www.multfun.com/
200 OK 5.2 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (301)
Hash 4f99c3840518195b001317be4c3ce97a
6c5488d55e74b0ac729088254373c2eba4ae9509
139fdf257c91ba0b41b60fce98c56d5b365105db8f99bedace289bb08885c421
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Set-Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa; path=/
dle_user_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.multfun.com; httponly
dle_password=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.multfun.com; httponly
dle_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.multfun.com; httponly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWFlY%2Fg6t%2BDY666b3MH6RE2MbtV6ldHh6vReaFuTpei3VSt9S3OJzVuk3JG0fASp4Ysi%2B5AnyOS8RJJjh2cRXOPboqY%2B2IgxAGYa6X4K1MMR%2FXXe0ZfUM4WITeNK3CEjObA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f795e4ae2cb512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2748
Expires: Fri, 25 Nov 2022 05:05:08 GMT
Date: Fri, 25 Nov 2022 04:19:20 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6551
Cache-Control: max-age=115262
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:19:20 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:20:22 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 04:17:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 116
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9113
Expires: Fri, 25 Nov 2022 06:51:13 GMT
Date: Fri, 25 Nov 2022 04:19:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FojPZJYaxcWy7aWW2Zzo2GhLheewgsHHpN55eyIN0iypZ/3RX5oOmseF1tvVmdzHAVf6RHb7zGQ=
x-amz-request-id: J3KJ3ARVZWVE4G1J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 03:43:41 GMT
age: 2139
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:19:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:19:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.multfun.com/templates/main/style/style.css
200 OK 502 B URL HTTP/1.1 www.multfun.com/templates/main/style/style.css
IP
File type ASCII text, with CRLF line terminators
Hash ab7d40bc4f369bd27342c5d7dbdf9a42
729c59f9957a9f53ab413400e1fb12e719abc02c
5962f45557e5622250d394743354aa39640ce0d57ddda31eef484104d1840fad
GET /templates/main/style/style.css HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Oct 2013 22:00:23 GMT
ETag: W/"52605df7-418"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnd93bZhmUDQQdtft40fIGx%2FLYM9gTLrPW8CzqKjqvHgpwA4ff0x%2Btggu%2BAqnyhThbYkHVBtT17Ki22cSvcHddxU5QdlNROg2zKHj%2FmNLizkCx%2BkVLUkgzVaq7dqAJaqATg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795e79ad6b515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.multfun.com/templates/main/style/template.css
200 OK 1.1 kB URL HTTP/1.1 www.multfun.com/templates/main/style/template.css
IP
File type ASCII text, with CRLF line terminators
Hash cfbbc6220cfd8805a17ea81e80d02124
52b4aa733e3236ad80f70f0b0ef0e21602c43577
97e4c4656f033a65eb457cbd6d56923e5eb5312dc373c824a610b77a554cde74
GET /templates/main/style/template.css HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Oct 2013 22:00:23 GMT
ETag: W/"52605df7-f65"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWdiqlKfP2MBZti0m8JqAJvAKj4SsYAcG1OIlzxmo%2FdC0mqCiZlu%2Bo4V%2B8zqoOmuvmdNwAW9zHG0dCQtN%2BONfiBQGrbQJp7qSY11H6sH7Y0VGCOjcMhMTJPztJATSdsf0H8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795e799dffac8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.multfun.com/engine/classes/min/index.php?charset=utf-8&g=general&7
200 OK 56 kB URL HTTP/1.1 www.multfun.com/engine/classes/min/index.php?charset=utf-8&g=general&7
IP
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65483)
Hash 57d7b5cfe693fbdc6c738a1f9da771c7
2294610986b0da70ee2e1a8a90be8eb6d770a5f9
79ac0a94c805eb99bfae186db2fcb6d0e73019ea40e0dee5ced31405e3754650
GET /engine/classes/min/index.php?charset=utf-8&g=general&7 HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:20 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 55903
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Expires: Sat, 25 Nov 2023 04:19:20 GMT
Vary: Accept-Encoding
Last-Modified: Thu, 17 Oct 2013 22:00:22 GMT
ETag: "pub1382047222;gz"
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9Q0VXrxzXB740E2hMj9YtjjA0FC55fnsSvHkz7TsKlnVbWYnIqWQfxCPBNmVwM9AZk3oqDpxw61%2FAFOP806Kib41JC0TzVCzgWuxl5D099jcCiEc6RTIBQEsZUJBIGyF%2B0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f795e79f1db512-OSL
alt-svc: h2=":443"; ma=60
www.multfun.com/engine/classes/min/index.php?charset=utf-8&f=engine/classes/highslide/highslide.js&7
200 OK 14 kB URL HTTP/1.1 www.multfun.com/engine/classes/min/index.php?charset=utf-8&f=engine/classes/highslide/highslide.js&7
IP
File type HTML document, ASCII text, with very long lines (34541)
Hash 7f0679f58124e7ba2a8d1a96de4f96d3
83d4a73a256994716418b6619b24408c9ec70f26
943de7d87c145b55c5fd824104b50e9c0c6627f6b188f9a051860c892ae28c6b
GET /engine/classes/min/index.php?charset=utf-8&f=engine/classes/highslide/highslide.js&7 HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:20 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 14067
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Expires: Sat, 25 Nov 2023 04:19:20 GMT
Vary: Accept-Encoding
Last-Modified: Thu, 17 Oct 2013 22:00:22 GMT
ETag: "pub1382047222;gz"
Cache-Control: max-age=31536000, public
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtufJKZLZhqDiYUZcr6W2o%2Fd5s9xAKkVuzhGl5JLbjGceDz%2F1IcygVq%2BwX36%2F3wOBphg6lK%2FvWVUgU0YnVa0V5QYV4tBHJIz%2FhhKJAAACzoF2S9c0g0xVotSPG17zCysiBQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f795e799e20afa-OSL
alt-svc: h2=":443"; ma=60
www.multfun.com/templates/main/style/settings.css
200 OK 3.0 kB URL HTTP/1.1 www.multfun.com/templates/main/style/settings.css
IP
Hash 992e606c6bae171e0aa23353de557ba8
7928951ce1f8e1131f75d923686e68f6d9387729
3e030d0a21be67cff234c8b758c16bceda4de2fc73e732b3acfaa87ab3bc322c
GET /templates/main/style/settings.css HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Oct 2013 22:00:23 GMT
ETag: W/"52605df7-3f3f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0xs2qu5TC7Jgj4ouYzlySLueG2U4%2B4aB%2BPxC%2BItTiJYIPYhkn%2BXNaVYLHrY5crMsEm%2BHPuoslbRlqfv7v11NAOZivrS5kF6Y8ajq%2Bcg2Y3GbyO8RO7Q7rDBLMs%2FGH7q%2B%2Fc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795e7a969b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
vk.com/js/api/openapi.js?63
301 Moved Permanently 164 B URL HTTP/1.1 vk.com/js/api/openapi.js?63
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 6d359f551ba4cb27d59e94a6cddaec09
d230318bd921ad8167c2eb9dfdc7b1d7d2c7373f
9ecd8531025e89f5e1ca23d81203a9feddbd5b4b75ca79c9868cb53762293bc8
GET /js/api/openapi.js?63 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/
HTTP/1.1 301 Moved Permanently
Server: kittenx
Date: Fri, 25 Nov 2022 04:19:20 GMT
Content-Type: text/html
Content-Length: 164
Connection: keep-alive
Location: https://vk.com/js/api/openapi.js?63
X-Frontend: front225207
Access-Control-Expose-Headers: X-Frontend
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:19:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.multfun.com/templates/main/js/jquery.themepunch.revolution.min.js
200 OK 11 kB URL HTTP/1.1 www.multfun.com/templates/main/js/jquery.themepunch.revolution.min.js
IP
File type ASCII text, with very long lines (421)
Hash 48fe30a5d27b6ced82b2f1f68417f91f
f27c57587a09a5924373da9dfdd1a4009d044901
141afc0e23676abad3c978e2c550780e06487ceced8ff908232b3e41ff2583c4
Analyzer Verdict Alert fortinet Malware
GET /templates/main/js/jquery.themepunch.revolution.min.js HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Oct 2013 22:00:23 GMT
ETag: W/"52605df7-12db3"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FW8s%2FzOIEed0VoJO96PiH6TE41k0MNai%2B0dbWcqhY8v5u1Jt%2FY8w%2FgLJOswqnR6hRxe1Zzi6VEYZm2cm6pQOcSqbynHHocE%2BUsDliV01oBlBSxcTcgvW6nkLiCfbPXPGaY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795e81affb515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:19:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/cuprum/v20/dg45_pLmvrkcOkBnKsOzXyGWTBcmg-X6VjvYJw.woff2
200 OK 8.1 kB URL HTTP/2 fonts.gstatic.com/s/cuprum/v20/dg45_pLmvrkcOkBnKsOzXyGWTBcmg-X6VjvYJw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 8116, version 1.0\012- data
Hash 909b40322aa2cd7a2aea613953eae0b1
84e061807b392a887239d91f34a26dd77fc30487
f18d57747180068b241552c0f59bcc16dee612baca3fdc9b9e6ba3cfb94c7b33
GET /s/cuprum/v20/dg45_pLmvrkcOkBnKsOzXyGWTBcmg-X6VjvYJw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.multfun.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:51:52 GMT
expires: Thu, 23 Nov 2023 18:51:52 GMT
cache-control: public, max-age=31536000
age: 120449
last-modified: Mon, 11 Jul 2022 20:37:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash cd8ed48b772f67742fc4566f91b92470
25ebfc44e962d5ffe2532675917deb3c3b325cc3
220201650e723601759e7d204e16b5f44b7d6f9d152328e04006af92d4e0f8d8
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 01:42:00 GMT
ETag: "25ebfc44e962d5ffe2532675917deb3c3b325cc3"
Last-Modified: Fri, 25 Nov 2022 01:42:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3314
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795e96a971c12-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:19:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vk.com/js/api/openapi.js?63
200 OK 23 kB URL HTTP/2 vk.com/js/api/openapi.js?63
IP
File type ASCII text, with very long lines (3849)
Hash b33ff213862515e45744517b207d77db
7d69b309a9c1d918d8dc7b42c510d08321207b9c
a5cd610dc23e643864c8827d58736c15b955328124bfd95661c88a7b96eaed47
GET /js/api/openapi.js?63 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.multfun.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: application/x-javascript
content-length: 23322
last-modified: Wed, 10 Aug 2022 14:44:17 GMT
etag: "62f3c441-5b1a"
content-encoding: br
expires: Tue, 29 Nov 2022 04:19:21 GMT
cache-control: max-age=345600
x-frontend: front226205
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
www.multfun.com/templates/main/images/logo.png
200 OK 5.7 kB URL HTTP/1.1 www.multfun.com/templates/main/images/logo.png
IP
File type PNG image data, 238 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 12d3cb41b2d4679bc23e831efa37175e
cac772c1424429a5fc6d60552848394e809e2235
5f85c03bddf737f1759d90bf900dc0b66cec0cfdbfe332d5ffa1484b8eeb3211
GET /templates/main/images/logo.png HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: image/png
Content-Length: 5699
Connection: keep-alive
Last-Modified: Thu, 17 Oct 2013 22:00:23 GMT
ETag: "52605df7-1643"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWpu1GZVKog2oE8jWqDEtP9ihppnpJqvfCIkMezO%2BGf11jiFh2L1gaDpovzV3jFvfa1iTjC2WJxfnxQEnKLkQizWRGmOp5Su0r4qB6bacHkDGFcdoApkE0a%2Fo3bKp%2Bls2wY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795ea0bdbb515-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/cuprum/v20/dg45_pLmvrkcOkBnKsOzXyGWTBcmg-X6Vj_YJwQj.woff2
200 OK 5.7 kB URL HTTP/2 fonts.gstatic.com/s/cuprum/v20/dg45_pLmvrkcOkBnKsOzXyGWTBcmg-X6Vj_YJwQj.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 5704, version 1.0\012- data
Hash 4c52c76e414a7e568358fc68ce6548be
84af09115f2dbf69111654ee27028c180ba0f129
264be19c450af10a1c301cb6ed000c22ac8942ad7224c93df78f72327df9b923
GET /s/cuprum/v20/dg45_pLmvrkcOkBnKsOzXyGWTBcmg-X6Vj_YJwQj.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.multfun.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 03:21:24 GMT
expires: Tue, 21 Nov 2023 03:21:24 GMT
cache-control: public, max-age=31536000
age: 349077
last-modified: Mon, 11 Jul 2022 20:35:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.multfun.com/templates/main/slider/flutty.png
200 OK 29 kB URL HTTP/1.1 www.multfun.com/templates/main/slider/flutty.png
IP
File type PNG image data, 135 x 234, 8-bit/color RGBA, non-interlaced\012- data
Hash 1c83d7ecf0a9f6fea68bb2d207331e56
288675ab522c90427187258bbc81a83a93d3fed5
8e32c18da27af9f092fc19e8b85124d374aff087f2f1008581eafd9a0f56d0fd
GET /templates/main/slider/flutty.png HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: image/png
Content-Length: 28970
Connection: keep-alive
Last-Modified: Thu, 17 Oct 2013 22:00:23 GMT
ETag: "52605df7-712a"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XA0slFiSd4yfYdqIrH8KZtALWD97hdWiSq%2BHT4pOLEYarqpzbZ9RNzsLsO209Cy3%2FYh5Qm3Yfe5piOYHKwyXZs3szrxlOv0ePwwtMHcZitRJRFZWBr80KIdXOFF9M%2FPRtbs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795ea0a700afa-OSL
alt-svc: h2=":443"; ma=60
www.multfun.com/templates/main/slider/bgpony.gif
200 OK 40 kB URL HTTP/1.1 www.multfun.com/templates/main/slider/bgpony.gif
IP
File type GIF image data, version 89a, 2500 x 600\012- data
Hash f12895b8975c670f66633d559639958f
d068b3f1f08d36313e1472f3bcd98369f76f0544
c49da70c02269fcc26f207df327eea86d7473e1a986d2665793cb23c7a212152
GET /templates/main/slider/bgpony.gif HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: image/gif
Content-Length: 39517
Connection: keep-alive
Last-Modified: Thu, 17 Oct 2013 22:00:23 GMT
ETag: "52605df7-9a5d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSIQJ7jLWE%2BolWv9ByS%2F7R%2BLuK8oX%2BHFdzh879R3pisS7fOG8NclgtDyRTW2L07bxSElZB5MG4WPT3i0X2Pm5DCNITqDKo1kJQVD%2F1zJYnfnI5%2BbH07eivnSM4grAXN8WLg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795ea0fefb512-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 04:11:11 GMT
cache-control: public,max-age=3600
age: 490
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.multfun.com/templates/main/slider/twilight.png
200 OK 53 kB URL HTTP/1.1 www.multfun.com/templates/main/slider/twilight.png
IP
File type PNG image data, 288 x 289, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b93c71fd67ca8ed3a414098ccf46c6f
85a04b4632d41d200d8e3be38d7b7e3fc8764de4
e4f8be54baa5a49e6f0f38e539023c142ab9ed562b3aad41aaba54fa50349dd7
GET /templates/main/slider/twilight.png HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: image/png
Content-Length: 53378
Connection: keep-alive
Last-Modified: Thu, 17 Oct 2013 22:00:23 GMT
ETag: "52605df7-d082"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvHflFLi%2FYkKhi2yc6Ey5Iuz45Ur4%2FjVWRrDEDs08ug%2Bo0u8%2FJqXwG%2FiH%2BbDkBKh4NlxaLD%2FBp7tGRx7e13v0S4SSfwKtn3X%2B%2BMX94zDiljLN%2BWE7WwLiy8H%2FdxJmu1iHKA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795ea0a68b50c-OSL
alt-svc: h2=":443"; ma=60
www.multfun.com/uploads/posts/2014-05/1399799364_online.png
200 OK 71 kB URL HTTP/1.1 www.multfun.com/uploads/posts/2014-05/1399799364_online.png
IP
File type PNG image data, 320 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash 944f5db9dcc5725304aa4914964554da
eebdcd0ddd6d32d4507d373d43b75d9b6a85b035
5f4155103250e7eef78cf8b47a401cc08ace1af3c2e730e90cd676b93d449d9c
GET /uploads/posts/2014-05/1399799364_online.png HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: image/png
Content-Length: 71003
Connection: keep-alive
Last-Modified: Sun, 11 May 2014 09:08:43 GMT
ETag: "536f3e1b-1155b"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ja3bW%2BR04fHArHTney6SOOa%2BYeFko129UHyoYOCHq6pjMuOCGCRZ1mBdDIZxfQO%2F79IQeMkJQETW5Xc1qAg%2BCBBNUSGXUlMgzKTpcbXqp83Jt8PE9hwTcVEi5ntb1rCnX0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795ea0a59fac8-OSL
alt-svc: h2=":443"; ma=60
www.multfun.com/templates/main/assets/timer.png
200 OK 125 B URL HTTP/1.1 www.multfun.com/templates/main/assets/timer.png
IP
File type PNG image data, 1 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash ba593bd9fc9e07110f3dc74f728b3768
9620e53c9e0a5b5d55e15b23f556e2089e903fc1
a15348b049a18c85702dde38f379aa78d3809af8c07adcf25236c69b03f6f746
GET /templates/main/assets/timer.png HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/templates/main/style/settings.css
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: image/png
Content-Length: 125
Connection: keep-alive
Last-Modified: Thu, 17 Oct 2013 22:00:23 GMT
ETag: "52605df7-7d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2%2B3JyKP50qhftwrilnW6Z0zrrLuoKmW%2FKiBOqRwjwXMmgNvst1UQxwmGW2c9mLurjn54rJimnhLZnloRM35G2t4t6lS6NGvU3gcq7jDKaGQk37aZdF%2B3lL%2F845kVXm3LCg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795ea7bf6b515-OSL
alt-svc: h2=":443"; ma=60
www.multfun.com/templates/main/slider/pony.jpg
200 OK 84 kB URL HTTP/1.1 www.multfun.com/templates/main/slider/pony.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2013:02:02 19:42:43], baseline, precision 8, 1000x600, components 3\012- data
Hash 101a531129096db95d53374f61cd5341
941b05ade10476e5dcb124a0164364b04878e3ef
efa36271c21a42cc39d7cc3c8798a7473fa68bdc30a1292296a59b5b491543af
GET /templates/main/slider/pony.jpg HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: image/jpeg
Content-Length: 83946
Connection: keep-alive
Last-Modified: Thu, 17 Oct 2013 22:00:23 GMT
ETag: "52605df7-147ea"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqymKv4kOp6XfAGkrWWE2%2B30wOwM7GBgWKptH0Da4PxaKONiTzzZwHlSyKjSwNBJAsHPiXY4Z7VB%2BytC5l1hfNrxztHgMaxIGFaTHAIf59QxdczXBKfFKZ5Kgp2A2YsjkEQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795ea0bdcb515-OSL
alt-svc: h2=":443"; ma=60
www.multfun.com/templates/main/images/dragons.gif
200 OK 7.7 kB URL HTTP/1.1 www.multfun.com/templates/main/images/dragons.gif
IP
File type GIF image data, version 89a, 160 x 51\012- data
Hash 042aeafbc1a7560938bd538b0edffa2c
db1d6093cc3c677682adf18b21190e1b7f24f982
305bc80b542996273140abbcb691cae2edeee36c133e7413805e0fba59e1a175
GET /templates/main/images/dragons.gif HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/templates/main/style/template.css
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: image/gif
Content-Length: 7652
Connection: keep-alive
Last-Modified: Thu, 17 Oct 2013 22:00:23 GMT
ETag: "52605df7-1de4"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98y3XijBP9f0qnRTUsOi05EFRK%2FdRnvbLe7GhXX1NkvYyiUewHqomHoba9UJQSnIYbi5qi5CrYi152TRUXM%2FHnTqXO3hzOH2UFwUFNRO9sTHgD3zS92SJq0PS87jg0c6uVM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795eadad6b50c-OSL
alt-svc: h2=":443"; ma=60
www.multfun.com/templates/main/assets/loader.gif
200 OK 2.5 kB URL HTTP/1.1 www.multfun.com/templates/main/assets/loader.gif
IP
File type GIF image data, version 89a, 24 x 24\012- data
Hash faa74e8c61fc64d5edb11613c7eead2c
e043879d3ee94a3edf10260f21f44bfa4a6fc66e
483c4a0396691993a641ec409c44b8b7e1daab0ae7e2b2944c4bc59520bb7655
GET /templates/main/assets/loader.gif HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/templates/main/style/settings.css
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: image/gif
Content-Length: 2545
Connection: keep-alive
Last-Modified: Thu, 17 Oct 2013 22:00:23 GMT
ETag: "52605df7-9f1"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtA%2F27rDAffkI0ddg8QLh6cs31TLkwh5lMaXTfId5MWpgfC9nQnXq2uwZgIn0MWf3D0CbThj0U49xSiHIK8a1jov%2FriEKLEqcqR1XVGtKqAE0%2FvliR%2FdDb8JZxKFrKBL4vc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795eaba940afa-OSL
alt-svc: h2=":443"; ma=60
www.multfun.com/templates/main/images/mlp.gif
200 OK 7.9 kB URL HTTP/1.1 www.multfun.com/templates/main/images/mlp.gif
IP
File type GIF image data, version 89a, 142 x 125\012- data
Hash af5b63f44962dfdc7ed21008fc12714e
6d3c4e62137221378341111ed3e046cebffda308
b4e04bc4a9a88e9dfa000c9aa36b2b51cbd7e0bce7e4456204848f36e5cbfe6e
GET /templates/main/images/mlp.gif HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/templates/main/style/template.css
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: image/gif
Content-Length: 7930
Connection: keep-alive
Last-Modified: Thu, 17 Oct 2013 22:00:23 GMT
ETag: "52605df7-1efa"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmBoZaNEV0NdGiODatccmoX7PZQ0Kw7jm%2Bn0Y3MNWHLcGk14CgVSiAtfyE4DADDJodURaiTb1NliRtVqFeMNooS1bFLqGL%2FAZqbrsX0eJaoJCRFv1oTxpKGYyADUOlCWGAg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795eac81eb512-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 385c46eae580a47e10e58f9e24aa84be
5d25bce414517dcb5008e39ee166cca20884b927
82d80a7b1950142982c95d16ed7c1618231043c7521f6b255719188b90b68862
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D80A7B1950142982C95D16ED7C1618231043C7521F6B255719188B90B68862"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10813
Expires: Fri, 25 Nov 2022 07:19:34 GMT
Date: Fri, 25 Nov 2022 04:19:21 GMT
Connection: keep-alive
vk.com/widget_community.php?app=0&width=480px&_ver=1&gid=44919522&mode=0&color1=&color2=&color3=&class_name=&height=180&url=http%3A%2F%2Fwww.multfun.com%2F&referrer=&title=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&184ad02ec7c
200 OK 11 kB URL HTTP/2 vk.com/widget_community.php?app=0&width=480px&_ver=1&gid=44919522&mode=0&color1=&color2=&color3=&class_name=&height=180&url=http%3A%2F%2Fwww.multfun.com%2F&referrer=&title=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&184ad02ec7c
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (16185)
Hash 0d31b0d62179b0bebfb8a93a671e174c
451910ebe3d3b7424b1ea43c6cb36159f787e4b7
18f9063b3eadfe282e85ebb193322706e21c8d156d075df7bf47b03d8fa6221e
GET /widget_community.php?app=0&width=480px&_ver=1&gid=44919522&mode=0&color1=&color2=&color3=&class_name=&height=180&url=http%3A%2F%2Fwww.multfun.com%2F&referrer=&title=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&184ad02ec7c HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.multfun.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: text/html; charset=windows-1251
content-length: 11003
x-powered-by: KPHP/7.4.112733
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly
remixlang=3; expires=Sun, 26 Nov 2023 02:18:04 GMT; path=/; domain=.vk.com
remixstlid=9059639499169614416_JCv1664Zb1MVQZkYXw5XinX3OVbzmBE5xoVnPGCmnJo; expires=Sat, 25 Nov 2023 04:19:21 GMT; path=/; domain=.vk.com; secure
remixstid=1173949364_7ppXelerFqcZZeVzPLsOVTv3NTMpIBaY6IWZnnKZJ6w; expires=Thu, 23 Nov 2023 20:06:57 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-security-policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp
x-xss-protection: 1; report=/xss_reports
content-encoding: gzip
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
www.multfun.com/templates/main/assets/bullets.png
200 OK 1.2 kB URL HTTP/1.1 www.multfun.com/templates/main/assets/bullets.png
IP
File type PNG image data, 23 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash a5045ded13f7bdafb40f39718882fe92
a66e518b4f92f33d91cd6aa619d5a21fda1f897f
4f9929e43a448571410478388d78fadc22c25460853d13877aa19374820c3605
GET /templates/main/assets/bullets.png HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/templates/main/style/settings.css
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: image/png
Content-Length: 1153
Connection: keep-alive
Last-Modified: Thu, 17 Oct 2013 22:00:23 GMT
ETag: "52605df7-481"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGVtoxRGw6N3f34n7zIvpWOl0VRjKU%2BmBo%2FqfVL%2BwoSWVfuP5e3M1ImdqkV3j2JpVVqWAzfrWWdyfbnDJ1bwK9FPDjPYb4WbWOqOQcLXuM%2FbbkZ%2Bc6Ax5F%2Fb35TKTf6jTNw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795eb4c3ab515-OSL
alt-svc: h2=":443"; ma=60
www.acint.net/aci.js
200 OK 7.5 kB IP
File type ASCII text, with very long lines (1408)
Hash ae0aab6c5a2ae2e1168e74f6e6ae4741
2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.multfun.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: application/x-javascript
content-length: 7461
last-modified: Mon, 16 May 2022 07:14:50 GMT
etag: "6281f9ea-1d25"
content-encoding: gzip
expires: Fri, 25 Nov 2022 16:19:21 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
www.multfun.com/templates/main/assets/arrow_left.png
200 OK 807 B URL HTTP/1.1 www.multfun.com/templates/main/assets/arrow_left.png
IP
File type PNG image data, 26 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 56458574dfbdc004d385499c968c516b
e1de2bac9319a54d6e047414bada00699d0db5c4
b4bf2f2383719b3731b597cd9010ff45d3ba4e519b1a30780a3c7d5ded296931
GET /templates/main/assets/arrow_left.png HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/templates/main/style/settings.css
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: image/png
Content-Length: 807
Connection: keep-alive
Last-Modified: Thu, 17 Oct 2013 22:00:23 GMT
ETag: "52605df7-327"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EuI%2F7zV5wH8rgMGh3QILRuao9tOyPDFJBZogWmbx%2FeM8PhXZeyM6XQxSHFtTDbL37VoD6fSDNfl1jUMD7wq0wMAURPJci4NmN88JtwUWGRtONavSbQXUcrof7asz88dttU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795eb6aa6fac8-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 471 B IP
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6238
Cache-Control: max-age=109886
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:19:21 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:50:47 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
www.multfun.com/templates/main/assets/arrow_large_right.png
200 OK 2.7 kB URL HTTP/1.1 www.multfun.com/templates/main/assets/arrow_large_right.png
IP
File type PNG image data, 46 x 92, 8-bit/color RGBA, non-interlaced\012- data
Hash 421c7c6749ea6894aa308405fe38f329
e087b2a1e3b0310ca12afbb44a28f7faafed9e4b
041c78820d2b46e26dccc371b36eb9b98c0702a907989948574830bb2b33b02d
GET /templates/main/assets/arrow_large_right.png HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/templates/main/style/settings.css
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: image/png
Content-Length: 2674
Connection: keep-alive
Last-Modified: Thu, 17 Oct 2013 22:00:23 GMT
ETag: "52605df7-a72"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6YMOhDT04UsZw3Z1ijXiT7mlvtfYljfDNJZdbppKYVOUOTCoLj56kBtANJTqSpo2f0vy4ZLeBDc7f1X1LftRIQnWOmm5B%2BXq%2FN%2F375uKA7Z9jAisRRNzsvkBd4GUsbmg9A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795eb8c4bb515-OSL
alt-svc: h2=":443"; ma=60
www.multfun.com/templates/main/assets/arrow_right.png
200 OK 820 B URL HTTP/1.1 www.multfun.com/templates/main/assets/arrow_right.png
IP
File type PNG image data, 26 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 528f50a273ef6fa047f7376ca321d6d7
a511f4396317872415f15c539775b746e9d73a58
26c6d1dd93278dea97e7b812a04e7e2ab7a57fb20f6d3aa5e55282a6d09602f0
GET /templates/main/assets/arrow_right.png HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/templates/main/style/settings.css
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: image/png
Content-Length: 820
Connection: keep-alive
Last-Modified: Thu, 17 Oct 2013 22:00:23 GMT
ETag: "52605df7-334"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tl8S1Dckqr9f1Js0O78HeC%2BYT5krMcvsb5Bcy3fLTZ0Do0qQOZOzLi%2BiFnrpJrsR9Dmi%2BotdaHyXCsFP7HjP%2BSuttdotFr1RtErdmCTxOxjbFjMPaawEhUFBRzZNrsg62Rk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795eb8b1cb50c-OSL
alt-svc: h2=":443"; ma=60
www.multfun.com/templates/main/assets/arrow_large_left.png
200 OK 2.7 kB URL HTTP/1.1 www.multfun.com/templates/main/assets/arrow_large_left.png
IP
File type PNG image data, 46 x 92, 8-bit/color RGBA, non-interlaced\012- data
Hash 6645e864642da518fb40d275437aa31a
e6d25647c40bd3f0012f645532cb010774d4d26f
afde2ad8ca464b2915a1e0ba894c6a5718a47e4c95b5b7dc9b0c06c5a9051711
GET /templates/main/assets/arrow_large_left.png HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/templates/main/style/settings.css
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: image/png
Content-Length: 2686
Connection: keep-alive
Last-Modified: Thu, 17 Oct 2013 22:00:23 GMT
ETag: "52605df7-a7e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4%2F0WFgeK3ux4w98ELX0YJHWGJMCyadpUHYnK8YEVOyDRATjNvnXDh8%2FcU8TpAQHVDYxcDK3lX8slErt%2F9zBce4b0lYAMEH0eHL5Mtk9RFKj6BX4oqIG7apU7uhot14yi2Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795eb8ac20afa-OSL
alt-svc: h2=":443"; ma=60
vk.com/js/al/lite.js?105
200 OK 62 kB IP
File type ISO-8859 text, with very long lines (2839)
Hash 00c96d99eacaf6182b2b6f4df9af8035
8f26de3f62e0f18662b5bf3a814e1426de52d8ed
32d9fae1a16e2721c76d503f2fc7c5ab0874bbda4533070e6b3681e337363271
GET /js/al/lite.js?105 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/widget_community.php?app=0&width=480px&_ver=1&gid=44919522&mode=0&color1=&color2=&color3=&class_name=&height=180&url=http%3A%2F%2Fwww.multfun.com%2F&referrer=&title=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&184ad02ec7c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: application/x-javascript
content-length: 61848
last-modified: Tue, 22 Nov 2022 13:47:46 GMT
etag: "637cd302-f198"
content-encoding: br
expires: Tue, 29 Nov 2022 04:19:21 GMT
cache-control: max-age=345600
x-frontend: front226205
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
vk.com/js/lang3_0.js?27822499
200 OK 22 kB URL HTTP/2 vk.com/js/lang3_0.js?27822499
IP
File type ISO-8859 text, with very long lines (50863), with LF, NEL line terminators
Hash 28eb907725604dffece68ab83f52909b
7f1d26d1b1992f3023f4eeee74efe07b6dd5a91a
93dbe241e82b41fce4fe7e29d019256aada6f9f3cfa63ac7c79596eb13bfb23c
GET /js/lang3_0.js?27822499 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/widget_community.php?app=0&width=480px&_ver=1&gid=44919522&mode=0&color1=&color2=&color3=&class_name=&height=180&url=http%3A%2F%2Fwww.multfun.com%2F&referrer=&title=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&184ad02ec7c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: text/javascript; charset=windows-1251
content-length: 21542
x-powered-by: KPHP/7.4.112733
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly
remixlang=3; expires=Thu, 23 Nov 2023 00:08:18 GMT; path=/; domain=.vk.com
remixstlid=9108475407629050076_EhhriFlMEeHSRNZ5hVc2uJF9gXXoGZNuXfpAa2xA98g; expires=Sat, 25 Nov 2023 04:19:21 GMT; path=/; domain=.vk.com; secure
cache-control: max-age=345600
content-encoding: gzip
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
counter.yadro.ru/hit?t58.18;r;s1280*1024*24;uhttp%3A//www.multfun.com/;0.6529722602274955
302 Moved Temporarily 32 B URL HTTP/1.1 counter.yadro.ru/hit?t58.18;r;s1280*1024*24;uhttp%3A//www.multfun.com/;0.6529722602274955
IP
ASN #39134 United Network LLC
File type HTML document, ASCII text
Hash 3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
GET /hit?t58.18;r;s1280*1024*24;uhttp%3A//www.multfun.com/;0.6529722602274955 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/
HTTP/1.1 302 Moved Temporarily
Date: Fri, 25 Nov 2022 04:19:21 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit?t58.18;r;s1280*1024*24;uhttp%3A//www.multfun.com/;0.6529722602274955
Content-Length: 32
Expires: Wed, 24 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
vk.com/js/loader_nav20718133130_3.js
200 OK 50 kB URL HTTP/2 vk.com/js/loader_nav20718133130_3.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash e2476bb85183f5d707ff46315736b893
b07da5f803074984628fd5caac3b98604509ada5
8d5fe80d7797c8ad620b91d6587bf72cb6030bc50934c9dc57a34c3229ebd8d1
GET /js/loader_nav20718133130_3.js HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/widget_community.php?app=0&width=480px&_ver=1&gid=44919522&mode=0&color1=&color2=&color3=&class_name=&height=180&url=http%3A%2F%2Fwww.multfun.com%2F&referrer=&title=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&184ad02ec7c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: text/javascript; charset=windows-1251
content-length: 49954
x-powered-by: KPHP/7.4.112733
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly
remixlang=3; expires=Tue, 21 Nov 2023 16:08:45 GMT; path=/; domain=.vk.com
remixstlid=9104816232931806303_ERK9w9bXIdPrMAEZSrQcVW4XSOVe2Ci3hCRkuhopFP8; expires=Sat, 25 Nov 2023 04:19:21 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-encoding: gzip
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
vk.com/images/upload.gif
200 OK 230 B IP
File type GIF image data, version 89a, 32 x 8\012- data
Hash 59cd625f8c2ce03663123d59416378a1
b8d103133aadcdbe532e5642ddce9159b7385e4e
0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202
GET /images/upload.gif HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.multfun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: image/gif
content-length: 230
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
etag: "5f6a5ec8-e6"
expires: Fri, 02 Dec 2022 04:19:21 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
st.vk.com/css/al/lite.767433f9d8f76d21bc7a.css
200 OK 36 kB URL HTTP/2 st.vk.com/css/al/lite.767433f9d8f76d21bc7a.css
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Hash 0eb6868bdd0818265b30fbf0bcdbec0b
c72ba4ff0e47aa68b1a8a27cec4686175aac9ce9
ad0433c0a66e513398ec2cc8a4d3b8b5ec741a34d138695046c04e7ffa8052cc
GET /css/al/lite.767433f9d8f76d21bc7a.css HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: text/css
content-length: 35746
last-modified: Wed, 02 Nov 2022 08:24:06 GMT
etag: "63622926-8ba2"
content-encoding: br
expires: Tue, 29 Nov 2022 04:19:21 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
st.vk.com/css/al/ui_common.c0faeed934ef6c709718.css
200 OK 14 kB URL HTTP/2 st.vk.com/css/al/ui_common.c0faeed934ef6c709718.css
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Hash f32ed1e014ac4e73153ceaf91e07e547
b1b20504c432aa31ff71a3425f3d17fb810d8e0a
4f0e4361ff2a00485aa7ffc1676bfe6adfbe28b3ee4d71418a05c71c82f69fec
GET /css/al/ui_common.c0faeed934ef6c709718.css HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: text/css
content-length: 14135
last-modified: Fri, 14 Oct 2022 08:53:48 GMT
etag: "6349239c-3737"
content-encoding: br
expires: Tue, 29 Nov 2022 04:19:21 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10
302 Moved Temporarily 142 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10
www.acint.net/hit/?v=0.4.0&uid=82b3f55e-c03b-4197-b207-a0b8796b8d42&dp=10&tz=%2B00%3A00&nc=28546389&u=http%3A%2F%2Fwww.multfun.com%2F&r=&rs=1280x1024&t=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&oE=1&oP=1&dT=2022-11-25T04%3A19%3A21.107&fu=7e08e6a4-9d47-4675-9591-4e1f3b3cac17
302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/hit/?v=0.4.0&uid=82b3f55e-c03b-4197-b207-a0b8796b8d42&dp=10&tz=%2B00%3A00&nc=28546389&u=http%3A%2F%2Fwww.multfun.com%2F&r=&rs=1280x1024&t=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&oE=1&oP=1&dT=2022-11-25T04%3A19%3A21.107&fu=7e08e6a4-9d47-4675-9591-4e1f3b3cac17
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /hit/?v=0.4.0&uid=82b3f55e-c03b-4197-b207-a0b8796b8d42&dp=10&tz=%2B00%3A00&nc=28546389&u=http%3A%2F%2Fwww.multfun.com%2F&r=&rs=1280x1024&t=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&oE=1&oP=1&dT=2022-11-25T04%3A19%3A21.107&fu=7e08e6a4-9d47-4675-9591-4e1f3b3cac17 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.4.0&uid=82b3f55e-c03b-4197-b207-a0b8796b8d42&dp=10&tz=%2B00%3A00&nc=28546389&u=http%3A%2F%2Fwww.multfun.com%2F&r=&rs=1280x1024&t=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&oE=1&oP=1&dT=2022-11-25T04%3A19%3A21.107&fu=7e08e6a4-9d47-4675-9591-4e1f3b3cac17
st.vk.com/dist/polyfills.9d6916e19429a42923a3.js?2feba6508fe573be8f43
200 OK 21 kB URL HTTP/2 st.vk.com/dist/polyfills.9d6916e19429a42923a3.js?2feba6508fe573be8f43
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (36001), with NEL line terminators
Hash 3f038a4aff61fa279cda09597c56f236
08306f582674e176ef5df8110a7d2a3974643942
b0b4f33381041b7ba66705ff64c36b36e502b4ddb108f78adbdec603613aecc2
GET /dist/polyfills.9d6916e19429a42923a3.js?2feba6508fe573be8f43 HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: application/x-javascript
content-length: 20615
last-modified: Wed, 16 Nov 2022 08:32:40 GMT
etag: "6374a028-5087"
content-encoding: br
expires: Tue, 29 Nov 2022 04:19:21 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
st.vk.com/dist/react.aa0593255e5f9d5c3793.js?f3b31b6ba5c144b93f84
200 OK 44 kB URL HTTP/2 st.vk.com/dist/react.aa0593255e5f9d5c3793.js?f3b31b6ba5c144b93f84
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65449)
Hash 16185700d96cafadac13a93a10e4d1f1
97d4dbfb1151e1d5ee22e3920f0039a3899d130e
cbe5b2d6de6b5bb9753252d47defd3f87533891575ed163f31cd4d6e0ca0b059
GET /dist/react.aa0593255e5f9d5c3793.js?f3b31b6ba5c144b93f84 HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: application/x-javascript
content-length: 43803
last-modified: Thu, 17 Nov 2022 10:34:27 GMT
etag: "63760e33-ab1b"
content-encoding: br
expires: Tue, 29 Nov 2022 04:19:21 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
st.vk.com/dist/palette.c0fabca8c19959215c76.js?d356fc5b85769eff9841
200 OK 24 kB URL HTTP/2 st.vk.com/dist/palette.c0fabca8c19959215c76.js?d356fc5b85769eff9841
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65531), with no line terminators
Hash dbc9af7296855a36e20fbbaae999da87
54f3f45db490413a97c1012b349266436bc1cd01
e60f356fd99ea83e6c996e7fee8fd52e8a87586865f23531e98eee8790c1caca
GET /dist/palette.c0fabca8c19959215c76.js?d356fc5b85769eff9841 HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: application/x-javascript
content-length: 24299
last-modified: Tue, 22 Nov 2022 10:58:00 GMT
etag: "637cab38-5eeb"
content-encoding: br
expires: Tue, 29 Nov 2022 04:19:21 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
st.vk.com/css/al/fonts_cnt.2ed2de7040c5dd011574.css
200 OK 360 kB URL HTTP/2 st.vk.com/css/al/fonts_cnt.2ed2de7040c5dd011574.css
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Size 360 kB (359450 bytes)
Hash f75a9a4d043d53dd8646e9716629ed1b
ddf6f46e45f78158e015bf41e62034249f62cd9d
9a09104f3720485bcf81733f44e4ea86f4fc681365a73c68edc9888c23624dc6
GET /css/al/fonts_cnt.2ed2de7040c5dd011574.css HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: text/css
content-length: 359450
last-modified: Wed, 12 Oct 2022 10:52:08 GMT
etag: "63469c58-57c1a"
content-encoding: br
expires: Tue, 29 Nov 2022 04:19:21 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
www.multfun.com/templates/Default/images/favicon.ico
200 OK 476 B URL HTTP/1.1 www.multfun.com/templates/Default/images/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 2a79692f7fbfba7d2a4fbf0cea9001ee
049101429f7d3644b4c7d368aff172485a04b035
c36cd5f05a0573e1bfe7279169d34a65bb67f079d3dc937dce2a1ebb6d238ebb
GET /templates/Default/images/favicon.ico HTTP/1.1
Host: www.multfun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/
Cookie: PHPSESSID=d5d59bef9e827d962d87501344e926aa; fid=7e08e6a4-9d47-4675-9591-4e1f3b3cac17
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Oct 2013 22:00:23 GMT
ETag: W/"52605df7-47e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8LRjATynlcgIShp7%2FoIqm2SlYswdKowXcJWHiJF3dP4C1dZ5pis19%2FVWdzKlgozlRLOc4gT45KWAFGPjjmyapFE2%2FEi4thVs2rCfkxluzH5%2FCb3hslMwNBeBJHIsQC%2BIrKU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795eccc9bb515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
st.vk.com/dist/vkui.75bbb378d512e5ecda1d.js?efe74fe3129af3c1f2c1
200 OK 72 kB URL HTTP/2 st.vk.com/dist/vkui.75bbb378d512e5ecda1d.js?efe74fe3129af3c1f2c1
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65435), with no line terminators
Hash f12012b1e60e2f093ffb7e8cd741fbc2
fdb32bd3aa28896c97eced97e06f627dbf82d9c7
b1990131c7bee5defd2fc933ce07aabbea27f1af5cdd0ae3d7e1c50f6187f824
GET /dist/vkui.75bbb378d512e5ecda1d.js?efe74fe3129af3c1f2c1 HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: application/x-javascript
content-length: 72424
last-modified: Tue, 08 Nov 2022 08:30:15 GMT
etag: "636a1397-11ae8"
content-encoding: br
expires: Tue, 29 Nov 2022 04:19:21 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10
302 Found 154 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.multfun.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Fri, 25-Nov-22 04:29:21 GMT
aid=CkIDE2OAQkmpygJfFr9QArxmFcPNGVkieeBOcIxRU3ZlEkNf; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.4.0&uid=82b3f55e-c03b-4197-b207-a0b8796b8d42&dp=10&tz=%2B00%3A00&nc=28546389&u=http%3A%2F%2Fwww.multfun.com%2F&r=&rs=1280x1024&t=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&oE=1&oP=1&dT=2022-11-25T04%3A19%3A21.107&fu=7e08e6a4-9d47-4675-9591-4e1f3b3cac17
200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.4.0&uid=82b3f55e-c03b-4197-b207-a0b8796b8d42&dp=10&tz=%2B00%3A00&nc=28546389&u=http%3A%2F%2Fwww.multfun.com%2F&r=&rs=1280x1024&t=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&oE=1&oP=1&dT=2022-11-25T04%3A19%3A21.107&fu=7e08e6a4-9d47-4675-9591-4e1f3b3cac17
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.4.0&uid=82b3f55e-c03b-4197-b207-a0b8796b8d42&dp=10&tz=%2B00%3A00&nc=28546389&u=http%3A%2F%2Fwww.multfun.com%2F&r=&rs=1280x1024&t=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&oE=1&oP=1&dT=2022-11-25T04%3A19%3A21.107&fu=7e08e6a4-9d47-4675-9591-4e1f3b3cac17 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.multfun.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=CkIDE2OAQkmoZgJPFFWjAqYbE0N1KcTm55ILYICcbTxKEDbv; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
st.vk.com/dist/common.938f8987279a605a5c36.js?3000a11f142a579176f1b78
200 OK 245 kB URL HTTP/2 st.vk.com/dist/common.938f8987279a605a5c36.js?3000a11f142a579176f1b78
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65423)
Size 245 kB (245287 bytes)
Hash 4cceb46e1973e70e5ca3e469cc5dfeff
b99fe6db7dd43540b6bd7bb99748883425fcd6f7
7ec997ba9db4e377cd0ada8535616f05ab0b1a2f5c34f50879dbd17a554df4d7
GET /dist/common.938f8987279a605a5c36.js?3000a11f142a579176f1b78 HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: application/x-javascript
content-length: 245287
last-modified: Thu, 24 Nov 2022 15:15:05 GMT
etag: "637f8a79-3be27"
content-encoding: br
expires: Tue, 29 Nov 2022 04:19:21 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
st.vk.com/dist/web/audioplayer.3b80c0ecae81c92104d0.js?3d9bd5ff7c267ad9554a63ac8adefaa6
200 OK 2.0 kB URL HTTP/2 st.vk.com/dist/web/audioplayer.3b80c0ecae81c92104d0.js?3d9bd5ff7c267ad9554a63ac8adefaa6
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (4369), with no line terminators
Hash 8c339302cf2ae358e8de1f31635346a0
3cd9e9c4f7c8c53708c98c1d3c0abc1b54a1ca8d
9ddd008ca9b26ce3069ebc780f7fded894b191436b9af493984eede019d6ed38
GET /dist/web/audioplayer.3b80c0ecae81c92104d0.js?3d9bd5ff7c267ad9554a63ac8adefaa6 HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: application/x-javascript
content-length: 2001
last-modified: Thu, 24 Nov 2022 15:15:05 GMT
etag: "637f8a79-7d1"
content-encoding: br
expires: Tue, 29 Nov 2022 04:19:21 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
st.vk.com/css/al/widget_community.d04e156c74bcaae7f546.css
200 OK 2.4 kB URL HTTP/2 st.vk.com/css/al/widget_community.d04e156c74bcaae7f546.css
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (13140)
Hash a3024ccfd04a8181a432cb6fbdc0a7dc
9a40cb6747d80d6594c3349c77ecc2f70e0a216f
e80372326326d19e651c982fab9ce1558875670b288fe9caff4ca5e0320c1286
GET /css/al/widget_community.d04e156c74bcaae7f546.css HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: text/css
content-length: 2407
last-modified: Wed, 12 Oct 2022 10:52:08 GMT
etag: "63469c58-967"
content-encoding: br
expires: Tue, 29 Nov 2022 04:19:21 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
st.vk.com/dist/web/likes.8e8a7f64f67d95437f50.js?7ed47dde33021c529419b9c5028fe7e7
200 OK 7.1 kB URL HTTP/2 st.vk.com/dist/web/likes.8e8a7f64f67d95437f50.js?7ed47dde33021c529419b9c5028fe7e7
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (18966), with no line terminators
Hash 5d8f7c166a11002e2a6ada15f25e5c79
5cb1e55f1de6187db499df65a9a32087ea753fec
0c7f84c19c1052bf44ea9349e04517b05b1145409444403be538b373681f38b4
GET /dist/web/likes.8e8a7f64f67d95437f50.js?7ed47dde33021c529419b9c5028fe7e7 HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: application/x-javascript
content-length: 7130
last-modified: Thu, 24 Nov 2022 15:15:05 GMT
etag: "637f8a79-1bda"
content-encoding: br
expires: Tue, 29 Nov 2022 04:19:21 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
st.vk.com/css/al/base.4d336a216a9f1d8bfb22.css
200 OK 19 kB URL HTTP/2 st.vk.com/css/al/base.4d336a216a9f1d8bfb22.css
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Hash 162006248dcb0aa7e01ef85492e5e17f
f1422e7faccf8da228076f25cec8b35d80c8d778
61b37a00a6c6d0dff644329d826320f8d7af464a2e0dad5baebfae9ecdd6ee30
GET /css/al/base.4d336a216a9f1d8bfb22.css HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: text/css
content-length: 19282
last-modified: Tue, 15 Nov 2022 08:24:47 GMT
etag: "63734ccf-4b52"
content-encoding: br
expires: Tue, 29 Nov 2022 04:19:21 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash a77fc3778b437a40010bfe083464e46b
69165ad38149a340aaba84e198cf792dddbbbb93
1c5aa97c33e91634bbfb0b3607560efef5d45069ab09f4a89f0e8b5de64abc61
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 29 Nov 2022 02:20:33 GMT
ETag: "69165ad38149a340aaba84e198cf792dddbbbb93"
Last-Modified: Fri, 25 Nov 2022 02:20:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2359
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795edfc2c1c12-OSL
ocsp.globalsign.com/gseccovsslca2018
200 OK 937 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash c418f8f464fcc8a418d6740e1fb4e0d5
8f00308b1861205feb5790fc15b36af225498011
8a74951003072df8401ae3ac8cc46a0cf7bbff2182f3f76f1bac93a2754c3eb3
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: application/ocsp-response
Content-Length: 937
Connection: keep-alive
Expires: Tue, 29 Nov 2022 02:47:36 GMT
ETag: "8f00308b1861205feb5790fc15b36af225498011"
Last-Modified: Fri, 25 Nov 2022 02:47:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1468
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795ee0ce9b515-OSL
counter.yadro.ru/hit?t58.18;r;s1280*1024*24;uhttp%3A//www.multfun.com/;0.6529722602274955
200 OK 435 B URL HTTP/1.1 counter.yadro.ru/hit?t58.18;r;s1280*1024*24;uhttp%3A//www.multfun.com/;0.6529722602274955
IP
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash c021371c2a1dfcd4603fb2bf5cd24594
f0d9d965e9c924b8ee687206773659cbef788574
0e9878bb56d77a55e3c483bc24727c0a4e1618666df66d16d472f0106663fa87
GET /hit?t58.18;r;s1280*1024*24;uhttp%3A//www.multfun.com/;0.6529722602274955 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.multfun.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 04:19:21 GMT
Content-Type: image/gif
Content-Length: 435
Connection: keep-alive
Expires: Wed, 24 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: za+sokHzjfku0FBnnFsODQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MPBA5XarMmYwE7WJofymeHtB+CU=
mc.yandex.ru/metrika/watch.js
200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash 89185e037b366ee6c6b5d55bd893c11d
6a0e2cd6189b890da76b827beaeeca41097e8cf1
2b46f64d745301de1b0f94206157e0373db1e5db20e7725794fb34adaab08423
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.multfun.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 57741
date: Fri, 25 Nov 2022 04:19:21 GMT
access-control-allow-origin: *
etag: "637f41b2-e18d"
expires: Fri, 25 Nov 2022 05:19:21 GMT
last-modified: Thu, 24 Nov 2022 13:04:34 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 8042a691408489684ec1ab7286094589
07d682698aba553785d87481329f003a5a3d7b19
a643608926eaa16ccea6e1fd05279f57595d20d3d243ea97455f35f460410830
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6006
Cache-Control: max-age=133070
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:19:22 GMT
Etag: "637f8fa2-116"
Expires: Sat, 26 Nov 2022 17:17:13 GMT
Last-Modified: Thu, 24 Nov 2022 15:37:06 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 49508c4a0acb68bd3694a60dfd757505
c9103ff5c366c5ba71c02a5a8da7857e4f1ad371
587b0735c3a9e07d72071b55d3a822ad053fd9540aa9032759ffb3286b5fcdca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "587B0735C3A9E07D72071B55D3A822AD053FD9540AA9032759FFB3286B5FCDCA"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10233
Expires: Fri, 25 Nov 2022 07:09:55 GMT
Date: Fri, 25 Nov 2022 04:19:22 GMT
Connection: keep-alive
a.utraff.com/sync?ssp=sape
204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=sape
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Sun, 25 Dec 2022 07:19:22 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Sun, 25 Dec 2022 07:19:22 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfpxduEszEczfZgjgIGShM4iQAGpfT9EhY94Z4Db2pjpV5WhBknsUSvhKkpQwlHtYO9URPRcXWEz0b0XnacZ8byJDu4pcXzLkfT2FTepWgI%2Bhb1FnOzAKgaHkqIhzHk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f795ef0d321c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1303420A494280635F02CAA90250BF16
302 Found 0 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1303420A494280635F02CAA90250BF16
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=56853841-6c78-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 25 Nov 2023 04:19:22 GMT; SameSite=None; Secure
uid-legacy=56853841-6c78-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 25 Nov 2023 04:19:22 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1303420A494280635F02CAA90250BF16&cs=1
X-Firefox-Spdy: h2
dm-eu.hybrid.ai/match?id=106&vid=1303420A494280635F02CAA90250BF16
204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=1303420A494280635F02CAA90250BF16
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 25 Nov 2022 04:19:22 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=5098a7ad4048d1270143; expires=Sat, 25 Nov 2023 04:19:21 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 507
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b0eea28ee764a70bd69a31c049dd4a1f
b8c17b0a0120999f3ef1af25d394c06260cd5453
c92a2a8386fdda2606795b9a1611e28c1514deecd4c9aea85be6af562bfcf221
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C92A2A8386FDDA2606795B9A1611E28C1514DEECD4C9AEA85BE6AF562BFCF221"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13811
Expires: Fri, 25 Nov 2022 08:09:33 GMT
Date: Fri, 25 Nov 2022 04:19:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c730a692a408e87f683efed163ce458c
5c1b063ff7d612d63c72b48760a8927c73f6ffc2
1078e155af59d0c97e5293562e26b3f24bc5bd295581a905643ec9a73021e40f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1078E155AF59D0C97E5293562E26B3F24BC5BD295581A905643EC9A73021E40F"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12436
Expires: Fri, 25 Nov 2022 07:46:38 GMT
Date: Fri, 25 Nov 2022 04:19:22 GMT
Connection: keep-alive
sync.upravel.com/sape/sync
302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1669349962213;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1669349962213;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
s.uuidksinc.net/match/396/?remote_uid=1303420A494280635F02CAA90250BF16
302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=1303420A494280635F02CAA90250BF16
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Fri, 25 Nov 2022 04:19:22 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=bsSKNodWHNbNiqlzrt4r
set-cookie: jcsuuid=bsSKNodWHNbNiqlzrt4r; expires=Sat, 25 Nov 2023 04:19:22 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 8042a691408489684ec1ab7286094589
07d682698aba553785d87481329f003a5a3d7b19
a643608926eaa16ccea6e1fd05279f57595d20d3d243ea97455f35f460410830
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6006
Cache-Control: max-age=133070
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:19:22 GMT
Etag: "637f8fa2-116"
Expires: Sat, 26 Nov 2022 17:17:13 GMT
Last-Modified: Thu, 24 Nov 2022 15:37:06 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 68a2634b7725a787f2b8be7473e44656
3da23ecea65689b73dad915e3a990ecf7f3c07b4
ef14a06e2f78411e1fd48133fc2a007f654d257453bf8f350097b63141d93408
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 29 Nov 2022 02:57:27 GMT
ETag: "3da23ecea65689b73dad915e3a990ecf7f3c07b4"
Last-Modified: Fri, 25 Nov 2022 02:57:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2127
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795effdcc1c12-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b3d11fe830c5fa6795d3206a4898a824
80df0fa2013e177a96b41f5dcf6b9b7d66cd0a5e
9df1341498d26f04e4e36b682e224c6af4034894f10cb817d4e223dbdab0b8e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9DF1341498D26F04E4E36B682E224C6AF4034894F10CB817D4E223DBDAB0B8E9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8642
Expires: Fri, 25 Nov 2022 06:43:24 GMT
Date: Fri, 25 Nov 2022 04:19:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 634a22a5b89c55bcc382e54f4fdc2a34
665c7a798bd6b9ea51684e33c22c489985ccc81b
850533fca4689e8cc5bdd8599b261d753a3b3fa483ce7431698c5b209ea628e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "850533FCA4689E8CC5BDD8599B261D753A3B3FA483CE7431698C5B209EA628E8"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9718
Expires: Fri, 25 Nov 2022 07:01:20 GMT
Date: Fri, 25 Nov 2022 04:19:22 GMT
Connection: keep-alive
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=4102420A4A4280631C00DD93029B72BF
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkICQWOAQkqT3QAcv3KbAuWj1pVwBbNaKfgKzyxvrzR6aexN; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash d66b84429115222c2d28daccdbfac9f4
338bf2f651dc4373d52df9c9c9d9f91cf31efd06
835fecd8dfa3a82cb35176efae2c89935b51ab63eac4f589c00bba46d0d10cad
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 29 Nov 2022 01:42:12 GMT
ETag: "338bf2f651dc4373d52df9c9c9d9f91cf31efd06"
Last-Modified: Fri, 25 Nov 2022 01:42:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1090
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795f04e09b515-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 774a6ca238640d7456d09523e90eb0b0
e73722136f436c9d1600de6c8886de678aa7cc49
18df86dabed81e28e514ea2078d10d7bb854ea3eb0446f445659e107da50f8c1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18DF86DABED81E28E514EA2078D10D7BB854EA3EB0446F445659E107DA50F8C1"
Last-Modified: Tue, 22 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10828
Expires: Fri, 25 Nov 2022 07:19:50 GMT
Date: Fri, 25 Nov 2022 04:19:22 GMT
Connection: keep-alive
sync.republer.com/match?dsp=sape
204 No Content 0 B URL HTTP/2 sync.republer.com/match?dsp=sape
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?dsp=sape HTTP/1.1
Host: sync.republer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 25 Nov 2022 04:19:22 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 774a6ca238640d7456d09523e90eb0b0
e73722136f436c9d1600de6c8886de678aa7cc49
18df86dabed81e28e514ea2078d10d7bb854ea3eb0446f445659e107da50f8c1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18DF86DABED81E28E514EA2078D10D7BB854EA3EB0446F445659E107DA50F8C1"
Last-Modified: Tue, 22 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10828
Expires: Fri, 25 Nov 2022 07:19:50 GMT
Date: Fri, 25 Nov 2022 04:19:22 GMT
Connection: keep-alive
st.vk.com/dist/audioplayer.dd92c1010d87279d6d61.js?300585bb74d83dc020e4d6f
200 OK 0 B URL HTTP/2 st.vk.com/dist/audioplayer.dd92c1010d87279d6d61.js?300585bb74d83dc020e4d6f
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dist/audioplayer.dd92c1010d87279d6d61.js?300585bb74d83dc020e4d6f HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: application/x-javascript
content-length: 35632
last-modified: Wed, 23 Nov 2022 15:33:42 GMT
etag: "637e3d56-8b30"
content-encoding: br
expires: Tue, 29 Nov 2022 04:19:21 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8b5d48b3fd19a8246bdd6e2086a92dff
a21901cb2b2ced6c5d481e92d4f495e1c737569f
b9a2ac2def1e4af6059d0e1bdbc0962a62431b922ced52959fd044f6aca60387
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B9A2AC2DEF1E4AF6059D0E1BDBC0962A62431B922CED52959FD044F6ACA60387"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4534
Expires: Fri, 25 Nov 2022 05:34:56 GMT
Date: Fri, 25 Nov 2022 04:19:22 GMT
Connection: keep-alive
stat.adlabs.ru/merge_gpsid/?sid=50&id=1303420A494280635F02CAA90250BF16
302 Found 0 B URL HTTP/2 stat.adlabs.ru/merge_gpsid/?sid=50&id=1303420A494280635F02CAA90250BF16
IP
ASN #201009 Centre of server systems Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge_gpsid/?sid=50&id=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: stat.adlabs.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=1303420A494280635F02CAA90250BF16
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&uid=1303420A494280635F02CAA90250BF16
302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=1303420A494280635F02CAA90250BF16
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ1Njk5MzM5YS02Yzc4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Thu, 20 Nov 2042 04:19:22 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjKhIGcBmIgMTMwMzQyMEE0OTQyODA2MzVGMDJDQUE5MDI1MEJGMTaiARBWmTOabHgR7asVACWQyCQ3
ETag: 5699339a-6c78-11ed-ab15-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
ut.rktch.com/matchspm?pi=1000005&pui=1303420A494280635F02CAA90250BF16
302 Found 0 B URL HTTP/1.1 ut.rktch.com/matchspm?pi=1000005&pui=1303420A494280635F02CAA90250BF16
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /matchspm?pi=1000005&pui=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: ut.rktch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=b99da6dd427235bbd18d014d913cc08adf33; Max-Age=2592000; Expires=Sun, 25 Dec 2022 04:19:22 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true
st.vk.com/dist/api/widgets/community.js?1
200 OK 0 B URL HTTP/2 st.vk.com/dist/api/widgets/community.js?1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dist/api/widgets/community.js?1 HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: application/x-javascript
content-length: 270125
last-modified: Thu, 24 Nov 2022 15:07:47 GMT
etag: "637f88c3-41f2d"
content-encoding: br
expires: Tue, 29 Nov 2022 04:19:21 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0282e326d25e2f375fbc849119504d8f
242473b4cc2338dfb9a89493eb13baaf0bcc030a
add1589cc9357ff15fbabcb09f97a5acdd2378bdbbb957741e1b0f54de7c25c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ADD1589CC9357FF15FBABCB09F97A5ACDD2378BDBBB957741E1B0F54DE7C25C7"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8714
Expires: Fri, 25 Nov 2022 06:44:36 GMT
Date: Fri, 25 Nov 2022 04:19:22 GMT
Connection: keep-alive
pix.bumlam.com/sync/sape/check?sspuid=1303420A494280635F02CAA90250BF16
302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/check?sspuid=1303420A494280635F02CAA90250BF16
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/check?sspuid=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape
mediatoday.ru/core/match.gif?s=32&id=1303420A494280635F02CAA90250BF16
200 OK 43 B URL HTTP/2 mediatoday.ru/core/match.gif?s=32&id=1303420A494280635F02CAA90250BF16
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /core/match.gif?s=32&id=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.22.0
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VU1TP8hICn7nb2d; expires=Mon, 22-Nov-2032 04:19:23 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1303420A494280635F02CAA90250BF16&cs=1
200 OK 35 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1303420A494280635F02CAA90250BF16&cs=1
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1303420A494280635F02CAA90250BF16&cs=1 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=56853841-6c78-11ed-8ff0-f832e4719dd9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/gif
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=56853841-6c78-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 25 Nov 2023 04:19:22 GMT; SameSite=None; Secure
uid-legacy=56853841-6c78-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 25 Nov 2023 04:19:22 GMT
X-Firefox-Spdy: h2
nr.bidderstack.com/sape/cm?user_id=1303420A494280635F02CAA90250BF16
200 OK 44 B URL HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=1303420A494280635F02CAA90250BF16
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
GET /sape/cm?user_id=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=04c54fdc-621d-4f19-b4a4-0f532c062bc9; domain=.bidderstack.com; path=/; expires=Sat, 25-Nov-2023 04:19:22 GMT;
Access-Control-Allow-Credentials: true
match.new-programmatic.com/userbind?src=sape&id=1303420A494280635F02CAA90250BF16
204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=1303420A494280635F02CAA90250BF16
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.18.0
Date: Fri, 25 Nov 2022 04:19:50 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
cs.agency2.ru/p?ssp=sp&uid=1303420A494280635F02CAA90250BF16
301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=1303420A494280635F02CAA90250BF16
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=b18d1702-2753-472e-883b-7e3e6efd49d2
Set-Cookie: uuid=b18d1702-2753-472e-883b-7e3e6efd49d2; expires=Thu, 16 Nov 2023 04:19:22 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
302 Found 570 B URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP
ASN #48096 Enterprise Cloud Ltd.
File type PNG image data, 50 x 50, 8-bit/color RGB, non-interlaced\012- data
Hash b17a9dcdcc1e5028061e3c769a736e0d
55a0cff39baf55044b77888f5503925319279b38
e3b9c102be54a21fc534271c42ff116be61325240fac9649023cc6adf41d8e72
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=9c248d7afb2248a498e426bedbbadb1e
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=9c248d7afb2248a498e426bedbbadb1e; expires=Fri, 24 Nov 2023 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Fri, 25 Nov 2022 04:19:21 GMT
X-Firefox-Spdy: h2
www.acint.net/match?dp=127&euid=bsSKNodWHNbNiqlzrt4r
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=bsSKNodWHNbNiqlzrt4r
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=bsSKNodWHNbNiqlzrt4r HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2OAQkmoZgJPFFWjAqYbE0N1KcTm55ILYICcbTxKEDbv; cSyncDp7v2=1669349961; cSyncDp14v3=1669349961; cSyncDp17=1669349961; cSyncDp32=1669349961; cSyncDp45v3=1669349961; cSyncDp53=1669349961; cSyncDp54v2=1669349961; cSyncDp62=1669349961; cSyncDp67v2=1669349961; cSyncDp68=1669349961; cSyncDp71=1669349961; cSyncDp77=1669349961; cSyncDp84=1669349961; cSyncDp85=1669349961; cSyncDp95v3=1669349961; cSyncDp101=1669349961; cSyncDp104v2=1669349961; cSyncDp107=1669349961; cSyncDp110=1669349961; cSyncDp111v2=1669349961; cSyncDp112v2=1669349961; cSyncDp125v2=1669349961; cSyncDp126=1669349961; cSyncDp127=1669349961; cSyncDp129=1669349961; cSyncDp136v2=1669349961; cSyncDp138=1669349961; cSyncDp144=1669349961; cSyncDp146=1669349961; cSyncDp148=1669349961; cSyncDp149v2=1669349961; cSyncDp151=1669349961; cSyncDp178=1669349961; cSyncDp179=1669349961; cSyncDp186=1669349961; cSyncDp221=1669349961
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=129&euid=n8wvmftiik
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=n8wvmftiik
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=n8wvmftiik HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2OAQkmoZgJPFFWjAqYbE0N1KcTm55ILYICcbTxKEDbv; cSyncDp7v2=1669349961; cSyncDp14v3=1669349961; cSyncDp17=1669349961; cSyncDp32=1669349961; cSyncDp45v3=1669349961; cSyncDp53=1669349961; cSyncDp54v2=1669349961; cSyncDp62=1669349961; cSyncDp67v2=1669349961; cSyncDp68=1669349961; cSyncDp71=1669349961; cSyncDp77=1669349961; cSyncDp84=1669349961; cSyncDp85=1669349961; cSyncDp95v3=1669349961; cSyncDp101=1669349961; cSyncDp104v2=1669349961; cSyncDp107=1669349961; cSyncDp110=1669349961; cSyncDp111v2=1669349961; cSyncDp112v2=1669349961; cSyncDp125v2=1669349961; cSyncDp126=1669349961; cSyncDp127=1669349961; cSyncDp129=1669349961; cSyncDp136v2=1669349961; cSyncDp138=1669349961; cSyncDp144=1669349961; cSyncDp146=1669349961; cSyncDp148=1669349961; cSyncDp149v2=1669349961; cSyncDp151=1669349961; cSyncDp178=1669349961; cSyncDp179=1669349961; cSyncDp186=1669349961; cSyncDp221=1669349961
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
st.vk.com/images/icons/post_widget.png
200 OK 981 B URL HTTP/2 st.vk.com/images/icons/post_widget.png
IP
File type PNG image data, 16 x 106, 8-bit/color RGBA, non-interlaced\012- data
Hash 53c541440c1c235dc990caa768db5146
72135fa7e27edd2f2ff46335e0fe47ce8eb08cc1
33c22d62b4d9b60d8ac8b010f4e19da452eb17484e66c581c5f4184dd8152d90
GET /images/icons/post_widget.png HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.vk.com/css/al/lite.767433f9d8f76d21bc7a.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/png
content-length: 981
last-modified: Tue, 22 Sep 2020 20:29:56 GMT
etag: "5f6a5ec4-3d5"
expires: Tue, 29 Nov 2022 04:19:22 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
accept-ranges: bytes
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1669349962213
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=4d439c4d-8220-44d9-a6f6-0cb3759dafaf;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=4d439c4d-8220-44d9-a6f6-0cb3759dafaf;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=4d439c4d-8220-44d9-a6f6-0cb3759dafaf
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
mc.yandex.ru/watch/23454055/1?wmode=7&page-url=http%3A%2F%2Fwww.multfun.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1039%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1644504773237%3Ahid%3A540246092%3Az%3A0%3Ai%3A20221125041921%3Aet%3A1669349962%3Ac%3A1%3Arn%3A499335064%3Arqn%3A1%3Au%3A1669349962527159475%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C1%2C84%2C1%2C-5%2C0%2C%2C807%2C53%2C%2C%2C%2C987%3Ans%3A1669349959846%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669349962%3At%3AMultfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/23454055/1?wmode=7&page-url=http%3A%2F%2Fwww.multfun.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1039%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1644504773237%3Ahid%3A540246092%3Az%3A0%3Ai%3A20221125041921%3Aet%3A1669349962%3Ac%3A1%3Arn%3A499335064%3Arqn%3A1%3Au%3A1669349962527159475%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C1%2C84%2C1%2C-5%2C0%2C%2C807%2C53%2C%2C%2C%2C987%3Ans%3A1669349959846%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669349962%3At%3AMultfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
IP
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash 83948cad481dfa3cdec6323a94cfd46c
10f931022267a3ba07c968bbb1548b4bf504689a
4f759717a987e184ed27ef83d87949591ba274047151e5b0ac539932b88b1b87
GET /watch/23454055/1?wmode=7&page-url=http%3A%2F%2Fwww.multfun.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1039%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1644504773237%3Ahid%3A540246092%3Az%3A0%3Ai%3A20221125041921%3Aet%3A1669349962%3Ac%3A1%3Arn%3A499335064%3Arqn%3A1%3Au%3A1669349962527159475%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C1%2C84%2C1%2C-5%2C0%2C%2C807%2C53%2C%2C%2C%2C987%3Ans%3A1669349959846%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669349962%3At%3AMultfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.multfun.com
Referer: http://www.multfun.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Fri, 25 Nov 2022 04:19:22 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://www.multfun.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 04:19:22 GMT
last-modified: Fri, 25-Nov-2022 04:19:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
acint.net/match?dp=110&euid=9c248d7afb2248a498e426bedbbadb1e
200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=9c248d7afb2248a498e426bedbbadb1e
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=9c248d7afb2248a498e426bedbbadb1e HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2OAQkmoZgJPFFWjAqYbE0N1KcTm55ILYICcbTxKEDbv; cSyncDp7v2=1669349961; cSyncDp14v3=1669349961; cSyncDp17=1669349961; cSyncDp32=1669349961; cSyncDp45v3=1669349961; cSyncDp53=1669349961; cSyncDp54v2=1669349961; cSyncDp62=1669349961; cSyncDp67v2=1669349961; cSyncDp68=1669349961; cSyncDp71=1669349961; cSyncDp77=1669349961; cSyncDp84=1669349961; cSyncDp85=1669349961; cSyncDp95v3=1669349961; cSyncDp101=1669349961; cSyncDp104v2=1669349961; cSyncDp107=1669349961; cSyncDp110=1669349961; cSyncDp111v2=1669349961; cSyncDp112v2=1669349961; cSyncDp125v2=1669349961; cSyncDp126=1669349961; cSyncDp127=1669349961; cSyncDp129=1669349961; cSyncDp136v2=1669349961; cSyncDp138=1669349961; cSyncDp144=1669349961; cSyncDp146=1669349961; cSyncDp148=1669349961; cSyncDp149v2=1669349961; cSyncDp151=1669349961; cSyncDp178=1669349961; cSyncDp179=1669349961; cSyncDp186=1669349961; cSyncDp221=1669349961
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=111&euid=edebb8f6-4b70-48c2-b48e-6cdc65cf58f7
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=111&euid=edebb8f6-4b70-48c2-b48e-6cdc65cf58f7
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=111&euid=edebb8f6-4b70-48c2-b48e-6cdc65cf58f7 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2OAQkmoZgJPFFWjAqYbE0N1KcTm55ILYICcbTxKEDbv; cSyncDp7v2=1669349961; cSyncDp14v3=1669349961; cSyncDp17=1669349961; cSyncDp32=1669349961; cSyncDp45v3=1669349961; cSyncDp53=1669349961; cSyncDp54v2=1669349961; cSyncDp62=1669349961; cSyncDp67v2=1669349961; cSyncDp68=1669349961; cSyncDp71=1669349961; cSyncDp77=1669349961; cSyncDp84=1669349961; cSyncDp85=1669349961; cSyncDp95v3=1669349961; cSyncDp101=1669349961; cSyncDp104v2=1669349961; cSyncDp107=1669349961; cSyncDp110=1669349961; cSyncDp111v2=1669349961; cSyncDp112v2=1669349961; cSyncDp125v2=1669349961; cSyncDp126=1669349961; cSyncDp127=1669349961; cSyncDp129=1669349961; cSyncDp136v2=1669349961; cSyncDp138=1669349961; cSyncDp144=1669349961; cSyncDp146=1669349961; cSyncDp148=1669349961; cSyncDp149v2=1669349961; cSyncDp151=1669349961; cSyncDp178=1669349961; cSyncDp179=1669349961; cSyncDp186=1669349961; cSyncDp221=1669349961
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.multfun.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 25 Nov 2022 04:19:22 GMT
access-control-allow-origin: *
etag: "637f41b2-2b"
expires: Fri, 25 Nov 2022 05:19:22 GMT
accept-ranges: bytes
last-modified: Thu, 24 Nov 2022 13:04:34 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
acint.net/match?dp=14&euid=4102420A4A4280631C00DD93029B72BF
200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=4102420A4A4280631C00DD93029B72BF
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=4102420A4A4280631C00DD93029B72BF HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2OAQkmoZgJPFFWjAqYbE0N1KcTm55ILYICcbTxKEDbv; cSyncDp7v2=1669349961; cSyncDp14v3=1669349961; cSyncDp17=1669349961; cSyncDp32=1669349961; cSyncDp45v3=1669349961; cSyncDp53=1669349961; cSyncDp54v2=1669349961; cSyncDp62=1669349961; cSyncDp67v2=1669349961; cSyncDp68=1669349961; cSyncDp71=1669349961; cSyncDp77=1669349961; cSyncDp84=1669349961; cSyncDp85=1669349961; cSyncDp95v3=1669349961; cSyncDp101=1669349961; cSyncDp104v2=1669349961; cSyncDp107=1669349961; cSyncDp110=1669349961; cSyncDp111v2=1669349961; cSyncDp112v2=1669349961; cSyncDp125v2=1669349961; cSyncDp126=1669349961; cSyncDp127=1669349961; cSyncDp129=1669349961; cSyncDp136v2=1669349961; cSyncDp138=1669349961; cSyncDp144=1669349961; cSyncDp146=1669349961; cSyncDp148=1669349961; cSyncDp149v2=1669349961; cSyncDp151=1669349961; cSyncDp178=1669349961; cSyncDp179=1669349961; cSyncDp186=1669349961; cSyncDp221=1669349961
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 005e2d2ab93b34abed96b20e3113c169
267fe944740b1a70b70f3aa77f4ad6f3013c7b12
d9075649a65b509a04a4f98b7ba81b569639ec2b929784f7b72cb3eb5bc993c5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 15:41:03 GMT
Expires: Tue, 29 Nov 2022 15:41:02 GMT
Etag: "267fe944740b1a70b70f3aa77f4ad6f3013c7b12"
Cache-Control: max-age=385899,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f795f03aaeb512-OSL
www.acint.net/match?dp=186&euid=b18d1702-2753-472e-883b-7e3e6efd49d2
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=b18d1702-2753-472e-883b-7e3e6efd49d2
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=b18d1702-2753-472e-883b-7e3e6efd49d2 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2OAQkmoZgJPFFWjAqYbE0N1KcTm55ILYICcbTxKEDbv; cSyncDp7v2=1669349961; cSyncDp14v3=1669349961; cSyncDp17=1669349961; cSyncDp32=1669349961; cSyncDp45v3=1669349961; cSyncDp53=1669349961; cSyncDp54v2=1669349961; cSyncDp62=1669349961; cSyncDp67v2=1669349961; cSyncDp68=1669349961; cSyncDp71=1669349961; cSyncDp77=1669349961; cSyncDp84=1669349961; cSyncDp85=1669349961; cSyncDp95v3=1669349961; cSyncDp101=1669349961; cSyncDp104v2=1669349961; cSyncDp107=1669349961; cSyncDp110=1669349961; cSyncDp111v2=1669349961; cSyncDp112v2=1669349961; cSyncDp125v2=1669349961; cSyncDp126=1669349961; cSyncDp127=1669349961; cSyncDp129=1669349961; cSyncDp136v2=1669349961; cSyncDp138=1669349961; cSyncDp144=1669349961; cSyncDp146=1669349961; cSyncDp148=1669349961; cSyncDp149v2=1669349961; cSyncDp151=1669349961; cSyncDp178=1669349961; cSyncDp179=1669349961; cSyncDp186=1669349961; cSyncDp221=1669349961
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=71&euid=4d439c4d-8220-44d9-a6f6-0cb3759dafaf
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=4d439c4d-8220-44d9-a6f6-0cb3759dafaf
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=4d439c4d-8220-44d9-a6f6-0cb3759dafaf HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2OAQkmoZgJPFFWjAqYbE0N1KcTm55ILYICcbTxKEDbv; cSyncDp7v2=1669349961; cSyncDp14v3=1669349961; cSyncDp17=1669349961; cSyncDp32=1669349961; cSyncDp45v3=1669349961; cSyncDp53=1669349961; cSyncDp54v2=1669349961; cSyncDp62=1669349961; cSyncDp67v2=1669349961; cSyncDp68=1669349961; cSyncDp71=1669349961; cSyncDp77=1669349961; cSyncDp84=1669349961; cSyncDp85=1669349961; cSyncDp95v3=1669349961; cSyncDp101=1669349961; cSyncDp104v2=1669349961; cSyncDp107=1669349961; cSyncDp110=1669349961; cSyncDp111v2=1669349961; cSyncDp112v2=1669349961; cSyncDp125v2=1669349961; cSyncDp126=1669349961; cSyncDp127=1669349961; cSyncDp129=1669349961; cSyncDp136v2=1669349961; cSyncDp138=1669349961; cSyncDp144=1669349961; cSyncDp146=1669349961; cSyncDp148=1669349961; cSyncDp149v2=1669349961; cSyncDp151=1669349961; cSyncDp178=1669349961; cSyncDp179=1669349961; cSyncDp186=1669349961; cSyncDp221=1669349961
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash 3bd5eddc75ceb1c5ddbc120d8968d0c6
50888f6151c4e09343fe02177ee42f619de4d128
c9baae1d5546b6f9594d0c93ec7731eb1e76ac248765aea10e5b95d23e3ea4cb
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=31f4d37a-b35e-4962-7980-ab41d1422823
serverid: TODO
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash d9f517ca8355b8a1b559eaf22c3978ef
85791303068c54ce3a3459bf789c49769ceb5805
886d75d1690af5aa934d4a37e7284e85d94893ef5d0865151b44487ef908eb0b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 23:26:43 GMT
Expires: Wed, 30 Nov 2022 23:26:42 GMT
Etag: "85791303068c54ce3a3459bf789c49769ceb5805"
Cache-Control: max-age=500239,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f795f0bab6b4fd-OSL
sync.bumlam.com/?src=sap1&s_data=CAIQARjKhIGcBmIgMTMwMzQyMEE0OTQyODA2MzVGMDJDQUE5MDI1MEJGMTaiARBWmTOabHgR7asVACWQyCQ3
200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARjKhIGcBmIgMTMwMzQyMEE0OTQyODA2MzVGMDJDQUE5MDI1MEJGMTaiARBWmTOabHgR7asVACWQyCQ3
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARjKhIGcBmIgMTMwMzQyMEE0OTQyODA2MzVGMDJDQUE5MDI1MEJGMTaiARBWmTOabHgR7asVACWQyCQ3 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ1Njk5MzM5YS02Yzc4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ1Njk5MzM5YS02Yzc4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Thu, 20 Nov 2042 04:19:22 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash d6d77aec983aaa0b68b9f5b0e3a817ee
50972b4419c64b990c3256a3dd162109ac33c2aa
83500371aa3bf95a6d7b75b265c94bf4bd9c37ec8cd6bd6fc0a954ab2895ad0b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 02:58:26 GMT
ETag: "50972b4419c64b990c3256a3dd162109ac33c2aa"
Last-Modified: Fri, 25 Nov 2022 02:58:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1145
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795f20e951c12-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash d6d77aec983aaa0b68b9f5b0e3a817ee
50972b4419c64b990c3256a3dd162109ac33c2aa
83500371aa3bf95a6d7b75b265c94bf4bd9c37ec8cd6bd6fc0a954ab2895ad0b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 02:58:26 GMT
ETag: "50972b4419c64b990c3256a3dd162109ac33c2aa"
Last-Modified: Fri, 25 Nov 2022 02:58:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1145
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795f21e9e1c12-OSL
sync.bumlam.com/?src=sape
302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ1Njk5MzM5YS02Yzc4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ1Njk5MzM5YS02Yzc4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Thu, 20 Nov 2042 04:19:22 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=5699339a-6c78-11ed-ab15-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash d6d77aec983aaa0b68b9f5b0e3a817ee
50972b4419c64b990c3256a3dd162109ac33c2aa
83500371aa3bf95a6d7b75b265c94bf4bd9c37ec8cd6bd6fc0a954ab2895ad0b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 02:58:26 GMT
ETag: "50972b4419c64b990c3256a3dd162109ac33c2aa"
Last-Modified: Fri, 25 Nov 2022 02:58:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1145
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795f23eac1c12-OSL
sun9-16.userapi.com/s/v1/ig2/Iz0UMTEKVuv_2AOQFIxccq6-i9X1Hc_00WCUza_7bO66QOL38J6WKNFsE0cgXNCa1TJoa_ztNqWKvhLPONAkFDm9.jpg?size=50x50&quality=95&crop=181,162,386,386&ava=1
200 OK 1.1 kB URL HTTP/2 sun9-16.userapi.com/s/v1/ig2/Iz0UMTEKVuv_2AOQFIxccq6-i9X1Hc_00WCUza_7bO66QOL38J6WKNFsE0cgXNCa1TJoa_ztNqWKvhLPONAkFDm9.jpg?size=50x50&quality=95&crop=181,162,386,386&ava=1
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash f0ced2dbb031c52021b2a7547ca970af
7f73b0673165b7ba2409660a6f9cc6e64cb4f1bb
86e88f6b0716628061e1be5af65d66418e756bb75ae450bcf6e2acf4208f13c1
GET /s/v1/ig2/Iz0UMTEKVuv_2AOQFIxccq6-i9X1Hc_00WCUza_7bO66QOL38J6WKNFsE0cgXNCa1TJoa_ztNqWKvhLPONAkFDm9.jpg?size=50x50&quality=95&crop=181,162,386,386&ava=1 HTTP/1.1
Host: sun9-16.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/jpeg
content-length: 1071
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
x-imp: 839217
expires: Sun, 25 Dec 2022 04:19:22 GMT
cache-control: max-age=2592000
x-frontend: front224307
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
sun9-33.userapi.com/s/v1/if1/J-KYPxCqR7ZcM1TouPjt7jhOBUHtusUnhBVONslaB2EZxexN-FKumDDpsQ7vhYLHoEaMG80y.jpg?size=50x50&quality=96&crop=105,44,265,265&ava=1
200 OK 3.1 kB URL HTTP/2 sun9-33.userapi.com/s/v1/if1/J-KYPxCqR7ZcM1TouPjt7jhOBUHtusUnhBVONslaB2EZxexN-FKumDDpsQ7vhYLHoEaMG80y.jpg?size=50x50&quality=96&crop=105,44,265,265&ava=1
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash cc6a54712f62cad728bb987401f57c33
4e712db14258fa34df812052b6d45b91a958d38e
f879b67a50e57a1630ba288fbc0b9c4681f350e5db351c00938b9a146fdd36d8
GET /s/v1/if1/J-KYPxCqR7ZcM1TouPjt7jhOBUHtusUnhBVONslaB2EZxexN-FKumDDpsQ7vhYLHoEaMG80y.jpg?size=50x50&quality=96&crop=105,44,265,265&ava=1 HTTP/1.1
Host: sun9-33.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/jpeg
content-length: 3097
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
x-imp: 854004
expires: Sun, 25 Dec 2022 04:19:22 GMT
cache-control: max-age=2592000
x-frontend: front508129
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
dmp.gotechnology.io/match/sape?id=1303420A494280635F02CAA90250BF16
302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=1303420A494280635F02CAA90250BF16
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=1303420A494280635F02CAA90250BF16&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de5d4025500d69d327f49266a18e538a
47d3275d0f92686a8e86cb09b16627cddb82984b
25b35f377f53fda43ecae3487f7dd289bfca1caca6631a7f9990f405aee77094
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25B35F377F53FDA43ECAE3487F7DD289BFCA1CACA6631A7F9990F405AEE77094"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3987
Expires: Fri, 25 Nov 2022 05:25:49 GMT
Date: Fri, 25 Nov 2022 04:19:22 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash d6d77aec983aaa0b68b9f5b0e3a817ee
50972b4419c64b990c3256a3dd162109ac33c2aa
83500371aa3bf95a6d7b75b265c94bf4bd9c37ec8cd6bd6fc0a954ab2895ad0b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 02:58:26 GMT
ETag: "50972b4419c64b990c3256a3dd162109ac33c2aa"
Last-Modified: Fri, 25 Nov 2022 02:58:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1145
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795f25ebf1c12-OSL
www.acint.net/match?dp=126&euid=31f4d37a-b35e-4962-7980-ab41d1422823
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=31f4d37a-b35e-4962-7980-ab41d1422823
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=31f4d37a-b35e-4962-7980-ab41d1422823 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2OAQkmoZgJPFFWjAqYbE0N1KcTm55ILYICcbTxKEDbv; cSyncDp7v2=1669349961; cSyncDp14v3=1669349961; cSyncDp17=1669349961; cSyncDp32=1669349961; cSyncDp45v3=1669349961; cSyncDp53=1669349961; cSyncDp54v2=1669349961; cSyncDp62=1669349961; cSyncDp67v2=1669349961; cSyncDp68=1669349961; cSyncDp71=1669349961; cSyncDp77=1669349961; cSyncDp84=1669349961; cSyncDp85=1669349961; cSyncDp95v3=1669349961; cSyncDp101=1669349961; cSyncDp104v2=1669349961; cSyncDp107=1669349961; cSyncDp110=1669349961; cSyncDp111v2=1669349961; cSyncDp112v2=1669349961; cSyncDp125v2=1669349961; cSyncDp126=1669349961; cSyncDp127=1669349961; cSyncDp129=1669349961; cSyncDp136v2=1669349961; cSyncDp138=1669349961; cSyncDp144=1669349961; cSyncDp146=1669349961; cSyncDp148=1669349961; cSyncDp149v2=1669349961; cSyncDp151=1669349961; cSyncDp178=1669349961; cSyncDp179=1669349961; cSyncDp186=1669349961; cSyncDp221=1669349961
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash c1fb0fc05f58211d0ad6b07aced9d8da
1f4c3b90d37d734f38f53e3ad6344f27cdd03a9d
0d8885d35ecad0c247994f094f868d3281faaab147a957c065f367405eb9ce64
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Tue, 29 Nov 2022 03:15:18 GMT
ETag: "1f4c3b90d37d734f38f53e3ad6344f27cdd03a9d"
Last-Modified: Fri, 25 Nov 2022 03:15:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 150
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795f26eceb515-OSL
pix.bumlam.com/sync/sape/sync_ok?guid=5699339a-6c78-11ed-ab15-002590c82437
302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/sync_ok?guid=5699339a-6c78-11ed-ab15-002590c82437
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/sync_ok?guid=5699339a-6c78-11ed-ab15-002590c82437 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ1Njk5MzM5YS02Yzc4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://5699339a-6c78-11ed-ab15-002590c82437.n5.sync.bumlam.com/?src=sape
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash d6d77aec983aaa0b68b9f5b0e3a817ee
50972b4419c64b990c3256a3dd162109ac33c2aa
83500371aa3bf95a6d7b75b265c94bf4bd9c37ec8cd6bd6fc0a954ab2895ad0b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 29 Nov 2022 02:58:26 GMT
ETag: "50972b4419c64b990c3256a3dd162109ac33c2aa"
Last-Modified: Fri, 25 Nov 2022 02:58:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1145
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795f26ecb1c12-OSL
sun9-86.userapi.com/s/v1/if1/ckbfRojBPuQLETx0wud_wmG0815ozrX_53bgwa4uun3YnKNXtRTXYqe4RQbAKrjmtzq6yq57.jpg?size=50x50&quality=96&crop=116,63,651,651&ava=1
200 OK 1.8 kB URL HTTP/2 sun9-86.userapi.com/s/v1/if1/ckbfRojBPuQLETx0wud_wmG0815ozrX_53bgwa4uun3YnKNXtRTXYqe4RQbAKrjmtzq6yq57.jpg?size=50x50&quality=96&crop=116,63,651,651&ava=1
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash c8bdf437f7ccd7cceb523f6bf62da36b
eedad55b7e697db6184f393929683a878f906d34
0e473f0b7c93fc462483a4b61567179bf592c3098d823cad04dca8a49b7454be
GET /s/v1/if1/ckbfRojBPuQLETx0wud_wmG0815ozrX_53bgwa4uun3YnKNXtRTXYqe4RQbAKrjmtzq6yq57.jpg?size=50x50&quality=96&crop=116,63,651,651&ava=1 HTTP/1.1
Host: sun9-86.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/jpeg
content-length: 1762
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
x-imp: 525500
expires: Sun, 25 Dec 2022 04:19:22 GMT
cache-control: max-age=2592000
x-frontend: front831003
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
sun9-7.userapi.com/s/v1/if1/JPOfx4mXtfox3LfVAMWpss4wlDrIUgxvnlcZCkNn37n-Z1x4MLoNpv12EAUPOn-VYaLFTmtx.jpg?size=50x50&quality=96&crop=0,69,906,906&ava=1
200 OK 3.3 kB URL HTTP/2 sun9-7.userapi.com/s/v1/if1/JPOfx4mXtfox3LfVAMWpss4wlDrIUgxvnlcZCkNn37n-Z1x4MLoNpv12EAUPOn-VYaLFTmtx.jpg?size=50x50&quality=96&crop=0,69,906,906&ava=1
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 458e89f5a0624133fd3f74132fff606e
fa7b405f4332c2f8c4d7aa7810202b65202bebf4
a8ed8fd9f86e174b3f20f0bf402fd633751598d1fbd347b3916c6456ad69bbc9
GET /s/v1/if1/JPOfx4mXtfox3LfVAMWpss4wlDrIUgxvnlcZCkNn37n-Z1x4MLoNpv12EAUPOn-VYaLFTmtx.jpg?size=50x50&quality=96&crop=0,69,906,906&ava=1 HTTP/1.1
Host: sun9-7.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/jpeg
content-length: 3284
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
x-imp: 525404
expires: Sun, 25 Dec 2022 04:19:22 GMT
cache-control: max-age=2592000
x-frontend: front221106
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
sun9-33.userapi.com/c1028/u1756179/e_7ce2c580.jpg
200 OK 2.2 kB URL HTTP/2 sun9-33.userapi.com/c1028/u1756179/e_7ce2c580.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 93", baseline, precision 8, 50x50, components 3\012- data
Hash f8b0f1c8404120d381fdd432cf6d5f9d
9fe0a240b73fa0df0489dbf259bc97803188aa08
d967a5ead6e90eaea1eeb950302e298c6a36284608abdfbcc5ca0ed8c3f970a4
GET /c1028/u1756179/e_7ce2c580.jpg HTTP/1.1
Host: sun9-33.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/jpeg
content-length: 2167
last-modified: Sun, 31 Oct 2010 15:18:50 GMT
etag: "4ccd88da-877"
expires: Sun, 25 Dec 2022 04:19:22 GMT
cache-control: max-age=2592000
x-frontend: front508129
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10&tc=1
200 OK 4.2 kB URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP
Hash b0478ea5f449244a6f6109a17e4b3962
174475fa27abf50215b4bd7792c1ac7475771396
e8694cddc598b78fc729ffb48d0b293c3dde7a9d79637c553e711f6f0a9b0ac4
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.multfun.com/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2OAQkmpygJfFr9QArxmFcPNGVkieeBOcIxRU3ZlEkNf
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 25 Nov 2022 04:19:21 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1669349961; expires=Sat, 26-Nov-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp54v2=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp77=1669349961; expires=Fri, 09-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp84=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1669349961; expires=Fri, 09-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp111v2=1669349961; expires=Fri, 09-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp112v2=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v2=1669349961; expires=Sat, 10-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp138=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp144=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp179=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1669349961; expires=Sun, 25-Dec-22 04:19:21 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
sun9-12.userapi.com/s/v1/ig2/wf0ksgeAYXy1o-DbrNtl3GBL-Fczfontp92AlRBNmdNBgmGQYA5U3Fq1Lk8K-LMWre-qeWz4t3F6QVpcTIS0MkqD.jpg?size=50x50&quality=95&crop=1,1,998,998&ava=1
200 OK 1.9 kB URL HTTP/2 sun9-12.userapi.com/s/v1/ig2/wf0ksgeAYXy1o-DbrNtl3GBL-Fczfontp92AlRBNmdNBgmGQYA5U3Fq1Lk8K-LMWre-qeWz4t3F6QVpcTIS0MkqD.jpg?size=50x50&quality=95&crop=1,1,998,998&ava=1
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash c5634e4974107eac47cd3f7777a15f38
591ab9368041629480b9b593b0be673e9e4449e6
f6859820fa949cc569c9131ab8a8d47bd1599a2a131fa81e000dbbe490b570ea
GET /s/v1/ig2/wf0ksgeAYXy1o-DbrNtl3GBL-Fczfontp92AlRBNmdNBgmGQYA5U3Fq1Lk8K-LMWre-qeWz4t3F6QVpcTIS0MkqD.jpg?size=50x50&quality=95&crop=1,1,998,998&ava=1 HTTP/1.1
Host: sun9-12.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/jpeg
content-length: 1850
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
x-imp: 838620
expires: Sun, 25 Dec 2022 04:19:22 GMT
cache-control: max-age=2592000
x-frontend: front225107
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
sun9-85.userapi.com/c628728/v628728827/45680/nGGPJwCa3Fo.jpg
200 OK 1.8 kB URL HTTP/2 sun9-85.userapi.com/c628728/v628728827/45680/nGGPJwCa3Fo.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash a0e37327266a7fe897d7b571e87d76b6
ed1a32f3cf85e290e640c290ce8d33c1ac05dd42
2e26a483007fef77ba61425ac207dc9eb9c93468b9252b7fa3af76f1f5e62ec6
GET /c628728/v628728827/45680/nGGPJwCa3Fo.jpg HTTP/1.1
Host: sun9-85.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/jpeg
content-length: 1822
last-modified: Sat, 16 Jul 2016 20:08:42 GMT
expires: Sun, 25 Dec 2022 04:19:22 GMT
cache-control: max-age=2592000
x-frontend: front831002
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
dmp.gotechnology.io/match/sape?id=1303420A494280635F02CAA90250BF16&chk=1
302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=1303420A494280635F02CAA90250BF16&chk=1
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1303420A494280635F02CAA90250BF16&chk=1 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-length: 0
location: https://an.yandex.ru/mapuid/gonetdspis/NWFiMmQ3OTVjNzJjMjJmZg
set-cookie: pid=NWFiMmQ3OTVjNzJjMjJmZg; expires=Sat, 25 Nov 2023 04:19:22 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
sun9-2.userapi.com/c9419/v9419587/1499/Jmv2UwjAmGU.jpg
200 OK 2.3 kB URL HTTP/2 sun9-2.userapi.com/c9419/v9419587/1499/Jmv2UwjAmGU.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 50x50, components 3\012- data
Hash f6ed512dea96889b64cdbe45a5fe94ad
9ef250d889bba9b63f6c272525b12a68243930a3
cfd873d99abdb3eb46a5b4eab5872446892519753bd7bbcaf663d9b62be32c8d
GET /c9419/v9419587/1499/Jmv2UwjAmGU.jpg HTTP/1.1
Host: sun9-2.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/jpeg
content-length: 2343
last-modified: Mon, 12 Aug 2013 20:19:21 GMT
expires: Sun, 25 Dec 2022 04:19:22 GMT
cache-control: max-age=2592000
x-frontend: front221101
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
sun9-75.userapi.com/s/v1/if1/rFaRl9_O_om1cYg5F8z5PXIlXyJkenGLPkCVDllEFqW_16OSkI5apbkC2bQk5dUTHJ7pmrRv.jpg?size=50x50&quality=96&crop=239,327,1040,1040&ava=1
200 OK 2.7 kB URL HTTP/2 sun9-75.userapi.com/s/v1/if1/rFaRl9_O_om1cYg5F8z5PXIlXyJkenGLPkCVDllEFqW_16OSkI5apbkC2bQk5dUTHJ7pmrRv.jpg?size=50x50&quality=96&crop=239,327,1040,1040&ava=1
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 1d7a05f9dfa3319bd9bf3eaacdae910b
0071f94e5b9c5d14a4dc1cc96fe52664450ee804
922c83baea98f41364a63124f17753e1b53a767e8d7a40ab92cd53980a9af655
GET /s/v1/if1/rFaRl9_O_om1cYg5F8z5PXIlXyJkenGLPkCVDllEFqW_16OSkI5apbkC2bQk5dUTHJ7pmrRv.jpg?size=50x50&quality=96&crop=239,327,1040,1040&ava=1 HTTP/1.1
Host: sun9-75.userapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/jpeg
content-length: 2670
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
x-imp: 226212
expires: Sun, 25 Dec 2022 04:19:22 GMT
cache-control: max-age=2592000
x-frontend: front604602
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
mc.yandex.ru/watch/23454055?wmode=7&page-url=http%3A%2F%2Fwww.multfun.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1039%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1644504773237%3Ahid%3A540246092%3Az%3A0%3Ai%3A20221125041921%3Aet%3A1669349962%3Ac%3A1%3Arn%3A499335064%3Arqn%3A1%3Au%3A1669349962527159475%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C1%2C84%2C1%2C-5%2C0%2C%2C807%2C53%2C%2C%2C%2C987%3Ans%3A1669349959846%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669349962%3At%3AMultfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
302 Found 472 B URL HTTP/2 mc.yandex.ru/watch/23454055?wmode=7&page-url=http%3A%2F%2Fwww.multfun.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1039%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1644504773237%3Ahid%3A540246092%3Az%3A0%3Ai%3A20221125041921%3Aet%3A1669349962%3Ac%3A1%3Arn%3A499335064%3Arqn%3A1%3Au%3A1669349962527159475%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C1%2C84%2C1%2C-5%2C0%2C%2C807%2C53%2C%2C%2C%2C987%3Ans%3A1669349959846%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669349962%3At%3AMultfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
GET /watch/23454055?wmode=7&page-url=http%3A%2F%2Fwww.multfun.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1039%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1644504773237%3Ahid%3A540246092%3Az%3A0%3Ai%3A20221125041921%3Aet%3A1669349962%3Ac%3A1%3Arn%3A499335064%3Arqn%3A1%3Au%3A1669349962527159475%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C1%2C84%2C1%2C-5%2C0%2C%2C807%2C53%2C%2C%2C%2C987%3Ans%3A1669349959846%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669349962%3At%3AMultfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.multfun.com
Connection: keep-alive
Referer: http://www.multfun.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/23454055/1?wmode=7&page-url=http%3A%2F%2Fwww.multfun.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1039%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1644504773237%3Ahid%3A540246092%3Az%3A0%3Ai%3A20221125041921%3Aet%3A1669349962%3Ac%3A1%3Arn%3A499335064%3Arqn%3A1%3Au%3A1669349962527159475%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C1%2C84%2C1%2C-5%2C0%2C%2C807%2C53%2C%2C%2C%2C987%3Ans%3A1669349959846%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669349962%3At%3AMultfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 25 Nov 2022 04:19:22 GMT
access-control-allow-origin: http://www.multfun.com
set-cookie: yandexuid=9534096621669349962; Expires=Sat, 25-Nov-2023 04:19:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=9534096621669349962; Expires=Sat, 25-Nov-2023 04:19:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=99798531669349962; Path=/; SameSite=None; Secure
i=KCGMgkaWz3W4gBsHJByVD3UUBiQJnTW5vohEQGKf85kGe8u6xFTNlbNTafiIUrLH2IGFK8QxxkkXHs1AY2wxRwapgUQ=; Expires=Mon, 22-Nov-2032 04:19:16 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1700885962.yc.1669349962#1700885962.yrts.1669349962#1700885962.yrtsi.1669349962; Expires=Sat, 25-Nov-2023 04:19:22 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 04:19:22 GMT
last-modified: Fri, 25-Nov-2022 04:19:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter?js=13;id=2685520;u=http%3A//www.multfun.com/;st=1669349961906;pid=0;title=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8;s=1280*1024;vp=480*216;touch=0;hds=1;frame=1;flash=;sid=33a5862499762a9e;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1669349962274%3A1669349962278%3A0%3A27c804997d23ad9cf92a747f85b66636;visible=true;_=0.5469170480731363
302 Found 0 B URL HTTP/2 top-fwz1.mail.ru/counter?js=13;id=2685520;u=http%3A//www.multfun.com/;st=1669349961906;pid=0;title=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8;s=1280*1024;vp=480*216;touch=0;hds=1;frame=1;flash=;sid=33a5862499762a9e;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1669349962274%3A1669349962278%3A0%3A27c804997d23ad9cf92a747f85b66636;visible=true;_=0.5469170480731363
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /counter?js=13;id=2685520;u=http%3A//www.multfun.com/;st=1669349961906;pid=0;title=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8;s=1280*1024;vp=480*216;touch=0;hds=1;frame=1;flash=;sid=33a5862499762a9e;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1669349962274%3A1669349962278%3A0%3A27c804997d23ad9cf92a747f85b66636;visible=true;_=0.5469170480731363 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?js=13;id=2685520;u=http%3A//www.multfun.com/;st=1669349961906;pid=0;title=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8;s=1280*1024;vp=480*216;touch=0;hds=1;frame=1;flash=;sid=33a5862499762a9e;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1669349962274%3A1669349962278%3A0%3A27c804997d23ad9cf92a747f85b66636;visible=true;_=0.5469170480731363
set-cookie: FTID=1RMYgQ0tkIIE:1669349962:2685520:::; path=/; expires=Sun, 26-Nov-23 04:19:22 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=EwNCCklCgGNfAsqpAlC_Fg
200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=EwNCCklCgGNfAsqpAlC_Fg
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=agentstvo_sape_limited&google_hm=EwNCCklCgGNfAsqpAlC_Fg HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Fri, 25 Nov 2022 04:19:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f9c317bc34b288f5c966d8cad22a5536
66b9423a02a03e0a7f66f589e2d9fbd7bf1d93a1
3ec750d957e40c6ac26d9b26670abbd62b4fd58110eceffe0db093b4465be682
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3EC750D957E40C6AC26D9B26670ABBD62B4FD58110ECEFFE0DB093B4465BE682"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=504
Expires: Fri, 25 Nov 2022 04:27:46 GMT
Date: Fri, 25 Nov 2022 04:19:22 GMT
Connection: keep-alive
top-fwz1.mail.ru/counter2?js=13;id=2685520;u=http%3A//www.multfun.com/;st=1669349961906;pid=0;title=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8;s=1280*1024;vp=480*216;touch=0;hds=1;frame=1;flash=;sid=33a5862499762a9e;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1669349962274%3A1669349962278%3A0%3A27c804997d23ad9cf92a747f85b66636;visible=true;_=0.5469170480731363
200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/counter2?js=13;id=2685520;u=http%3A//www.multfun.com/;st=1669349961906;pid=0;title=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8;s=1280*1024;vp=480*216;touch=0;hds=1;frame=1;flash=;sid=33a5862499762a9e;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1669349962274%3A1669349962278%3A0%3A27c804997d23ad9cf92a747f85b66636;visible=true;_=0.5469170480731363
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /counter2?js=13;id=2685520;u=http%3A//www.multfun.com/;st=1669349961906;pid=0;title=Multfun.com%20-%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8;s=1280*1024;vp=480*216;touch=0;hds=1;frame=1;flash=;sid=33a5862499762a9e;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1669349962274%3A1669349962278%3A0%3A27c804997d23ad9cf92a747f85b66636;visible=true;_=0.5469170480731363 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIE:1669349962:2685520:::; path=/; expires=Sun, 26-Nov-23 04:19:22 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 3c4d33f9181236fb9ba314da46073749
b210ad945f0222290a48c28b855232fe953c2296
6982c5bd8dac50083b7a8b0176d41dcf47da0d5f16549dda6ad71365bca69a56
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 29 Nov 2022 03:06:12 GMT
ETag: "b210ad945f0222290a48c28b855232fe953c2296"
Last-Modified: Fri, 25 Nov 2022 03:06:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2361
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795f3ff64b515-OSL
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/1303420A494280635F02CAA90250BF16
204 No Content 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/1303420A494280635F02CAA90250BF16
IP
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching_ssp/Sape-dsp/1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 25 Nov 2022 04:19:22 GMT
set-cookie: uid=XV9maWOAQkqa3Js4zD/xAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
5699339a-6c78-11ed-ab15-002590c82437.n5.sync.bumlam.com/?src=sape
302 Moved Temporarily 0 B URL HTTP/1.1 5699339a-6c78-11ed-ab15-002590c82437.n5.sync.bumlam.com/?src=sape
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: 5699339a-6c78-11ed-ab15-002590c82437.n5.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ1Njk5MzM5YS02Yzc4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Length: 0
Connection: close
Location: https://pix.bumlam.com/sync/sape/done
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-5167335735; expires=Sun, 24 Nov 2024 04:19:22 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5167335735
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d3d2d21ac304813a16da64921ce18ba4
98b1762c675c61eeb18254986461e6b1074ebc92
af00429c189464ddb8df704dc48035421f943444df6ca17390fb97466c2e7e9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:19:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.mail.ru/cm.gif?p=48&id=1303420A494280635F02CAA90250BF16
200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=1303420A494280635F02CAA90250BF16
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=04M01Z36wFYE00271C2VaCYE:::0-0-0-89a9b0a:CAASEJw-kZTI2gN1kSKqxyi5kfQaYLlamDE5KQPARfXXUMi4KOpdcmjAHHdLMEG5OpqFKo8kopf47Xd1kDEC1wMpoRvqmnED-lSNRzcEjHgPb4y-S9_O3p9DdcxmiAw52p-byQzi3yMce-UaOY-KSZHn0sZuPA; path=/; expires=Sun, 26-Nov-23 04:19:22 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Fri, 25 Nov 2022 10:19:22 GMT
cache-control: max-age=21600
last-modified: Fri, 25 Nov 2022 04:19:22 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/done
200 OK 43 B URL HTTP/1.1 pix.bumlam.com/sync/sape/done
IP
ASN #44066 diva-e Datacenters GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ1Njk5MzM5YS02Yzc4LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5167335735
302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5167335735
IP
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5167335735 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Sun, 24 Nov 2024 04:19:22 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
ocsp.usertrust.com/
200 OK 472 B IP
Hash cfe07fff7f638ed18e11690d97b62733
543f8eca65fd9d01c3fd4f7f8d74451a3c9041fb
369025e1a7c137294e5ef9988de0224793831f1be27965d23cbd057a76f1341f
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 16:18:20 GMT
Expires: Thu, 01 Dec 2022 16:18:19 GMT
Etag: "543f8eca65fd9d01c3fd4f7f8d74451a3c9041fb"
Cache-Control: max-age=603259,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795f48cbab4f1-OSL
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash f62e637cb1add761f3910e85c12cd539
917a353db7bb6dea391ecbe48f74092a31e18f41
ef58b742231cdccad3d32ff87de8de0ec359d093ffbbc5026bfb3391386762af
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 24 Nov 2022 21:35:33 GMT
Expires: Fri, 25 Nov 2022 21:35:33 GMT
ETag: "917a353db7bb6dea391ecbe48f74092a31e18f41"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 41b82c64c1665f1dbacc277148d6d95c
b81df8cdbd8aaf3f28c8c15419efda1d261d3c46
1a2bd959292cac5512b4be38b6debfdcb5e6a52bdb08aab1c6bc3258c29f98ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A2BD959292CAC5512B4BE38B6DEBFDCB5E6A52BDB08AAB1C6BC3258C29F98ED"
Last-Modified: Thu, 24 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1445
Expires: Fri, 25 Nov 2022 04:43:28 GMT
Date: Fri, 25 Nov 2022 04:19:23 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash e09abc4af14510e0a24651451289b76b
1e220b47f6e83ef98420e8478facbbefcb324801
387e63637b9932bee42f36cf94c2d392a266b548c9c56d31578b7802abc4674f
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 29 Nov 2022 03:22:39 GMT
ETag: "1e220b47f6e83ef98420e8478facbbefcb324801"
Last-Modified: Fri, 25 Nov 2022 03:22:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 287
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795f4efcd1c12-OSL
ocsp.globalsign.com/gseccovsslca2018
200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 271df01a92d2527ea07be715ff35d728
78ad5551d8bf27207ceacf4ad3a0941f5f393ed9
a620ff53f35534fed93cd990c1755b2954638d76c682a9b4c851246a12b8e2b2
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:23 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Tue, 29 Nov 2022 01:52:38 GMT
ETag: "78ad5551d8bf27207ceacf4ad3a0941f5f393ed9"
Last-Modified: Fri, 25 Nov 2022 01:52:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1503
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795f4efa9b515-OSL
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
302 Found 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Weborama Collect Frontend
date: Fri, 25 Nov 2022 04:19:22 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1148874680
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Fri, 25 Nov 2022 04:19:23 GMT
set-cookie: AFFICHE_W=oXMDMlVGuJWh53; expires=Sat, 23 Dec 2023 04:19:23 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
200 OK 0 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP
ASN #36057 WEBAIR-INTERNET-MTL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:19:23 GMT
Content-Length: 0
Connection: close
status.thawte.com/
200 OK 471 B IP
Hash 88d288a83db552db5ee7842ed659269b
f36be38e72e141ffa339c8c0ec18262c44972819
0fe6b3ed5c9822ae97647e0acd30d253b221563af702fdcf05362a20b9f995d0
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5258
Cache-Control: max-age=155713
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 04:19:23 GMT
Etag: "637feb02-1d7"
Expires: Sat, 26 Nov 2022 23:34:36 GMT
Last-Modified: Thu, 24 Nov 2022 22:06:58 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
top-fwz1.mail.ru/js/code.js
200 OK 14 kB URL HTTP/2 top-fwz1.mail.ru/js/code.js
IP
File type ASCII text, with very long lines (729)
Hash e2e25d9473a05570c20838aca1c2c3ea
a8ac67a13111a4e61cf7eb9bb8850ef5ab1246d4
b75b8d2fe8eb0c9e8191c51f99eb62b37c944f36118aacb5237e4bde65c60e11
GET /js/code.js HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 16:42:10 GMT
set-cookie: FTID=1RMYgQ0tkIIE:1669349962:0:::; path=/; expires=Sun, 26-Nov-23 04:19:22 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
etag: W/"637e4d62-85c6"
expires: Fri, 25 Nov 2022 05:19:22 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: max-age=3600, private
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
content-encoding: gzip
X-Firefox-Spdy: h2
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2OAQkmoZgJPFFWjAqYbE0N1KcTm55ILYICcbTxKEDbv; cSyncDp7v2=1669349961; cSyncDp14v3=1669349961; cSyncDp17=1669349961; cSyncDp32=1669349961; cSyncDp45v3=1669349961; cSyncDp53=1669349961; cSyncDp54v2=1669349961; cSyncDp62=1669349961; cSyncDp67v2=1669349961; cSyncDp68=1669349961; cSyncDp71=1669349961; cSyncDp77=1669349961; cSyncDp84=1669349961; cSyncDp85=1669349961; cSyncDp95v3=1669349961; cSyncDp101=1669349961; cSyncDp104v2=1669349961; cSyncDp107=1669349961; cSyncDp110=1669349961; cSyncDp111v2=1669349961; cSyncDp112v2=1669349961; cSyncDp125v2=1669349961; cSyncDp126=1669349961; cSyncDp127=1669349961; cSyncDp129=1669349961; cSyncDp136v2=1669349961; cSyncDp138=1669349961; cSyncDp144=1669349961; cSyncDp146=1669349961; cSyncDp148=1669349961; cSyncDp149v2=1669349961; cSyncDp151=1669349961; cSyncDp178=1669349961; cSyncDp179=1669349961; cSyncDp186=1669349961; cSyncDp221=1669349961
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Fri, 25 Nov 2022 04:19:23 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1303420A494280634F0266A802A35514
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
tag.digitaltarget.ru/adcm.js
200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:19:23 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Fri, 25 Nov 2022 04:04:37 GMT
Connection: keep-alive
ETag: "63803ed5-beb"
Accept-Ranges: bytes
ocsp.sectigo.com/
200 OK 472 B IP
Hash acc6cb1ec398d4c8ac0997d0a3d2652c
7c07f66b52edadd2b9f1d2f5c6437723fc70f75c
c383fa1ce4e54aa8b0c9fdaed3408a43b896b77d80dca4a499827915d0d178bf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 04:09:18 GMT
Expires: Tue, 29 Nov 2022 04:09:17 GMT
Etag: "7c07f66b52edadd2b9f1d2f5c6437723fc70f75c"
Cache-Control: max-age=344393,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f795f41c5cb512-OSL
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1148874680
204 No Content 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1148874680
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1148874680 HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Weborama Collect Frontend
date: Fri, 25 Nov 2022 04:19:22 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Fri, 25 Nov 2022 04:19:23 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash acc6cb1ec398d4c8ac0997d0a3d2652c
7c07f66b52edadd2b9f1d2f5c6437723fc70f75c
c383fa1ce4e54aa8b0c9fdaed3408a43b896b77d80dca4a499827915d0d178bf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 04:09:18 GMT
Expires: Tue, 29 Nov 2022 04:09:17 GMT
Etag: "7c07f66b52edadd2b9f1d2f5c6437723fc70f75c"
Cache-Control: max-age=344393,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f795f42bfbb4fd-OSL
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1303420A494280635F02CAA90250BF16
200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1303420A494280635F02CAA90250BF16
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:19:23 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
www.acint.net/match?dp=104&euid=RjxdF-9CzoC8
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=RjxdF-9CzoC8
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=RjxdF-9CzoC8 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2OAQkmoZgJPFFWjAqYbE0N1KcTm55ILYICcbTxKEDbv; cSyncDp7v2=1669349961; cSyncDp14v3=1669349961; cSyncDp17=1669349961; cSyncDp32=1669349961; cSyncDp45v3=1669349961; cSyncDp53=1669349961; cSyncDp54v2=1669349961; cSyncDp62=1669349961; cSyncDp67v2=1669349961; cSyncDp68=1669349961; cSyncDp71=1669349961; cSyncDp77=1669349961; cSyncDp84=1669349961; cSyncDp85=1669349961; cSyncDp95v3=1669349961; cSyncDp101=1669349961; cSyncDp104v2=1669349961; cSyncDp107=1669349961; cSyncDp110=1669349961; cSyncDp111v2=1669349961; cSyncDp112v2=1669349961; cSyncDp125v2=1669349961; cSyncDp126=1669349961; cSyncDp127=1669349961; cSyncDp129=1669349961; cSyncDp136v2=1669349961; cSyncDp138=1669349961; cSyncDp144=1669349961; cSyncDp146=1669349961; cSyncDp148=1669349961; cSyncDp149v2=1669349961; cSyncDp151=1669349961; cSyncDp178=1669349961; cSyncDp179=1669349961; cSyncDp186=1669349961; cSyncDp221=1669349961
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 25 Nov 2022 04:19:23 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sm.rtb.mts.ru/p?ssp=sape&id=1303420A494280635F02CAA90250BF16
301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=1303420A494280635F02CAA90250BF16
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 25 Nov 2022 04:19:23 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=1303420A494280635F02CAA90250BF16
Set-Cookie: dspid=3763fd95-e9e1-46c1-87bc-40dade5522bf; expires=Thu, 16 Nov 2023 04:19:23 GMT; domain=.mts.ru; path=/; secure; SameSite=None
adlmerge.com/merge_gpsid/?sid=50&id=1303420A494280635F02CAA90250BF16
200 OK 43 B URL HTTP/2 adlmerge.com/merge_gpsid/?sid=50&id=1303420A494280635F02CAA90250BF16
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /merge_gpsid/?sid=50&id=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: adlmerge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Fri, 25 Nov 2022 04:19:22 GMT
content-type: image/gif
iseu: eu
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=1303420A494280635F02CAA90250BF16
302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=1303420A494280635F02CAA90250BF16
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=1303420A494280635F02CAA90250BF16&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 25 Nov 2023 04:19:23 GMT; Path=/; Domain=.betweendigital.com
tuuid=d57a7726-37d5-5249-86cd-8e43e54dcc08; Max-Age=31536000; Expires=Sat, 25 Nov 2023 04:19:23 GMT; Path=/; Domain=.betweendigital.com
ut=Y4BCSwABBbjTIKq9v5M5XvqkkaKmzlorPZ4kSQ==; Max-Age=31536000; Expires=Sat, 25 Nov 2023 04:19:23 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash f62e637cb1add761f3910e85c12cd539
917a353db7bb6dea391ecbe48f74092a31e18f41
ef58b742231cdccad3d32ff87de8de0ec359d093ffbbc5026bfb3391386762af
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 25 Nov 2022 04:19:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 24 Nov 2022 21:35:33 GMT
Expires: Fri, 25 Nov 2022 21:35:33 GMT
ETag: "917a353db7bb6dea391ecbe48f74092a31e18f41"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1303420A494280634F0266A802A35514
200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1303420A494280634F0266A802A35514
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=1303420A494280634F0266A802A35514 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:19:23 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2456
Expires: Fri, 25 Nov 2022 05:00:19 GMT
Date: Fri, 25 Nov 2022 04:19:23 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash 7880848492d486e535636f72eee9e642
1dd72ecef05c88bd6857ba142d4ed20afa806da2
97d4b5580e242c067ae1b765e23bd5fa31b06366307e337f4448b30e8e1136bb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 14:18:45 GMT
Expires: Tue, 29 Nov 2022 14:18:44 GMT
Etag: "1dd72ecef05c88bd6857ba142d4ed20afa806da2"
Cache-Control: max-age=380960,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f795f44f56b50c-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d0105e45becaf777227cac49e320321
d279a0b70061fe3d8268f1e69c515c0c4439dc80
ea9571213d9a57318cde036c108d4c973c627ce4cd225534ee246349ed4ba3a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5211
x-amzn-requestid: 706d0037-bbff-417a-9fa3-8ebbbf7b4df1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wFOToAMF12Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-01b6908212b2ab9c5caa34a0;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JbjUiHcVu2ytN848RqI8Ygkd0R9YCnq_OeFdc5Y5JTymA2k9HN4lZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "d279a0b70061fe3d8268f1e69c515c0c4439dc80"
content-type: image/jpeg
age: 24262
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 25 Nov 2023 04:19:23 GMT; Path=/; Domain=.betweendigital.com
tuuid=c06f4791-e648-5249-84d3-0ef9e7534cb2; Max-Age=31536000; Expires=Sat, 25 Nov 2023 04:19:23 GMT; Path=/; Domain=.betweendigital.com
ut=Y4BCSwAFJGgoVIBWFpRQQDj2l3Wfnh_XrJIKwQ==; Max-Age=31536000; Expires=Sat, 25 Nov 2023 04:19:23 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg
200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 648677a7e7bab1896a190d2e5fb7243c
6217a262002244ef3f2e8034076a735cafd9888a
72f2913f7c0770ebab0f2683bdc1ec5a5db8872e8f2c62a8fd5c9178b95dbb06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4270
x-amzn-requestid: 7327f8fb-804b-4d09-83dc-628e35ffa74b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xFwXoAMFkqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-33f83cea2c585279140f4f59;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rKROwsZ-X8yDd4iVaYBaNFe6bgHaThxafIt76PBgLoOTrPMqAVQ9iQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:22:43 GMT
age: 21400
etag: "6217a262002244ef3f2e8034076a735cafd9888a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=1303420A494280635F02CAA90250BF16&crf=1
200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=1303420A494280635F02CAA90250BF16&crf=1
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=1303420A494280635F02CAA90250BF16&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 25 Nov 2023 04:19:23 GMT; Path=/; Domain=.betweendigital.com
tuuid=3707db1b-0990-5249-b986-375eda067515; Max-Age=31536000; Expires=Sat, 25 Nov 2023 04:19:23 GMT; Path=/; Domain=.betweendigital.com
ut=Y4BCSwABRDhItAjRkldpjans0xkUygdOvasQSg==; Max-Age=31536000; Expires=Sat, 25 Nov 2023 04:19:23 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2456
Expires: Fri, 25 Nov 2022 05:00:19 GMT
Date: Fri, 25 Nov 2022 04:19:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2456
Expires: Fri, 25 Nov 2022 05:00:19 GMT
Date: Fri, 25 Nov 2022 04:19:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c67bf2eb6ca2d7e2b34df1dbe8e7b36
cdacea802c72450973140387aafacae9df78b0aa
52c1b293ec45c98077953699dcc48d77d4aee2bb12f38ef21c692af9171b6db2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8275
x-amzn-requestid: 350ffdb7-723f-4dfc-95e8-e76364d1313d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xGPAoAMFbWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-10d4c566779b9b9f4bb9112d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nJ7Ppbn5tLf-PIzvOMM-JK3paiWilTRRs5f93VzR0dZ5XDeIGwWonw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:55 GMT
age: 23008
etag: "cdacea802c72450973140387aafacae9df78b0aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NntLZ3wUdcX9kEo-afFLU0TPKgqAlSK3bToNh2mmoqoyLBJINNk7ow==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:39 GMT
age: 23084
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f59a591b222397ff0f01c22a0786e660
6a8504212141af411a18ce58960c8bb52e8116ac
624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: e84a5668-cd91-42af-b6de-5eb694ea56e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-KFtmIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38d-64513fb257d83b9847c82929;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O4PtH20kVWgH-Jf_TivPqMqjnwrZB_8XvZAkDDzLLFPXVjqzkz1YJw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:59:22 GMT
age: 22801
etag: "6a8504212141af411a18ce58960c8bb52e8116ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/NWFiMmQ3OTVjNzJjMjJmZg
302 Found 4.3 kB URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/NWFiMmQ3OTVjNzJjMjJmZg
IP
Hash b1d23b24ea02cb8fbfe4be38bc8e9213
ff04c04f0134e57f4ac4495cbc552cbdf9f4c4ca
342d0c77703ebb731fd9be693495cfc2b718e85c93ba4ec3b842145f0497b356
GET /mapuid/gonetdspis/NWFiMmQ3OTVjNzJjMjJmZg HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/gonetdspis/NWFiMmQ3OTVjNzJjMjJmZg?redir-setuniq=1
date: Fri, 25 Nov 2022 04:19:23 GMT
set-cookie: yandexuid=7183513811669349963; domain=.yandex.ru; path=/; expires=Mon, 22-Nov-2032 04:19:23 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25 Nov 2022 04:19:23 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 25 Nov 2022 04:19:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
tag.digitaltarget.ru/processor.js?i=771410297326801
200 OK 16 kB URL HTTP/1.1 tag.digitaltarget.ru/processor.js?i=771410297326801
IP
File type ASCII text, with very long lines (15897), with no line terminators
Hash c9571a7ce0a22f154c74bdc8e35523e0
101feba577e71fc076ea5bf3f4af08b5d3fe988d
51cf59da6b7e03337540ee3ab9f8e135ff2ead958475c1bacc8683df57823fb0
GET /processor.js?i=771410297326801 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:19:23 GMT
Content-Type: application/javascript
Content-Length: 15897
Last-Modified: Fri, 25 Nov 2022 04:04:38 GMT
Connection: keep-alive
ETag: "63803ed6-3e19"
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 32958d072bbf6272294161f3bb62e0d6
d99759be13371a28caca6b99de1c44579f7e2067
acfcf56d81d492cb7554556ec8d03f7d789082705b57ea768500a862d2215c46
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 04:19:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 29 Nov 2022 00:45:03 GMT
ETag: "d99759be13371a28caca6b99de1c44579f7e2067"
Last-Modified: Fri, 25 Nov 2022 00:45:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f795f4ffb4b515-OSL
sm.rtb.mts.ru/match/second?ssp=30&exu=1303420A494280635F02CAA90250BF16
200 OK 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=1303420A494280635F02CAA90250BF16
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=30&exu=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:19:23 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x01.aidata.io/0.gif?pid=9401454&id=1303420A494280635F02CAA90250BF16
302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=1303420A494280635F02CAA90250BF16
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 25 Nov 2022 04:19:23 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=1303420A494280635F02CAA90250BF16&bounce=1
expires: Fri, 25 Nov 2022 04:19:22 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Fri, 25 Nov 2022 04:19:22 GMT
set-cookie: __upin=0P+vjhxG9dUUM/eKfD7X5Q;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1669349963;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/NWFiMmQ3OTVjNzJjMjJmZg?redir-setuniq=1
200 OK 50 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/NWFiMmQ3OTVjNzJjMjJmZg?redir-setuniq=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash bef53a5c76b7ad469692178eeaeb08d8
aaae1c11fa0b5a086770957c8857d3937ed653e9
be24bb564cc16e1fe9113f63db905a1b7a3a653c6642f0c27d5e823729a99ee3
GET /mapuid/gonetdspis/NWFiMmQ3OTVjNzJjMjJmZg?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Fri, 25 Nov 2022 04:19:23 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25 Nov 2022 04:19:23 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 25 Nov 2022 04:19:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=1303420A494280635F02CAA90250BF16
302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1303420A494280635F02CAA90250BF16
IP
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 25 Nov 2022 04:19:23 GMT
content-length: 0
x-backend-id: f9-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=uPqJ6eEXpVvi.AikABlGErQL2BA;Path=/;Domain=.adhigh.net;Expires=Sat, 25-Nov-2023 04:19:23 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=1303420A494280635F02CAA90250BF16&bounced=1
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 24dec10c6edd46b6aa70f82e82dd032a
85de4dc190500f1211c1512a431d0b3753362bc9
b9609c49131cb0e29043d4e425b5079c77319cf2dd288508ddd9dc6e9abd4e51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B9609C49131CB0E29043D4E425B5079C77319CF2DD288508DDD9DC6E9ABD4E51"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6416
Expires: Fri, 25 Nov 2022 06:06:19 GMT
Date: Fri, 25 Nov 2022 04:19:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 24dec10c6edd46b6aa70f82e82dd032a
85de4dc190500f1211c1512a431d0b3753362bc9
b9609c49131cb0e29043d4e425b5079c77319cf2dd288508ddd9dc6e9abd4e51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B9609C49131CB0E29043D4E425B5079C77319CF2DD288508DDD9DC6E9ABD4E51"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6416
Expires: Fri, 25 Nov 2022 06:06:19 GMT
Date: Fri, 25 Nov 2022 04:19:23 GMT
Connection: keep-alive
px.adhigh.net/p/cm/sape?u=1303420A494280635F02CAA90250BF16&bounced=1
204 No Content 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1303420A494280635F02CAA90250BF16&bounced=1
IP
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=1303420A494280635F02CAA90250BF16&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 25 Nov 2022 04:19:23 GMT
x-kick-from-dns: true
content-type: text/plain
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/1/1093/i/i?i=795615464340298.856662387598909&a=77&e=1303420A494280635F02CAA90250BF16&pref=http%3A%2F%2Fwww.multfun.com%2F&c=ss:77.up:1303420A494280635F02CAA90250BF16.sync:up.xdua:dugqU7nUtsT5JIjXWWz1GR4t.xps:xpsFPwDjLAigR6V6f5gJ_fsRp.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=795615464340298.856662387598909&a=77&e=1303420A494280635F02CAA90250BF16&pref=http%3A%2F%2Fwww.multfun.com%2F&c=ss:77.up:1303420A494280635F02CAA90250BF16.sync:up.xdua:dugqU7nUtsT5JIjXWWz1GR4t.xps:xpsFPwDjLAigR6V6f5gJ_fsRp.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=795615464340298.856662387598909&a=77&e=1303420A494280635F02CAA90250BF16&pref=http%3A%2F%2Fwww.multfun.com%2F&c=ss:77.up:1303420A494280635F02CAA90250BF16.sync:up.xdua:dugqU7nUtsT5JIjXWWz1GR4t.xps:xpsFPwDjLAigR6V6f5gJ_fsRp.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 25 Nov 2022 04:19:23 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669349963408&i=795615464340298.856662387598909&a=77&e=1303420A494280635F02CAA90250BF16&pref=http%3A%2F%2Fwww.multfun.com%2F&c=ss:77.up:1303420A494280635F02CAA90250BF16.sync:up.xdua:dugqU7nUtsT5JIjXWWz1GR4t.xps:xpsFPwDjLAigR6V6f5gJ_fsRp.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=O7TD3Feco2A2kpi7bll9; Max-Age=93312000; Expires=Sun, 09 Nov 2025 04:19:23 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/1/1093/i/i?i=795615464340298.550751560320066&a=77&e=1303420A494280635F02CAA90250BF16&pref=http%3A%2F%2Fwww.multfun.com%2F&c=ss:77.up:1303420A494280635F02CAA90250BF16.sync:up.xdua:dugqU7nUtsT5JIjXWWz1GR4t.xps:xpsFPwDjLAigR6V6f5gJ_fsRp.dn:acint__net.adcm:hit.tg:adcmjs_noorient
307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=795615464340298.550751560320066&a=77&e=1303420A494280635F02CAA90250BF16&pref=http%3A%2F%2Fwww.multfun.com%2F&c=ss:77.up:1303420A494280635F02CAA90250BF16.sync:up.xdua:dugqU7nUtsT5JIjXWWz1GR4t.xps:xpsFPwDjLAigR6V6f5gJ_fsRp.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=795615464340298.550751560320066&a=77&e=1303420A494280635F02CAA90250BF16&pref=http%3A%2F%2Fwww.multfun.com%2F&c=ss:77.up:1303420A494280635F02CAA90250BF16.sync:up.xdua:dugqU7nUtsT5JIjXWWz1GR4t.xps:xpsFPwDjLAigR6V6f5gJ_fsRp.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 25 Nov 2022 04:19:23 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669349963400&i=795615464340298.550751560320066&a=77&e=1303420A494280635F02CAA90250BF16&pref=http%3A%2F%2Fwww.multfun.com%2F&c=ss:77.up:1303420A494280635F02CAA90250BF16.sync:up.xdua:dugqU7nUtsT5JIjXWWz1GR4t.xps:xpsFPwDjLAigR6V6f5gJ_fsRp.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=jT2nJd2ccYQhrMb7Hu4D; Max-Age=93312000; Expires=Sun, 09 Nov 2025 04:19:23 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669349963400&i=795615464340298.550751560320066&a=77&e=1303420A494280635F02CAA90250BF16&pref=http%3A%2F%2Fwww.multfun.com%2F&c=ss:77.up:1303420A494280635F02CAA90250BF16.sync:up.xdua:dugqU7nUtsT5JIjXWWz1GR4t.xps:xpsFPwDjLAigR6V6f5gJ_fsRp.dn:acint__net.adcm:hit.tg:adcmjs_noorient
200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669349963400&i=795615464340298.550751560320066&a=77&e=1303420A494280635F02CAA90250BF16&pref=http%3A%2F%2Fwww.multfun.com%2F&c=ss:77.up:1303420A494280635F02CAA90250BF16.sync:up.xdua:dugqU7nUtsT5JIjXWWz1GR4t.xps:xpsFPwDjLAigR6V6f5gJ_fsRp.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1669349963400&i=795615464340298.550751560320066&a=77&e=1303420A494280635F02CAA90250BF16&pref=http%3A%2F%2Fwww.multfun.com%2F&c=ss:77.up:1303420A494280635F02CAA90250BF16.sync:up.xdua:dugqU7nUtsT5JIjXWWz1GR4t.xps:xpsFPwDjLAigR6V6f5gJ_fsRp.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:19:23 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 6
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669349963408&i=795615464340298.856662387598909&a=77&e=1303420A494280635F02CAA90250BF16&pref=http%3A%2F%2Fwww.multfun.com%2F&c=ss:77.up:1303420A494280635F02CAA90250BF16.sync:up.xdua:dugqU7nUtsT5JIjXWWz1GR4t.xps:xpsFPwDjLAigR6V6f5gJ_fsRp.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669349963408&i=795615464340298.856662387598909&a=77&e=1303420A494280635F02CAA90250BF16&pref=http%3A%2F%2Fwww.multfun.com%2F&c=ss:77.up:1303420A494280635F02CAA90250BF16.sync:up.xdua:dugqU7nUtsT5JIjXWWz1GR4t.xps:xpsFPwDjLAigR6V6f5gJ_fsRp.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1669349963408&i=795615464340298.856662387598909&a=77&e=1303420A494280635F02CAA90250BF16&pref=http%3A%2F%2Fwww.multfun.com%2F&c=ss:77.up:1303420A494280635F02CAA90250BF16.sync:up.xdua:dugqU7nUtsT5JIjXWWz1GR4t.xps:xpsFPwDjLAigR6V6f5gJ_fsRp.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 04:19:23 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 8
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
www.acint.net/ping/?v=0.4.0&uid=82b3f55e-c03b-4197-b207-a0b8796b8d42&dp=10&tz=%2B00%3A00&nc=22616616&dT=2022-11-25T04%3A19%3A24.112
302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/ping/?v=0.4.0&uid=82b3f55e-c03b-4197-b207-a0b8796b8d42&dp=10&tz=%2B00%3A00&nc=22616616&dT=2022-11-25T04%3A19%3A24.112
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ping/?v=0.4.0&uid=82b3f55e-c03b-4197-b207-a0b8796b8d42&dp=10&tz=%2B00%3A00&nc=22616616&dT=2022-11-25T04%3A19%3A24.112 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.multfun.com/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 25 Nov 2022 04:19:24 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/ping/?v=0.4.0&uid=82b3f55e-c03b-4197-b207-a0b8796b8d42&dp=10&tz=%2B00%3A00&nc=22616616&dT=2022-11-25T04%3A19%3A24.112
www.acint.net/ping/?v=0.4.0&uid=82b3f55e-c03b-4197-b207-a0b8796b8d42&dp=10&tz=%2B00%3A00&nc=22616616&dT=2022-11-25T04%3A19%3A24.112
200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.4.0&uid=82b3f55e-c03b-4197-b207-a0b8796b8d42&dp=10&tz=%2B00%3A00&nc=22616616&dT=2022-11-25T04%3A19%3A24.112
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.4.0&uid=82b3f55e-c03b-4197-b207-a0b8796b8d42&dp=10&tz=%2B00%3A00&nc=22616616&dT=2022-11-25T04%3A19%3A24.112 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.multfun.com/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2OAQkmoZgJPFFWjAqYbE0N1KcTm55ILYICcbTxKEDbv; cSyncDp7v2=1669349961; cSyncDp14v3=1669349961; cSyncDp17=1669349961; cSyncDp32=1669349961; cSyncDp45v3=1669349961; cSyncDp53=1669349961; cSyncDp54v2=1669349961; cSyncDp62=1669349961; cSyncDp67v2=1669349961; cSyncDp68=1669349961; cSyncDp71=1669349961; cSyncDp77=1669349961; cSyncDp84=1669349961; cSyncDp85=1669349961; cSyncDp95v3=1669349961; cSyncDp101=1669349961; cSyncDp104v2=1669349961; cSyncDp107=1669349961; cSyncDp110=1669349961; cSyncDp111v2=1669349961; cSyncDp112v2=1669349961; cSyncDp125v2=1669349961; cSyncDp126=1669349961; cSyncDp127=1669349961; cSyncDp129=1669349961; cSyncDp136v2=1669349961; cSyncDp138=1669349961; cSyncDp144=1669349961; cSyncDp146=1669349961; cSyncDp148=1669349961; cSyncDp149v2=1669349961; cSyncDp151=1669349961; cSyncDp178=1669349961; cSyncDp179=1669349961; cSyncDp186=1669349961; cSyncDp221=1669349961
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 25 Nov 2022 04:19:24 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/23454055?wv-check=53770&wv-type=0&wmode=0&wv-part=1&wv-hit=540246092&page-url=http%3A%2F%2Fwww.multfun.com%2F&rn=106777637&browser-info=gdpr%3A14%3Aet%3A1669349969%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221125041929%3Au%3A1669349962527159475%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Ast%3A1669349969&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/23454055?wv-check=53770&wv-type=0&wmode=0&wv-part=1&wv-hit=540246092&page-url=http%3A%2F%2Fwww.multfun.com%2F&rn=106777637&browser-info=gdpr%3A14%3Aet%3A1669349969%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221125041929%3Au%3A1669349962527159475%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Ast%3A1669349969&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/23454055?wv-check=53770&wv-type=0&wmode=0&wv-part=1&wv-hit=540246092&page-url=http%3A%2F%2Fwww.multfun.com%2F&rn=106777637&browser-info=gdpr%3A14%3Aet%3A1669349969%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221125041929%3Au%3A1669349962527159475%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Ast%3A1669349969&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 44
Origin: http://www.multfun.com
Connection: keep-alive
Referer: http://www.multfun.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 25 Nov 2022 04:19:29 GMT
access-control-allow-origin: http://www.multfun.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 04:19:29 GMT
last-modified: Fri, 25-Nov-2022 04:19:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/23454055?wv-check=3341&wv-type=0&wmode=0&wv-part=2&wv-hit=540246092&page-url=http%3A%2F%2Fwww.multfun.com%2F&rn=312591831&browser-info=gdpr%3A14%3Aet%3A1669349969%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221125041929%3Au%3A1669349962527159475%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Ast%3A1669349969&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/23454055?wv-check=3341&wv-type=0&wmode=0&wv-part=2&wv-hit=540246092&page-url=http%3A%2F%2Fwww.multfun.com%2F&rn=312591831&browser-info=gdpr%3A14%3Aet%3A1669349969%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221125041929%3Au%3A1669349962527159475%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Ast%3A1669349969&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/23454055?wv-check=3341&wv-type=0&wmode=0&wv-part=2&wv-hit=540246092&page-url=http%3A%2F%2Fwww.multfun.com%2F&rn=312591831&browser-info=gdpr%3A14%3Aet%3A1669349969%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221125041929%3Au%3A1669349962527159475%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Ast%3A1669349969&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 12
Origin: http://www.multfun.com
Connection: keep-alive
Referer: http://www.multfun.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 25 Nov 2022 04:19:29 GMT
access-control-allow-origin: http://www.multfun.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 04:19:29 GMT
last-modified: Fri, 25-Nov-2022 04:19:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/23454055?wv-check=51359&wv-type=0&wmode=0&wv-part=3&wv-hit=540246092&page-url=http%3A%2F%2Fwww.multfun.com%2F&rn=516105754&browser-info=gdpr%3A14%3Aet%3A1669349969%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221125041929%3Au%3A1669349962527159475%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Ast%3A1669349969&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/23454055?wv-check=51359&wv-type=0&wmode=0&wv-part=3&wv-hit=540246092&page-url=http%3A%2F%2Fwww.multfun.com%2F&rn=516105754&browser-info=gdpr%3A14%3Aet%3A1669349969%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221125041929%3Au%3A1669349962527159475%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Ast%3A1669349969&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/23454055?wv-check=51359&wv-type=0&wmode=0&wv-part=3&wv-hit=540246092&page-url=http%3A%2F%2Fwww.multfun.com%2F&rn=516105754&browser-info=gdpr%3A14%3Aet%3A1669349969%3Aw%3A1268x939%3Av%3A923%3Az%3A0%3Ai%3A20221125041929%3Au%3A1669349962527159475%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Ast%3A1669349969&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 12
Origin: http://www.multfun.com
Connection: keep-alive
Referer: http://www.multfun.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 25 Nov 2022 04:19:29 GMT
access-control-allow-origin: http://www.multfun.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25-Nov-2022 04:19:29 GMT
last-modified: Fri, 25-Nov-2022 04:19:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Cuprum|PT+Sans&subset=latin,cyrillic
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Cuprum|PT+Sans&subset=latin,cyrillic
IP
GET /css?family=Cuprum|PT+Sans&subset=latin,cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.multfun.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 04:19:20 GMT
date: Fri, 25 Nov 2022 04:19:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/1303420A494280635F02CAA90250BF16
302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/1303420A494280635F02CAA90250BF16
IP
GET /mapuid/sapeis/1303420A494280635F02CAA90250BF16 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/1303420A494280635F02CAA90250BF16?redir-setuniq=1
date: Fri, 25 Nov 2022 04:19:23 GMT
set-cookie: yandexuid=2048405041669349963; domain=.yandex.ru; path=/; expires=Mon, 22-Nov-2032 04:19:23 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25 Nov 2022 04:19:23 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 25 Nov 2022 04:19:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/1303420A494280635F02CAA90250BF16?redir-setuniq=1
200 OK 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/1303420A494280635F02CAA90250BF16?redir-setuniq=1
IP
GET /mapuid/sapeis/1303420A494280635F02CAA90250BF16?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Fri, 25 Nov 2022 04:19:23 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 25 Nov 2022 04:19:23 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 25 Nov 2022 04:19:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
104.21.77.112
23.36.76.226
34.215.94.42
193.3.184.210
139.45.228.111
23.88.12.14
95.216.101.186
104.18.21.226
37.18.103.16
188.42.191.196