www.production-floor.com/
88.218.116.38301 Moved Permanently 162 B URL HTTP/1.1 www.production-floor.com/
IP 88.218.116.38:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 20 Sep 2022 17:56:07 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.production-floor.com/
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 804f8bbb7f556d51a5f52d5ebd5b6eef
922cd7e06df278615a04abb81d811d14596c8180
ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Backoff, Retry-After, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 17:13:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _RMEOCOg_whLylE2nmzovq-49HBTSXWLQsxdBGpQzVltLjrtDRnUqw==
Age: 2576
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9827
Expires: Tue, 20 Sep 2022 20:39:54 GMT
Date: Tue, 20 Sep 2022 17:56:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1rChawnoCVE2uVvsx4OXk8JOuTo7uLHtdLXyyib8cV5Dg3jLa051Yw==
age: 48054
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b7495077aac1eb9bb816e9b3f03f7d0d
e1443b3caa7c7e3bfd5422da0ee94695256fd745
041c5e348ce5c5f1c9db288ee9a8ee9115d823b677c70da6a64b81d20aa0c518
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "041C5E348CE5C5F1C9DB288EE9A8EE9115D823B677C70DA6A64B81D20AA0C518"
Last-Modified: Mon, 19 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 20 Sep 2022 23:56:07 GMT
Date: Tue, 20 Sep 2022 17:56:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 20 Sep 2022 17:03:22 GMT
Expires: Tue, 20 Sep 2022 17:30:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: W5hyNVQxQzYhu_X7ogK0RP5I64i28vm3VIGHi5tMEAdShYWJuij2yA==
Age: 3166
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2918
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 17:56:08 GMT
Last-Modified: Tue, 20 Sep 2022 17:07:30 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.218.168.248101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.168.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QCOTHLDNLRn8EMGxFCcVGg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aOAR+4XtQwpv/humrB0w1gdI5r4=
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.1/css/bootstrap.min.css?ver=4.1.1
104.17.24.14200 OK 16 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.1/css/bootstrap.min.css?ver=4.1.1
IP 104.17.24.14:0
File type ASCII text, with very long lines (65324)
Hash a0c430714f9313f3b8f722f0cfd9a0b1
fc7fc9b9412f1b65a917b1ff69590e00e9b0f8b4
3a0b1affca78df2233f1a64c52df0feb9e44eb816209b45f1d9cabfde69bcee9
GET /ajax/libs/twitter-bootstrap/4.1.1/css/bootstrap.min.css?ver=4.1.1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: text/css; charset=utf-8
content-length: 15828
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-22682"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 11989411
expires: Sun, 10 Sep 2023 17:56:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdyppajZhq1gRB3vYKgjfAOK4DxNgydSNeZjHo1fuZb7JB6I%2Bej%2BM%2B4bR25oeE4yMW5AaCCFFG92BZDEYOmH%2BTC53koPmqyp6VigDHYSOo970pj0%2BRn8I5pxXUVTHqCpaSIz9CML"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dc6fa14da0b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js?ver=2.8.3
104.17.24.14200 OK 4.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js?ver=2.8.3
IP 104.17.24.14:0
File type HTML document, ASCII text, with very long lines (11084), with no line terminators
Hash a5775b673c18ffa903cd1a6129ce5f87
ee2569b285a7dbc4ccc95b01a16f06943fade768
ab8ad2f07d5214be2ade4edcd295d5fb8f8aa60971b3ec1348063a8a19659fc9
GET /ajax/libs/modernizr/2.8.3/modernizr.min.js?ver=2.8.3 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 3980
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-2b4c"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6552940
expires: Sun, 10 Sep 2023 17:56:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owVK2WWBK8fkXtcL3hHufM6ZMVsmNuaBGoG619HVB67QMNPZcp1n4MHju2UACwGoeIc89qMNZGpg%2BeJisGpjAG3ZSRDjz3jexoU0wOGiD0mZM31PHTHV23wYduZtZ%2Bvxzx9AdTSy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dc6fa14da1b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css
104.17.24.14200 OK 394 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (1327)
Hash 50d05d35119a9bd8cf777402bb4789a0
fd03f42f191f21580b72dc3e474e9b7503a82555
a8daf82dae80ef2b347046c449acf73de160cc273a70cb74ed4cb71597a69bfc
GET /ajax/libs/slick-carousel/1.9.0/slick.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: text/css; charset=utf-8
content-length: 394
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-559"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1641485
expires: Sun, 10 Sep 2023 17:56:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXPuf6pVanyHg7TcdAhyghi5Lrxh7xXp4F338DRoW8myQkQ8AcIr6zpulN9Q2JnbBwF%2FFBSEUrP8tQ1WIPFqDzR%2B3X1FL%2BwNKT3Ajt2pIPTXw9sdm4VIyqqLDlpjoFREpPDWISNR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dc6fa14da4b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css
104.17.24.14200 OK 657 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (2332)
Hash fd6ea20505bda56b5e5dc52377385e34
2ea20bfa73d60ccbac3fae7c731c48cbdba4fa5d
b51b3aae99c2bb2b2b32b51d9df350de73b3992bb126339bfa8ab1407cfc881c
GET /ajax/libs/slick-carousel/1.9.0/slick-theme.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: text/css; charset=utf-8
content-length: 657
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-956"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 11307089
expires: Sun, 10 Sep 2023 17:56:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zT7VXTg5eOTXkaXe2KaRmUjso3SPpy%2BUusadDX5kXPdClKoCDSPmFeEPLmOTyDBtyKCIsueLmmeoB2aRuL8X5jDpm2nbdiq3wOsj5piOkFMe%2FROVsNVSpWKPvjpTJ4xMZEe51LGO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dc6fa15da6b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js?ver=3.3.1
104.17.24.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js?ver=3.3.1
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 77bd61b98f7b67af56639229724f8dd4
f04f07dd8ff53e58c32b738f81b71a014bca441d
8ce54c3b77bf31899b27b29188ff4936b580f2bd2b3222d43dda2851ba272e24
GET /ajax/libs/jquery/3.3.1/jquery.min.js?ver=3.3.1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 27433
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1538f"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1041970
expires: Sun, 10 Sep 2023 17:56:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1gLr0mSr4E98Y1fC374K6ozxvDbWBxSr%2Bk5bWIj4cdu19oOYeTlsIkzEt8iIJPY6Fld8mVMxKnhNpHMX7ZH%2BXuGC0aCLW51Hj0l90zjwAAJOp3St%2BogCjMbOWPzi4sfXO3xU%2BI3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dc6fa15dadb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js?ver=1.14.3
104.17.24.14200 OK 6.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js?ver=1.14.3
IP 104.17.24.14:0
File type ASCII text, with very long lines (20164)
Hash ae393ccddfcfe335c9b29ee90aaf72cb
6a42536ed79b4ea9e3a71c69db3b5f7205dc7e81
75cbee82410be7ca2b5b5406219b0575725c415510df701ddf1e9e7fdec22aa8
GET /ajax/libs/popper.js/1.14.3/umd/popper.min.js?ver=1.14.3 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 6451
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4f71"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6552307
expires: Sun, 10 Sep 2023 17:56:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gq6L00aOhPbovK7q20wid6PAMhEomAt0on938ImpEjJXQVMJXvAb4YDThUTIVAeDTb9csK1cj8JryNF%2B%2BLI34Zqr5asKOrMPN2tLrgRR0ghwXjxpPvCIP%2BISBKJX2j2ke3zQ%2BeqK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dc6fa15db7b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.1/js/bootstrap.min.js?ver=4.1.1
104.17.24.14200 OK 12 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.1/js/bootstrap.min.js?ver=4.1.1
IP 104.17.24.14:0
File type ASCII text, with very long lines (50450)
Hash bf3337f79c9369a5cbff95ae2f28df65
5eb7a0ba81239ede225ee00af66fa0c0097d76a4
da00ff5b5deffb5a63e307a3c995e923be676609e9b53c5e071194c9f5d70362
GET /ajax/libs/twitter-bootstrap/4.1.1/js/bootstrap.min.js?ver=4.1.1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 12256
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-c62b"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9142660
expires: Sun, 10 Sep 2023 17:56:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6m6%2FxowWTYx5wd71sk7xNWXmv0%2FkqSYJzTtugxYz0VYpBb8BBK8I5XLuFpnnc7ile6mQ63Hk6RoPuyAIErjs6Hrw3K8ywivc16yK2ypTzQfKhoyl8GSwClHci4R7wwZj4CUImMI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dc6fa15dbfb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.production-floor.com/wp-content/themes/production-floor/images/logo.png
88.218.116.38200 OK 2.9 kB URL HTTP/2 www.production-floor.com/wp-content/themes/production-floor/images/logo.png
IP 88.218.116.38:0
File type PNG image data, 216 x 149, 8-bit/color RGBA, non-interlaced\012- data
Hash c176662db87d8e180a51567933497739
6d8aba04835d411e0cbb1dad0ab316b8e1eb60a1
cf9329c8c1a32f9fbe773bc2f8f0441da6d53e578c1352244472cbb0bb49f504
GET /wp-content/themes/production-floor/images/logo.png HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: image/png
content-length: 2877
last-modified: Tue, 28 Dec 2021 18:33:00 GMT
etag: "61cb585c-b3d"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.production-floor.com/wp-content/themes/production-floor/images/map-pin.png
88.218.116.38200 OK 481 B URL HTTP/2 www.production-floor.com/wp-content/themes/production-floor/images/map-pin.png
IP 88.218.116.38:0
File type PNG image data, 16 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 493f43c60aa2e15cb92f99376d3bd3ae
d218004d63af1c370e9c69793d40d2cbd9964b46
6c141f059c73b55e92ce03f3c04a521ae128d160f51cc79cacf3e91770a80c21
GET /wp-content/themes/production-floor/images/map-pin.png HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: image/png
content-length: 481
last-modified: Tue, 28 Dec 2021 18:33:00 GMT
etag: "61cb585c-1e1"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae3550207b517f54a959cb47227740e5
00c130d8aa6edcfb76ea2952caad9a2f7281559a
44856bfb834a500b1c55837358b97b8d4961ea56101516b1e332e6369b102d1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44856BFB834A500B1C55837358B97B8D4961EA56101516B1E332E6369B102D1E"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12060
Expires: Tue, 20 Sep 2022 21:17:09 GMT
Date: Tue, 20 Sep 2022 17:56:09 GMT
Connection: keep-alive
www.acint.net/aci.js
185.12.125.26200 OK 7.5 kB IP 185.12.125.26:0
File type ASCII text, with very long lines (1408)
Hash ae0aab6c5a2ae2e1168e74f6e6ae4741
2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 17:56:09 GMT
content-type: application/x-javascript
content-length: 7461
last-modified: Tue, 22 Mar 2022 07:39:03 GMT
etag: "62397d17-1d25"
content-encoding: gzip
expires: Wed, 21 Sep 2022 05:56:09 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
www.production-floor.com/wp-content/themes/production-floor/fonts/gotham-medium.otf
88.218.116.38200 OK 58 kB URL HTTP/2 www.production-floor.com/wp-content/themes/production-floor/fonts/gotham-medium.otf
IP 88.218.116.38:0
File type OpenType font data\012- data
Hash b34a72726f1270fa84cb6f6d1eee4ff7
b2d9f5b700bee9e89776cb0474d3382e0d7e0f6a
e1bd49457efdce7a5cef2b95aec117ca8e2765df048f953737c3739c1bf9f61e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/production-floor/fonts/gotham-medium.otf HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/wp-content/themes/production-floor/theme/css/production-floor.css?ver=1640716381
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:09 GMT
content-type: application/octet-stream
content-length: 58348
last-modified: Tue, 28 Dec 2021 18:33:01 GMT
etag: "61cb585d-e3ec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.production-floor.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
88.218.116.38200 OK 5.0 kB URL HTTP/2 www.production-floor.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 88.218.116.38:0
Hash 036f86946813a193fd6829bfc53802eb
d2c48863c2a466a1c86db04fa45bd4ffc0a07a22
d149a83bab8de5f4910325843d53bb5a7cadede226cee8eb8886fec0ae67bf76
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 13:20:07 GMT
vary: Accept-Encoding
etag: W/"63120307-48b9"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10
185.12.125.26302 Found 154 B IP 185.12.125.26:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Tue, 20 Sep 2022 17:56:09 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Tue, 20-Sep-22 18:06:09 GMT
aid=fwAAAWMp/rlP9ACt0fxoAqCXAjMxi/k2eoPXmn5xHRJ8Sny5; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.production-floor.com/wp-content/themes/production-floor/fonts/gotham-light.otf
88.218.116.38200 OK 56 kB URL HTTP/2 www.production-floor.com/wp-content/themes/production-floor/fonts/gotham-light.otf
IP 88.218.116.38:0
File type OpenType font data\012- data
Hash 23db97139feddf3d99fc676ddb418219
d3b488e156e3f3efb12b29850a1a4faae912da8a
eada6cf97baadb9bc0e17a0b58838b9ef79818f74ba4846d185c91c3b4cfa55f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/production-floor/fonts/gotham-light.otf HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/wp-content/themes/production-floor/theme/css/production-floor.css?ver=1640716381
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:09 GMT
content-type: application/octet-stream
content-length: 55608
last-modified: Tue, 28 Dec 2021 18:33:00 GMT
etag: "61cb585c-d938"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.production-floor.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
88.218.116.38200 OK 61 kB URL HTTP/2 www.production-floor.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 88.218.116.38:0
Hash 693f7fd7cce3b4371ee67e89828611d0
66794f8f6815829bf01b6b2236d300556b3e112d
dd5bcd1b4509d547c099adcc500048d1ac5a3eafe4774d2c392e85d221c771b6
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 13:21:07 GMT
vary: Accept-Encoding
etag: W/"63120343-2bd8"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13080
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 17:56:09 GMT
Connection: keep-alive
www.production-floor.com/wp-content/plugins/cf7-drop-uploader/assets/pe-icon-7-stroke/css/pe-icon-7-stroke.css?ver=6.0.2
88.218.116.38200 OK 2.3 kB URL HTTP/2 www.production-floor.com/wp-content/plugins/cf7-drop-uploader/assets/pe-icon-7-stroke/css/pe-icon-7-stroke.css?ver=6.0.2
IP 88.218.116.38:0
Hash 9268bf5018c83e38303b693d555f96d0
d0b6a6dc2a459bbed799577178d9e30dbb7c3ac4
27f0a2cb4f876f29643a53df6a3852bbf7bdbb6546a86e01f5c72a02579d6aaa
GET /wp-content/plugins/cf7-drop-uploader/assets/pe-icon-7-stroke/css/pe-icon-7-stroke.css?ver=6.0.2 HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: text/css
last-modified: Thu, 22 Nov 2018 23:12:08 GMT
vary: Accept-Encoding
etag: W/"5bf737c8-260e"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13080
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 17:56:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13080
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 17:56:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13080
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 17:56:09 GMT
Connection: keep-alive
www.production-floor.com/wp-content/uploads/2018/07/boc-icon.png
88.218.116.38200 OK 4.8 kB URL HTTP/2 www.production-floor.com/wp-content/uploads/2018/07/boc-icon.png
IP 88.218.116.38:0
File type PNG image data, 212 x 198, 8-bit/color RGBA, non-interlaced\012- data
Hash 4052a04234c8251150232f5c5b607402
f437e0db0a1e5cf1919fba12f567349067779a80
af456ac5c1c41ff2db7399f629b484c6ac0d47a3ef460fad6313eefb92552181
GET /wp-content/uploads/2018/07/boc-icon.png HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:09 GMT
content-type: image/png
content-length: 4825
last-modified: Tue, 06 Nov 2018 18:42:52 GMT
etag: "5be1e0ac-12d9"
expires: Wed, 20 Sep 2023 17:56:09 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.production-floor.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
88.218.116.38200 OK 35 kB URL HTTP/2 www.production-floor.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 88.218.116.38:0
Hash 23257377bcb2461a6194c45e42bbc8b5
a958b4c80be297ed9d3ab05826fd1ddc81bd53bd
1f04f3bdb6e9f8cc034b6cdf357e7b80ab64f6c80e6efac5f6798177733e3be6
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 13:21:07 GMT
vary: Accept-Encoding
etag: W/"63120343-15db1"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.production-floor.com/wp-content/plugins/cf7-drop-uploader/assets/js/wp_drop_uploader.js?ver=6.0.2
88.218.116.38200 OK 6.1 kB URL HTTP/2 www.production-floor.com/wp-content/plugins/cf7-drop-uploader/assets/js/wp_drop_uploader.js?ver=6.0.2
IP 88.218.116.38:0
Hash 81611cffb617ac437d1a0c8f4e671a39
05d90cce45595b5053ccde823ca43aee115b1411
720cec74a9423e35fca857320263287aeebad18533b653a54972080e57e6993a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cf7-drop-uploader/assets/js/wp_drop_uploader.js?ver=6.0.2 HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: application/javascript
last-modified: Thu, 22 Nov 2018 23:12:08 GMT
vary: Accept-Encoding
etag: W/"5bf737c8-449"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 10:06:02 GMT
age: 28207
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca0c1a7f205ad07f1cce80b26448873
0e14f5062e40ce94346494ff947bfcf74b5e88c1
ebc960279032671136749823c126ec807334d9eaf2b019abcc63b41bcdbf4a7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:44 GMT
age: 71185
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.production-floor.com/
88.218.116.38200 OK 27 kB URL HTTP/2 www.production-floor.com/
IP 88.218.116.38:0
Hash b56bd28c7dacd74501b48911e6292c9a
656a82265d2d06fe2855778c8c35d14e1427fe41
68e15b7700b7918963ab192c2d1c5f524be928e44ce0f7d040d8e2d2fe448c8d
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://www.production-floor.com/wp-json/>; rel="https://api.w.org/", <https://www.production-floor.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://www.production-floor.com/>; rel=shortlink
content-encoding: gzip
X-Firefox-Spdy: h2
www.production-floor.com/wp-content/themes/production-floor/theme/css/webreach-basic.css
88.218.116.38200 OK 13 kB URL HTTP/2 www.production-floor.com/wp-content/themes/production-floor/theme/css/webreach-basic.css
IP 88.218.116.38:0
Hash f530868674507cc0e7deb412599e5e18
353f4f90ee57c4e30b113e5fe00c0645fe213775
5d04d7b95b9abfa9746a90b8ba8c3c62b16a074e9d417273d61fc7bdcea4ac9e
GET /wp-content/themes/production-floor/theme/css/webreach-basic.css HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: text/css
last-modified: Tue, 28 Dec 2021 18:33:01 GMT
vary: Accept-Encoding
etag: W/"61cb585d-866"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.production-floor.com/wp-content/themes/production-floor/theme/css/production-floor.css?ver=1640716381
88.218.116.38200 OK 16 kB URL HTTP/2 www.production-floor.com/wp-content/themes/production-floor/theme/css/production-floor.css?ver=1640716381
IP 88.218.116.38:0
Hash e0b61ba1445f1cd2d914b9200e8c2399
66e8c08e26720d2234ff96f47bded580e3f5c473
01274b8abf95cdc6c7812120c4e89f323b2ad14c315f5069305e13107419067e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/production-floor/theme/css/production-floor.css?ver=1640716381 HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: text/css
last-modified: Tue, 28 Dec 2021 18:33:01 GMT
vary: Accept-Encoding
etag: W/"61cb585d-a478"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.production-floor.com/wp-content/themes/production-floor/theme/js/font-awesome-config.js
88.218.116.38200 OK 9.9 kB URL HTTP/2 www.production-floor.com/wp-content/themes/production-floor/theme/js/font-awesome-config.js
IP 88.218.116.38:0
Hash 7e0546473ada971d073d311eae495500
7416e8df1e25b5b4920f5bd932fb895bf38a8d6a
a3bee6dd595d3fbd646d8909f28d825f74cfc372b3445dfe7825549b2c22be3d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/production-floor/theme/js/font-awesome-config.js HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: application/javascript
last-modified: Tue, 28 Dec 2021 18:33:01 GMT
vary: Accept-Encoding
etag: W/"61cb585d-34"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.production-floor.com/wp-content/uploads/2018/08/photo-strip.png
88.218.116.38200 OK 412 kB URL HTTP/2 www.production-floor.com/wp-content/uploads/2018/08/photo-strip.png
IP 88.218.116.38:0
File type PNG image data, 1922 x 434, 8-bit/color RGBA, non-interlaced\012- data
Size 412 kB (412396 bytes)
Hash 5cc726b9277abe575a330df064cbe1de
b7bd27e916bdc05ee5872d7e4262352061b1571b
2b45a8582602425899436de59d35539b204376e0feb23a34ddf48a79dbcef6fc
GET /wp-content/uploads/2018/08/photo-strip.png HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:09 GMT
content-type: image/png
content-length: 412396
last-modified: Tue, 06 Nov 2018 18:42:34 GMT
etag: "5be1e09a-64aec"
expires: Wed, 20 Sep 2023 17:56:09 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.production-floor.com/wp-content/plugins/cf7-drop-uploader/assets/js/drop_uploader.js?ver=6.0.2
88.218.116.38200 OK 1.5 MB URL HTTP/2 www.production-floor.com/wp-content/plugins/cf7-drop-uploader/assets/js/drop_uploader.js?ver=6.0.2
IP 88.218.116.38:0
Size 1.5 MB (1501950 bytes)
Hash ee3877c676bcde292ddb277e844c0676
e1f63894faa587f5c9a7c59ee35fb60b5d030052
2138993a23ac8a04f510eb9da7665ef769cc24e43a49ca459aad5375cd756b52
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cf7-drop-uploader/assets/js/drop_uploader.js?ver=6.0.2 HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: application/javascript
last-modified: Thu, 22 Nov 2018 23:12:08 GMT
vary: Accept-Encoding
etag: W/"5bf737c8-71e2"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FB9FE2963AD00F44F0268FCD1
95.216.101.186302 Found 0 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FB9FE2963AD00F44F0268FCD1
IP 95.216.101.186:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 20 Sep 2022 17:56:10 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=824a7832-390d-11ed-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 20 Sep 2023 17:56:10 GMT; SameSite=None; Secure
uid-legacy=824a7832-390d-11ed-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 20 Sep 2023 17:56:10 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FB9FE2963AD00F44F0268FCD1&cs=1
X-Firefox-Spdy: h2
dm-eu.hybrid.ai/match?id=106&vid=0100007FB9FE2963AD00F44F0268FCD1
37.18.103.21204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=0100007FB9FE2963AD00F44F0268FCD1
IP 37.18.103.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 20 Sep 2022 17:56:10 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=86431782385b59c8924f; expires=Wed, 20 Sep 2023 17:56:10 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 506
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0baccf6a02e5dccdc3d32c5f738430e9
3520305140e47dcbce5873bd26b0d8c28d270d95
479663131daf137b3317f4c88093f32079007076b45fdd3a0c53bcbc374e0c40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "479663131DAF137B3317F4C88093F32079007076B45FDD3A0C53BCBC374E0C40"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4982
Expires: Tue, 20 Sep 2022 19:19:12 GMT
Date: Tue, 20 Sep 2022 17:56:10 GMT
Connection: keep-alive
s.uuidksinc.net/match/396/?remote_uid=0100007FB9FE2963AD00F44F0268FCD1
31.220.27.155302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=0100007FB9FE2963AD00F44F0268FCD1
IP 31.220.27.155:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Tue, 20 Sep 2022 17:56:10 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=sKlwei6BmlsDT9pK5YAt
set-cookie: jcsuuid=sKlwei6BmlsDT9pK5YAt; expires=Wed, 20 Sep 2023 17:56:10 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 384432327e59911893dde92354ad4004
9072301d1849be2ae1124b82d6e8a5ff813c6fed
47dc57891100bb43fefd0e8a5ea71455f31488cfc947245a4082bdd9dc438a9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4277
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 17:56:10 GMT
Last-Modified: Tue, 20 Sep 2022 16:44:53 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d17e5eb3a95f1ede748a91508d7378c
ef583de31a873f99440fa974f2566124743d9be0
b5f207d845748904470b77f0e824472b28b929b62731b9a396b1b5ff5b99b413
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F207D845748904470B77F0E824472B28B929B62731B9A396B1B5FF5B99B413"
Last-Modified: Sun, 18 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3546
Expires: Tue, 20 Sep 2022 18:55:16 GMT
Date: Tue, 20 Sep 2022 17:56:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6cccf97799244ecc00dd257aaa5fea3a
5e0f5f35902f2c10f420ccfafd23fd8f8fa6325c
c9d5840fc9dea3d55d10247f043b47715557416539db5856830be0275ebd1224
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9D5840FC9DEA3D55D10247F043B47715557416539DB5856830BE0275EBD1224"
Last-Modified: Mon, 19 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16811
Expires: Tue, 20 Sep 2022 22:36:21 GMT
Date: Tue, 20 Sep 2022 17:56:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e35c8afad96bf9b06bd490f837e1d89
68ea71cef9267a1f581976a730384e2fac1ce512
036c9308ae0565c542b1dc222f015489d71bacd42e2921f5eed651c6a4bba258
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "036C9308AE0565C542B1DC222F015489D71BACD42E2921F5EED651C6A4BBA258"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6886
Expires: Tue, 20 Sep 2022 19:50:56 GMT
Date: Tue, 20 Sep 2022 17:56:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6c7ca79d72f3bb10c15342f56e9ada97
faa1ae6c5664dbc8fb0a61607bad123c33230c70
9ff0f01363dbfb8a16c5ba064b6ad8aaaf50c69cd6181e65c41ac1e46cf891ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FF0F01363DBFB8A16C5BA064B6AD8AAAF50C69CD6181E65C41AC1E46CF891AD"
Last-Modified: Tue, 20 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15960
Expires: Tue, 20 Sep 2022 22:22:10 GMT
Date: Tue, 20 Sep 2022 17:56:10 GMT
Connection: keep-alive
www.acint.net/mc/?dp=10&tc=1
185.12.125.26200 OK 1.5 kB URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP 185.12.125.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 34e29f421146b74d32cc5410a27e9202
76ff857c697a6ab864d18eb99864edb4aa5c8d21
19e7cb278a20e1d1b4c39175311442652a01310eba5fddc48949ac220ea0a00a
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.production-floor.com/
Connection: keep-alive
Cookie: aid=fwAAAWMp/rlP9ACt0fxoAqCXAjMxi/k2eoPXmn5xHRJ8Sny5; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 17:56:09 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1663696569; expires=Wed, 21-Sep-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp54v2=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp77=1663696569; expires=Tue, 04-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp84=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1663696569; expires=Tue, 04-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp111v2=1663696569; expires=Tue, 04-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp112v2=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v2=1663696569; expires=Wed, 05-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp138=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp144=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp179=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1663696569; expires=Thu, 20-Oct-22 17:56:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c16e978ed7a0b951f4f501051bfd5b91
7540c81134f01468fd51190ebf0c40574d2e3d8a
4aa63e2826129e7cd08081a10d5194c70918b02a05e22bbad8cb83c8233c9105
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AA63E2826129E7CD08081A10D5194C70918B02A05E22BBAD8CB83C8233C9105"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14501
Expires: Tue, 20 Sep 2022 21:57:51 GMT
Date: Tue, 20 Sep 2022 17:56:10 GMT
Connection: keep-alive
sync.upravel.com/sape/sync
148.251.78.49302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP 148.251.78.49:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 20 Sep 2022 17:56:10 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1663696570289;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1663696570289;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
a.utraff.com/sync?ssp=sape
172.67.217.151204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=sape
IP 172.67.217.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 20 Sep 2022 17:56:10 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Thu, 20 Oct 2022 20:56:10 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Thu, 20 Oct 2022 20:56:10 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccpehFqBRPLbRqEOhUskhjvn6qvghIBsEyQLv3h5ODWJqwsUGRnreJGAA75FVhTJPAceqf%2BBvn6b4AwMD6x6%2BNoGwYfbUyeqW6IbAQUqyGiZ0gktaO9U8QIWnyfxs0Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74dc6fac2c99b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
185.147.80.35302 Found 0 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP 185.147.80.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Tue, 20 Sep 2022 17:56:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=EYBEIUYR
Set-Cookie: uid=EYBEIUYR; Expires=Tue, 20 Sep 2032 00:00:00 GMT; mf2=1; Expires=Thu, 20 Oct 2022 00:00:00 GMT;
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7973e43a3957a75694985fcc5c484cb8
4265e8e96c4e8cdeeaec644aad32f575286147f2
e28b5cb66252a18d25fcca8e24bfcdaaa5f93bc9ae8db726b28cb4af50867e21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E28B5CB66252A18D25FCCA8E24BFCDAAA5F93BC9AE8DB726B28CB4AF50867E21"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5688
Expires: Tue, 20 Sep 2022 19:30:58 GMT
Date: Tue, 20 Sep 2022 17:56:10 GMT
Connection: keep-alive
ut.rktch.com/matchspm?pi=1000005&pui=0100007FB9FE2963AD00F44F0268FCD1
89.108.97.2302 Found 0 B URL HTTP/1.1 ut.rktch.com/matchspm?pi=1000005&pui=0100007FB9FE2963AD00F44F0268FCD1
IP 89.108.97.2:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /matchspm?pi=1000005&pui=0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: ut.rktch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Tue, 20 Sep 2022 17:56:10 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=67e3096e0185772e96a23c8b523d1a643ca3; Max-Age=2592000; Expires=Thu, 20 Oct 2022 17:56:10 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true
mediatoday.ru/core/match.gif?s=32&id=0100007FB9FE2963AD00F44F0268FCD1
139.45.228.111200 OK 43 B URL HTTP/2 mediatoday.ru/core/match.gif?s=32&id=0100007FB9FE2963AD00F44F0268FCD1
IP 139.45.228.111:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /core/match.gif?s=32&id=0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.22.0
date: Tue, 20 Sep 2022 17:56:10 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VU27XDUbUzMwTyI; expires=Fri, 17-Sep-2032 17:56:10 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22db365060b124194f7c618e23eaa958
da38d8b0641d21400c1d6761024f60192e1e2fd8
fec7401fa6c80ae83ce366ce7722befd451222694b98e6373a3bb75866e187ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FEC7401FA6C80AE83CE366CE7722BEFD451222694B98E6373A3BB75866E187AD"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14206
Expires: Tue, 20 Sep 2022 21:52:56 GMT
Date: Tue, 20 Sep 2022 17:56:10 GMT
Connection: keep-alive
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FB9FE2963AD00F44F0268FCD1&cs=1
95.216.101.186200 OK 35 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FB9FE2963AD00F44F0268FCD1&cs=1
IP 95.216.101.186:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FB9FE2963AD00F44F0268FCD1&cs=1 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=824a7832-390d-11ed-ad67-f832e4719dd9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:10 GMT
content-type: image/gif
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=824a7832-390d-11ed-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 20 Sep 2023 17:56:10 GMT; SameSite=None; Secure
uid-legacy=824a7832-390d-11ed-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 20 Sep 2023 17:56:10 GMT
X-Firefox-Spdy: h2
nr.bidderstack.com/sape/cm?user_id=0100007FB9FE2963AD00F44F0268FCD1
46.4.70.80200 OK 44 B URL HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=0100007FB9FE2963AD00F44F0268FCD1
IP 46.4.70.80:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
GET /sape/cm?user_id=0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 17:56:10 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=00487d2d-6e9b-4856-af9f-f4273a7fbc30; domain=.bidderstack.com; path=/; expires=Wed, 20-Sep-2023 17:56:10 GMT;
Access-Control-Allow-Credentials: true
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 384432327e59911893dde92354ad4004
9072301d1849be2ae1124b82d6e8a5ff813c6fed
47dc57891100bb43fefd0e8a5ea71455f31488cfc947245a4082bdd9dc438a9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4277
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 17:56:10 GMT
Last-Modified: Tue, 20 Sep 2022 16:44:53 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
cs.agency2.ru/p?ssp=sp&uid=0100007FB9FE2963AD00F44F0268FCD1
23.111.107.44301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=0100007FB9FE2963AD00F44F0268FCD1
IP 23.111.107.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 20 Sep 2022 17:56:10 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=34979063-2020-4199-acb9-e4e0233a344a
Set-Cookie: uuid=34979063-2020-4199-acb9-e4e0233a344a; expires=Mon, 11 Sep 2023 17:56:10 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
www.acint.net/match?dp=127&euid=sKlwei6BmlsDT9pK5YAt
185.12.125.26200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=sKlwei6BmlsDT9pK5YAt
IP 185.12.125.26:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=sKlwei6BmlsDT9pK5YAt HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMp/rlm4APTVpmQAtNbvy5NvYmFPZPc3n2wIigmKpv6; test_cookie=CheckForPermission; cSyncDp7v2=1663696569; cSyncDp14v3=1663696569; cSyncDp17=1663696569; cSyncDp32=1663696569; cSyncDp45v3=1663696569; cSyncDp53=1663696569; cSyncDp54v2=1663696569; cSyncDp62=1663696569; cSyncDp67v2=1663696569; cSyncDp68=1663696569; cSyncDp71=1663696569; cSyncDp77=1663696569; cSyncDp84=1663696569; cSyncDp85=1663696569; cSyncDp95v3=1663696569; cSyncDp101=1663696569; cSyncDp104v2=1663696569; cSyncDp107=1663696569; cSyncDp110=1663696569; cSyncDp111v2=1663696569; cSyncDp112v2=1663696569; cSyncDp125v2=1663696569; cSyncDp126=1663696569; cSyncDp127=1663696569; cSyncDp129=1663696569; cSyncDp136v2=1663696569; cSyncDp138=1663696569; cSyncDp144=1663696569; cSyncDp146=1663696569; cSyncDp148=1663696569; cSyncDp149=1663696569; cSyncDp151=1663696569; cSyncDp178=1663696569; cSyncDp179=1663696569; cSyncDp186=1663696569; cSyncDp221=1663696569
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 17:56:10 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
match.new-programmatic.com/userbind?src=sape&id=0100007FB9FE2963AD00F44F0268FCD1
217.65.2.150204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=0100007FB9FE2963AD00F44F0268FCD1
IP 217.65.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.18.0
Date: Tue, 20 Sep 2022 17:56:10 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
www.production-floor.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
88.218.116.38200 OK 2.9 kB URL HTTP/2 www.production-floor.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 88.218.116.38:0
File type ASCII text, with very long lines (9680), with no line terminators
Hash 7c2c4ebd10adb73367b5c5f0e1e5d3ce
a67e4fd0e3e7452e74b22517ba924b58307d7758
5244443e699788a134cc77adfc3fd18f03386df5fe49e6c82b057387ba4d0ebd
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 02:00:49 GMT
vary: Accept-Encoding
etag: W/"631163d1-25d0"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.acint.net/match?dp=95&euid=EYBEIUYR
185.12.125.26200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=EYBEIUYR
IP 185.12.125.26:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=EYBEIUYR HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMp/rlm4APTVpmQAtNbvy5NvYmFPZPc3n2wIigmKpv6; test_cookie=CheckForPermission; cSyncDp7v2=1663696569; cSyncDp14v3=1663696569; cSyncDp17=1663696569; cSyncDp32=1663696569; cSyncDp45v3=1663696569; cSyncDp53=1663696569; cSyncDp54v2=1663696569; cSyncDp62=1663696569; cSyncDp67v2=1663696569; cSyncDp68=1663696569; cSyncDp71=1663696569; cSyncDp77=1663696569; cSyncDp84=1663696569; cSyncDp85=1663696569; cSyncDp95v3=1663696569; cSyncDp101=1663696569; cSyncDp104v2=1663696569; cSyncDp107=1663696569; cSyncDp110=1663696569; cSyncDp111v2=1663696569; cSyncDp112v2=1663696569; cSyncDp125v2=1663696569; cSyncDp126=1663696569; cSyncDp127=1663696569; cSyncDp129=1663696569; cSyncDp136v2=1663696569; cSyncDp138=1663696569; cSyncDp144=1663696569; cSyncDp146=1663696569; cSyncDp148=1663696569; cSyncDp149=1663696569; cSyncDp151=1663696569; cSyncDp178=1663696569; cSyncDp179=1663696569; cSyncDp186=1663696569; cSyncDp221=1663696569
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 17:56:10 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&uid=0100007FB9FE2963AD00F44F0268FCD1
31.172.81.159302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=0100007FB9FE2963AD00F44F0268FCD1
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 20 Sep 2022 17:56:10 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ4MjY4ZjZkZS0zOTBkLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Mon, 15 Sep 2042 17:56:10 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARi6_aeZBmIgMDEwMDAwN0ZCOUZFMjk2M0FEMDBGNDRGMDI2OEZDRDGiARCCaPbeOQ0R7YZEACWQyCQ3
ETag: 8268f6de-390d-11ed-8644-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
www.acint.net/match?dp=129&euid=rbazgfsqtt
185.12.125.26200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=rbazgfsqtt
IP 185.12.125.26:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=rbazgfsqtt HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMp/rlm4APTVpmQAtNbvy5NvYmFPZPc3n2wIigmKpv6; test_cookie=CheckForPermission; cSyncDp7v2=1663696569; cSyncDp14v3=1663696569; cSyncDp17=1663696569; cSyncDp32=1663696569; cSyncDp45v3=1663696569; cSyncDp53=1663696569; cSyncDp54v2=1663696569; cSyncDp62=1663696569; cSyncDp67v2=1663696569; cSyncDp68=1663696569; cSyncDp71=1663696569; cSyncDp77=1663696569; cSyncDp84=1663696569; cSyncDp85=1663696569; cSyncDp95v3=1663696569; cSyncDp101=1663696569; cSyncDp104v2=1663696569; cSyncDp107=1663696569; cSyncDp110=1663696569; cSyncDp111v2=1663696569; cSyncDp112v2=1663696569; cSyncDp125v2=1663696569; cSyncDp126=1663696569; cSyncDp127=1663696569; cSyncDp129=1663696569; cSyncDp136v2=1663696569; cSyncDp138=1663696569; cSyncDp144=1663696569; cSyncDp146=1663696569; cSyncDp148=1663696569; cSyncDp149=1663696569; cSyncDp151=1663696569; cSyncDp178=1663696569; cSyncDp179=1663696569; cSyncDp186=1663696569; cSyncDp221=1663696569
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 17:56:10 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 2aa76b73d0462bfe73c684ea041349f0
8ad98d0cd04e89f3bdafdd3a07b27b423019de66
0e9e2321364655efd6375f3f99abdb77a64548b651d59f2b62ac35841c6bbb75
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 17:56:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 24 Sep 2022 15:14:19 GMT
ETag: "8ad98d0cd04e89f3bdafdd3a07b27b423019de66"
Last-Modified: Tue, 20 Sep 2022 15:14:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 259
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dc6facf98bb505-OSL
www.acint.net/match?dp=186&euid=34979063-2020-4199-acb9-e4e0233a344a
185.12.125.26200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=34979063-2020-4199-acb9-e4e0233a344a
IP 185.12.125.26:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=34979063-2020-4199-acb9-e4e0233a344a HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMp/rlm4APTVpmQAtNbvy5NvYmFPZPc3n2wIigmKpv6; test_cookie=CheckForPermission; cSyncDp7v2=1663696569; cSyncDp14v3=1663696569; cSyncDp17=1663696569; cSyncDp32=1663696569; cSyncDp45v3=1663696569; cSyncDp53=1663696569; cSyncDp54v2=1663696569; cSyncDp62=1663696569; cSyncDp67v2=1663696569; cSyncDp68=1663696569; cSyncDp71=1663696569; cSyncDp77=1663696569; cSyncDp84=1663696569; cSyncDp85=1663696569; cSyncDp95v3=1663696569; cSyncDp101=1663696569; cSyncDp104v2=1663696569; cSyncDp107=1663696569; cSyncDp110=1663696569; cSyncDp111v2=1663696569; cSyncDp112v2=1663696569; cSyncDp125v2=1663696569; cSyncDp126=1663696569; cSyncDp127=1663696569; cSyncDp129=1663696569; cSyncDp136v2=1663696569; cSyncDp138=1663696569; cSyncDp144=1663696569; cSyncDp146=1663696569; cSyncDp148=1663696569; cSyncDp149=1663696569; cSyncDp151=1663696569; cSyncDp178=1663696569; cSyncDp179=1663696569; cSyncDp186=1663696569; cSyncDp221=1663696569
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 17:56:10 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&s_data=CAIQARi6_aeZBmIgMDEwMDAwN0ZCOUZFMjk2M0FEMDBGNDRGMDI2OEZDRDGiARCCaPbeOQ0R7YZEACWQyCQ3
31.172.81.159200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARi6_aeZBmIgMDEwMDAwN0ZCOUZFMjk2M0FEMDBGNDRGMDI2OEZDRDGiARCCaPbeOQ0R7YZEACWQyCQ3
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARi6_aeZBmIgMDEwMDAwN0ZCOUZFMjk2M0FEMDBGNDRGMDI2OEZDRDGiARCCaPbeOQ0R7YZEACWQyCQ3 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ4MjY4ZjZkZS0zOTBkLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 17:56:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ4MjY4ZjZkZS0zOTBkLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Mon, 15 Sep 2042 17:56:10 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b08e68ee68fc4905bb695fc79648758c
92673db4aaae4285b3bc9475267d62878c85ff70
35d99593231c2d7e65301f92c1a16d21cfd7a6bcd6818179176b77c4ab753850
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35D99593231C2D7E65301F92C1A16D21CFD7A6BCD6818179176B77C4AB753850"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17230
Expires: Tue, 20 Sep 2022 22:43:20 GMT
Date: Tue, 20 Sep 2022 17:56:10 GMT
Connection: keep-alive
www.production-floor.com/favicon.ico
88.218.116.38404 Not Found 578 B URL HTTP/2 www.production-floor.com/favicon.ico
IP 88.218.116.38:0
Hash 407aad046a584bb1325e6275def57b3b
7eebb6df4d1caebee4252689eefe40cd138e4df8
144df61aaf2b22b0f230e52b507fe42d6b018d0c017e5cb13993242ce3c91540
GET /favicon.ico HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7; fid=f1f39cf3-9c5c-4e87-993a-674896136e2c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 20 Sep 2022 17:56:10 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.production-floor.com/wp-content/plugins/cf7-drop-uploader/assets/pe-icon-7-stroke/fonts/Pe-icon-7-stroke.woff?d7yf1v
88.218.116.38200 OK 59 kB URL HTTP/2 www.production-floor.com/wp-content/plugins/cf7-drop-uploader/assets/pe-icon-7-stroke/fonts/Pe-icon-7-stroke.woff?d7yf1v
IP 88.218.116.38:0
File type Web Open Font Format, TrueType, length 58556, version 1.0\012- data
Hash b38ef310874bdd008ac14ef3db939032
7e544bb11b7655998db6f324c612f7ffbf0ab66e
6fb4217048f333e23e0fd0ba2ab05e05fd7500f86a5a80a7cf04a2f94b257bec
GET /wp-content/plugins/cf7-drop-uploader/assets/pe-icon-7-stroke/fonts/Pe-icon-7-stroke.woff?d7yf1v HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.production-floor.com/wp-content/plugins/cf7-drop-uploader/assets/pe-icon-7-stroke/css/pe-icon-7-stroke.css?ver=6.0.2
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7; fid=f1f39cf3-9c5c-4e87-993a-674896136e2c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:10 GMT
content-type: application/font-woff
content-length: 58556
last-modified: Thu, 22 Nov 2018 23:12:09 GMT
etag: "5bf737c9-e4bc"
expires: Wed, 20 Sep 2023 17:56:10 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
0100007fb9fe2963ad00f44f0268fcd1-sp.ops.beeline.ru/p?ssp=sp&id=0100007FB9FE2963AD00F44F0268FCD1
37.9.245.57301 Moved Permanently 0 B URL HTTP/2 0100007fb9fe2963ad00f44f0268fcd1-sp.ops.beeline.ru/p?ssp=sp&id=0100007FB9FE2963AD00F44F0268FCD1
IP 37.9.245.57:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&id=0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: 0100007fb9fe2963ad00f44f0268fcd1-sp.ops.beeline.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 20 Sep 2022 17:56:10 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=2c5fa0df-0e86-4cf0-a350-3fb687aa5ad2
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=2c5fa0df-0e86-4cf0-a350-3fb687aa5ad2; expires=Mon, 11 Sep 2023 17:56:10 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.62
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
168.119.8.212301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP 168.119.8.212:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash 8aeed074a8cfcaf8879467cd57776b5c
7b21f5a7ad0fb6365481d4b18df0fed131f820ff
c869462150e7f3be5d52143182a16a997103f4f2c67c5480600304f5d5226145
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 20 Sep 2022 17:56:10 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=c9600c38-089a-49dc-42b8-d63fa6d54002
serverid: TODO
X-Firefox-Spdy: h2
www.acint.net/match?dp=111&euid=2c5fa0df-0e86-4cf0-a350-3fb687aa5ad2
185.12.125.26200 OK 43 B URL HTTP/2 www.acint.net/match?dp=111&euid=2c5fa0df-0e86-4cf0-a350-3fb687aa5ad2
IP 185.12.125.26:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=111&euid=2c5fa0df-0e86-4cf0-a350-3fb687aa5ad2 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMp/rlm4APTVpmQAtNbvy5NvYmFPZPc3n2wIigmKpv6; test_cookie=CheckForPermission; cSyncDp7v2=1663696569; cSyncDp14v3=1663696569; cSyncDp17=1663696569; cSyncDp32=1663696569; cSyncDp45v3=1663696569; cSyncDp53=1663696569; cSyncDp54v2=1663696569; cSyncDp62=1663696569; cSyncDp67v2=1663696569; cSyncDp68=1663696569; cSyncDp71=1663696569; cSyncDp77=1663696569; cSyncDp84=1663696569; cSyncDp85=1663696569; cSyncDp95v3=1663696569; cSyncDp101=1663696569; cSyncDp104v2=1663696569; cSyncDp107=1663696569; cSyncDp110=1663696569; cSyncDp111v2=1663696569; cSyncDp112v2=1663696569; cSyncDp125v2=1663696569; cSyncDp126=1663696569; cSyncDp127=1663696569; cSyncDp129=1663696569; cSyncDp136v2=1663696569; cSyncDp138=1663696569; cSyncDp144=1663696569; cSyncDp146=1663696569; cSyncDp148=1663696569; cSyncDp149=1663696569; cSyncDp151=1663696569; cSyncDp178=1663696569; cSyncDp179=1663696569; cSyncDp186=1663696569; cSyncDp221=1663696569
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 17:56:10 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=126&euid=c9600c38-089a-49dc-42b8-d63fa6d54002
185.12.125.26200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=c9600c38-089a-49dc-42b8-d63fa6d54002
IP 185.12.125.26:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=c9600c38-089a-49dc-42b8-d63fa6d54002 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMp/rlm4APTVpmQAtNbvy5NvYmFPZPc3n2wIigmKpv6; test_cookie=CheckForPermission; cSyncDp7v2=1663696569; cSyncDp14v3=1663696569; cSyncDp17=1663696569; cSyncDp32=1663696569; cSyncDp45v3=1663696569; cSyncDp53=1663696569; cSyncDp54v2=1663696569; cSyncDp62=1663696569; cSyncDp67v2=1663696569; cSyncDp68=1663696569; cSyncDp71=1663696569; cSyncDp77=1663696569; cSyncDp84=1663696569; cSyncDp85=1663696569; cSyncDp95v3=1663696569; cSyncDp101=1663696569; cSyncDp104v2=1663696569; cSyncDp107=1663696569; cSyncDp110=1663696569; cSyncDp111v2=1663696569; cSyncDp112v2=1663696569; cSyncDp125v2=1663696569; cSyncDp126=1663696569; cSyncDp127=1663696569; cSyncDp129=1663696569; cSyncDp136v2=1663696569; cSyncDp138=1663696569; cSyncDp144=1663696569; cSyncDp146=1663696569; cSyncDp148=1663696569; cSyncDp149=1663696569; cSyncDp151=1663696569; cSyncDp178=1663696569; cSyncDp179=1663696569; cSyncDp186=1663696569; cSyncDp221=1663696569
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 17:56:10 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 134144606cdcec0b1a7ac4225b23f946
3ec0ff14308108f67adbf3f57ce233e6243817c2
4391b3d665f48f9814acc0ceaeaa316f6f7c1a1e56722d63241707d1bb20b569
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 17:56:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 24 Sep 2022 15:25:54 GMT
ETag: "3ec0ff14308108f67adbf3f57ce233e6243817c2"
Last-Modified: Tue, 20 Sep 2022 15:25:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 70
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dc6faedee7b524-OSL
sync.dmp.otm-r.com/match/sape?id=0100007FB9FE2963AD00F44F0268FCD1
195.201.152.104204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=0100007FB9FE2963AD00F44F0268FCD1
IP 195.201.152.104:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.17.6
date: Tue, 20 Sep 2022 17:56:10 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b58c5887c6aecbdb30df3f3543a7913
ba6105daae677b907e0eda34ae06ce921dd97687
a13695745612e9f0feaf5b58cbab183b166956c0e84b94148d230e12725b9c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A13695745612E9F0FEAF5B58CBAB183B166956C0E84B94148D230E12725B9C66"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7287
Expires: Tue, 20 Sep 2022 19:57:38 GMT
Date: Tue, 20 Sep 2022 17:56:11 GMT
Connection: keep-alive
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
193.3.184.133302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP 193.3.184.133:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Tue, 20 Sep 2022 17:56:11 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=C5B803C1BBFE29631D00060702B4E382
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=wQO4xWMp/rsHBgAdguO0AoEilp20+2j2sjSIo6P13M2QH9Oi; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
acint.net/match?dp=14&euid=C5B803C1BBFE29631D00060702B4E382
185.12.125.26200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=C5B803C1BBFE29631D00060702B4E382
IP 185.12.125.26:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=C5B803C1BBFE29631D00060702B4E382 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMp/rlm4APTVpmQAtNbvy5NvYmFPZPc3n2wIigmKpv6; test_cookie=CheckForPermission; cSyncDp7v2=1663696569; cSyncDp14v3=1663696569; cSyncDp17=1663696569; cSyncDp32=1663696569; cSyncDp45v3=1663696569; cSyncDp53=1663696569; cSyncDp54v2=1663696569; cSyncDp62=1663696569; cSyncDp67v2=1663696569; cSyncDp68=1663696569; cSyncDp71=1663696569; cSyncDp77=1663696569; cSyncDp84=1663696569; cSyncDp85=1663696569; cSyncDp95v3=1663696569; cSyncDp101=1663696569; cSyncDp104v2=1663696569; cSyncDp107=1663696569; cSyncDp110=1663696569; cSyncDp111v2=1663696569; cSyncDp112v2=1663696569; cSyncDp125v2=1663696569; cSyncDp126=1663696569; cSyncDp127=1663696569; cSyncDp129=1663696569; cSyncDp136v2=1663696569; cSyncDp138=1663696569; cSyncDp144=1663696569; cSyncDp146=1663696569; cSyncDp148=1663696569; cSyncDp149=1663696569; cSyncDp151=1663696569; cSyncDp178=1663696569; cSyncDp179=1663696569; cSyncDp186=1663696569; cSyncDp221=1663696569
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 17:56:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
5.101.76.186302 Found 0 B URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP 5.101.76.186:0
ASN #48096 Enterprise Cloud Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=718919ed42964d76b1e014cfe72c5a90
server: Kestrel
set-cookie: adlm_userId=718919ed42964d76b1e014cfe72c5a90; expires=Tue, 19 Sep 2023 21:00:00 GMT; path=/; SameSite=None; secure
date: Tue, 20 Sep 2022 17:56:11 GMT
content-length: 0
X-Firefox-Spdy: h2
acint.net/match?dp=110&euid=718919ed42964d76b1e014cfe72c5a90
185.12.125.26200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=718919ed42964d76b1e014cfe72c5a90
IP 185.12.125.26:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=718919ed42964d76b1e014cfe72c5a90 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMp/rlm4APTVpmQAtNbvy5NvYmFPZPc3n2wIigmKpv6; test_cookie=CheckForPermission; cSyncDp7v2=1663696569; cSyncDp14v3=1663696569; cSyncDp17=1663696569; cSyncDp32=1663696569; cSyncDp45v3=1663696569; cSyncDp53=1663696569; cSyncDp54v2=1663696569; cSyncDp62=1663696569; cSyncDp67v2=1663696569; cSyncDp68=1663696569; cSyncDp71=1663696569; cSyncDp77=1663696569; cSyncDp84=1663696569; cSyncDp85=1663696569; cSyncDp95v3=1663696569; cSyncDp101=1663696569; cSyncDp104v2=1663696569; cSyncDp107=1663696569; cSyncDp110=1663696569; cSyncDp111v2=1663696569; cSyncDp112v2=1663696569; cSyncDp125v2=1663696569; cSyncDp126=1663696569; cSyncDp127=1663696569; cSyncDp129=1663696569; cSyncDp136v2=1663696569; cSyncDp138=1663696569; cSyncDp144=1663696569; cSyncDp146=1663696569; cSyncDp148=1663696569; cSyncDp149=1663696569; cSyncDp151=1663696569; cSyncDp178=1663696569; cSyncDp179=1663696569; cSyncDp186=1663696569; cSyncDp221=1663696569
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 17:56:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 17:56:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 039904fc7ab8463e1bc1693a77040038
cc380d7f6c9c4b1bf403500c551c30227230c984
7021bcf379df7006e1df9f44ea97854a76426952db80b550abb8792dede26f04
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 17:56:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 24 Sep 2022 16:50:17 GMT
ETag: "cc380d7f6c9c4b1bf403500c551c30227230c984"
Last-Modified: Tue, 20 Sep 2022 16:50:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3120
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dc6fb62c19b505-OSL
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007FB9FE2963AD00F44F0268FCD1
93.95.102.105204 No Content 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007FB9FE2963AD00F44F0268FCD1
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching_ssp/Sape-dsp/0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 20 Sep 2022 17:56:11 GMT
set-cookie: uid=XV9maWMp/rtPw0tL8OosAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf7n-KWOtAPRPAmj80Q
216.58.207.226200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf7n-KWOtAPRPAmj80Q
IP 216.58.207.226:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf7n-KWOtAPRPAmj80Q HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Tue, 20 Sep 2022 17:56:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3a67d25e1c7782b71e18d99fbc19143c
7ca3c086aa1e8071fd95e9b76e0a775b3b79f81c
b93e7d30cc78f935e16755e61c75946da734a077949d105f31b3ec6e80231cca
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3877
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 17:56:11 GMT
Last-Modified: Tue, 20 Sep 2022 16:51:34 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash ddbcbecfc057efc5818baa2d00bf3be9
81959b98f864c8b48587bae773c5a8a33748b4e2
745b010b944478b94b2f6d8dad754fb395abb7dede46876df67be8f0f2283fea
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 17:56:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 04:18:18 GMT
Expires: Mon, 26 Sep 2022 04:18:17 GMT
Etag: "81959b98f864c8b48587bae773c5a8a33748b4e2"
Cache-Control: max-age=600121,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1448
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dc6fb66887b51b-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash a4d223cd4113957dea971b476da936b3
60d2cd34771f8f90e9ebe94a84293e072b1be5d1
0d089c3b446422ba679b3dff1a195767e5a047e1e47163c424185ff79415906c
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 17:56:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 24 Sep 2022 14:26:27 GMT
ETag: "60d2cd34771f8f90e9ebe94a84293e072b1be5d1"
Last-Modified: Tue, 20 Sep 2022 14:26:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2852
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dc6fb6791eb524-OSL
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FB9FE2963AD00F44F0268FCD1
195.209.111.13200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FB9FE2963AD00F44F0268FCD1
IP 195.209.111.13:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 17:56:11 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 23eb71533da85236650e57e30d927351
dd9fffff169c0167b16c26cf258d424dfd6f0c3b
556cf8176a8284f288115c61ac8c83089789a90012fc7c53e62772fd2df796f4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 20 Sep 2022 17:56:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 19 Sep 2022 23:02:02 GMT
Expires: Tue, 20 Sep 2022 23:02:02 GMT
ETag: "dd9fffff169c0167b16c26cf258d424dfd6f0c3b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 05f4ec4dbc9843e5f329145fd03b15e4
983430afc6d0dcc0cf29209a7f27871e86dbda2a
b19cc3875aaadafb62c0ea3c5724c9afa8761b5e787768d3cbe9b843dfde0995
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5165
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 17:56:11 GMT
Last-Modified: Tue, 20 Sep 2022 16:30:07 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
77.245.57.72200 OK 0 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 17:56:11 GMT
Content-Length: 0
Connection: close
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash fd0b20bcd42de80758d470820230be46
9d8fcf62daf9f76a7775b21e314eae90276a70ca
c076277349ac979e20ed9908cf6f9e538a92c5a948b4cdc523e82c518cd3a8bd
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 17:56:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 24 Sep 2022 16:40:37 GMT
ETag: "9d8fcf62daf9f76a7775b21e314eae90276a70ca"
Last-Modified: Tue, 20 Sep 2022 16:40:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2680
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dc6fb6bcaab505-OSL
sape-sync.rutarget.ru/sync
45.9.24.193302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP 45.9.24.193:0
ASN #208677 Cloud technology Limited (Ltd.)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 20 Sep 2022 17:56:11 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=R6ctdHUizfUn
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=R6ctdHUizfUn; Path=/; Domain=.rutarget.ru; Expires=Sun, 19 Mar 2023 17:56:11 GMT; SameSite=None; Secure
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 862e8a361658283a546b49ac5e50c952
ece38c22b624b8da30f88d54c0e4a2d9002dc509
f698bdeb736bbadf495e128761f8c5bb264418707f0f95e8a5c35cbd00d9a3c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F698BDEB736BBADF495E128761F8C5BB264418707F0F95E8A5C35CBD00D9A3C2"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16553
Expires: Tue, 20 Sep 2022 22:32:04 GMT
Date: Tue, 20 Sep 2022 17:56:11 GMT
Connection: keep-alive
ad.mail.ru/cm.gif?p=48&id=0100007FB9FE2963AD00F44F0268FCD1
95.163.41.56200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=0100007FB9FE2963AD00F44F0268FCD1
IP 95.163.41.56:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:11 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=04dLja3DEY2C0029ei1Hy6IC:::0-0-0-844577b:CAASEJ9bMx6d7UeMysaU_JnZN8MaYI5vb_V4_2gkxQyQwZXQSaYYM4z4MsNR4oEZzwSJRdNF_Dz3BBnUxytpu3Dnd6A7ceAXCRo1Q-UP7osAI_INcavo0iTQTrI50wyaJyg3g2rLzPjv3SSPohPDTtlJnNvbiw; path=/; expires=Thu, 21-Sep-23 17:56:11 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Tue, 20 Sep 2022 23:56:11 GMT
cache-control: max-age=21600
last-modified: Tue, 20 Sep 2022 17:56:11 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
35.190.24.218302 Found 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
IP 35.190.24.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Weborama Collect Frontend
date: Tue, 20 Sep 2022 17:56:11 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1022060996
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Tue, 20 Sep 2022 17:56:11 GMT
set-cookie: AFFICHE_W=XdM64EaAddtd56; expires=Wed, 18 Oct 2023 17:56:11 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dda77a44a7f9eeb9bd828f659ccb7e22
9af43f88835600fd3206e4f18b0c1c2571a3959c
c8effed6366a20b26e104fc4f64d24213eb357d61e7683e28f812d0c21edd044
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 17:56:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 3611eef8f0976015c3b1e24f96fd073b
a9bf5f397128282a365af0628272d552f9a30467
dd2bd9c0a2c8d06e0616932a1c3046ab630f4d347906a039e469e903338fe128
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 17:56:12 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Sat, 24 Sep 2022 16:46:03 GMT
ETag: "a9bf5f397128282a365af0628272d552f9a30467"
Last-Modified: Tue, 20 Sep 2022 16:46:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 308
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dc6fb6fce4b505-OSL
www.acint.net/match?dp=104&euid=R6ctdHUizfUn
185.12.125.26200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=R6ctdHUizfUn
IP 185.12.125.26:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=R6ctdHUizfUn HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMp/rlm4APTVpmQAtNbvy5NvYmFPZPc3n2wIigmKpv6; test_cookie=CheckForPermission; cSyncDp7v2=1663696569; cSyncDp14v3=1663696569; cSyncDp17=1663696569; cSyncDp32=1663696569; cSyncDp45v3=1663696569; cSyncDp53=1663696569; cSyncDp54v2=1663696569; cSyncDp62=1663696569; cSyncDp67v2=1663696569; cSyncDp68=1663696569; cSyncDp71=1663696569; cSyncDp77=1663696569; cSyncDp84=1663696569; cSyncDp85=1663696569; cSyncDp95v3=1663696569; cSyncDp101=1663696569; cSyncDp104v2=1663696569; cSyncDp107=1663696569; cSyncDp110=1663696569; cSyncDp111v2=1663696569; cSyncDp112v2=1663696569; cSyncDp125v2=1663696569; cSyncDp126=1663696569; cSyncDp127=1663696569; cSyncDp129=1663696569; cSyncDp136v2=1663696569; cSyncDp138=1663696569; cSyncDp144=1663696569; cSyncDp146=1663696569; cSyncDp148=1663696569; cSyncDp149=1663696569; cSyncDp151=1663696569; cSyncDp178=1663696569; cSyncDp179=1663696569; cSyncDp186=1663696569; cSyncDp221=1663696569
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 17:56:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sm.rtb.mts.ru/p?ssp=sape&id=0100007FB9FE2963AD00F44F0268FCD1
217.66.147.161301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=0100007FB9FE2963AD00F44F0268FCD1
IP 217.66.147.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 20 Sep 2022 17:56:11 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FB9FE2963AD00F44F0268FCD1
Set-Cookie: dspid=c4875dad-c661-426f-9d51-f810a72c6004; expires=Mon, 11 Sep 2023 17:56:11 GMT; domain=.mts.ru; path=/; secure; SameSite=None
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 0c2e17d8cf31157df1a4bd2f99a54c6c
c0bbb9ac61662fda8781947855cf7074484ac540
52f7b19b0215b25985a1e67274af794f09cd838879b503fe985141aee33a5707
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 17:56:12 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:09:18 GMT
Expires: Tue, 27 Sep 2022 04:09:17 GMT
Etag: "c0bbb9ac61662fda8781947855cf7074484ac540"
Cache-Control: max-age=554585,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dc6fb5e84bb50c-OSL
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1022060996
35.190.24.218204 No Content 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1022060996
IP 35.190.24.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1022060996 HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Weborama Collect Frontend
date: Tue, 20 Sep 2022 17:56:11 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Tue, 20 Sep 2022 17:56:12 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=0100007FB9FE2963AD00F44F0268FCD1
194.190.76.35302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0100007FB9FE2963AD00F44F0268FCD1
IP 194.190.76.35:0
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 20 Sep 2022 17:56:12 GMT
content-length: 0
x-backend-id: f9-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=s5rai8XjviA.AikABlGDXAsOYA;Path=/;Domain=.adhigh.net;Expires=Wed, 20-Sep-2023 17:56:12 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=0100007FB9FE2963AD00F44F0268FCD1&bounced=1
X-Firefox-Spdy: h2
tag.digitaltarget.ru/adcm.js
185.15.175.174200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP 185.15.175.174:0
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 17:56:12 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Tue, 20 Sep 2022 17:34:53 GMT
Connection: keep-alive
ETag: "6329f9bd-beb"
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 0c2e17d8cf31157df1a4bd2f99a54c6c
c0bbb9ac61662fda8781947855cf7074484ac540
52f7b19b0215b25985a1e67274af794f09cd838879b503fe985141aee33a5707
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 17:56:12 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:09:18 GMT
Expires: Tue, 27 Sep 2022 04:09:17 GMT
Etag: "c0bbb9ac61662fda8781947855cf7074484ac540"
Cache-Control: max-age=554585,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dc6fb6188cb524-OSL
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 20 Sep 2023 17:56:12 GMT; Path=/; Domain=.betweendigital.com
tuuid=0ba12709-89c6-5207-a866-0367cb4ffddb; Max-Age=31536000; Expires=Wed, 20 Sep 2023 17:56:12 GMT; Path=/; Domain=.betweendigital.com
ut=Yyn-vAAAp_ji1OoAqNFTVhWU9-fANGarJCEwPg==; Max-Age=31536000; Expires=Wed, 20 Sep 2023 17:56:12 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FB9FE2963AD00F44F0268FCD1
217.66.147.161301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FB9FE2963AD00F44F0268FCD1
IP 217.66.147.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=30&exu=0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 20 Sep 2022 17:56:12 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://tech.rtb.mts.ru/
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FB9FE2963AD00F44F0268FCD1
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FB9FE2963AD00F44F0268FCD1
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=0100007FB9FE2963AD00F44F0268FCD1&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 20 Sep 2023 17:56:12 GMT; Path=/; Domain=.betweendigital.com
tuuid=859ee41c-fe55-5207-b5cd-a13dd6e45f81; Max-Age=31536000; Expires=Wed, 20 Sep 2023 17:56:12 GMT; Path=/; Domain=.betweendigital.com
ut=Yyn-vAABFVhJmdpi0ABkcnadtafgB1AXqI9eTg==; Max-Age=31536000; Expires=Wed, 20 Sep 2023 17:56:12 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 23eb71533da85236650e57e30d927351
dd9fffff169c0167b16c26cf258d424dfd6f0c3b
556cf8176a8284f288115c61ac8c83089789a90012fc7c53e62772fd2df796f4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 20 Sep 2022 17:56:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 19 Sep 2022 23:02:02 GMT
Expires: Tue, 20 Sep 2022 23:02:02 GMT
ETag: "dd9fffff169c0167b16c26cf258d424dfd6f0c3b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
px.adhigh.net/p/cm/sape?u=0100007FB9FE2963AD00F44F0268FCD1&bounced=1
194.190.76.35200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0100007FB9FE2963AD00F44F0268FCD1&bounced=1
IP 194.190.76.35:0
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=0100007FB9FE2963AD00F44F0268FCD1&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:12 GMT
content-type: image/gif
content-length: 49
x-backend-id: f9-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 1095cbeab0f073ac21b542ece43906e4
6a95016d800f003c5a9be4fb1a806178aeb263b3
cea83b7581093c0900582f4034033ef7b759a15163cd164b513f7cc47de60694
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 17:56:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 14:18:44 GMT
Expires: Tue, 27 Sep 2022 14:18:43 GMT
Etag: "6a95016d800f003c5a9be4fb1a806178aeb263b3"
Cache-Control: max-age=591150,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dc6fb6a8ecb51b-OSL
x01.aidata.io/0.gif?pid=9401454&id=0100007FB9FE2963AD00F44F0268FCD1
89.108.119.28302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=0100007FB9FE2963AD00F44F0268FCD1
IP 89.108.119.28:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 20 Sep 2022 17:56:12 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=0100007FB9FE2963AD00F44F0268FCD1&bounce=1
expires: Tue, 20 Sep 2022 17:56:11 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Tue, 20 Sep 2022 17:56:11 GMT
set-cookie: __upin=T361FClIoq98gYuZTNjTdQ;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1663696572;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
188.42.191.196200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.191.196:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 20 Sep 2023 17:56:12 GMT; Path=/; Domain=.betweendigital.com
tuuid=7ae8ab08-c127-5207-acf2-7f4fcfdb81f3; Max-Age=31536000; Expires=Wed, 20 Sep 2023 17:56:12 GMT; Path=/; Domain=.betweendigital.com
ut=Yyn-vAAEWUiaca9TRN6XCQYc0MTCXS7ELLeV4A==; Max-Age=31536000; Expires=Wed, 20 Sep 2023 17:56:12 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FB9FE2963AD00F44F0268FCD1&crf=1
188.42.191.196200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FB9FE2963AD00F44F0268FCD1&crf=1
IP 188.42.191.196:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=0100007FB9FE2963AD00F44F0268FCD1&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 20 Sep 2023 17:56:12 GMT; Path=/; Domain=.betweendigital.com
tuuid=f5d46e9a-1e64-5207-af5c-ff79cc7501c5; Max-Age=31536000; Expires=Wed, 20 Sep 2023 17:56:12 GMT; Path=/; Domain=.betweendigital.com
ut=Yyn-vAAEbNA7UztuDYBUN8r9wdsnkQtba6J9IA==; Max-Age=31536000; Expires=Wed, 20 Sep 2023 17:56:12 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=0100007FB9FE2963AD00F44F0268FCD1&bounce=1
89.108.119.28204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=0100007FB9FE2963AD00F44F0268FCD1&bounce=1
IP 89.108.119.28:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=0100007FB9FE2963AD00F44F0268FCD1&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 20 Sep 2022 17:56:12 GMT
expires: Tue, 20 Sep 2022 17:56:11 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Tue, 20 Sep 2022 17:56:11 GMT
set-cookie: __upin=qSlFOBVDUoDL9fqTR8qUdg;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1663696572;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
tag.digitaltarget.ru/processor.js?i=323593531340662
185.15.175.174200 OK 16 kB URL HTTP/1.1 tag.digitaltarget.ru/processor.js?i=323593531340662
IP 185.15.175.174:0
File type ASCII text, with very long lines (15892), with no line terminators
Hash 9d8bbf9b7d1aaed9a324a9cf9977dda4
d3365fba7f95ca11a9564b373162d1ddb06fcdbd
0935447866da8ca59df7d65710e0b68377a6dbc62c761e83ebfc83998f905788
GET /processor.js?i=323593531340662 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 17:56:12 GMT
Content-Type: application/javascript
Content-Length: 15892
Last-Modified: Tue, 20 Sep 2022 17:34:54 GMT
Connection: keep-alive
ETag: "6329f9be-3e14"
Accept-Ranges: bytes
tech.rtb.mts.ru/
213.87.44.187204 No Content 0 B IP 213.87.44.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: tech.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.2
Date: Tue, 20 Sep 2022 17:56:12 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Set-Cookie: mts_id=a7749751-847a-411b-a916-5952b565eb6b; Domain=mts.ru; expires=Thu, 29 Jul 2032 17:56:12 GMT; SameSite=None; Secure
mts_id_last_sync=1663696572; Domain=mts.ru; expires=Thu, 29 Jul 2032 17:56:12 GMT; SameSite=None; Secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
www.acint.net/ping/?v=0.4.0&uid=0cb3960a-5a2f-4bca-8450-42b2ca0e9a4b&dp=10&tz=%2B00%3A00&nc=34923461&dT=2022-09-20T17%3A56%3A12.554
185.12.125.26200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.4.0&uid=0cb3960a-5a2f-4bca-8450-42b2ca0e9a4b&dp=10&tz=%2B00%3A00&nc=34923461&dT=2022-09-20T17%3A56%3A12.554
IP 185.12.125.26:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.4.0&uid=0cb3960a-5a2f-4bca-8450-42b2ca0e9a4b&dp=10&tz=%2B00%3A00&nc=34923461&dT=2022-09-20T17%3A56%3A12.554 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: aid=wQO4iWMp/rlm4APTVpmQAtNbvy5NvYmFPZPc3n2wIigmKpv6; test_cookie=CheckForPermission; cSyncDp7v2=1663696569; cSyncDp14v3=1663696569; cSyncDp17=1663696569; cSyncDp32=1663696569; cSyncDp45v3=1663696569; cSyncDp53=1663696569; cSyncDp54v2=1663696569; cSyncDp62=1663696569; cSyncDp67v2=1663696569; cSyncDp68=1663696569; cSyncDp71=1663696569; cSyncDp77=1663696569; cSyncDp84=1663696569; cSyncDp85=1663696569; cSyncDp95v3=1663696569; cSyncDp101=1663696569; cSyncDp104v2=1663696569; cSyncDp107=1663696569; cSyncDp110=1663696569; cSyncDp111v2=1663696569; cSyncDp112v2=1663696569; cSyncDp125v2=1663696569; cSyncDp126=1663696569; cSyncDp127=1663696569; cSyncDp129=1663696569; cSyncDp136v2=1663696569; cSyncDp138=1663696569; cSyncDp144=1663696569; cSyncDp146=1663696569; cSyncDp148=1663696569; cSyncDp149=1663696569; cSyncDp151=1663696569; cSyncDp178=1663696569; cSyncDp179=1663696569; cSyncDp186=1663696569; cSyncDp221=1663696569
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 17:56:12 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f685be0ede4ed7c65429f1cd9bf0030a
3dc024d4fa19d236edd1653e649595e603f83272
2b7f6a0e4a81c1bc3039b2b3ae025178284c9aa318fbc929c33db02d869f52db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2B7F6A0E4A81C1BC3039B2B3AE025178284C9AA318FBC929C33DB02D869F52DB"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5687
Expires: Tue, 20 Sep 2022 19:30:59 GMT
Date: Tue, 20 Sep 2022 17:56:12 GMT
Connection: keep-alive
dmg.digitaltarget.ru/1/1093/i/i?i=340823629063992.667161111180833&a=77&e=0100007FB9FE2963AD00F44F0268FCD1&pref=https%3A%2F%2Fwww.production-floor.com%2F&c=ss:77.up:0100007FB9FE2963AD00F44F0268FCD1.sync:up.xdua:duVvCH2LRP077E0CGwmU1ojj.xps:xpssUaxiZ2fVwuoVYj2Sx23dv.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.146307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=340823629063992.667161111180833&a=77&e=0100007FB9FE2963AD00F44F0268FCD1&pref=https%3A%2F%2Fwww.production-floor.com%2F&c=ss:77.up:0100007FB9FE2963AD00F44F0268FCD1.sync:up.xdua:duVvCH2LRP077E0CGwmU1ojj.xps:xpssUaxiZ2fVwuoVYj2Sx23dv.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=340823629063992.667161111180833&a=77&e=0100007FB9FE2963AD00F44F0268FCD1&pref=https%3A%2F%2Fwww.production-floor.com%2F&c=ss:77.up:0100007FB9FE2963AD00F44F0268FCD1.sync:up.xdua:duVvCH2LRP077E0CGwmU1ojj.xps:xpssUaxiZ2fVwuoVYj2Sx23dv.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Tue, 20 Sep 2022 17:56:12 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=340823629063992.667161111180833&a=77&e=0100007FB9FE2963AD00F44F0268FCD1&pref=https%3A%2F%2Fwww.production-floor.com%2F&c=ss:77.up:0100007FB9FE2963AD00F44F0268FCD1.sync:up.xdua:duVvCH2LRP077E0CGwmU1ojj.xps:xpssUaxiZ2fVwuoVYj2Sx23dv.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=dNMJRKEam0pJUUK7FnBX; Max-Age=93312000; Expires=Thu, 04 Sep 2025 17:56:12 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/1/1093/i/i?i=340823629063992.224434449534962&a=77&e=0100007FB9FE2963AD00F44F0268FCD1&pref=https%3A%2F%2Fwww.production-floor.com%2F&c=ss:77.up:0100007FB9FE2963AD00F44F0268FCD1.sync:up.xdua:duVvCH2LRP077E0CGwmU1ojj.xps:xpssUaxiZ2fVwuoVYj2Sx23dv.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.146307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=340823629063992.224434449534962&a=77&e=0100007FB9FE2963AD00F44F0268FCD1&pref=https%3A%2F%2Fwww.production-floor.com%2F&c=ss:77.up:0100007FB9FE2963AD00F44F0268FCD1.sync:up.xdua:duVvCH2LRP077E0CGwmU1ojj.xps:xpssUaxiZ2fVwuoVYj2Sx23dv.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=340823629063992.224434449534962&a=77&e=0100007FB9FE2963AD00F44F0268FCD1&pref=https%3A%2F%2Fwww.production-floor.com%2F&c=ss:77.up:0100007FB9FE2963AD00F44F0268FCD1.sync:up.xdua:duVvCH2LRP077E0CGwmU1ojj.xps:xpssUaxiZ2fVwuoVYj2Sx23dv.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Tue, 20 Sep 2022 17:56:12 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=340823629063992.224434449534962&a=77&e=0100007FB9FE2963AD00F44F0268FCD1&pref=https%3A%2F%2Fwww.production-floor.com%2F&c=ss:77.up:0100007FB9FE2963AD00F44F0268FCD1.sync:up.xdua:duVvCH2LRP077E0CGwmU1ojj.xps:xpssUaxiZ2fVwuoVYj2Sx23dv.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=R-vYaWyam1JKYY77FWDF; Max-Age=93312000; Expires=Thu, 04 Sep 2025 17:56:12 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=340823629063992.224434449534962&a=77&e=0100007FB9FE2963AD00F44F0268FCD1&pref=https%3A%2F%2Fwww.production-floor.com%2F&c=ss:77.up:0100007FB9FE2963AD00F44F0268FCD1.sync:up.xdua:duVvCH2LRP077E0CGwmU1ojj.xps:xpssUaxiZ2fVwuoVYj2Sx23dv.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.146200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=340823629063992.224434449534962&a=77&e=0100007FB9FE2963AD00F44F0268FCD1&pref=https%3A%2F%2Fwww.production-floor.com%2F&c=ss:77.up:0100007FB9FE2963AD00F44F0268FCD1.sync:up.xdua:duVvCH2LRP077E0CGwmU1ojj.xps:xpssUaxiZ2fVwuoVYj2Sx23dv.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&i=340823629063992.224434449534962&a=77&e=0100007FB9FE2963AD00F44F0268FCD1&pref=https%3A%2F%2Fwww.production-floor.com%2F&c=ss:77.up:0100007FB9FE2963AD00F44F0268FCD1.sync:up.xdua:duVvCH2LRP077E0CGwmU1ojj.xps:xpssUaxiZ2fVwuoVYj2Sx23dv.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 17:56:12 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 3
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=340823629063992.667161111180833&a=77&e=0100007FB9FE2963AD00F44F0268FCD1&pref=https%3A%2F%2Fwww.production-floor.com%2F&c=ss:77.up:0100007FB9FE2963AD00F44F0268FCD1.sync:up.xdua:duVvCH2LRP077E0CGwmU1ojj.xps:xpssUaxiZ2fVwuoVYj2Sx23dv.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.146200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=340823629063992.667161111180833&a=77&e=0100007FB9FE2963AD00F44F0268FCD1&pref=https%3A%2F%2Fwww.production-floor.com%2F&c=ss:77.up:0100007FB9FE2963AD00F44F0268FCD1.sync:up.xdua:duVvCH2LRP077E0CGwmU1ojj.xps:xpssUaxiZ2fVwuoVYj2Sx23dv.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&i=340823629063992.667161111180833&a=77&e=0100007FB9FE2963AD00F44F0268FCD1&pref=https%3A%2F%2Fwww.production-floor.com%2F&c=ss:77.up:0100007FB9FE2963AD00F44F0268FCD1.sync:up.xdua:duVvCH2LRP077E0CGwmU1ojj.xps:xpssUaxiZ2fVwuoVYj2Sx23dv.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 17:56:12 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 5
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
195.209.108.46302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP 195.209.108.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Tue, 20 Sep 2022 17:56:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-5561667358; expires=Thu, 19 Sep 2024 17:56:13 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5561667358
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
www.production-floor.com/wp-content/themes/production-floor/images/footer-bg.svg
88.218.116.38200 OK 0 B URL HTTP/2 www.production-floor.com/wp-content/themes/production-floor/images/footer-bg.svg
IP 88.218.116.38:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/production-floor/images/footer-bg.svg HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: image/svg+xml
last-modified: Tue, 28 Dec 2021 18:33:00 GMT
vary: Accept-Encoding
etag: W/"61cb585c-2966"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.production-floor.com/wp-content/plugins/cf7-drop-uploader/assets/css/drop_uploader.css?ver=6.0.2
88.218.116.38200 OK 0 B URL HTTP/2 www.production-floor.com/wp-content/plugins/cf7-drop-uploader/assets/css/drop_uploader.css?ver=6.0.2
IP 88.218.116.38:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cf7-drop-uploader/assets/css/drop_uploader.css?ver=6.0.2 HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: text/css
last-modified: Thu, 22 Nov 2018 23:12:07 GMT
vary: Accept-Encoding
etag: W/"5bf737c7-13b6"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.production-floor.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
88.218.116.38200 OK 0 B URL HTTP/2 www.production-floor.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 88.218.116.38:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 02:00:49 GMT
vary: Accept-Encoding
etag: W/"631163d1-2fb3"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/0100007FB9FE2963AD00F44F0268FCD1
213.180.193.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/0100007FB9FE2963AD00F44F0268FCD1
IP 213.180.193.90:0
GET /mapuid/sapeis/0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/0100007FB9FE2963AD00F44F0268FCD1?redir-setuniq=1
date: Tue, 20 Sep 2022 17:56:12 GMT
set-cookie: yandexuid=5727593661663696572; domain=.yandex.ru; path=/; expires=Fri, 17-Sep-2032 17:56:12 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 20 Sep 2022 17:56:12 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Tue, 20 Sep 2022 17:56:12 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.production-floor.com/wp-json/contact-form-7/v1/contact-forms/5/feedback/schema
88.218.116.38200 OK 0 B URL HTTP/2 www.production-floor.com/wp-json/contact-form-7/v1/contact-forms/5/feedback/schema
IP 88.218.116.38:0
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/5/feedback/schema HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.production-floor.com/
Connection: keep-alive
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:09 GMT
content-type: application/json; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-robots-tag: noindex
link: <https://www.production-floor.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Accept-Encoding, Origin
content-encoding: gzip
X-Firefox-Spdy: h2
www.production-floor.com/wp-content/themes/production-floor/images/x.svg
88.218.116.38200 OK 0 B URL HTTP/2 www.production-floor.com/wp-content/themes/production-floor/images/x.svg
IP 88.218.116.38:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/production-floor/images/x.svg HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: image/svg+xml
last-modified: Tue, 28 Dec 2021 18:33:01 GMT
vary: Accept-Encoding
etag: W/"61cb585d-25a"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.production-floor.com/wp-json/contact-form-7/v1/contact-forms/193/feedback/schema
88.218.116.38200 OK 0 B URL HTTP/2 www.production-floor.com/wp-json/contact-form-7/v1/contact-forms/193/feedback/schema
IP 88.218.116.38:0
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/193/feedback/schema HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.production-floor.com/
Connection: keep-alive
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:10 GMT
content-type: application/json; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-robots-tag: noindex
link: <https://www.production-floor.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Accept-Encoding, Origin
content-encoding: gzip
X-Firefox-Spdy: h2
www.production-floor.com/wp-content/themes/production-floor/theme/css/b4st.css
88.218.116.38200 OK 0 B URL HTTP/2 www.production-floor.com/wp-content/themes/production-floor/theme/css/b4st.css
IP 88.218.116.38:0
GET /wp-content/themes/production-floor/theme/css/b4st.css HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: text/css
last-modified: Tue, 28 Dec 2021 18:33:01 GMT
vary: Accept-Encoding
etag: W/"61cb585d-583"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
adlmerge.com/merge_gpsid/?sid=50&id=0100007FB9FE2963AD00F44F0268FCD1
95.211.66.35200 OK 0 B URL HTTP/2 adlmerge.com/merge_gpsid/?sid=50&id=0100007FB9FE2963AD00F44F0268FCD1
IP 95.211.66.35:0
ASN #60781 LeaseWeb Netherlands B.V.
GET /merge_gpsid/?sid=50&id=0100007FB9FE2963AD00F44F0268FCD1 HTTP/1.1
Host: adlmerge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Tue, 20 Sep 2022 17:56:10 GMT
content-type: image/gif
iseu: eu
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.1/js/all.js?ver=5.0.13
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.15.1/js/all.js?ver=5.0.13
IP 172.64.132.15:0
GET /releases/v5.15.1/js/all.js?ver=5.0.13 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 17:56:09 GMT
content-type: application/javascript
x-amz-id-2: C5RtYyCL833Xr3IYrKmpzck/qdLAInFljx5qBFHl+96nvDOj5tftJdI8CEivlYtmfnGk02VtINU=
x-amz-request-id: 5W4S4K0RQF7WB3ES
last-modified: Wed, 30 Jun 2021 15:40:30 GMT
etag: W/"5e1e1bd25a94741b7828800b758b88df"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtSov7vf3ndR466SRUDqprduXEJoOBL0qKgiShzb5CwK7A17TB6XOY0YlVWgSUnM7j5FgjRNRp%2BUNkEhWmPkKmUBWUYVdRuGuXy2H5Rgh8ETgN8E5N4rnzklz%2FdDYMK%2FGjzjl9z3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dc6fa17aac8873-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
65.109.23.99302 Found 0 B URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP 65.109.23.99:0
ASN #24940 Hetzner Online GmbH
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Tue, 20 Sep 2022 17:56:10 GMT
x-request-id: a9e048e8-89cd-4260-95ac-8164d2d07511
set-cookie: bvuid=rbazgfsqtt; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=rbazgfsqtt; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=rbazgfsqtt
X-Firefox-Spdy: h2
www.production-floor.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
88.218.116.38200 OK 0 B URL HTTP/2 www.production-floor.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 88.218.116.38:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: text/css
last-modified: Fri, 02 Sep 2022 02:00:49 GMT
vary: Accept-Encoding
etag: W/"631163d1-aab"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.production-floor.com/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.8.1
88.218.116.38200 OK 0 B URL HTTP/2 www.production-floor.com/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.8.1
IP 88.218.116.38:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.8.1 HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: text/css
last-modified: Tue, 28 Dec 2021 18:55:47 GMT
vary: Accept-Encoding
etag: W/"61cb5db3-e7"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.production-floor.com/wp-content/themes/production-floor/images/more-arrows-color-small2.svg
88.218.116.38200 OK 0 B URL HTTP/2 www.production-floor.com/wp-content/themes/production-floor/images/more-arrows-color-small2.svg
IP 88.218.116.38:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/production-floor/images/more-arrows-color-small2.svg HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: image/svg+xml
last-modified: Tue, 28 Dec 2021 18:33:00 GMT
vary: Accept-Encoding
etag: W/"61cb585c-2b0"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.production-floor.com/wp-content/themes/production-floor/theme/js/b4st.js
88.218.116.38200 OK 0 B URL HTTP/2 www.production-floor.com/wp-content/themes/production-floor/theme/js/b4st.js
IP 88.218.116.38:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/production-floor/theme/js/b4st.js HTTP/1.1
Host: www.production-floor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.production-floor.com/
Cookie: PHPSESSID=i67sgm1naejf0pcvj1jilk6bj7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 17:56:08 GMT
content-type: application/javascript
last-modified: Tue, 28 Dec 2021 18:33:01 GMT
vary: Accept-Encoding
etag: W/"61cb585d-1051"
expires: Wed, 20 Sep 2023 17:56:08 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/0100007FB9FE2963AD00F44F0268FCD1?redir-setuniq=1
213.180.193.90200 OK 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/0100007FB9FE2963AD00F44F0268FCD1?redir-setuniq=1
IP 213.180.193.90:0
GET /mapuid/sapeis/0100007FB9FE2963AD00F44F0268FCD1?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Tue, 20 Sep 2022 17:56:12 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 20 Sep 2022 17:56:12 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Tue, 20 Sep 2022 17:56:12 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2