 Times Seen19 Hash da6230cbad184a80732394fbdab35d33 ee10f7bcb88cc284d7e6c3471899e2d9991de237 c81cf28a525dc2c222219ae3a963f7254551eed7d9cb7ca45e3c3820d570ef68 Loading...

	www.blogger.com/static/v1/widgets/194262808-widgets.js	158 kB	2023-03-29	2023-05-24
Pretty URL www.blogger.com/static/v1/widgets/194262808-widgets.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:55:18 Last Seen2023-05-24 13:40:58 Times Seen696 Hash ebb7046fee0ba1c9da2e90fc0535fec5 e537e69f90a4e5a7281faae4aee4b86d67d82300 55805f4cd47806b81ef9adeada99ec3aad803d7fa1006f48a390c77a1a50d2c6 Loading...

	vladbard.blogspot.com/2017_11_30_archive.html	8.6 kB	2023-04-01	2023-04-01
Pretty URL vladbard.blogspot.com/2017_11_30_archive.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:08:19 Last Seen2023-04-01 11:08:19 Times Seen1 Hash 05f09497975b554b0e4f6c4ce7ce500e cd9dcff47450c55831c12a26154c1ebf72d9b751 22a976338acbeb13df45e096ea80782b7440f1780ab6050bfadc4f54b826f8c8 Loading...

	www.acint.net/oci.js?t=1680295083137	32 kB	2023-03-12	2024-05-10
Pretty URL www.acint.net/oci.js?t=1680295083137 IP 167.235.177.243 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:09:04 Last Seen2024-05-10 16:15:46 Times Seen2204 Hash c3fa5133b6899a2abb39fb79ed94300f dc1d5c75420b38cd7509a783ed09345d0ff78ac4 66b141eb9ae44c86efc510844a71cf208c02d02abe03af3a7d8cc26736d3e19c Loading...

	www.acint.net/mc/?dp=10&tc=1	199 B	2023-04-01	2023-04-01
Pretty URL www.acint.net/mc/?dp=10&tc=1 IP 167.235.177.243 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:08:19 Last Seen2023-04-01 11:08:19 Times Seen1 Hash 2ca42c820a40035d5e677748cd9eb92c 8819e6b992a68f4cbf4c56bf0c75bbe73a5d4b54 90771550c2c078f5d3d130e52909544f5d0c2b2fa1c1f2afe8fae80834e6bc45 Loading...

	unknown	0 B	2023-03-07	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-10 18:26:48 Times Seen37515864 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	vladbard.blogspot.com/2017_11_30_archive.html	455 B	2023-03-26	2023-06-17
Pretty URL vladbard.blogspot.com/2017_11_30_archive.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 03:23:21 Last Seen2023-06-17 17:15:37 Times Seen19 Hash b85f3f5a2c989551882da3de5de28b2b b9d8d9b5e0a8fb68f5d4418d9d092085003a6ade 69dbbf6b6365e8a1667a17ff385a7ae2cda0f528691bf18e5d25a4e1e2e689da Loading...

	vladbard.blogspot.com/2017_11_30_archive.html	966 B	2023-03-26	2023-06-17
Pretty URL vladbard.blogspot.com/2017_11_30_archive.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 03:23:21 Last Seen2023-06-17 17:15:37 Times Seen19 Hash 7c0eabf8912513775e674a3c2d027bb9 d09533e9f3a1754064327281e7f5bc136c20dc46 2a387ecb08a983ffa622bb477510f74609beac75cdff27c5d4126159aabd4581 Loading...

	vladbard.blogspot.com/2017_11_30_archive.html	789 B	2023-03-07	2024-02-13
Pretty URL vladbard.blogspot.com/2017_11_30_archive.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-02-13 16:43:35 Times Seen49861 Hash 0699fb3015610319b1639f47466451f0 5f4d8a4022f3a687921d7b3dce01cfc5bd62248f 2443e5c9c4ba5a75e030860f998bcf800907b0d4b3c4017999c2ed7ac84eeefa Loading...

	vladbard.blogspot.com/js/cookienotice.js	6.5 kB	2023-03-07	2024-05-10
Pretty URL vladbard.blogspot.com/js/cookienotice.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-05-10 18:18:23 Times Seen116714 Hash a705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 Loading...

	www.acint.net/aci.js	24 kB	2023-03-13	2023-06-12
Pretty URL www.acint.net/aci.js IP 167.235.177.243 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:07:36 Last Seen2023-06-12 02:52:48 Times Seen787 Hash 8b47c553b5db9d368cda764c4138ada8 e93b817a219fad2762ef75ad6051a4d82afc582b eaba4c606dbd8ce6ad26a8bb999d30e855f8c1c5e194dc675b459c60679e8cb0 Loading...

	tag.digitaltarget.ru/adcm.js	3.1 kB	2023-03-07	2023-05-06
Pretty URL tag.digitaltarget.ru/adcm.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2023-05-06 00:46:41 Times Seen299 Hash e7097284185069f52fc736bcd50cda13 1cdfdf2d869841202079ddf91e0a00a8610812e6 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js	96 kB	2023-03-07	2024-05-10
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 16:42:31 Times Seen18775 Hash 8fc25e27d42774aeae6edbc0a18b72aa b66ed708717bf0b4a005a4d0113af8843ef3b8ff b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Loading...

	vladbard.blogspot.com/2017_11_30_archive.html	275 B	2023-03-07	2024-05-10
Pretty URL vladbard.blogspot.com/2017_11_30_archive.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-05-10 18:18:23 Times Seen58739 Hash 38ee2f6ddbe8a478e5795030e72ba35d d332319b04b273e3b9a93ffa22ba9036d59b8e99 97d98978d5864e77cd83bd79a0d31ced40631a6134a154e8f049bcc20f49a319 Loading...

	vladbard.blogspot.com/2017_11_30_archive.html	111 B	2023-03-26	2023-06-17
Pretty URL vladbard.blogspot.com/2017_11_30_archive.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 03:23:21 Last Seen2023-06-17 17:15:37 Times Seen19 Hash 5d44b4ebe663df1fee4705f2e986cdbb e274ed2a66a29878f09db2f168b9d4ba07f6c792 c77a8d5a04f8071415a1a9e5ab0f0fd98c93c94e2adba9df4fdb919974538830 Loading...

	vladbard.blogspot.com/2017_11_30_archive.html	306 B	2023-03-26	2023-06-17
Pretty URL vladbard.blogspot.com/2017_11_30_archive.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 03:23:21 Last Seen2023-06-17 17:15:37 Times Seen19 Hash bf54f2770ff9718248f4143f650c6577 ec2e6b28f400d6c26ea91618d0c9a1bb95f52414 c2873a0102f27c9ab109331873391df9b3c7e79ced74a14fc5f97f0d5af9fcce Loading...

	vladbard.blogspot.com/2017_11_30_archive.html	966 B	2023-03-26	2023-06-17
Pretty URL vladbard.blogspot.com/2017_11_30_archive.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 03:23:21 Last Seen2023-06-17 17:15:38 Times Seen19 Hash ca6148d253b4534fd9ddf23db1bff4d4 bcb6bf0d1502f8c2e4e0481e652f34351079bd81 3a5467526dca695d1908efc01580cec0a64d9052215e8e29eeb907de0cf39a4d Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 216.239.34.178 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www.googletagmanager.com/gtag/js?id=G-96TCBCX053&cx=c&_slc=1	203 kB	2023-04-01	2023-04-01
Pretty URL www.googletagmanager.com/gtag/js?id=G-96TCBCX053&cx=c&_slc=1 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:08:19 Last Seen2023-04-01 11:08:19 Times Seen1 Hash f770209ecb8642a471fd29d16fe8136a 0215829789d5078aa2b73aa5e06229ed99dc73eb 13cbef5a412d73073039f5015f44dd9470cbf9757e0a663b85280ea32e826d60 Loading...

	vladbard.blogspot.com/2017_11_30_archive.html	250 B	2023-03-07	2024-05-10
Pretty URL vladbard.blogspot.com/2017_11_30_archive.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:22 Last Seen2024-05-10 08:04:12 Times Seen653 Hash 537357420024d824760d7686fbdf31fe 5e14660b667fdc602c82300ccf3253afc242e4bb ca2f5769fc415a62dd2cd8af83b9b64604715e602f6de4c7741f9992a7003a29 Loading...

	vladbard.blogspot.com/2017_11_30_archive.html	124 kB	2023-03-26	2023-06-17
Pretty URL vladbard.blogspot.com/2017_11_30_archive.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 03:23:21 Last Seen2023-06-17 17:15:37 Times Seen18 Hash 8e82f4312b53760c1466e4de35f1b083 703b43c4735c1cac4a591227a7ce839c42248d31 72b46fde869583aebffd49df43d9bd0536fe8cb77a959356049c4c9c31df2826 Loading...

	unitraffic.net/banner.php?user=1546	1.6 kB	2023-03-26	2023-06-17
Pretty URL unitraffic.net/banner.php?user=1546 IP 85.208.187.144 ASN #204601 Zomro B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 03:23:21 Last Seen2023-06-17 17:15:07 Times Seen11 Hash 1e948b1cd4be004c3c10180f101f27c0 a5e3eb4dac0d4a0780460643dc75820a68ea9b6a 982472ac18f57fdfdfb08c50922ad657939fbf63b6a51d4ef7704bf142ebe1d1 Loading...

	tag.digitaltarget.ru/processor.js?i=130317131902128	16 kB	2023-03-09	2023-05-06
Pretty URL tag.digitaltarget.ru/processor.js?i=130317131902128 IP 185.15.175.146 ASN #43226 SafeData LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:01:11 Last Seen2023-05-06 00:46:42 Times Seen346 Hash 736e2fb1da94f3277e3f931048c1b9f3 196387db95a17da825b629de3542eff901b09905 4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc Loading...

		Size	First Seen	Last Seen
	#1 Eval - 8e363e01e51ae4bbf77eac4fc6de9d2f	30 kB	2023-03-26	2023-06-17
Pretty Observations First Seen2023-03-26 03:23:21 Last Seen2023-06-17 17:15:38 Times Seen19 Hash 8e363e01e51ae4bbf77eac4fc6de9d2f 0c29c05f829adf9126a9b651a3dd3b4725057a37 c72fbb75d544ac46a18ef9ab2d4da60da2be5ca52232282c4a6eadd361f835d4 Loading...

	#2 Eval - 38058bd3a970ccdce70fee3192aa0f6a	38 kB	2023-03-26	2023-06-17
Pretty Observations First Seen2023-03-26 03:23:21 Last Seen2023-06-17 17:15:38 Times Seen18 Hash 38058bd3a970ccdce70fee3192aa0f6a b2cc52017a572a92aae43a636b5f9a64cbbd1d4c 3726f1b2237d51c7f99823a61743168b544d9dffc791ad72fd84c2de3e492781 Loading...

	#3 Eval - 8cbe4a5e3b11e4ec4eef929057cf59a9	12 kB	2023-04-01	2023-04-01
Pretty Observations First Seen2023-04-01 11:08:19 Last Seen2023-04-01 11:08:19 Times Seen1 Hash 8cbe4a5e3b11e4ec4eef929057cf59a9 5dacc8aafae78556726681ccc4728125c05ddb11 75e822e02ece0d384a12ba8c695490cdf01db7436e66a50bb71c1dd4a5dd89a8 Loading...

HTTP Transactions (184)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8815
Expires: Fri, 31 Mar 2023 23:04:56 GMT
Date: Fri, 31 Mar 2023 20:38:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3723
Expires: Fri, 31 Mar 2023 21:40:04 GMT
Date: Fri, 31 Mar 2023 20:38:01 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Length, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 20:16:13 GMT
content-type: application/json
age: 1308
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
374c9e295a804e605c402f48ae7e2446
967394b36ecdff2dd32842f878887f061024c6b3
7652dfcb9e2d620ce1d033be8ecc53166d2881154c15decd60899415e5ac2706

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7652DFCB9E2D620CE1D033BE8ECC53166D2881154C15DECD60899415E5AC2706"
Last-Modified: Thu, 30 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2497
Expires: Fri, 31 Mar 2023 21:19:38 GMT
Date: Fri, 31 Mar 2023 20:38:01 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: OGuyaG3s5aXfCRT7EMEmSdQlL+ArSESAnlA5YaZdkRdOPRartYgiD+ckVYFaU7KWuXAx5ezFXV8=
x-amz-request-id: 07BY4BZTATK0PRAG
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 20:03:28 GMT
age: 2073
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 20:38:01 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ab61862f016dea85f8aa55e59369d905
a5e81f13052b9e9184caf05a9740c345a40d1f22
e0d580c313088d524a5338e63e4acf9f3f3cb45a54f2528c5d1c4915d71b255b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0D580C313088D524A5338E63E4ACF9F3F3CB45A54F2528C5D1C4915D71B255B"
Last-Modified: Thu, 30 Mar 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8597
Expires: Fri, 31 Mar 2023 23:01:18 GMT
Date: Fri, 31 Mar 2023 20:38:01 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, ETag, Cache-Control, Retry-After, Expires, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 20:17:26 GMT
age: 1235
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.117.65.55

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.117.65.55:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CoGz6qXK7vvgts0ixKq/PA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RetlfILSaYNAX0XII8wrR46mYRE=
Date: Fri, 31 Mar 2023 20:38:01 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

vladbard.blogspot.com/2017_11_30_archive.html

216.58.207.193

301 Moved Permanently

197 B

URL HTTP/1.1
vladbard.blogspot.com/2017_11_30_archive.html
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
197 B (197 bytes)
Hash
8fb5ca0e3e0e8b61342243956c72c7f6
dd93d69a095cc598013709c845f6be7d88b21019
894b8d3c70281b11e9d5d254aa8b0d89324209c4b2d07d7dfcf8166b40337283

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /2017_11_30_archive.html HTTP/1.1
Host: vladbard.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://vladbard.blogspot.com/2017_11_30_archive.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 31 Mar 2023 20:38:01 GMT
Expires: Fri, 31 Mar 2023 20:38:01 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 197
Server: GSE

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d01a76b1832f1b9af5b9e121cb8c3bd5
f68dc438f2e53e86eee952d28a027d81c741cf2e
350c2915a2eced0e2080e059190d489209eafe3ab4b9093c1821b19723551e73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:38:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2433
Expires: Fri, 31 Mar 2023 21:18:36 GMT
Date: Fri, 31 Mar 2023 20:38:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2433
Expires: Fri, 31 Mar 2023 21:18:36 GMT
Date: Fri, 31 Mar 2023 20:38:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2433
Expires: Fri, 31 Mar 2023 21:18:36 GMT
Date: Fri, 31 Mar 2023 20:38:03 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9859 bytes)
Hash
da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: c00efe5b-7fdb-445a-a924-75ddd461b72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: COQPtHizoAMF7-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfa64-3eb90ae703b78e8a06130540;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nZfXy-IsoHliuLodEocEZlH-IvmIV9G-noSmSEU1wmuMPfBx3rLJ9w==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 10:41:48 GMT
age: 35775
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5806 bytes)
Hash
8600e41520408df4865627256a0a0736
dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef
9163d80d7b6087b804e6682a50d4f66339d339894cf1c5808f2e5c2e0b3de930

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5806
x-amzn-requestid: cee5b166-592b-405e-b5f1-e36eb249ec59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUllFFooAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-01840fa47177285667bca060;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: WnrfQr57EWYnXt1xJt9tr5XCuM3gPYULlDdEVpv2Q2kz7MDIPxSPKA==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:50 GMT
age: 82213
etag: "dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10271 bytes)
Hash
424b55535e5fd622b2fc96aac1246324
cf7cf08aa8969a86bf03695af2129686fd62fe86
c4bb26a7b2c431282b53b4df9999b9cc8e61369a79c606688a76499b31a65127

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10271
x-amzn-requestid: db0d1fe4-060a-4e61-90f3-ec9befee1295
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkBoXGh5oAMFfzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424afce-2e9251552b4acdcb19e02dfc;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 1cXec9_e-KpzyTwiHaNAaf0y5i12tw7BkZTXnduS5ek7yAAZ0LXTWw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:48:08 GMT
age: 82195
etag: "cf7cf08aa8969a86bf03695af2129686fd62fe86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11061 bytes)
Hash
39bdd16276747b1445a79e674a2a3347
d0676f63738484298a78b7abf7e4934c3d256065
67aa526299060c2a39c4baa10fd03f121497dccd5e765676639ed73ac529c34b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11061
x-amzn-requestid: 428128ec-c441-4ff7-9c84-880a01672b00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnVFnFf0IAMFTvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260223-185c48300f161931310fa35f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:41:55 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: gc77o7y-moH1HuMEZFe9-00DVAda9baa-5VEPlMA4SIZDJNzQ8jUlA==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:50 GMT
etag: "d0676f63738484298a78b7abf7e4934c3d256065"
content-type: image/jpeg
age: 82213
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6380 bytes)
Hash
8a2b8f737604b7983cf686c82599dc73
aa63be93c4cd641f09ce0d5144ef60aab21caed1
78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6380
x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUn6E19IAMF9SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: L6tgzFrj9t69Rnfd9bziAPiROAX0tvcj9Kcg8sXkto8qRFeKqiwkpg==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:17:06 GMT
age: 80457
etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10490 bytes)
Hash
0530376e431b6563796e4abb0db0bc4e
6921f4bd83a806e1ea8247854ad4c045fa7ee298
d6371c81d5494d5e50fd5cc1cfe1ce28213dfa70ea5a94df82c9f4b3e6430a53

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10490
x-amzn-requestid: 0525e5c4-485e-47eb-ab95-1136e4d5c29a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUnTEztoAMFzMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260161-54b47454475ff6ee4d880534;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:41 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: jl5cQc_Zqq5xNDMcs5jRHb3HBIjuucl-JHF126hInXrOfv_CG-UqSg==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:18:02 GMT
age: 80401
etag: "6921f4bd83a806e1ea8247854ad4c045fa7ee298"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d01a76b1832f1b9af5b9e121cb8c3bd5
f68dc438f2e53e86eee952d28a027d81c741cf2e
350c2915a2eced0e2080e059190d489209eafe3ab4b9093c1821b19723551e73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ed41ad326a18c3752ebdde1405b5ae85
847bdefec5a498130e8fe9924a764dac50f71f11
76dc84aafd6a2379294ee22e82212caf7a68740e1c8164ffe7b3b3b1530c2eed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a5ac29d7d71ef6c0cc7547974c8c4f7b
29108a8370757ef63f347d1fd2ae696f5842342c
3371093d6dab54c7c3b612e3774435f0a592bee4e40fbcc2edd55d29d7715c26

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

142.250.74.41

200 OK

7.8 kB

URL HTTP/2
www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
IP
142.250.74.41:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (35959)
Size
7.8 kB (7756 bytes)
Hash
f1d1c6947963cb45c723ade544114d08
b5ec31c95a56be9d83a5e1f0dc739f02284e30fe
794458aabbb7c9b3d68e9692c84044988099732239e2c4cc6f4204eb2011b448

HTTP Headers

GET /static/v1/widgets/3566091532-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Mar 2023 02:39:17 GMT
expires: Tue, 26 Mar 2024 02:39:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 27 Mar 2023 01:49:46 GMT
content-type: text/css
vary: Accept-Encoding
age: 410326
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e2d5e4593c830bd9a297e9d820fce16b
a48bacab5839fbc2a379e0e1f8703da462f3c31d
c273a26e5fb94b4aa7c494bd09daf02419f99307f90de3891951535ae93e8028

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img1.blogblog.com/img/icon18_email.gif

142.250.74.41

200 OK

164 B

URL HTTP/2
img1.blogblog.com/img/icon18_email.gif
IP
142.250.74.41:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 18 x 13\012- data
Size
164 B (164 bytes)
Hash
36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466

HTTP Headers

GET /img/icon18_email.gif HTTP/1.1
Host: img1.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Mar 2023 19:10:07 GMT
expires: Wed, 05 Apr 2023 19:10:07 GMT
cache-control: public, max-age=604800
last-modified: Tue, 28 Mar 2023 22:53:18 GMT
content-type: image/gif
age: 178076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto+Slab:400,700

142.250.74.106

200 OK

1.0 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto+Slab:400,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.0 kB (1046 bytes)
Hash
3827d0a632a2f29a7949127772308ff3
e0df671ee97acab190d929b25895181634446bc0
4e7d79460be7b2892fdb7a96e149c7b48c35f72e044beb95037a1265768e5256

HTTP Headers

GET /css?family=Roboto+Slab:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 31 Mar 2023 20:38:03 GMT
date: Fri, 31 Mar 2023 20:38:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

142.250.74.42

200 OK

34 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32341)
Size
34 kB (33576 bytes)
Hash
856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01

HTTP Headers

GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 26 Mar 2023 00:07:04 GMT
expires: Mon, 25 Mar 2024 00:07:04 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 505859
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ed41ad326a18c3752ebdde1405b5ae85
847bdefec5a498130e8fe9924a764dac50f71f11
76dc84aafd6a2379294ee22e82212caf7a68740e1c8164ffe7b3b3b1530c2eed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e37a2a26e1cad2a7eda4422b0fcf19be
6793ccefc4ea8c3e74d774d59c99ef0e35699031
f60703decc4b347afb0a8ebf1f9465802b4ab98dc99769a682863acc92f54b97

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F60703DECC4B347AFB0A8EBF1F9465802B4AB98DC99769A682863ACC92F54B97"
Last-Modified: Thu, 30 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2259
Expires: Fri, 31 Mar 2023 21:15:42 GMT
Date: Fri, 31 Mar 2023 20:38:03 GMT
Connection: keep-alive

maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

104.18.10.207

200 OK

6.6 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (27303)
Size
6.6 kB (6639 bytes)
Hash
6c169d1f53abdd8177ff783fe3de0377
8161a1387fd1e58e97f76af0aabe7dac742ebd9b
312db38ec56dfaa7ab37679497d3c8facc51d71d53d4a27fd75748bd2450adde

HTTP Headers

GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:38:03 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 25739331
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7b0b64d039cab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5b6731341a66be32757ea461f5bd605a
f9a017cd1195d1eafb3839a899baf75f2e71958f
4bda8352f303d3fb71b8c4b2ecc9fbe75dcfc91dd2232260afb1e37ebbf139fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

unitraffic.net/banner.php?user=1546

85.208.187.144

200 OK

852 B

URL HTTP/1.1
unitraffic.net/banner.php?user=1546
IP
85.208.187.144:0
ASN
#204601 Zomro B.V.

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1522), with no line terminators
Size
852 B (852 bytes)
Hash
c85498cb289e71b8174f51343d0e0209
7140ac3e916fe62723a535afc7a9ce2fecb298fc
3503db90c92a7ebd7c386a5f94f21a20009c78ae2f377e20eca97644f4402d2c

HTTP Headers

GET /banner.php?user=1546 HTTP/1.1
Host: unitraffic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 20:38:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Set-Cookie: PHPSESSID=q73l7am423m4j1rarmc52dddtl; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip

www.google-analytics.com/analytics.js

216.239.34.178

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
216.239.34.178:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 31 Mar 2023 20:05:12 GMT
expires: Fri, 31 Mar 2023 22:05:12 GMT
cache-control: public, max-age=7200
age: 1971
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

vladbard.blogspot.com/2017_11_30_archive.html

216.58.207.193

200 OK

68 kB

URL HTTP/2
vladbard.blogspot.com/2017_11_30_archive.html
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7003)
Size
68 kB (68410 bytes)
Hash
64656986501f662e79cd80c306bd005a
cc177267fcfbcb3180197c8030242ed3085b30be
da9caa0273b61f96810f6f8755baaf613801c06ed31940cebfb571ae27b3aa2a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /2017_11_30_archive.html HTTP/1.1
Host: vladbard.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Fri, 31 Mar 2023 20:38:03 GMT
date: Fri, 31 Mar 2023 20:38:03 GMT
cache-control: private, max-age=0
last-modified: Fri, 31 Mar 2023 12:30:58 GMT
etag: W/"9bf11357df8af6656655d1de98767772c19750a3d68843dff3b7a16347ccfd9a"
x-robots-tag: all,noarchive,nofollow,noodp,nosnippet
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 68410
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5b6731341a66be32757ea461f5bd605a
f9a017cd1195d1eafb3839a899baf75f2e71958f
4bda8352f303d3fb71b8c4b2ecc9fbe75dcfc91dd2232260afb1e37ebbf139fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ff36ec2657d8ee3b0f78d0a8b2bc9c96
7ce770b27771a2417292364a24af2d65bb9085a5
7c6a6029f3d8b5c88c0d52cfa1d8a6d79fe57080cbd88951ce40456d1ae214e0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bdc0794ecb0ba5ea474769698d92471b
5796bf8adf28bf578a0b2a4da01e111724777e51
993a11ec8b09ac20730e0b98e17716d420f3b8cce0a11ed1536eb2941b6f95c8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "993A11EC8B09AC20730E0B98E17716D420F3B8CCE0A11ED1536EB2941B6F95C8"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5767
Expires: Fri, 31 Mar 2023 22:14:10 GMT
Date: Fri, 31 Mar 2023 20:38:03 GMT
Connection: keep-alive

unitraffic.net/img/banner_empty.png

85.208.187.144

200 OK

5.4 kB

URL HTTP/1.1
unitraffic.net/img/banner_empty.png
IP
85.208.187.144:0
ASN
#204601 Zomro B.V.

File type
PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
5.4 kB (5392 bytes)
Hash
28d818cd8b5ea617d336300ca726663b
d1286a3f06f719fe7c410e41760a81cee39d4c86
8c9960fa2ab2600dad21e8bc1ad0062120067252c7920e8492df81808c2b0af4

HTTP Headers

GET /img/banner_empty.png HTTP/1.1
Host: unitraffic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 31 Mar 2023 20:38:03 GMT
Content-Type: image/png
Content-Length: 5392
Last-Modified: Sun, 17 Apr 2022 06:44:13 GMT
Connection: keep-alive
ETag: "625bb73d-1510"
Expires: Sat, 01 Apr 2023 20:38:03 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

104.18.10.207

200 OK

67 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Size
67 kB (66624 bytes)
Hash
db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

HTTP Headers

GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vladbard.blogspot.com
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:38:03 GMT
content-type: font/woff2
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 08/15/2022 13:52:58
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: e6ccda736f81bd3674ddf92f6d048ded
cdn-cache: HIT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7b0b64d26fd3b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

216.58.207.227

200 OK

33 kB

URL HTTP/2
fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 32860, version 1.0\012- data
Size
33 kB (32860 bytes)
Hash
d010a9f2d5c7a0374b3b84706a43d2ec
c1fe465db08785c3f115555d39db23838960cb66
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536

HTTP Headers

GET /s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vladbard.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 10:50:51 GMT
expires: Wed, 27 Mar 2024 10:50:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 19:12:50 GMT
content-type: font/woff2
age: 294432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ff36ec2657d8ee3b0f78d0a8b2bc9c96
7ce770b27771a2417292364a24af2d65bb9085a5
7c6a6029f3d8b5c88c0d52cfa1d8a6d79fe57080cbd88951ce40456d1ae214e0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

216.58.207.227

200 OK

9.6 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Size
9.6 kB (9628 bytes)
Hash
d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vladbard.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 10:33:07 GMT
expires: Wed, 27 Mar 2024 10:33:07 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 295496
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vladbard.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 10:31:10 GMT
expires: Wed, 27 Mar 2024 10:31:10 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 295613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

216.58.207.227

200 OK

9.6 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 9644, version 1.0\012- data
Size
9.6 kB (9644 bytes)
Hash
6f112ec2b932ee12379442c42853244e
b2e73c8c70d6261e1d187f41693c43ac4fe0809d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vladbard.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 10:42:33 GMT
expires: Wed, 27 Mar 2024 10:42:33 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
age: 294930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2

216.58.207.227

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21544, version 1.0\012- data
Size
22 kB (21544 bytes)
Hash
d89cae5474ac4464b71bd3c51794cee6
ba9e55412727b5050e61bca6b288ff1b27ba548d
b6872478482ee5d74077229ed5a9dad8d6f15e3d34e8ad7ef2192dbc837e6693

HTTP Headers

GET /s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vladbard.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 10:57:52 GMT
expires: Wed, 27 Mar 2024 10:57:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 19:15:52 GMT
content-type: font/woff2
age: 294012
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.acint.net/aci.js

167.235.177.243

200 OK

7.8 kB

URL HTTP/2
www.acint.net/aci.js
IP
167.235.177.243:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (1649)
Size
7.8 kB (7784 bytes)
Hash
777eef0db9280e74fe8d3e0e9561da9c
f8316623410b9735dd07b6e12a2f29352c0aa4cd
985dc8f4eb0a0b4629fa8e6d86f741ee8d22b7a0a1f64be2e9e9f2c96c9cf772

HTTP Headers

GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: application/x-javascript
content-length: 7784
last-modified: Fri, 24 Mar 2023 20:32:17 GMT
etag: "641e08d1-1e68"
content-encoding: gzip
expires: Sat, 01 Apr 2023 08:38:04 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vladbard.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 10:31:23 GMT
expires: Wed, 27 Mar 2024 10:31:23 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 295601
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
5929532a8c2fbe7e3d27c569ca6e03b9
e8622cdc4528b71e1084b3b058dd974ca4afda2c
cc5e657842378f909fde80fdec02d304baeab7db12836ec6fbb43810891d2886

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 04 Apr 2023 19:32:18 GMT
ETag: "e8622cdc4528b71e1084b3b058dd974ca4afda2c"
Last-Modified: Fri, 31 Mar 2023 19:32:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1683
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64d33bccb4f7-OSL

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
5929532a8c2fbe7e3d27c569ca6e03b9
e8622cdc4528b71e1084b3b058dd974ca4afda2c
cc5e657842378f909fde80fdec02d304baeab7db12836ec6fbb43810891d2886

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 04 Apr 2023 19:32:18 GMT
ETag: "e8622cdc4528b71e1084b3b058dd974ca4afda2c"
Last-Modified: Fri, 31 Mar 2023 19:32:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1683
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64d33e02b50c-OSL

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
a9578d46f9bbf0e66495f80808a41df4
5ce20078b618a930ffbf76e8d4756cc8f88695dd
524cf35d27ccbcdf9eedb1477a247918ec7b6083d34ee74079482fa0a0442457

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 04 Apr 2023 19:06:28 GMT
ETag: "5ce20078b618a930ffbf76e8d4756cc8f88695dd"
Last-Modified: Fri, 31 Mar 2023 19:06:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 81
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64d33af7067b-OSL

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
5929532a8c2fbe7e3d27c569ca6e03b9
e8622cdc4528b71e1084b3b058dd974ca4afda2c
cc5e657842378f909fde80fdec02d304baeab7db12836ec6fbb43810891d2886

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 04 Apr 2023 19:32:18 GMT
ETag: "e8622cdc4528b71e1084b3b058dd974ca4afda2c"
Last-Modified: Fri, 31 Mar 2023 19:32:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1683
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64d33f00b52d-OSL

fonts.googleapis.com/css?family=Roboto:400,500,700,900

142.250.74.106

200 OK

679 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:400,500,700,900
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
679 B (679 bytes)
Hash
06c0007932a252eea7df63a6206bedbc
29e18ec857fbadbec396a07bcdd65388121ba23a
2150c5f5c67c65a525a985bb219393d616bdd1ed11c0fc7f259abed570f8e993

HTTP Headers

GET /css?family=Roboto:400,500,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 31 Mar 2023 20:38:03 GMT
date: Fri, 31 Mar 2023 20:38:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

imgprx.livejournal.net/9b36e9ea8085659da33e54c2ba029b49fc5d72a3/gyoHRzWhNdI53AUzNwZPuwrMIGxvdgjsPM9klxVjr076G7K7hoTzR-glq6iD0rhJ4s3fV3at4fZM04B1aUlerg

81.19.74.33

404 Not Found

0 B

URL HTTP/1.1
imgprx.livejournal.net/9b36e9ea8085659da33e54c2ba029b49fc5d72a3/gyoHRzWhNdI53AUzNwZPuwrMIGxvdgjsPM9klxVjr076G7K7hoTzR-glq6iD0rhJ4s3fV3at4fZM04B1aUlerg
IP
81.19.74.33:0
ASN
#24638 Rambler Internet Holding LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /9b36e9ea8085659da33e54c2ba029b49fc5d72a3/gyoHRzWhNdI53AUzNwZPuwrMIGxvdgjsPM9klxVjr076G7K7hoTzR-glq6iD0rhJ4s3fV3at4fZM04B1aUlerg HTTP/1.1
Host: imgprx.livejournal.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=50

imgprx.livejournal.net/e72fc3826eb583018aa6419e1879c6f3cd50197f/qUtYZC37WTm7W_h3LH1ni1klZzu4f3ymRVokbcC3URanBBZVT0zzxZ7l6ktw57_KCwAdOJ3aNPxv04kXdGB4IA

81.19.74.33

404 Not Found

0 B

URL HTTP/1.1
imgprx.livejournal.net/e72fc3826eb583018aa6419e1879c6f3cd50197f/qUtYZC37WTm7W_h3LH1ni1klZzu4f3ymRVokbcC3URanBBZVT0zzxZ7l6ktw57_KCwAdOJ3aNPxv04kXdGB4IA
IP
81.19.74.33:0
ASN
#24638 Rambler Internet Holding LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /e72fc3826eb583018aa6419e1879c6f3cd50197f/qUtYZC37WTm7W_h3LH1ni1klZzu4f3ymRVokbcC3URanBBZVT0zzxZ7l6ktw57_KCwAdOJ3aNPxv04kXdGB4IA HTTP/1.1
Host: imgprx.livejournal.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=50

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ff36ec2657d8ee3b0f78d0a8b2bc9c96
7ce770b27771a2417292364a24af2d65bb9085a5
7c6a6029f3d8b5c88c0d52cfa1d8a6d79fe57080cbd88951ce40456d1ae214e0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:38:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.acint.net/mc/?dp=10

167.235.177.243

302 Found

154 B

URL HTTP/2
www.acint.net/mc/?dp=10
IP
167.235.177.243:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Fri, 31-Mar-23 20:48:04 GMT
aid=fwAAAWQnRKxuEQCq7WOQAnoPOBVbIsy8zuxMLydvXOdlg7XW; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

www.acint.net/hit/?v=0.5.1&uid=30ee28a7-8d20-4cbc-a463-7a7fd66bb108&dp=10&tz=%2B00%3A00&nc=51875411&u=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&r=&rs=1280x1024&t=11%2F30%2F17%20-%20Bard&oE=1&oP=1&dT=2023-03-31T20%3A38%3A03.135&fu=19826c0b-ebc7-44a0-90a9-18ed6de1a6d4

167.235.177.243

200 OK

43 B

URL HTTP/2
www.acint.net/hit/?v=0.5.1&uid=30ee28a7-8d20-4cbc-a463-7a7fd66bb108&dp=10&tz=%2B00%3A00&nc=51875411&u=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&r=&rs=1280x1024&t=11%2F30%2F17%20-%20Bard&oE=1&oP=1&dT=2023-03-31T20%3A38%3A03.135&fu=19826c0b-ebc7-44a0-90a9-18ed6de1a6d4
IP
167.235.177.243:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hit/?v=0.5.1&uid=30ee28a7-8d20-4cbc-a463-7a7fd66bb108&dp=10&tz=%2B00%3A00&nc=51875411&u=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&r=&rs=1280x1024&t=11%2F30%2F17%20-%20Bard&oE=1&oP=1&dT=2023-03-31T20%3A38%3A03.135&fu=19826c0b-ebc7-44a0-90a9-18ed6de1a6d4 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=fwAAAWQnRKxuEQCq7WORAq4HX47bsOX11qTBDBELLGV73yqr; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

282 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
282 B (282 bytes)
Hash
cecf6a46b6a83643b5caa1e729212134
5c840e263bf9296f933f00b9e6eaee2bcf863c3e
ea29e3e79612883b02a1634d0f9280adc0818d0db92ff2aa58d4b0ecf2a7cf59

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 04:43:13 GMT
Expires: Thu, 06 Apr 2023 04:43:12 GMT
Etag: "5c840e263bf9296f933f00b9e6eaee2bcf863c3e"
Cache-Control: max-age=460507,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b0b64d28b82b500-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4eec701fec69b73ab6ff1af2c178806f
5de0d4c444297364831a311b4c13954aa31976b0
fda1ec0d2c39aafdb994d336b4d8b5d819fcd064a64b43649598609dac04f512

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:38:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-96TCBCX053&cx=c&_slc=1

142.250.74.72

200 OK

73 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-96TCBCX053&cx=c&_slc=1
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (12930)
Size
73 kB (73036 bytes)
Hash
adef7c3ba2f96a4f3fb9f90f6575e504
b4a1fc818bdd6361f4e87972c2cc9625f20eff91
c8de2efcf971bd3a0669c23e8e0721a71737e90b4413d5419d235d7000c224f2

HTTP Headers

GET /gtag/js?id=G-96TCBCX053&cx=c&_slc=1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 31 Mar 2023 20:38:04 GMT
expires: Fri, 31 Mar 2023 20:38:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73036
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-8787823-4&cid=236156636.1680295083&jid=1223338421&gjid=1077243578&_gid=1089711175.1680295083&_u=IEBAAEAAAAAAACAAI~&z=490912788

64.233.161.155

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-8787823-4&cid=236156636.1680295083&jid=1223338421&gjid=1077243578&_gid=1089711175.1680295083&_u=IEBAAEAAAAAAACAAI~&z=490912788
IP
64.233.161.155:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-8787823-4&cid=236156636.1680295083&jid=1223338421&gjid=1077243578&_gid=1089711175.1680295083&_u=IEBAAEAAAAAAACAAI~&z=490912788 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://vladbard.blogspot.com
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://vladbard.blogspot.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 31 Mar 2023 20:38:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7ea999a491ab4009f8658e78af2bfb94
f0cbd3d48c9081acfdeb53adf55135dba5bbe08b
d159c0baaa0869f3e69e16ea482178e6184d68cb6f5ae8a6156955488fd415fe

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:38:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

3.bp.blogspot.com/-6MbewUg2rWk/WiD942wdV-I/AAAAAAAA1Qk/Q_nVUZ1CC9YIA56x9Wb-G2dEiItnIAsJgCLcBGAs/s640/cfc8IAkDnHMONZR3UqeSaLCslPt8ngZ_vxYtRsk3CAmaAeaB_yFkFYEjkU5A_-e6bKtBMTOf0VaJTso7Mu5QE2PAeRuRHwFVNLfy8iZwc6s.jpg

142.250.74.161

200 OK

21 kB

URL HTTP/2
3.bp.blogspot.com/-6MbewUg2rWk/WiD942wdV-I/AAAAAAAA1Qk/Q_nVUZ1CC9YIA56x9Wb-G2dEiItnIAsJgCLcBGAs/s640/cfc8IAkDnHMONZR3UqeSaLCslPt8ngZ_vxYtRsk3CAmaAeaB_yFkFYEjkU5A_-e6bKtBMTOf0VaJTso7Mu5QE2PAeRuRHwFVNLfy8iZwc6s.jpg
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 600x450, components 3\012- data
Size
21 kB (21229 bytes)
Hash
8ea05a8fcb9a532d93cc2a288528f03e
a1e1e1802c5e3b1b1f5d8bae88b3662ad70e8962
54295ad33df045e0cf296273f1c3060cc10a84e09998da44748b149a2d192dec

HTTP Headers

GET /-6MbewUg2rWk/WiD942wdV-I/AAAAAAAA1Qk/Q_nVUZ1CC9YIA56x9Wb-G2dEiItnIAsJgCLcBGAs/s640/cfc8IAkDnHMONZR3UqeSaLCslPt8ngZ_vxYtRsk3CAmaAeaB_yFkFYEjkU5A_-e6bKtBMTOf0VaJTso7Mu5QE2PAeRuRHwFVNLfy8iZwc6s.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vd50c"
expires: Sat, 01 Apr 2023 20:38:04 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="cfc8IAkDnHMONZR3UqeSaLCslPt8ngZ_vxYtRsk3CAmaAeaB_yFkFYEjkU5A_-e6bKtBMTOf0VaJTso7Mu5QE2PAeRuRHwFVNLfy8iZwc6s.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 31 Mar 2023 20:38:04 GMT
server: fife
content-length: 21229
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

3.bp.blogspot.com/-haPB8DciEQg/WiD_b_cJlwI/AAAAAAAA1Qo/lM7Y83cmFNcW51hEKT03tFKyJFatImdgQCLcBGAs/s640/45965.jpg

142.250.74.161

200 OK

64 kB

URL HTTP/2
3.bp.blogspot.com/-haPB8DciEQg/WiD_b_cJlwI/AAAAAAAA1Qo/lM7Y83cmFNcW51hEKT03tFKyJFatImdgQCLcBGAs/s640/45965.jpg
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 640x371, components 3\012- data
Size
64 kB (63749 bytes)
Hash
b9b47a6f34f78b73c6b4ec6adf47bdd2
9e09efefea5e44b93609fd6b4ab88ebdd4320476
402ff8d421219281fe561f4493db5742642d4f2957666af30e19c3458db9663a

HTTP Headers

GET /-haPB8DciEQg/WiD_b_cJlwI/AAAAAAAA1Qo/lM7Y83cmFNcW51hEKT03tFKyJFatImdgQCLcBGAs/s640/45965.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vd50d"
expires: Sat, 01 Apr 2023 20:38:04 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="45965.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 31 Mar 2023 20:38:04 GMT
server: fife
content-length: 63749
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

1.bp.blogspot.com/--HGTUH_3vPk/WiBYUxlp_qI/AAAAAAAA1QI/Yzq7LW62JiMV5PiLfBtbrCbkgX2saci4gCLcBGAs/s640/1511808815_00.jpg

142.250.74.161

200 OK

106 kB

URL HTTP/2
1.bp.blogspot.com/--HGTUH_3vPk/WiBYUxlp_qI/AAAAAAAA1QI/Yzq7LW62JiMV5PiLfBtbrCbkgX2saci4gCLcBGAs/s640/1511808815_00.jpg
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 640x480, components 3\012- data
Size
106 kB (105811 bytes)
Hash
d0f2560881bbbe8df0b12dff93fceb5e
16a18da74ad00ddb23c43b85f6da9a7495f880ef
7ddf3fff1eb83d9f54e5c0b5e418923b1554ad26dfbbbf2c3605fe95268e6eec

HTTP Headers

GET /--HGTUH_3vPk/WiBYUxlp_qI/AAAAAAAA1QI/Yzq7LW62JiMV5PiLfBtbrCbkgX2saci4gCLcBGAs/s640/1511808815_00.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vd504"
expires: Sat, 01 Apr 2023 20:38:04 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1511808815_00.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 31 Mar 2023 20:38:04 GMT
server: fife
content-length: 105811
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

a.utraff.com/sync?ssp=Sape

104.21.59.66

204 No Content

0 B

URL HTTP/2
a.utraff.com/sync?ssp=Sape
IP
104.21.59.66:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync?ssp=Sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Sun, 30 Apr 2023 23:38:04 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Sun, 30 Apr 2023 23:38:04 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mtklrYbD8N2CaG%2BhMZpy8h2FZzvBemnTYkP8UTfYQa9aBbLKwwHu7Sut6Ek2kdJuDgjBFOHrEwjgZLnWzf%2BLqMZvgrx%2FJ9qKSm8eB6HPKPUE1DqqNCO6QM%2FiMpt%2BLTE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b0b64d529720b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ic.pics.livejournal.com/mikle1/17791632/796131/796131_600.jpg

5.101.71.73

200 OK

96 kB

URL HTTP/2
ic.pics.livejournal.com/mikle1/17791632/796131/796131_600.jpg
IP
5.101.71.73:0
ASN
#34665 Petersburg Internet Network ltd.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 600x349, components 3\012- data
Size
96 kB (96158 bytes)
Hash
d3e3eee8a2d848420e49d90778551ef5
a09fee91376cb5443ceb61fc8b483536e54e2388
831d8da8f76251c91d05a878ff41cddaaf27522454025e38f2ed508311aadd79

HTTP Headers

GET /mikle1/17791632/796131/796131_600.jpg HTTP/1.1
Host: ic.pics.livejournal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: image/jpeg
content-length: 96158
cache-control: public, max-age=2592000
expires: Sun, 30 Apr 2023 20:38:04 GMT
last-modified: Fri, 13 May 2022 09:39:48 GMT
etag: W/"358e8-5dee174908202"
x-mog-pth: http://10.27.0.28:80/dev183/0/833/956/0833956187.fid
x-phn-id: kr-phwsn03
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, HEAD
cache: MISS
x-id: fr5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7da56d07a9b10d2471f5b7fd49cc18be
ef71cab07f5192ec4aa43921b627416c47e97952
39455c6f85cfd6733c9add7061c78dcc728cd78b016f96e4067ea57ea0e64245

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39455C6F85CFD6733C9ADD7061C78DCC728CD78B016F96E4067EA57EA0E64245"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14832
Expires: Sat, 01 Apr 2023 00:45:16 GMT
Date: Fri, 31 Mar 2023 20:38:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b513d17449569143894893bf5111d181
71737f6372a12cde0de99d0cf3175ebd88bc4d31
39a5a92426abe24e760003fdbe029e1637f78d8024c68b4176d1a93720ca1bdd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39A5A92426ABE24E760003FDBE029E1637F78D8024C68B4176D1A93720CA1BDD"
Last-Modified: Wed, 29 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2923
Expires: Fri, 31 Mar 2023 21:26:47 GMT
Date: Fri, 31 Mar 2023 20:38:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3717ad6654dbc6e0ebb863746839a321
e4f54d6d6a588716a11cd49899ad4861051ac8cb
6b33c55ff542ee584c77b699f4222d8b59615a8b5c81fac211fcdcb7a7d7cab6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B33C55FF542EE584C77B699F4222D8B59615A8B5C81FAC211FCDCB7A7D7CAB6"
Last-Modified: Thu, 30 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3376
Expires: Fri, 31 Mar 2023 21:34:20 GMT
Date: Fri, 31 Mar 2023 20:38:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0c9acdbc99dba78a590ec00cc086677
53ed9bc94d67c8cb78c8d40e23282cfba4033463
05cde45ab5c25644ce29e9be0dcd8c1f865244dc985392c51c5c856dbb35ec75

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05CDE45AB5C25644CE29E9BE0DCD8C1F865244DC985392C51C5C856DBB35EC75"
Last-Modified: Fri, 31 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4104
Expires: Fri, 31 Mar 2023 21:46:28 GMT
Date: Fri, 31 Mar 2023 20:38:04 GMT
Connection: keep-alive

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
de2b51497d8b166acf7bc69148726287
d51b2f3cc1f4adbb9b9e5ebd0777b55d470079ba
1c43b8f4f7a20fee7cacd0f454194102fde540643d3c4aeb47d9760f4b012c79

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 04 Apr 2023 19:38:51 GMT
ETag: "d51b2f3cc1f4adbb9b9e5ebd0777b55d470079ba"
Last-Modified: Fri, 31 Mar 2023 19:38:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2635
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64d6b997069b-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c72804337201c8496308daeb819e9865
11d1a3304a3fddbfdf20be61b143ca78a4cedc71
9ec1f28f465c4c87306df0c2403e185e895c0d106283670b6ba08afe4ff06d24

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9EC1F28F465C4C87306DF0C2403E185E895C0D106283670B6BA08AFE4FF06D24"
Last-Modified: Thu, 30 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6985
Expires: Fri, 31 Mar 2023 22:34:29 GMT
Date: Fri, 31 Mar 2023 20:38:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d2da645e079ae0d4388c2610d9dc26b
de69bfa7ad6b1b85397af2d8acf5cd5f4f7478fe
78e223afb67ad86f96d457c84caa737e598e11ee977f8be9ead57bc048e9d27c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78E223AFB67AD86F96D457C84CAA737E598E11EE977F8BE9EAD57BC048E9D27C"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2749
Expires: Fri, 31 Mar 2023 21:23:53 GMT
Date: Fri, 31 Mar 2023 20:38:04 GMT
Connection: keep-alive

ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D

193.3.184.211

302 Moved Temporarily

142 B

URL HTTP/1.1
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP
193.3.184.211:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=3B03420AAC442764E100464F02DEED1C
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDO2QnRKxPRgDhHO3eAuN5nJcaemN5qSanI8m5zLNV12km; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d2da645e079ae0d4388c2610d9dc26b
de69bfa7ad6b1b85397af2d8acf5cd5f4f7478fe
78e223afb67ad86f96d457c84caa737e598e11ee977f8be9ead57bc048e9d27c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78E223AFB67AD86F96D457C84CAA737E598E11EE977F8BE9EAD57BC048E9D27C"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2749
Expires: Fri, 31 Mar 2023 21:23:53 GMT
Date: Fri, 31 Mar 2023 20:38:04 GMT
Connection: keep-alive

ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D

185.147.80.35

302 Found

74 B

URL HTTP/1.1
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP
185.147.80.35:0
ASN
#41722 Miran Ltd.

File type
HTML document, ASCII text
Size
74 B (74 bytes)
Hash
ca9a91609160e75b146c7ac124ed4a34
6ecbbb9720c5c2e31a3d4574cc378b36889160e5
ed16304b7442ec614f2d040a0cff668670020c56799c978f74a51fafb8f42d3d

HTTP Headers

GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 74
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=PZGHDKPT
Set-Cookie: uid=PZGHDKPT; Expires=Mon, 28 Mar 2033 20:38:04 GMT

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d5ea7d6dd6aa192bdeabce7f8c1b3175
0e1b7ae018f058556c500c70d5766471b2498c56
8fe0d05bd5ccedf750a393bc31184db1ed669f7c130342f466cf93368ea1ac7f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8FE0D05BD5CCEDF750A393BC31184DB1ED669F7C130342F466CF93368EA1AC7F"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3381
Expires: Fri, 31 Mar 2023 21:34:25 GMT
Date: Fri, 31 Mar 2023 20:38:04 GMT
Connection: keep-alive

dm-eu.hybrid.ai/match?id=106&vid=0100007FAC442764AA00116E029163ED

37.230.131.22

204 No Content

0 B

URL HTTP/2
dm-eu.hybrid.ai/match?id=106&vid=0100007FAC442764AA00116E029163ED
IP
37.230.131.22:0
ASN
#58272 LeaderTelecom B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?id=106&vid=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 31 Mar 2023 20:38:04 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=c72cebac3270eff8804a; Expires=Sat, 30 Mar 2024 20:38:04 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 524
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.acint.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e264be22c6b4e33194601afe73aae19d
1dcf1fb80ea534536a9a00d290a886e46c245a19
98a6a1e58a563dfd1143ae241b68a7ab83df1c51c19eb2f60bcb8938f39c34bc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A6A1E58A563DFD1143AE241B68A7AB83DF1C51C19EB2F60BCB8938F39C34BC"
Last-Modified: Fri, 31 Mar 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4331
Expires: Fri, 31 Mar 2023 21:50:15 GMT
Date: Fri, 31 Mar 2023 20:38:04 GMT
Connection: keep-alive

www.acint.net/oci/?v=0.5.1&uid=30ee28a7-8d20-4cbc-a463-7a7fd66bb108&dp=10&tz=%2B00%3A00&nc=22487956&oid=39e8192718f4ed5a678fc273d654392b

167.235.177.243

200 OK

43 B

URL HTTP/2
www.acint.net/oci/?v=0.5.1&uid=30ee28a7-8d20-4cbc-a463-7a7fd66bb108&dp=10&tz=%2B00%3A00&nc=22487956&oid=39e8192718f4ed5a678fc273d654392b
IP
167.235.177.243:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /oci/?v=0.5.1&uid=30ee28a7-8d20-4cbc-a463-7a7fd66bb108&dp=10&tz=%2B00%3A00&nc=22487956&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Cookie: test_cookie=CheckForPermission; aid=fwAAAWQnRKxuEQCq7WORAq4HX47bsOX11qTBDBELLGV73yqr; cSyncDp7v2=1680295084; cSyncDp14v3=1680295084; cSyncDp17=1680295084; cSyncDp45v4=1680295084; cSyncDp53v2=1680295084; cSyncDp62=1680295084; cSyncDp67v2=1680295084; cSyncDp68=1680295084; cSyncDp71=1680295084; cSyncDp85=1680295084; cSyncDp95v3=1680295084; cSyncDp98v2=1680295084; cSyncDp101=1680295084; cSyncDp104v2=1680295084; cSyncDp107=1680295084; cSyncDp110v2=1680295084; cSyncDp125v3=1680295084; cSyncDp126=1680295084; cSyncDp127=1680295084; cSyncDp129=1680295084; cSyncDp136v2=1680295084; cSyncDp146=1680295084; cSyncDp148v1=1680295084; cSyncDp149v2=1680295084; cSyncDp151=1680295084; cSyncDp178=1680295084; cSyncDp186=1680295084; cSyncDp217=1680295084; cSyncDp221=1680295084; cSyncDp235=1680295084; cSyncDp239=1680295084; cSyncDp243=1680295084; cSyncDp244=1680295084
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-96TCBCX053&gtm=45je33t0&_p=1700394565&cid=236156636.1680295083&ul=en-us&sr=1280x1024&_eu=ABA&_s=1&sid=1680295083&sct=1&seg=0&dl=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&dt=11%2F30%2F17%20-%20Bard&en=page_view&_fv=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-96TCBCX053&gtm=45je33t0&_p=1700394565&cid=236156636.1680295083&ul=en-us&sr=1280x1024&_eu=ABA&_s=1&sid=1680295083&sct=1&seg=0&dl=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&dt=11%2F30%2F17%20-%20Bard&en=page_view&_fv=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-96TCBCX053&gtm=45je33t0&_p=1700394565&cid=236156636.1680295083&ul=en-us&sr=1280x1024&_eu=ABA&_s=1&sid=1680295083&sct=1&seg=0&dl=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&dt=11%2F30%2F17%20-%20Bard&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vladbard.blogspot.com
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://vladbard.blogspot.com
date: Fri, 31 Mar 2023 20:38:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FAC442764AA00116E029163ED

87.242.89.90

200 OK

12 B

URL HTTP/2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FAC442764AA00116E029163ED
IP
87.242.89.90:0
ASN
#25532 LLC masterhost

File type
exported SGML document, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
d8932e1cb3ee147415fbf5591a7217ca
97da5b95fb7f60ecd8d9ed0e5a05d83ad5a9c070
c0327cbcde50f1ab8228334a550b947301123d6f6f7d625707cb6d08a1faec35

HTTP Headers

GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: text/html
content-length: 12
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
etag: "63d8131e-c"
accept-ranges: bytes
server: elb
X-Firefox-Spdy: h2

ocsp.globalsign.com/alphasslcasha256g4

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/alphasslcasha256g4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1437 bytes)
Hash
e31acf0d5aad1d032abc4f24e7bb8afe
72bb27c0e95bc7a44b24e35f0e71f12381d63d07
b7b4b117f36f37804415950bdb8d08e5d7d40676ded11c4e8b6ad5943260cfb0

HTTP Headers

POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Tue, 04 Apr 2023 19:59:47 GMT
ETag: "72bb27c0e95bc7a44b24e35f0e71f12381d63d07"
Last-Modified: Fri, 31 Mar 2023 19:59:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1275
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64d72b1cb4f7-OSL

ocsp.globalsign.com/alphasslcasha256g4

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/alphasslcasha256g4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1437 bytes)
Hash
b74d05a934455b587f64cbd6cd4f521e
7fce7c75a75a80f680eb8e8132eceaa7636d6bfc
301b41baeb0aa2c9c22d2b224b97be2f38ccdf971526f8f83d11fdfaa08c8dc0

HTTP Headers

POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Tue, 04 Apr 2023 18:10:26 GMT
ETag: "7fce7c75a75a80f680eb8e8132eceaa7636d6bfc"
Last-Modified: Fri, 31 Mar 2023 18:10:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 559
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64d72d37b50c-OSL

sync.dmp.otm-r.com/match/sape?id=0100007FAC442764AA00116E029163ED

195.201.106.117

204 No Content

0 B

URL HTTP/2
sync.dmp.otm-r.com/match/sape?id=0100007FAC442764AA00116E029163ED
IP
195.201.106.117:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/sape?id=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx/1.15.9
date: Fri, 31 Mar 2023 20:38:04 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

s.uuidksinc.net/match/396/?remote_uid=0100007FAC442764AA00116E029163ED

185.98.54.153

302 Found

0 B

URL HTTP/2
s.uuidksinc.net/match/396/?remote_uid=0100007FAC442764AA00116E029163ED
IP
185.98.54.153:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/396/?remote_uid=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.23.2
date: Fri, 31 Mar 2023 20:38:04 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=3ul7h7xYPVdJvavDX2Nu
set-cookie: jcsuuid=3ul7h7xYPVdJvavDX2Nu; expires=Sat, 30 Mar 2024 20:38:04 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

pix.bumlam.com/sync/sape/check?sspuid=0100007FAC442764AA00116E029163ED

31.172.81.172

302 Found

0 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/check?sspuid=0100007FAC442764AA00116E029163ED
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/sape/check?sspuid=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape

sync.bumlam.com/?src=sap1&uid=0100007FAC442764AA00116E029163ED

31.172.81.158

302 Moved Temporarily

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sap1&uid=0100007FAC442764AA00116E029163ED
IP
31.172.81.158:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sap1&uid=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRlZmU1MjE2ZS1kMDAzLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Thu, 26 Mar 2043 20:38:04 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARisiZ2hBmIgMDEwMDAwN0ZBQzQ0Mjc2NEFBMDAxMTZFMDI5MTYzRUSiARDv5SFu0AMR7YbgACWQwGR8
ETag: efe5216e-d003-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
28c1c2f1910c13fb3a9c4e58a455aa2d
98c9188f9f78797c3305d3c91e1c38f187099d3b
5f45a4e97a0b53c0706bb4035fae85ce2c42d87c3585f6eafd26dcbdaacd85c2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 15:41:02 GMT
Expires: Tue, 04 Apr 2023 15:41:01 GMT
Etag: "98c9188f9f78797c3305d3c91e1c38f187099d3b"
Cache-Control: max-age=327176,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b0b64d6fb7cb500-OSL

acint.net/match?dp=14&euid=3B03420AAC442764E100464F02DEED1C

167.235.177.243

200 OK

43 B

URL HTTP/2
acint.net/match?dp=14&euid=3B03420AAC442764E100464F02DEED1C
IP
167.235.177.243:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=14&euid=3B03420AAC442764E100464F02DEED1C HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWQnRKxuEQCq7WORAq4HX47bsOX11qTBDBELLGV73yqr; cSyncDp7v2=1680295084; cSyncDp14v3=1680295084; cSyncDp17=1680295084; cSyncDp45v4=1680295084; cSyncDp53v2=1680295084; cSyncDp62=1680295084; cSyncDp67v2=1680295084; cSyncDp68=1680295084; cSyncDp71=1680295084; cSyncDp85=1680295084; cSyncDp95v3=1680295084; cSyncDp98v2=1680295084; cSyncDp101=1680295084; cSyncDp104v2=1680295084; cSyncDp107=1680295084; cSyncDp110v2=1680295084; cSyncDp125v3=1680295084; cSyncDp126=1680295084; cSyncDp127=1680295084; cSyncDp129=1680295084; cSyncDp136v2=1680295084; cSyncDp146=1680295084; cSyncDp148v1=1680295084; cSyncDp149v2=1680295084; cSyncDp151=1680295084; cSyncDp178=1680295084; cSyncDp186=1680295084; cSyncDp217=1680295084; cSyncDp221=1680295084; cSyncDp235=1680295084; cSyncDp239=1680295084; cSyncDp243=1680295084; cSyncDp244=1680295084
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sync.upravel.com/sape/sync

148.251.236.118

302 Found

0 B

URL HTTP/2
sync.upravel.com/sape/sync
IP
148.251.236.118:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1680295084673;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1680295084673;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

match.new-programmatic.com/userbind?src=sape&id=0100007FAC442764AA00116E029163ED

217.65.2.150

204 No Content

0 B

URL HTTP/1.1
match.new-programmatic.com/userbind?src=sape&id=0100007FAC442764AA00116E029163ED
IP
217.65.2.150:0
ASN
#3175 Filanco LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userbind?src=sape&id=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

www.acint.net/oci.js?t=1680295083137

167.235.177.243

200 OK

15 kB

URL HTTP/2
www.acint.net/oci.js?t=1680295083137
IP
167.235.177.243:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (32168)
Size
15 kB (14561 bytes)
Hash
b5aebb072650c7da366a7052c02a9221
44d203b7465efc7669d4c3aa0b93b89fbb13529f
4c087d89720de36d4d65395a4d94e79f253c6968239115b6988d4f458263973d

HTTP Headers

GET /oci.js?t=1680295083137 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: application/x-javascript
last-modified: Fri, 24 Mar 2023 20:32:12 GMT
etag: W/"641e08cc-7dac"
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55907f3f12adb012d813a48715d8373f
50b7289f9e2b4a49866d69992b7b2e689c3630f0
254c2ba3d8501fb4e7b2e4b711d4c73d3f22e70b18f34cf91624d8550d1b13e5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "254C2BA3D8501FB4E7B2E4B711D4C73D3F22E70B18F34CF91624D8550D1B13E5"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7414
Expires: Fri, 31 Mar 2023 22:41:38 GMT
Date: Fri, 31 Mar 2023 20:38:04 GMT
Connection: keep-alive

www.acint.net/match?dp=129&euid=09st40o1o0

167.235.177.243

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=129&euid=09st40o1o0
IP
167.235.177.243:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=129&euid=09st40o1o0 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWQnRKxuEQCq7WORAq4HX47bsOX11qTBDBELLGV73yqr; cSyncDp7v2=1680295084; cSyncDp14v3=1680295084; cSyncDp17=1680295084; cSyncDp45v4=1680295084; cSyncDp53v2=1680295084; cSyncDp62=1680295084; cSyncDp67v2=1680295084; cSyncDp68=1680295084; cSyncDp71=1680295084; cSyncDp85=1680295084; cSyncDp95v3=1680295084; cSyncDp98v2=1680295084; cSyncDp101=1680295084; cSyncDp104v2=1680295084; cSyncDp107=1680295084; cSyncDp110v2=1680295084; cSyncDp125v3=1680295084; cSyncDp126=1680295084; cSyncDp127=1680295084; cSyncDp129=1680295084; cSyncDp136v2=1680295084; cSyncDp146=1680295084; cSyncDp148v1=1680295084; cSyncDp149v2=1680295084; cSyncDp151=1680295084; cSyncDp178=1680295084; cSyncDp186=1680295084; cSyncDp217=1680295084; cSyncDp221=1680295084; cSyncDp235=1680295084; cSyncDp239=1680295084; cSyncDp243=1680295084; cSyncDp244=1680295084
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=95&euid=PZGHDKPT

167.235.177.243

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=95&euid=PZGHDKPT
IP
167.235.177.243:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=95&euid=PZGHDKPT HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWQnRKxuEQCq7WORAq4HX47bsOX11qTBDBELLGV73yqr; cSyncDp7v2=1680295084; cSyncDp14v3=1680295084; cSyncDp17=1680295084; cSyncDp45v4=1680295084; cSyncDp53v2=1680295084; cSyncDp62=1680295084; cSyncDp67v2=1680295084; cSyncDp68=1680295084; cSyncDp71=1680295084; cSyncDp85=1680295084; cSyncDp95v3=1680295084; cSyncDp98v2=1680295084; cSyncDp101=1680295084; cSyncDp104v2=1680295084; cSyncDp107=1680295084; cSyncDp110v2=1680295084; cSyncDp125v3=1680295084; cSyncDp126=1680295084; cSyncDp127=1680295084; cSyncDp129=1680295084; cSyncDp136v2=1680295084; cSyncDp146=1680295084; cSyncDp148v1=1680295084; cSyncDp149v2=1680295084; cSyncDp151=1680295084; cSyncDp178=1680295084; cSyncDp186=1680295084; cSyncDp217=1680295084; cSyncDp221=1680295084; cSyncDp235=1680295084; cSyncDp239=1680295084; cSyncDp243=1680295084; cSyncDp244=1680295084
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

acint.net/match?dp=110&euid=b7249f7b678c4d5195196637e62e3b23

167.235.177.243

200 OK

43 B

URL HTTP/2
acint.net/match?dp=110&euid=b7249f7b678c4d5195196637e62e3b23
IP
167.235.177.243:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=110&euid=b7249f7b678c4d5195196637e62e3b23 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWQnRKxuEQCq7WORAq4HX47bsOX11qTBDBELLGV73yqr; cSyncDp7v2=1680295084; cSyncDp14v3=1680295084; cSyncDp17=1680295084; cSyncDp45v4=1680295084; cSyncDp53v2=1680295084; cSyncDp62=1680295084; cSyncDp67v2=1680295084; cSyncDp68=1680295084; cSyncDp71=1680295084; cSyncDp85=1680295084; cSyncDp95v3=1680295084; cSyncDp98v2=1680295084; cSyncDp101=1680295084; cSyncDp104v2=1680295084; cSyncDp107=1680295084; cSyncDp110v2=1680295084; cSyncDp125v3=1680295084; cSyncDp126=1680295084; cSyncDp127=1680295084; cSyncDp129=1680295084; cSyncDp136v2=1680295084; cSyncDp146=1680295084; cSyncDp148v1=1680295084; cSyncDp149v2=1680295084; cSyncDp151=1680295084; cSyncDp178=1680295084; cSyncDp186=1680295084; cSyncDp217=1680295084; cSyncDp221=1680295084; cSyncDp235=1680295084; cSyncDp239=1680295084; cSyncDp243=1680295084; cSyncDp244=1680295084
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sync.bumlam.com/?src=sape

31.172.81.158

302 Moved Temporarily

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sape
IP
31.172.81.158:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRlZmU1MjE2ZS1kMDAzLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRlZmU1MjE2ZS1kMDAzLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Thu, 26 Mar 2043 20:38:04 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=efe5216e-d003-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
55b4cf067a1a34aff740e813d2fdc7a8
2af1b4f6637f8f54e2d880b254d0998ec7fae348
005b8fdd51f42c449c7c8437e17d7604afff2fc411416182293aa05ac83640a9

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 04 Apr 2023 18:24:24 GMT
ETag: "2af1b4f6637f8f54e2d880b254d0998ec7fae348"
Last-Modified: Fri, 31 Mar 2023 18:24:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1204
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64d79aa7069b-OSL

nr.bidderstack.com/sape/cm?user_id=0100007FAC442764AA00116E029163ED

23.88.12.14

200 OK

44 B

URL HTTP/1.1
nr.bidderstack.com/sape/cm?user_id=0100007FAC442764AA00116E029163ED
IP
23.88.12.14:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
44 B (44 bytes)
Hash
f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

HTTP Headers

GET /sape/cm?user_id=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=4d7aa792-88e8-4e0a-d816-21656a927296; domain=.bidderstack.com; path=/; expires=Sat, 30-Mar-2024 20:38:04 GMT;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

www.acint.net/match?dp=127&euid=3ul7h7xYPVdJvavDX2Nu

167.235.177.243

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=127&euid=3ul7h7xYPVdJvavDX2Nu
IP
167.235.177.243:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=127&euid=3ul7h7xYPVdJvavDX2Nu HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWQnRKxuEQCq7WORAq4HX47bsOX11qTBDBELLGV73yqr; cSyncDp7v2=1680295084; cSyncDp14v3=1680295084; cSyncDp17=1680295084; cSyncDp45v4=1680295084; cSyncDp53v2=1680295084; cSyncDp62=1680295084; cSyncDp67v2=1680295084; cSyncDp68=1680295084; cSyncDp71=1680295084; cSyncDp85=1680295084; cSyncDp95v3=1680295084; cSyncDp98v2=1680295084; cSyncDp101=1680295084; cSyncDp104v2=1680295084; cSyncDp107=1680295084; cSyncDp110v2=1680295084; cSyncDp125v3=1680295084; cSyncDp126=1680295084; cSyncDp127=1680295084; cSyncDp129=1680295084; cSyncDp136v2=1680295084; cSyncDp146=1680295084; cSyncDp148v1=1680295084; cSyncDp149v2=1680295084; cSyncDp151=1680295084; cSyncDp178=1680295084; cSyncDp186=1680295084; cSyncDp217=1680295084; cSyncDp221=1680295084; cSyncDp235=1680295084; cSyncDp239=1680295084; cSyncDp243=1680295084; cSyncDp244=1680295084
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

kimberlite.io/rtb/sync/sape2?u=0100007FAC442764AA00116E029163ED

89.108.127.68

307 Temporary Redirect

0 B

URL HTTP/1.1
kimberlite.io/rtb/sync/sape2?u=0100007FAC442764AA00116E029163ED
IP
89.108.127.68:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rtb/sync/sape2?u=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: u=ZCdErGKq1eA~MOBGc6qnN365MqsASTIk1iJvl0g; path=/; max-age=7776000; samesite=none; httponly; secure
location: https://ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D243%2526euid%253DZCdErGKq1eA%26n%3D1
referrer-policy: no-referrer
server-timing: app;srv=3;dur=0.0003

sync.bumlam.com/?src=sap1&s_data=CAIQARisiZ2hBmIgMDEwMDAwN0ZBQzQ0Mjc2NEFBMDAxMTZFMDI5MTYzRUSiARDv5SFu0AMR7YbgACWQwGR8

31.172.81.158

200 OK

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sap1&s_data=CAIQARisiZ2hBmIgMDEwMDAwN0ZBQzQ0Mjc2NEFBMDAxMTZFMDI5MTYzRUSiARDv5SFu0AMR7YbgACWQwGR8
IP
31.172.81.158:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sap1&s_data=CAIQARisiZ2hBmIgMDEwMDAwN0ZBQzQ0Mjc2NEFBMDAxMTZFMDI5MTYzRUSiARDv5SFu0AMR7YbgACWQwGR8 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRlZmU1MjE2ZS1kMDAzLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRlZmU1MjE2ZS1kMDAzLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Thu, 26 Mar 2043 20:38:04 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

ad.a-ads.com/1484498?size=300x250

78.46.174.169

200 OK

4.7 kB

URL HTTP/2
ad.a-ads.com/1484498?size=300x250
IP
78.46.174.169:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11122)
Size
4.7 kB (4711 bytes)
Hash
42441ab38ba1b7f9d8b6ddd8abbb3ef6
34aa3120a7a10fed4f11a025bf6d844e12d907fa
eec834717a0c971a3ea9b7cb66ff257e4c3ff31b6b950d1565a08681ef1382bc

HTTP Headers

GET /1484498?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://vladbard.blogspot.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/426618/300x250?region=eu-central-1

78.46.174.169

200 OK

500 kB

URL HTTP/2
static.a-ads.com/a-ads-banners/426618/300x250?region=eu-central-1
IP
78.46.174.169:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 300 x 250\012- data
Size
500 kB (499628 bytes)
Hash
e4eb2c4ec1794d4e05b77ec20607b881
4abdedcc14882e200a685cfd4240e69c60732aea
4f2c5f4d5efd47fd8d0fc9e0ceca3d637d907a682b748102378c2aa677395efe

HTTP Headers

GET /a-ads-banners/426618/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: image/gif
content-length: 499628
x-amz-id-2: BDduID+RanBToNSdCB7foPEWZyWS9/EvDnRH32DdIfIKJUB3p665tOirVNDtnStaGL0Nsti8VqY=
x-amz-request-id: HGNRYKSR9Q5F5T9N
x-amz-replication-status: COMPLETED
last-modified: Sun, 20 Nov 2022 16:37:46 GMT
etag: "e4eb2c4ec1794d4e05b77ec20607b881"
cache-control: max-age=315360000
x-amz-version-id: aMmfct8jferkXctt.IjET.eVL2M61OoN
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.acint.net/match?dp=186&euid=0ee11534-922c-4eea-9951-c0f4e54eeb09

167.235.177.243

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=186&euid=0ee11534-922c-4eea-9951-c0f4e54eeb09
IP
167.235.177.243:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=186&euid=0ee11534-922c-4eea-9951-c0f4e54eeb09 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWQnRKxuEQCq7WORAq4HX47bsOX11qTBDBELLGV73yqr; cSyncDp7v2=1680295084; cSyncDp14v3=1680295084; cSyncDp17=1680295084; cSyncDp45v4=1680295084; cSyncDp53v2=1680295084; cSyncDp62=1680295084; cSyncDp67v2=1680295084; cSyncDp68=1680295084; cSyncDp71=1680295084; cSyncDp85=1680295084; cSyncDp95v3=1680295084; cSyncDp98v2=1680295084; cSyncDp101=1680295084; cSyncDp104v2=1680295084; cSyncDp107=1680295084; cSyncDp110v2=1680295084; cSyncDp125v3=1680295084; cSyncDp126=1680295084; cSyncDp127=1680295084; cSyncDp129=1680295084; cSyncDp136v2=1680295084; cSyncDp146=1680295084; cSyncDp148v1=1680295084; cSyncDp149v2=1680295084; cSyncDp151=1680295084; cSyncDp178=1680295084; cSyncDp186=1680295084; cSyncDp217=1680295084; cSyncDp221=1680295084; cSyncDp235=1680295084; cSyncDp239=1680295084; cSyncDp243=1680295084; cSyncDp244=1680295084
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0

148.251.236.118

302 Found

0 B

URL HTTP/2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP
148.251.236.118:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1680295084673
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=dc783d27-bbb7-4096-bc98-253984790367;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=dc783d27-bbb7-4096-bc98-253984790367;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=dc783d27-bbb7-4096-bc98-253984790367
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D

116.202.236.172

301 Moved Permanently

115 B

URL HTTP/2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP
116.202.236.172:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text
Size
115 B (115 bytes)
Hash
e8f4f8883aa4db5d8f650942b91f4a71
a2eb096836f6a37e302f1f3568f046cdc49b4a9e
c80bcebdd9eba5b60538651016efa6831f8be88a035522cc097e0117083761a0

HTTP Headers

GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 31 Mar 2023 20:38:07 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=9d6cec5b-d1a9-4fe1-4bec-59b8617d1081
serverid: TODO
X-Firefox-Spdy: h2

pix.bumlam.com/sync/sape/sync_ok?guid=efe5216e-d003-11ed-86e0-002590c0647c

31.172.81.172

302 Found

0 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/sync_ok?guid=efe5216e-d003-11ed-86e0-002590c0647c
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/sape/sync_ok?guid=efe5216e-d003-11ed-86e0-002590c0647c HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRlZmU1MjE2ZS1kMDAzLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://efe5216e-d003-11ed-86e0-002590c0647c.n2.sync.bumlam.com/?src=sape

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
3b3b1b6712db36256321637a2ef6c15c
bfb3248f4413fa7ed815a4a3b7592dd1707b0b67
2b7f6b9092590c4c4e10dc7bcde352b035534486d412541661788f68b3cfcb6f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 23:11:07 GMT
Expires: Tue, 04 Apr 2023 23:11:06 GMT
Etag: "bfb3248f4413fa7ed815a4a3b7592dd1707b0b67"
Cache-Control: max-age=354181,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b0b64d6fc9eb503-OSL

sync.programmatica.com/match/RTBSape?id=0100007FAC442764AA00116E029163ED&chk=1

167.235.117.42

302 Found

0 B

URL HTTP/2
sync.programmatica.com/match/RTBSape?id=0100007FAC442764AA00116E029163ED&chk=1
IP
167.235.117.42:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/RTBSape?id=0100007FAC442764AA00116E029163ED&chk=1 HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Fri, 31 Mar 2023 20:38:04 GMT
content-length: 0
location: https://dmg.digitaltarget.ru/1/7536/i/i?a=1051&e=ZjUxNWM3MDcwODg4MWU1&i=ag1iteionhkb
set-cookie: pid=ZjUxNWM3MDcwODg4MWU1; expires=Tue, 01 Oct 2024 20:38:04 GMT; domain=.programmatica.com; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

www.acint.net/match?dp=71&euid=dc783d27-bbb7-4096-bc98-253984790367

167.235.177.243

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=71&euid=dc783d27-bbb7-4096-bc98-253984790367
IP
167.235.177.243:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=71&euid=dc783d27-bbb7-4096-bc98-253984790367 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWQnRKxuEQCq7WORAq4HX47bsOX11qTBDBELLGV73yqr; cSyncDp7v2=1680295084; cSyncDp14v3=1680295084; cSyncDp17=1680295084; cSyncDp45v4=1680295084; cSyncDp53v2=1680295084; cSyncDp62=1680295084; cSyncDp67v2=1680295084; cSyncDp68=1680295084; cSyncDp71=1680295084; cSyncDp85=1680295084; cSyncDp95v3=1680295084; cSyncDp98v2=1680295084; cSyncDp101=1680295084; cSyncDp104v2=1680295084; cSyncDp107=1680295084; cSyncDp110v2=1680295084; cSyncDp125v3=1680295084; cSyncDp126=1680295084; cSyncDp127=1680295084; cSyncDp129=1680295084; cSyncDp136v2=1680295084; cSyncDp146=1680295084; cSyncDp148v1=1680295084; cSyncDp149v2=1680295084; cSyncDp151=1680295084; cSyncDp178=1680295084; cSyncDp186=1680295084; cSyncDp217=1680295084; cSyncDp221=1680295084; cSyncDp235=1680295084; cSyncDp239=1680295084; cSyncDp243=1680295084; cSyncDp244=1680295084
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
2b94008bb7c89b58d556fab0570c1f8b
a35e549dd73efc734eeb6c6b183302f1b6895c98
f31600bd90854360865a414557181ae6059639c851b29a96bff40326874ab500

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 04 Apr 2023 19:17:06 GMT
ETag: "a35e549dd73efc734eeb6c6b183302f1b6895c98"
Last-Modified: Fri, 31 Mar 2023 19:17:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2404
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64d83b63069b-OSL

www.acint.net/match?dp=126&euid=9d6cec5b-d1a9-4fe1-4bec-59b8617d1081

167.235.177.243

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=126&euid=9d6cec5b-d1a9-4fe1-4bec-59b8617d1081
IP
167.235.177.243:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=126&euid=9d6cec5b-d1a9-4fe1-4bec-59b8617d1081 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWQnRKxuEQCq7WORAq4HX47bsOX11qTBDBELLGV73yqr; cSyncDp7v2=1680295084; cSyncDp14v3=1680295084; cSyncDp17=1680295084; cSyncDp45v4=1680295084; cSyncDp53v2=1680295084; cSyncDp62=1680295084; cSyncDp67v2=1680295084; cSyncDp68=1680295084; cSyncDp71=1680295084; cSyncDp85=1680295084; cSyncDp95v3=1680295084; cSyncDp98v2=1680295084; cSyncDp101=1680295084; cSyncDp104v2=1680295084; cSyncDp107=1680295084; cSyncDp110v2=1680295084; cSyncDp125v3=1680295084; cSyncDp126=1680295084; cSyncDp127=1680295084; cSyncDp129=1680295084; cSyncDp136v2=1680295084; cSyncDp146=1680295084; cSyncDp148v1=1680295084; cSyncDp149v2=1680295084; cSyncDp151=1680295084; cSyncDp178=1680295084; cSyncDp186=1680295084; cSyncDp217=1680295084; cSyncDp221=1680295084; cSyncDp235=1680295084; cSyncDp239=1680295084; cSyncDp243=1680295084; cSyncDp244=1680295084
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
5fab8ff2976eddc36955c411eb054899
b694f7f8926281d3368b00c45044729dbc71c609
35c029482baad207ee1e6fe5bce878b0cc51d9a6585f469dfa2a3ec8d4a3c80a

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 04 Apr 2023 18:05:09 GMT
ETag: "b694f7f8926281d3368b00c45044729dbc71c609"
Last-Modified: Fri, 31 Mar 2023 18:05:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2989
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64d86d07b4f7-OSL

counter.yadro.ru/hit?t38.6;r;s1280*1024*24;uhttps%3A//vladbard.blogspot.com/2017_11_30_archive.html;h11/30/17%20-%20Bard;0.009776524251136065

88.212.202.52

200 OK

445 B

URL HTTP/1.1
counter.yadro.ru/hit?t38.6;r;s1280*1024*24;uhttps%3A//vladbard.blogspot.com/2017_11_30_archive.html;h11/30/17%20-%20Bard;0.009776524251136065
IP
88.212.202.52:0
ASN
#39134 United Network LLC

File type
GIF image data, version 87a, 31 x 31\012- data
Size
445 B (445 bytes)
Hash
1bd6eb140ec5e09af54808bce2be74be
00746108650919b88014ce35aabf72b0f20b2046
3e13369e5c528a4598007330a7d572dadd181e268d0cf87ba7b62fd7668597f8

HTTP Headers

GET /hit?t38.6;r;s1280*1024*24;uhttps%3A//vladbard.blogspot.com/2017_11_30_archive.html;h11/30/17%20-%20Bard;0.009776524251136065 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 31 Mar 2023 20:38:04 GMT
Content-Type: image/gif
Content-Length: 445
Connection: keep-alive
Expires: Wed, 30 Mar 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400

sync.gonet-ads.com/match/sape.js?id=0100007FAC442764AA00116E029163ED

188.42.105.220

302 Found

0 B

URL HTTP/2
sync.gonet-ads.com/match/sape.js?id=0100007FAC442764AA00116E029163ED
IP
188.42.105.220:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/sape.js?id=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: sync.gonet-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: application/javascript
content-length: 0
location: https://sync.gonet-ads.com/match/sape.js?id=0100007FAC442764AA00116E029163ED&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/tag.js

87.250.250.119

200 OK

74 kB

URL HTTP/2
mc.yandex.ru/metrika/tag.js
IP
87.250.250.119:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Size
74 kB (74025 bytes)
Hash
a9326ffae8343d00c2908794734a004a
234737cf0fabcd62477257fde669fabbe343b2c1
7559265023cf9727da205b2d7f850814a5e7d7b98ed9eb50e279c6eddcdda1dd

HTTP Headers

GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 74025
date: Fri, 31 Mar 2023 20:38:04 GMT
access-control-allow-origin: *
etag: "64241f95-12129"
expires: Fri, 31 Mar 2023 21:38:04 GMT
last-modified: Wed, 29 Mar 2023 14:23:01 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

adx.com.ru/sape-sync?uid=0100007FAC442764AA00116E029163ED

83.222.105.70

302 Found

85 B

URL HTTP/2
adx.com.ru/sape-sync?uid=0100007FAC442764AA00116E029163ED
IP
83.222.105.70:0
ASN
#42632 MnogoByte LLC

File type
HTML document, ASCII text
Size
85 B (85 bytes)
Hash
2cabec1fceb82fa11f13ab4b471ae6ad
7debea9b641a79ff4d2aac5e9a8be8d6d76da880
dad3e3d1a032de31bba20a3923ab1f93c976306d12df9a8b43c593a319bbe017

HTTP Headers

GET /sape-sync?uid=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: adx.com.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.22.0
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: text/html; charset=utf-8
content-length: 85
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
location: /sync?sspKey=25&sspUserID=0100007FAC442764AA00116E029163ED
p3p: CP="adx.com.ru does not have a P3P policy"
set-cookie: user=642744aca897d800011453bf; Path=/; Domain=adx.com.ru; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/advert.gif

87.250.250.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
87.250.250.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 31 Mar 2023 20:38:05 GMT
access-control-allow-origin: *
etag: "64241f95-2b"
expires: Fri, 31 Mar 2023 21:38:05 GMT
accept-ranges: bytes
last-modified: Wed, 29 Mar 2023 14:23:01 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

adx.com.ru/sync?sspKey=25&sspUserID=0100007FAC442764AA00116E029163ED

83.222.105.70

302 Found

231 B

URL HTTP/2
adx.com.ru/sync?sspKey=25&sspUserID=0100007FAC442764AA00116E029163ED
IP
83.222.105.70:0
ASN
#42632 MnogoByte LLC

File type
HTML document, ASCII text
Size
231 B (231 bytes)
Hash
d888a3ca3972edf608ffe97dac8ae584
0ca2e6c6ff916e005212e7baa37fdcd5e47c24cc
3de725256c5f6033f5e472e20a027da665c5b051172a59bbf52beb3bb86315a0

HTTP Headers

GET /sync?sspKey=25&sspUserID=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: adx.com.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: user=642744aca897d800011453bf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx/1.22.0
date: Fri, 31 Mar 2023 20:38:05 GMT
content-type: text/html; charset=utf-8
content-length: 231
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D642744aca897d800011453bf%2526r%253D%26webouid%3D{WEBO_CID}
p3p: CP="adx.com.ru does not have a P3P policy"
X-Firefox-Spdy: h2

mc.yandex.ru/watch/23354005/1?wmode=7&page-url=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A2841%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A1%3Adp%3A0%3Als%3A1342031037228%3Ahid%3A975192625%3Az%3A0%3Ai%3A20230331203804%3Aet%3A1680295084%3Ac%3A1%3Arn%3A1037189939%3Arqn%3A1%3Au%3A1680295084668239203%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C72%2C1529%2C0%2C791%2C0%2C%2C531%2C24%2C%2C%2C%2C2935%3Aco%3A0%3Ans%3A1680295080148%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1680295084%3At%3A11%2F30%2F17%20-%20Bard&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29

87.250.250.119

200 OK

442 B

URL HTTP/2
mc.yandex.ru/watch/23354005/1?wmode=7&page-url=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A2841%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A1%3Adp%3A0%3Als%3A1342031037228%3Ahid%3A975192625%3Az%3A0%3Ai%3A20230331203804%3Aet%3A1680295084%3Ac%3A1%3Arn%3A1037189939%3Arqn%3A1%3Au%3A1680295084668239203%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C72%2C1529%2C0%2C791%2C0%2C%2C531%2C24%2C%2C%2C%2C2935%3Aco%3A0%3Ans%3A1680295080148%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1680295084%3At%3A11%2F30%2F17%20-%20Bard&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP
87.250.250.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (442), with no line terminators
Size
442 B (442 bytes)
Hash
d3ba28f82fff88a56747d8f97b1c720a
49ca1c432d0631076fb3a467578502de6b644131
3e5c05eedeb6d6b5e13b7fd83334129630052f5e1343d00d8c2c0cfe836017e9

HTTP Headers

GET /watch/23354005/1?wmode=7&page-url=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A2841%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A1%3Adp%3A0%3Als%3A1342031037228%3Ahid%3A975192625%3Az%3A0%3Ai%3A20230331203804%3Aet%3A1680295084%3Ac%3A1%3Arn%3A1037189939%3Arqn%3A1%3Au%3A1680295084668239203%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C72%2C1529%2C0%2C791%2C0%2C%2C531%2C24%2C%2C%2C%2C2935%3Aco%3A0%3Ans%3A1680295080148%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1680295084%3At%3A11%2F30%2F17%20-%20Bard&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vladbard.blogspot.com
Referer: https://vladbard.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 442
date: Fri, 31 Mar 2023 20:38:05 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://vladbard.blogspot.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 31-Mar-2023 20:38:05 GMT
last-modified: Fri, 31-Mar-2023 20:38:05 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.globalsign.com/alphasslcasha256g4

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/alphasslcasha256g4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1437 bytes)
Hash
56bc321d63f0a09f264185c46cb9d40a
6c970303b8c008395a67410955678d677dc26adf
5330091afad157d258cd3e87cd79aa1c46610c9ea3736b09ba772c2f299b96c5

HTTP Headers

POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Tue, 04 Apr 2023 19:11:32 GMT
ETag: "6c970303b8c008395a67410955678d677dc26adf"
Last-Modified: Fri, 31 Mar 2023 19:11:33 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1485
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64dd9fdcb50c-OSL

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
3ef19c14f56da4b516f3c125199499df
7c316ddddf19b024bc889e052413bbc7c9130465
5386e329b863fb484bb18757980b029f539d5728fae4d19d89ae498207b538f7

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 04 Apr 2023 16:30:05 GMT
ETag: "7c316ddddf19b024bc889e052413bbc7c9130465"
Last-Modified: Fri, 31 Mar 2023 16:30:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2378
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64dd9ee7b4f7-OSL

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
c4302772f5051aa6e03832a6fe0fb075
36b94c318e5687c93fc0d7cbcbf4d25095b067e5
76328d6a95a64d749dd239a906340f847d07b77238724c5f7be24faaf0b2d83e

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 04 Apr 2023 18:30:11 GMT
ETag: "36b94c318e5687c93fc0d7cbcbf4d25095b067e5"
Last-Modified: Fri, 31 Mar 2023 18:30:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3137
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64ddd832b50c-OSL

sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D

77.245.57.72

200 OK

0 B

URL HTTP/1.1
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP
77.245.57.72:0
ASN
#36057 WEBAIR-INTERNET-MTL

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Length: 0
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache

ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691

195.209.108.58

302 Moved Temporarily

0 B

URL HTTP/1.1
ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP
195.209.108.58:0
ASN
#52007 LLC AdRiver

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ev.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-4966073293; expires=Sun, 30 Mar 2025 20:38:05 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4966073293
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

ocsp.usertrust.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
45ad8b17203b70edc954dd1710abd566
539628d6e39434f9e22a363a06166e2e0cfc4aad
4ed3650216640b4da7ad810d59d2018bb744f8da3803ddf2d8f9f95b3df93937

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 15:11:27 GMT
Expires: Thu, 06 Apr 2023 15:11:26 GMT
Etag: "539628d6e39434f9e22a363a06166e2e0cfc4aad"
Cache-Control: max-age=604003,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 849
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64de0d84b4f1-OSL

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
26a5b339cede0c8005faaf68f42f0993
bb25972fa5038ad18b97b9ade013882a5d72d2e9
1842694c7f7bbeba13ac768d2eec6e2ec6a305cdbe61184a7227a720022a6ea9

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 04 Apr 2023 18:24:23 GMT
ETag: "bb25972fa5038ad18b97b9ade013882a5d72d2e9"
Last-Modified: Fri, 31 Mar 2023 18:24:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2432
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64de1fa8b4f7-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
278c8307f30e24de4bacb7b48e38996c
cca6d6447b2e8175cdf3a7e67c33e63719612bb5
d2447ff030a8408ff526f239d251e798a0452b12e9d0bc432fe0038c8c4c01ee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 29 Mar 2023 02:03:25 GMT
Expires: Wed, 05 Apr 2023 02:03:24 GMT
Etag: "cca6d6447b2e8175cdf3a7e67c33e63719612bb5"
Cache-Control: max-age=364518,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b0b64ddeb47b4ee-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
01f2b0b9196c05346e2e3cb323b13d29
2de189eaf21dfccb581d22011a6c98b983fb5e6a
8ec8f87a00094c0b244f98390b3af0f206623d6ec3cdda539b2635e8b75f80e9

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 04 Apr 2023 18:56:37 GMT
ETag: "2de189eaf21dfccb581d22011a6c98b983fb5e6a"
Last-Modified: Fri, 31 Mar 2023 18:56:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1026
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64de48e3b50c-OSL

ocsp.usertrust.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
13e19ce3629c0988b1ec5375b216e4cc
75f3b98f9caa614cb917c88da381183634c93cf8
e1e580e5a17a1688bd44fb21cd068f72e8e91c4ae4eee7a770fb165e42aa3873

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 16:24:16 GMT
Expires: Thu, 06 Apr 2023 16:24:15 GMT
Etag: "75f3b98f9caa614cb917c88da381183634c93cf8"
Cache-Control: max-age=603073,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1130
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64de4ddbb4f1-OSL

ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4966073293

195.209.108.58

302 Moved Temporarily

40 B

URL HTTP/1.1
ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4966073293
IP
195.209.108.58:0
ASN
#52007 LLC AdRiver

File type
ASCII text, with CRLF line terminators
Size
40 B (40 bytes)
Hash
251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b

HTTP Headers

GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4966073293 HTTP/1.1
Host: ev.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Sun, 30 Mar 2025 20:38:05 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2f811c496d443f261312f066c6c958cc
b56521d7682379ba5a1a93eb175819e2ed01dc9a
1654847470f429f84ab1915ae9633eb4bae97197325dfdd307463ef8fb9eebc8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1654847470F429F84AB1915AE9633EB4BAE97197325DFDD307463EF8FB9EEBC8"
Last-Modified: Thu, 30 Mar 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9213
Expires: Fri, 31 Mar 2023 23:11:38 GMT
Date: Fri, 31 Mar 2023 20:38:05 GMT
Connection: keep-alive

x01.aidata.io/0.gif?pid=9401454&id=0100007FAC442764AA00116E029163ED

89.108.119.43

302 Found

0 B

URL HTTP/2
x01.aidata.io/0.gif?pid=9401454&id=0100007FAC442764AA00116E029163ED
IP
89.108.119.43:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0.gif?pid=9401454&id=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Fri, 31 Mar 2023 20:38:05 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=0100007FAC442764AA00116E029163ED&bounce=1
expires: Fri, 31 Mar 2023 20:38:04 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Fri, 31 Mar 2023 20:38:04 GMT
set-cookie: __upin=AsJ+CxpF41arxkOlmX5YBA;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1680295085;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D243%2526euid%253DZCdErGKq1eA%26n%3D1

188.42.34.64

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D243%2526euid%253DZCdErGKq1eA%26n%3D1
IP
188.42.34.64:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D243%2526euid%253DZCdErGKq1eA%26n%3D1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D243%2526euid%253DZCdErGKq1eA%26n%3D1&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 30 Mar 2024 20:38:05 GMT; Path=/; Domain=.betweendigital.com
tuuid=7d2dfe23-f0a4-525a-abac-a7facf8be357; Max-Age=31536000; Expires=Sat, 30 Mar 2024 20:38:05 GMT; Path=/; Domain=.betweendigital.com
ut=ZCdErQAMa7Dy_YkF0mxrLmeeRJIu6J9IMsTK7w==; Max-Age=31536000; Expires=Sat, 30 Mar 2024 20:38:05 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
318f37921eefe31e9a71df6d2fc5f855
0a16eb8254f495990bcf96d58a81323b54050740
393b9fa0436d32a3a1e246b9c95c91e7af84ff069b2a85e4bf6ea1260545c485

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 04 Apr 2023 17:54:17 GMT
ETag: "0a16eb8254f495990bcf96d58a81323b54050740"
Last-Modified: Fri, 31 Mar 2023 17:54:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2635
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64de7881b4f7-OSL

ad.mail.ru/cm.gif?p=48&id=0100007FAC442764AA00116E029163ED

95.163.41.56

200 OK

43 B

URL HTTP/2
ad.mail.ru/cm.gif?p=48&id=0100007FAC442764AA00116E029163ED
IP
95.163.41.56:0
ASN
#47764 Mail.Ru LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /cm.gif?p=48&id=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 20:38:05 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=3clUpS2tAC2G0022dI2dCT2G:::0-0-0-9419d6d:CAASEP_iBiwdzXxSa4cUHloVRj8aYOyJF3Qa2yxzx_BvZ3D2xX2kFhfRurd2tJENMeNuCggvhGbG_ingcjfcSf7WNgB0NWeZ_qNjoO3upYqUszZvP1cDHoBczVf1lixBWD301v2_eQJV1E5U7SKQu1lrbSmHgw; path=/; expires=Sun, 31-Mar-24 20:38:05 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Sat, 01 Apr 2023 02:38:05 GMT
cache-control: max-age=21600
last-modified: Fri, 31 Mar 2023 20:38:05 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
059f671e122fac0eb3f77a54410f26c5
1926528dafc7228d49c669cf63b7ceff9efb37a9
8dce7a23aa0fb21a68d35229b4c918c7a95efd77ad49c2ffc764d09a87dd313e

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 04 Apr 2023 19:24:43 GMT
ETag: "1926528dafc7228d49c669cf63b7ceff9efb37a9"
Last-Modified: Fri, 31 Mar 2023 19:24:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1969
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64de897db50c-OSL

redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D642744aca897d800011453bf%2526r%253D%26webouid%3D{WEBO_CID}

35.190.24.218

307 Temporary Redirect

0 B

URL HTTP/2
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D642744aca897d800011453bf%2526r%253D%26webouid%3D{WEBO_CID}
IP
35.190.24.218:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D642744aca897d800011453bf%2526r%253D%26webouid%3D{WEBO_CID} HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
server: Weborama Collect Frontend
date: Fri, 31 Mar 2023 20:38:05 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D642744aca897d800011453bf%2526r%253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=2362231388
vary: Origin
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Fri, 31 Mar 2023 20:38:05 GMT
set-cookie: AFFICHE_W=mdZ9Gjli2laZ48; expires=Sat, 27 Apr 2024 20:38:05 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sape-sync.rutarget.ru/sync

46.243.142.239

302 Moved Temporarily

0 B

URL HTTP/1.1
sape-sync.rutarget.ru/sync
IP
46.243.142.239:0
ASN
#208677 Cloud technology Limited (Ltd.)

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=bvn4Ap_mCOH3
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=bvn4Ap_mCOH3; Path=/; Domain=.rutarget.ru; Expires=Wed, 27 Sep 2023 20:38:05 GMT; SameSite=None; Secure

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
eab6f6d1da3f627d0f6e5c177a28fc22
7fb2afb29e4b5ec3c544aa97c93015a4e4c99270
ac858f378ab8fd3fa675e91812c7e310dc20120381181ae2fe0bd3ce59d2b948

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 04 Apr 2023 19:47:00 GMT
ETag: "7fb2afb29e4b5ec3c544aa97c93015a4e4c99270"
Last-Modified: Fri, 31 Mar 2023 19:47:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2865
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64de98dcb4f7-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4af86dc55f0b054fc5401fcd2a6d5bc6
6bb1900f2857aab721431a910a38af8099f51789
366fb6575be971236af0ab3d2d168acaf85e1396b22a575a83790c8184b619c3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "366FB6575BE971236AF0AB3D2D168ACAF85E1396B22A575A83790C8184B619C3"
Last-Modified: Thu, 30 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7844
Expires: Fri, 31 Mar 2023 22:48:49 GMT
Date: Fri, 31 Mar 2023 20:38:05 GMT
Connection: keep-alive

188.42.34.64

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D243%2526euid%253DZCdErGKq1eA%26n%3D1&crf=1
IP
188.42.34.64:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D243%2526euid%253DZCdErGKq1eA%26n%3D1&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 30 Mar 2024 20:38:05 GMT; Path=/; Domain=.betweendigital.com
tuuid=88146f38-25cc-525a-b9ee-30d9ddc97474; Max-Age=31536000; Expires=Sat, 30 Mar 2024 20:38:05 GMT; Path=/; Domain=.betweendigital.com
ut=ZCdErQANE6iYdutI6JAEmL085ucmyxpOT79B8Q==; Max-Age=31536000; Expires=Sat, 30 Mar 2024 20:38:05 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D

167.235.177.243

302 Found

154 B

URL HTTP/2
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP
167.235.177.243:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWQnRKxuEQCq7WORAq4HX47bsOX11qTBDBELLGV73yqr; cSyncDp7v2=1680295084; cSyncDp14v3=1680295084; cSyncDp17=1680295084; cSyncDp45v4=1680295084; cSyncDp53v2=1680295084; cSyncDp62=1680295084; cSyncDp67v2=1680295084; cSyncDp68=1680295084; cSyncDp71=1680295084; cSyncDp85=1680295084; cSyncDp95v3=1680295084; cSyncDp98v2=1680295084; cSyncDp101=1680295084; cSyncDp104v2=1680295084; cSyncDp107=1680295084; cSyncDp110v2=1680295084; cSyncDp125v3=1680295084; cSyncDp126=1680295084; cSyncDp127=1680295084; cSyncDp129=1680295084; cSyncDp136v2=1680295084; cSyncDp146=1680295084; cSyncDp148v1=1680295084; cSyncDp149v2=1680295084; cSyncDp151=1680295084; cSyncDp178=1680295084; cSyncDp186=1680295084; cSyncDp217=1680295084; cSyncDp221=1680295084; cSyncDp235=1680295084; cSyncDp239=1680295084; cSyncDp243=1680295084; cSyncDp244=1680295084
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Fri, 31 Mar 2023 20:38:05 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FAC442764AA00116E029163ED
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.yandex.ru/watch/23354005?wmode=7&page-url=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A2841%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A1%3Adp%3A0%3Als%3A1342031037228%3Ahid%3A975192625%3Az%3A0%3Ai%3A20230331203804%3Aet%3A1680295084%3Ac%3A1%3Arn%3A1037189939%3Arqn%3A1%3Au%3A1680295084668239203%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C72%2C1529%2C0%2C791%2C0%2C%2C531%2C24%2C%2C%2C%2C2935%3Aco%3A0%3Ans%3A1680295080148%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1680295084%3At%3A11%2F30%2F17%20-%20Bard&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)

87.250.250.119

302 Found

3.1 kB

URL HTTP/2
mc.yandex.ru/watch/23354005?wmode=7&page-url=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A2841%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A1%3Adp%3A0%3Als%3A1342031037228%3Ahid%3A975192625%3Az%3A0%3Ai%3A20230331203804%3Aet%3A1680295084%3Ac%3A1%3Arn%3A1037189939%3Arqn%3A1%3Au%3A1680295084668239203%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C72%2C1529%2C0%2C791%2C0%2C%2C531%2C24%2C%2C%2C%2C2935%3Aco%3A0%3Ans%3A1680295080148%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1680295084%3At%3A11%2F30%2F17%20-%20Bard&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP
87.250.250.119:0
ASN
#13238 YANDEX LLC

File type
ASCII text, with very long lines (3051), with no line terminators
Size
3.1 kB (3051 bytes)
Hash
e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

HTTP Headers

GET /watch/23354005?wmode=7&page-url=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A2841%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A1%3Adp%3A0%3Als%3A1342031037228%3Ahid%3A975192625%3Az%3A0%3Ai%3A20230331203804%3Aet%3A1680295084%3Ac%3A1%3Arn%3A1037189939%3Arqn%3A1%3Au%3A1680295084668239203%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C72%2C1529%2C0%2C791%2C0%2C%2C531%2C24%2C%2C%2C%2C2935%3Aco%3A0%3Ans%3A1680295080148%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1680295084%3At%3A11%2F30%2F17%20-%20Bard&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vladbard.blogspot.com
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: /watch/23354005/1?wmode=7&page-url=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A2841%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A1%3Adp%3A0%3Als%3A1342031037228%3Ahid%3A975192625%3Az%3A0%3Ai%3A20230331203804%3Aet%3A1680295084%3Ac%3A1%3Arn%3A1037189939%3Arqn%3A1%3Au%3A1680295084668239203%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C72%2C1529%2C0%2C791%2C0%2C%2C531%2C24%2C%2C%2C%2C2935%3Aco%3A0%3Ans%3A1680295080148%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1680295084%3At%3A11%2F30%2F17%20-%20Bard&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 31 Mar 2023 20:38:05 GMT
access-control-allow-origin: https://vladbard.blogspot.com
set-cookie: yabs-sid=1529666331680295085; Path=/; SameSite=None; Secure
i=mpzKyJdW+NSjvGjLb2sqD9YwjcC0bg7JdBFjNaT69fTOTz9NjGnGQOWNZgOWyJYt+f/NZnLTUhHwRYWKckG2+bAjPRE=; Expires=Mon, 28-Mar-2033 20:37:52 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7925996311680295085; Expires=Mon, 28-Mar-2033 20:37:52 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None
yuidss=7925996311680295085; Expires=Sat, 30-Mar-2024 20:38:05 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1711831085.yc.1680295085#1711831085.yrts.1680295085#1711831085.yrtsi.1680295085; Expires=Sat, 30-Mar-2024 20:38:05 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 31-Mar-2023 20:38:05 GMT
last-modified: Fri, 31-Mar-2023 20:38:05 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

x01.aidata.io/0.gif?pid=9401454&id=0100007FAC442764AA00116E029163ED&bounce=1

89.108.119.43

204 No Content

0 B

URL HTTP/2
x01.aidata.io/0.gif?pid=9401454&id=0100007FAC442764AA00116E029163ED&bounce=1
IP
89.108.119.43:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0.gif?pid=9401454&id=0100007FAC442764AA00116E029163ED&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 31 Mar 2023 20:38:05 GMT
expires: Fri, 31 Mar 2023 20:38:04 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Fri, 31 Mar 2023 20:38:04 GMT
set-cookie: __upin=IxQ7mxNOW14JvPKAcv20tg;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1680295085;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

ocsp.usertrust.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
13e19ce3629c0988b1ec5375b216e4cc
75f3b98f9caa614cb917c88da381183634c93cf8
e1e580e5a17a1688bd44fb21cd068f72e8e91c4ae4eee7a770fb165e42aa3873

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 16:24:16 GMT
Expires: Thu, 06 Apr 2023 16:24:15 GMT
Etag: "75f3b98f9caa614cb917c88da381183634c93cf8"
Cache-Control: max-age=603073,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1130
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b64decea3b4f1-OSL

efe5216e-d003-11ed-86e0-002590c0647c.n2.sync.bumlam.com/?src=sape

188.120.241.47

302 Found

0 B

URL HTTP/2
efe5216e-d003-11ed-86e0-002590c0647c.n2.sync.bumlam.com/?src=sape
IP
188.120.241.47:0
ASN
#29182 JSC IOT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape HTTP/1.1
Host: efe5216e-d003-11ed-86e0-002590c0647c.n2.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRlZmU1MjE2ZS1kMDAzLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.22.1
date: Fri, 31 Mar 2023 20:38:05 GMT
content-length: 0
location: https://pix.bumlam.com/sync/sape/done
X-Firefox-Spdy: h2

sm.rtb.mts.ru/p?ssp=sape&id=0100007FAC442764AA00116E029163ED

217.66.147.34

301 Moved Permanently

0 B

URL HTTP/1.1
sm.rtb.mts.ru/p?ssp=sape&id=0100007FAC442764AA00116E029163ED
IP
217.66.147.34:0
ASN
#29209 MTS PJSC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sape&id=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FAC442764AA00116E029163ED
Set-Cookie: dspid=dba6e8b7-a08b-4c1f-b5ca-a33c6c54d700; expires=Thu, 21 Mar 2024 20:38:05 GMT; domain=.mts.ru; path=/; secure; SameSite=None

35.190.24.218

204 No Content

0 B

URL HTTP/2
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D642744aca897d800011453bf%2526r%253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=2362231388
IP
35.190.24.218:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D642744aca897d800011453bf%2526r%253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=2362231388 HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: Weborama Collect Frontend
date: Fri, 31 Mar 2023 20:38:05 GMT
vary: Origin
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Fri, 31 Mar 2023 20:38:05 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ssp.bidvol.com/usersync?dspcsid=8&redirect=1

65.109.65.188

302 Found

471 B

URL HTTP/2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP
65.109.65.188:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
471 B (471 bytes)
Hash
278c8307f30e24de4bacb7b48e38996c
cca6d6447b2e8175cdf3a7e67c33e63719612bb5
d2447ff030a8408ff526f239d251e798a0452b12e9d0bc432fe0038c8c4c01ee

HTTP Headers

GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.22.0
date: Fri, 31 Mar 2023 20:38:04 GMT
x-request-id: upa6VNGkU3PyETMERlzYr
set-cookie: bvuid=09st40o1o0; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=09st40o1o0; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=09st40o1o0
X-Firefox-Spdy: h2

ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FAC442764AA00116E029163ED

81.222.128.216

200 OK

42 B

URL HTTP/1.1
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FAC442764AA00116E029163ED
IP
81.222.128.216:0
ASN
#20597 PVimpelCom

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
278c8307f30e24de4bacb7b48e38996c
cca6d6447b2e8175cdf3a7e67c33e63719612bb5
d2447ff030a8408ff526f239d251e798a0452b12e9d0bc432fe0038c8c4c01ee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 29 Mar 2023 02:03:25 GMT
Expires: Wed, 05 Apr 2023 02:03:24 GMT
Etag: "cca6d6447b2e8175cdf3a7e67c33e63719612bb5"
Cache-Control: max-age=364518,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b0b64ddb98ab503-OSL

www.acint.net/match?dp=104&euid=bvn4Ap_mCOH3

167.235.177.243

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=104&euid=bvn4Ap_mCOH3
IP
167.235.177.243:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=104&euid=bvn4Ap_mCOH3 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWQnRKxuEQCq7WORAq4HX47bsOX11qTBDBELLGV73yqr; cSyncDp7v2=1680295084; cSyncDp14v3=1680295084; cSyncDp17=1680295084; cSyncDp45v4=1680295084; cSyncDp53v2=1680295084; cSyncDp62=1680295084; cSyncDp67v2=1680295084; cSyncDp68=1680295084; cSyncDp71=1680295084; cSyncDp85=1680295084; cSyncDp95v3=1680295084; cSyncDp98v2=1680295084; cSyncDp101=1680295084; cSyncDp104v2=1680295084; cSyncDp107=1680295084; cSyncDp110v2=1680295084; cSyncDp125v3=1680295084; cSyncDp126=1680295084; cSyncDp127=1680295084; cSyncDp129=1680295084; cSyncDp136v2=1680295084; cSyncDp146=1680295084; cSyncDp148v1=1680295084; cSyncDp149v2=1680295084; cSyncDp151=1680295084; cSyncDp178=1680295084; cSyncDp186=1680295084; cSyncDp217=1680295084; cSyncDp221=1680295084; cSyncDp235=1680295084; cSyncDp239=1680295084; cSyncDp243=1680295084; cSyncDp244=1680295084
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 31 Mar 2023 20:38:05 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FAC442764AA00116E029163ED

188.42.34.64

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FAC442764AA00116E029163ED
IP
188.42.34.64:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=73&external_user_id=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=0100007FAC442764AA00116E029163ED&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 30 Mar 2024 20:38:05 GMT; Path=/; Domain=.betweendigital.com
tuuid=31c74918-07d5-525a-a4b8-d96ec09f9dc3; Max-Age=31536000; Expires=Sat, 30 Mar 2024 20:38:05 GMT; Path=/; Domain=.betweendigital.com
ut=ZCdErQAOOKA6FZCV8hyEL5yH0DUs4emtd3KR3Q==; Max-Age=31536000; Expires=Sat, 30 Mar 2024 20:38:05 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D

188.42.34.64

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP
188.42.34.64:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 30 Mar 2024 20:38:05 GMT; Path=/; Domain=.betweendigital.com
tuuid=c86156a1-da47-525a-94a6-7e12f0813abf; Max-Age=31536000; Expires=Sat, 30 Mar 2024 20:38:05 GMT; Path=/; Domain=.betweendigital.com
ut=ZCdErQAOSECPTiZvwsIzsE9O6bQ_HqG3FYgO7Q==; Max-Age=31536000; Expires=Sat, 30 Mar 2024 20:38:05 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

pix.bumlam.com/sync/sape/done

31.172.81.172

200 OK

43 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/done
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRlZmU1MjE2ZS1kMDAzLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 20:38:05 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

px.adhigh.net/p/cm/sape?u=0100007FAC442764AA00116E029163ED

194.190.76.41

302 Found

0 B

URL HTTP/2
px.adhigh.net/p/cm/sape?u=0100007FAC442764AA00116E029163ED
IP
194.190.76.41:0
ASN
#48061 Limited Liability Company GPM Digital Technologies

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/cm/sape?u=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Fri, 31 Mar 2023 20:38:05 GMT
content-length: 0
x-backend-id: f11-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=6TrYxLm7vy0.AikABlGHOWRHmg;Path=/;Domain=.adhigh.net;Expires=Sat, 30-Mar-2024 20:38:05 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=0100007FAC442764AA00116E029163ED&bounced=1
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
649e5325f2d8edef7a1a7ad9a0150b7f
a0cd8a7baace4bcad514cd7c98408fde46faaf07
268ac147053dc40a51ad59345b6cc7a20d7208b66378cc9a037cfcd4ea19c632

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "268AC147053DC40A51AD59345B6CC7A20D7208B66378CC9A037CFCD4EA19C632"
Last-Modified: Thu, 30 Mar 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9087
Expires: Fri, 31 Mar 2023 23:09:33 GMT
Date: Fri, 31 Mar 2023 20:38:06 GMT
Connection: keep-alive

dmg.digitaltarget.ru/1/7536/i/i?a=1051&e=ZjUxNWM3MDcwODg4MWU1&i=ag1iteionhkb

185.15.175.148

307 Temporary Redirect

0 B

URL HTTP/1.1
dmg.digitaltarget.ru/1/7536/i/i?a=1051&e=ZjUxNWM3MDcwODg4MWU1&i=ag1iteionhkb
IP
185.15.175.148:0
ASN
#43226 SafeData LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/7536/i/i?a=1051&e=ZjUxNWM3MDcwODg4MWU1&i=ag1iteionhkb HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 31 Mar 2023 20:38:06 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/7536/i/i?call_source=awg&ts=1680295086055&a=1051&e=ZjUxNWM3MDcwODg4MWU1&i=ag1iteionhkb
Set-Cookie: viuserid=Hpw5pwFhMkFKfic7s29g; Max-Age=93312000; Expires=Sun, 15 Mar 2026 20:38:06 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

an.yandex.ru/mapuid/sapeis/0100007FAC442764AA00116E029163ED?redir-setuniq=1

87.250.250.90

200 OK

12 kB

URL HTTP/2
an.yandex.ru/mapuid/sapeis/0100007FAC442764AA00116E029163ED?redir-setuniq=1
IP
87.250.250.90:0
ASN
#13238 YANDEX LLC

File type
data
Size
12 kB (12469 bytes)
Hash
e12f8efe1b521ed0dc4c4b863fccec4a
cd3d590b1bce93048df994e5ec294631786629c2
78da2272f956d41c5e59c7e2709916d5657584185ac3986976f76438225e5cd7

HTTP Headers

GET /mapuid/sapeis/0100007FAC442764AA00116E029163ED?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
timing-allow-origin: *
date: Fri, 31 Mar 2023 20:38:05 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 31 Mar 2023 20:38:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 31 Mar 2023 20:38:05 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FAC442764AA00116E029163ED&crf=1

188.42.34.64

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FAC442764AA00116E029163ED&crf=1
IP
188.42.34.64:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=73&external_user_id=0100007FAC442764AA00116E029163ED&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 30 Mar 2024 20:38:06 GMT; Path=/; Domain=.betweendigital.com
tuuid=48342d1b-f853-525a-96e0-d3fdf2c79753; Max-Age=31536000; Expires=Sat, 30 Mar 2024 20:38:06 GMT; Path=/; Domain=.betweendigital.com
ut=ZCdErgACs2hPAgtXBqvUH2nYcmD-C5M-BZe2cA==; Max-Age=31536000; Expires=Sat, 30 Mar 2024 20:38:06 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1

188.42.34.64

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP
188.42.34.64:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 30 Mar 2024 20:38:06 GMT; Path=/; Domain=.betweendigital.com
tuuid=96983f96-6cde-525a-8d9e-5de8e9b91946; Max-Age=31536000; Expires=Sat, 30 Mar 2024 20:38:06 GMT; Path=/; Domain=.betweendigital.com
ut=ZCdErgACs2g3ivUROa4nfUHB1vSmAUQLi0-eJA==; Max-Age=31536000; Expires=Sat, 30 Mar 2024 20:38:06 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FAC442764AA00116E029163ED

81.222.128.216

200 OK

42 B

URL HTTP/1.1
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FAC442764AA00116E029163ED
IP
81.222.128.216:0
ASN
#20597 PVimpelCom

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 20:38:06 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FAC442764AA00116E029163ED

217.66.147.34

200 OK

0 B

URL HTTP/1.1
sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FAC442764AA00116E029163ED
IP
217.66.147.34:0
ASN
#29209 MTS PJSC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/second?ssp=30&exu=0100007FAC442764AA00116E029163ED HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 20:38:06 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

dmg.digitaltarget.ru/awg/custom/7536/i/i?call_source=awg&ts=1680295086055&a=1051&e=ZjUxNWM3MDcwODg4MWU1&i=ag1iteionhkb

185.15.175.148

200 OK

64 B

URL HTTP/1.1
dmg.digitaltarget.ru/awg/custom/7536/i/i?call_source=awg&ts=1680295086055&a=1051&e=ZjUxNWM3MDcwODg4MWU1&i=ag1iteionhkb
IP
185.15.175.148:0
ASN
#43226 SafeData LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8

HTTP Headers

GET /awg/custom/7536/i/i?call_source=awg&ts=1680295086055&a=1051&e=ZjUxNWM3MDcwODg4MWU1&i=ag1iteionhkb HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 20:38:06 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

px.adhigh.net/p/cm/sape?u=0100007FAC442764AA00116E029163ED&bounced=1

194.190.76.41

200 OK

49 B

URL HTTP/2
px.adhigh.net/p/cm/sape?u=0100007FAC442764AA00116E029163ED&bounced=1
IP
194.190.76.41:0
ASN
#48061 Limited Liability Company GPM Digital Technologies

File type
GIF image data, version 89a, 1 x 1\012- data
Size
49 B (49 bytes)
Hash
889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

HTTP Headers

GET /p/cm/sape?u=0100007FAC442764AA00116E029163ED&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 20:38:06 GMT
content-type: image/gif
content-length: 49
x-backend-id: f11-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2

tag.digitaltarget.ru/processor.js?i=130317131902128

185.15.175.146

200 OK

16 kB

URL HTTP/1.1
tag.digitaltarget.ru/processor.js?i=130317131902128
IP
185.15.175.146:0
ASN
#43226 SafeData LLC

File type
ASCII text, with very long lines (15892), with no line terminators
Size
16 kB (15892 bytes)
Hash
736e2fb1da94f3277e3f931048c1b9f3
196387db95a17da825b629de3542eff901b09905
4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc

HTTP Headers

GET /processor.js?i=130317131902128 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 20:38:06 GMT
Content-Type: application/javascript
Content-Length: 15892
Last-Modified: Fri, 31 Mar 2023 20:34:34 GMT
Connection: keep-alive
ETag: "642743da-3e14"
Accept-Ranges: bytes

dmg.digitaltarget.ru/1/1093/i/i?i=890712016102771.662034166107408&a=77&e=0100007FAC442764AA00116E029163ED&pref=https%3A%2F%2Fvladbard.blogspot.com%2F&c=ss:77.up:0100007FAC442764AA00116E029163ED.sync:up.xdua:du60u7IbSu8ZwWiQNcf9ktXS.xps:xpsWhXBj_8tdsfnd6MDe1obCz.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

185.15.175.148

307 Temporary Redirect

0 B

URL HTTP/1.1
dmg.digitaltarget.ru/1/1093/i/i?i=890712016102771.662034166107408&a=77&e=0100007FAC442764AA00116E029163ED&pref=https%3A%2F%2Fvladbard.blogspot.com%2F&c=ss:77.up:0100007FAC442764AA00116E029163ED.sync:up.xdua:du60u7IbSu8ZwWiQNcf9ktXS.xps:xpsWhXBj_8tdsfnd6MDe1obCz.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
185.15.175.148:0
ASN
#43226 SafeData LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/1093/i/i?i=890712016102771.662034166107408&a=77&e=0100007FAC442764AA00116E029163ED&pref=https%3A%2F%2Fvladbard.blogspot.com%2F&c=ss:77.up:0100007FAC442764AA00116E029163ED.sync:up.xdua:du60u7IbSu8ZwWiQNcf9ktXS.xps:xpsWhXBj_8tdsfnd6MDe1obCz.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 31 Mar 2023 20:38:06 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1680295086497&i=890712016102771.662034166107408&a=77&e=0100007FAC442764AA00116E029163ED&pref=https%3A%2F%2Fvladbard.blogspot.com%2F&c=ss:77.up:0100007FAC442764AA00116E029163ED.sync:up.xdua:du60u7IbSu8ZwWiQNcf9ktXS.xps:xpsWhXBj_8tdsfnd6MDe1obCz.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=HkNf5Oul59w7l2v7tFQ8; Max-Age=93312000; Expires=Sun, 15 Mar 2026 20:38:06 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/1/1093/i/i?i=890712016102771.9548532679654&a=77&e=0100007FAC442764AA00116E029163ED&pref=https%3A%2F%2Fvladbard.blogspot.com%2F&c=ss:77.up:0100007FAC442764AA00116E029163ED.sync:up.xdua:du60u7IbSu8ZwWiQNcf9ktXS.xps:xpsWhXBj_8tdsfnd6MDe1obCz.dn:acint__net.adcm:hit.tg:adcmjs_noorient

185.15.175.148

307 Temporary Redirect

0 B

URL HTTP/1.1
dmg.digitaltarget.ru/1/1093/i/i?i=890712016102771.9548532679654&a=77&e=0100007FAC442764AA00116E029163ED&pref=https%3A%2F%2Fvladbard.blogspot.com%2F&c=ss:77.up:0100007FAC442764AA00116E029163ED.sync:up.xdua:du60u7IbSu8ZwWiQNcf9ktXS.xps:xpsWhXBj_8tdsfnd6MDe1obCz.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
185.15.175.148:0
ASN
#43226 SafeData LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/1093/i/i?i=890712016102771.9548532679654&a=77&e=0100007FAC442764AA00116E029163ED&pref=https%3A%2F%2Fvladbard.blogspot.com%2F&c=ss:77.up:0100007FAC442764AA00116E029163ED.sync:up.xdua:du60u7IbSu8ZwWiQNcf9ktXS.xps:xpsWhXBj_8tdsfnd6MDe1obCz.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 31 Mar 2023 20:38:06 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1680295086553&i=890712016102771.9548532679654&a=77&e=0100007FAC442764AA00116E029163ED&pref=https%3A%2F%2Fvladbard.blogspot.com%2F&c=ss:77.up:0100007FAC442764AA00116E029163ED.sync:up.xdua:du60u7IbSu8ZwWiQNcf9ktXS.xps:xpsWhXBj_8tdsfnd6MDe1obCz.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=OAUSecihMoh-KZi7EZu9; Max-Age=93312000; Expires=Sun, 15 Mar 2026 20:38:06 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1680295086497&i=890712016102771.662034166107408&a=77&e=0100007FAC442764AA00116E029163ED&pref=https%3A%2F%2Fvladbard.blogspot.com%2F&c=ss:77.up:0100007FAC442764AA00116E029163ED.sync:up.xdua:du60u7IbSu8ZwWiQNcf9ktXS.xps:xpsWhXBj_8tdsfnd6MDe1obCz.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

185.15.175.148

200 OK

64 B

URL HTTP/1.1
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1680295086497&i=890712016102771.662034166107408&a=77&e=0100007FAC442764AA00116E029163ED&pref=https%3A%2F%2Fvladbard.blogspot.com%2F&c=ss:77.up:0100007FAC442764AA00116E029163ED.sync:up.xdua:du60u7IbSu8ZwWiQNcf9ktXS.xps:xpsWhXBj_8tdsfnd6MDe1obCz.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
185.15.175.148:0
ASN
#43226 SafeData LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8

HTTP Headers

GET /awg/custom/1093/i/i?call_source=awg&ts=1680295086497&i=890712016102771.662034166107408&a=77&e=0100007FAC442764AA00116E029163ED&pref=https%3A%2F%2Fvladbard.blogspot.com%2F&c=ss:77.up:0100007FAC442764AA00116E029163ED.sync:up.xdua:du60u7IbSu8ZwWiQNcf9ktXS.xps:xpsWhXBj_8tdsfnd6MDe1obCz.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 20:38:06 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 5
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1680295086553&i=890712016102771.9548532679654&a=77&e=0100007FAC442764AA00116E029163ED&pref=https%3A%2F%2Fvladbard.blogspot.com%2F&c=ss:77.up:0100007FAC442764AA00116E029163ED.sync:up.xdua:du60u7IbSu8ZwWiQNcf9ktXS.xps:xpsWhXBj_8tdsfnd6MDe1obCz.dn:acint__net.adcm:hit.tg:adcmjs_noorient

185.15.175.148

200 OK

64 B

URL HTTP/1.1
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1680295086553&i=890712016102771.9548532679654&a=77&e=0100007FAC442764AA00116E029163ED&pref=https%3A%2F%2Fvladbard.blogspot.com%2F&c=ss:77.up:0100007FAC442764AA00116E029163ED.sync:up.xdua:du60u7IbSu8ZwWiQNcf9ktXS.xps:xpsWhXBj_8tdsfnd6MDe1obCz.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
185.15.175.148:0
ASN
#43226 SafeData LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8

HTTP Headers

GET /awg/custom/1093/i/i?call_source=awg&ts=1680295086553&i=890712016102771.9548532679654&a=77&e=0100007FAC442764AA00116E029163ED&pref=https%3A%2F%2Fvladbard.blogspot.com%2F&c=ss:77.up:0100007FAC442764AA00116E029163ED.sync:up.xdua:du60u7IbSu8ZwWiQNcf9ktXS.xps:xpsWhXBj_8tdsfnd6MDe1obCz.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 20:38:06 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 9
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

www.acint.net/ping/?v=0.5.1&uid=30ee28a7-8d20-4cbc-a463-7a7fd66bb108&dp=10&tz=%2B00%3A00&nc=36562322&dT=2023-03-31T20%3A38%3A06.149

167.235.177.243

200 OK

43 B

URL HTTP/2
www.acint.net/ping/?v=0.5.1&uid=30ee28a7-8d20-4cbc-a463-7a7fd66bb108&dp=10&tz=%2B00%3A00&nc=36562322&dT=2023-03-31T20%3A38%3A06.149
IP
167.235.177.243:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /ping/?v=0.5.1&uid=30ee28a7-8d20-4cbc-a463-7a7fd66bb108&dp=10&tz=%2B00%3A00&nc=36562322&dT=2023-03-31T20%3A38%3A06.149 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Cookie: test_cookie=CheckForPermission; aid=fwAAAWQnRKxuEQCq7WORAq4HX47bsOX11qTBDBELLGV73yqr; cSyncDp7v2=1680295084; cSyncDp14v3=1680295084; cSyncDp17=1680295084; cSyncDp45v4=1680295084; cSyncDp53v2=1680295084; cSyncDp62=1680295084; cSyncDp67v2=1680295084; cSyncDp68=1680295084; cSyncDp71=1680295084; cSyncDp85=1680295084; cSyncDp95v3=1680295084; cSyncDp98v2=1680295084; cSyncDp101=1680295084; cSyncDp104v2=1680295084; cSyncDp107=1680295084; cSyncDp110v2=1680295084; cSyncDp125v3=1680295084; cSyncDp126=1680295084; cSyncDp127=1680295084; cSyncDp129=1680295084; cSyncDp136v2=1680295084; cSyncDp146=1680295084; cSyncDp148v1=1680295084; cSyncDp149v2=1680295084; cSyncDp151=1680295084; cSyncDp178=1680295084; cSyncDp186=1680295084; cSyncDp217=1680295084; cSyncDp221=1680295084; cSyncDp235=1680295084; cSyncDp239=1680295084; cSyncDp243=1680295084; cSyncDp244=1680295084
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 31 Mar 2023 20:38:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.yandex.ru/webvisor/23354005?wmode=0&wv-part=1&wv-hit=975192625&page-url=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&rn=1023278849&wv-type=3&browser-info=we%3A1%3Aet%3A1680295089%3Aw%3A1268x939%3Av%3A991%3Az%3A0%3Ai%3A20230331203808%3Au%3A1680295084668239203%3Avf%3A3ue65zhww2f2brt35wtqzj%3Ast%3A1680295089&t=gdpr(14)ti(2)

87.250.250.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/webvisor/23354005?wmode=0&wv-part=1&wv-hit=975192625&page-url=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&rn=1023278849&wv-type=3&browser-info=we%3A1%3Aet%3A1680295089%3Aw%3A1268x939%3Av%3A991%3Az%3A0%3Ai%3A20230331203808%3Au%3A1680295084668239203%3Avf%3A3ue65zhww2f2brt35wtqzj%3Ast%3A1680295089&t=gdpr(14)ti(2)
IP
87.250.250.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/23354005?wmode=0&wv-part=1&wv-hit=975192625&page-url=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&rn=1023278849&wv-type=3&browser-info=we%3A1%3Aet%3A1680295089%3Aw%3A1268x939%3Av%3A991%3Az%3A0%3Ai%3A20230331203808%3Au%3A1680295084668239203%3Avf%3A3ue65zhww2f2brt35wtqzj%3Ast%3A1680295089&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: https://vladbard.blogspot.com
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 31 Mar 2023 20:38:09 GMT
access-control-allow-origin: https://vladbard.blogspot.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 31-Mar-2023 20:38:09 GMT
last-modified: Fri, 31-Mar-2023 20:38:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F611db66e-eb19-4ce3-9ee4-93c32afc29a5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8795 bytes)
Hash
d1e861b518e06e17ce657c5f9fc15daf
214322b88798120159ab55c7121c8775727b8fc7
3438eb2b7e18d784416c139b42c036eefff3759602e4ce553815c628e1cb5016

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F611db66e-eb19-4ce3-9ee4-93c32afc29a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8795
x-amzn-requestid: 33d91f7c-7d04-405b-8060-33e438ed09f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkAz2GwKoAMFW5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae7e-54ba3517206ac61c50167c3e;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:46 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: nORkLBTHqZ_ZrUuEkg9BcVT2TJzP7OLBRQtfUUzRgvwP9Q9dZtMFbg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:56:12 GMT
age: 81718
etag: "214322b88798120159ab55c7121c8775727b8fc7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

mc.yandex.ru/webvisor/23354005?wv-check=21616&wv-type=0&wmode=0&wv-part=1&wv-hit=975192625&page-url=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&rn=510998557&browser-info=we%3A1%3Aet%3A1680295089%3Aw%3A1268x939%3Av%3A991%3Az%3A0%3Ai%3A20230331203809%3Au%3A1680295084668239203%3Avf%3A3ue65zhww2f2brt35wtqzj%3Ast%3A1680295089&t=gdpr(14)ti(2)

87.250.250.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/webvisor/23354005?wv-check=21616&wv-type=0&wmode=0&wv-part=1&wv-hit=975192625&page-url=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&rn=510998557&browser-info=we%3A1%3Aet%3A1680295089%3Aw%3A1268x939%3Av%3A991%3Az%3A0%3Ai%3A20230331203809%3Au%3A1680295084668239203%3Avf%3A3ue65zhww2f2brt35wtqzj%3Ast%3A1680295089&t=gdpr(14)ti(2)
IP
87.250.250.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/23354005?wv-check=21616&wv-type=0&wmode=0&wv-part=1&wv-hit=975192625&page-url=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&rn=510998557&browser-info=we%3A1%3Aet%3A1680295089%3Aw%3A1268x939%3Av%3A991%3Az%3A0%3Ai%3A20230331203809%3Au%3A1680295084668239203%3Avf%3A3ue65zhww2f2brt35wtqzj%3Ast%3A1680295089&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 68
Origin: https://vladbard.blogspot.com
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 31 Mar 2023 20:38:10 GMT
access-control-allow-origin: https://vladbard.blogspot.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 31-Mar-2023 20:38:10 GMT
last-modified: Fri, 31-Mar-2023 20:38:10 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/webvisor/23354005?wv-check=51875&wv-type=0&wmode=0&wv-part=2&wv-hit=975192625&page-url=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&rn=486479523&browser-info=we%3A1%3Aet%3A1680295089%3Aw%3A1268x939%3Av%3A991%3Az%3A0%3Ai%3A20230331203809%3Au%3A1680295084668239203%3Avf%3A3ue65zhww2f2brt35wtqzj%3Ast%3A1680295089&t=gdpr(14)ti(2)

87.250.250.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/webvisor/23354005?wv-check=51875&wv-type=0&wmode=0&wv-part=2&wv-hit=975192625&page-url=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&rn=486479523&browser-info=we%3A1%3Aet%3A1680295089%3Aw%3A1268x939%3Av%3A991%3Az%3A0%3Ai%3A20230331203809%3Au%3A1680295084668239203%3Avf%3A3ue65zhww2f2brt35wtqzj%3Ast%3A1680295089&t=gdpr(14)ti(2)
IP
87.250.250.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/23354005?wv-check=51875&wv-type=0&wmode=0&wv-part=2&wv-hit=975192625&page-url=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&rn=486479523&browser-info=we%3A1%3Aet%3A1680295089%3Aw%3A1268x939%3Av%3A991%3Az%3A0%3Ai%3A20230331203809%3Au%3A1680295084668239203%3Avf%3A3ue65zhww2f2brt35wtqzj%3Ast%3A1680295089&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 12
Origin: https://vladbard.blogspot.com
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 31 Mar 2023 20:38:10 GMT
access-control-allow-origin: https://vladbard.blogspot.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 31-Mar-2023 20:38:10 GMT
last-modified: Fri, 31-Mar-2023 20:38:10 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/webvisor/23354005?wmode=0&wv-part=2&wv-hit=975192625&page-url=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&rn=761574179&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1680295089%3Aw%3A1268x939%3Av%3A991%3Az%3A0%3Ai%3A20230331203808%3Au%3A1680295084668239203%3Avf%3A3ue65zhww2f2brt35wtqzj%3Ast%3A1680295089&t=gdpr(14)ti(2)

87.250.250.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/webvisor/23354005?wmode=0&wv-part=2&wv-hit=975192625&page-url=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&rn=761574179&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1680295089%3Aw%3A1268x939%3Av%3A991%3Az%3A0%3Ai%3A20230331203808%3Au%3A1680295084668239203%3Avf%3A3ue65zhww2f2brt35wtqzj%3Ast%3A1680295089&t=gdpr(14)ti(2)
IP
87.250.250.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/23354005?wmode=0&wv-part=2&wv-hit=975192625&page-url=https%3A%2F%2Fvladbard.blogspot.com%2F2017_11_30_archive.html&rn=761574179&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1680295089%3Aw%3A1268x939%3Av%3A991%3Az%3A0%3Ai%3A20230331203808%3Au%3A1680295084668239203%3Avf%3A3ue65zhww2f2brt35wtqzj%3Ast%3A1680295089&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 494620
Origin: https://vladbard.blogspot.com
Connection: keep-alive
Referer: https://vladbard.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 31 Mar 2023 20:38:10 GMT
access-control-allow-origin: https://vladbard.blogspot.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 31-Mar-2023 20:38:10 GMT
last-modified: Fri, 31-Mar-2023 20:38:10 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ads.adlook.me/csync?pid=sape&uid=0100007FAC442764AA00116E029163ED&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D

5.101.76.186

302 Found

0 B

URL HTTP/2
ads.adlook.me/csync?pid=sape&uid=0100007FAC442764AA00116E029163ED&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP
5.101.76.186:0
ASN
#48096 Enterprise Cloud Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /csync?pid=sape&uid=0100007FAC442764AA00116E029163ED&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=b7249f7b678c4d5195196637e62e3b23
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=b7249f7b678c4d5195196637e62e3b23; expires=Fri, 29 Mar 2024 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
adlk_cmatch=sape%3A0100007FAC442764AA00116E029163ED; expires=Fri, 31 Dec 9999 20:59:59 GMT; path=/; SameSite=None; secure; samesite=lax
date: Fri, 31 Mar 2023 20:38:04 GMT
X-Firefox-Spdy: h2

www.acint.net/mc/?dp=10&tc=1

167.235.177.243

200 OK

0 B

URL HTTP/2
www.acint.net/mc/?dp=10&tc=1
IP
167.235.177.243:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vladbard.blogspot.com/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWQnRKxuEQCq7WORAq4HX47bsOX11qTBDBELLGV73yqr
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 31 Mar 2023 20:38:04 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v4=1680295084; expires=Sat, 01-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53v2=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp98v2=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1680295084; expires=Fri, 14-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110v2=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v3=1680295084; expires=Sat, 15-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148v1=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp217=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp235=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp239=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp243=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp244=1680295084; expires=Sun, 30-Apr-23 20:38:04 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2

an.yandex.ru/mapuid/sapeis/0100007FAC442764AA00116E029163ED

87.250.250.90

302 Found

0 B

URL HTTP/2
an.yandex.ru/mapuid/sapeis/0100007FAC442764AA00116E029163ED
IP
87.250.250.90:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mapuid/sapeis/0100007FAC442764AA00116E029163ED HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/0100007FAC442764AA00116E029163ED?redir-setuniq=1
date: Fri, 31 Mar 2023 20:38:05 GMT
set-cookie: yandexuid=1325931571680295085; domain=.yandex.ru; path=/; expires=Mon, 28-Mar-2033 20:38:05 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 31 Mar 2023 20:38:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 31 Mar 2023 20:38:05 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL