vipip.info/
188.40.131.137200 OK 27 kB IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6036), with CRLF, LF line terminators
Hash ae9ddb53af0057230bd4ce3080677a30
1ce99886842506d095f5b02bc687b907f2bcb321
5fae470affce77467856e7ab89c812a0157a0f2a40b36dc736f1e47894415192
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12287
Expires: Mon, 30 Jan 2023 07:33:44 GMT
Date: Mon, 30 Jan 2023 04:08:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6788
Expires: Mon, 30 Jan 2023 06:02:05 GMT
Date: Mon, 30 Jan 2023 04:08:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 03:43:11 GMT
content-type: application/json
age: 1546
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4263
Expires: Mon, 30 Jan 2023 05:20:00 GMT
Date: Mon, 30 Jan 2023 04:08:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kiSAnwBFkWGRf2vWCiOqc3WekTFxWXGmjFJ07QabufLdGKC5W0sPIEKZX4NCuJMkgW1oh3NGUFu/1WUBgXKh6g==
x-amz-request-id: WY6468A73NFJ27YN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 03:21:38 GMT
age: 2839
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:08:57 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
vipip.info/components/com_jcomments/libraries/joomlatune/ajax.js
188.40.131.137200 OK 4.0 kB URL HTTP/1.1 vipip.info/components/com_jcomments/libraries/joomlatune/ajax.js
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
Hash c48a4e83fd4017424d2c39d6e272298e
b5e98486c9c566b72156141462e234047f0dbc30
89c12156ac0cd2e9f677bed614df9a34361fba11c64ab87e16985658a2f916df
Analyzer Verdict Alert fortinet Malware
GET /components/com_jcomments/libraries/joomlatune/ajax.js HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 4002
Last-Modified: Sun, 11 Mar 2018 10:09:28 GMT
Connection: keep-alive
ETag: "5aa50058-fa2"
Accept-Ranges: bytes
vipip.info/media/system/js/caption.js
188.40.131.137200 OK 2.0 kB URL HTTP/1.1 vipip.info/media/system/js/caption.js
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
Hash 880842e457b657a9d17c7acc229a2756
9ad325acdb5037333df29dc0306b859275ac3d31
8e0eb13ac91efb9cfad3cbf484d4543acff76bc95fc036d11a3e2d2a7c955864
Analyzer Verdict Alert fortinet Malware
GET /media/system/js/caption.js HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1987
Last-Modified: Sun, 11 Mar 2018 10:15:44 GMT
Connection: keep-alive
ETag: "5aa501d0-7c3"
Accept-Ranges: bytes
vipip.info/templates/system/css/system.css
188.40.131.137200 OK 1.4 kB URL HTTP/1.1 vipip.info/templates/system/css/system.css
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
Hash 7889e3c48e9c7884f47177d02095340b
eaac95a0ffcd8a511774e4cd73c6d85d80abcdcd
605a4ada4dd6f8c320acb884e77cc4286cf4c90fe57f01221d7ac2b96014fead
GET /templates/system/css/system.css HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: text/css
Content-Length: 1431
Last-Modified: Sun, 11 Mar 2018 10:17:26 GMT
Connection: keep-alive
ETag: "5aa50236-597"
Accept-Ranges: bytes
vipip.info/js/prototype.js
188.40.131.137200 OK 604 B URL HTTP/1.1 vipip.info/js/prototype.js
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 99551ceaf6a30c6f3c61ad725b99efe6
bc34be1ca92c4919f56cd0ba9e79d0e8a46784c5
48437f8f6f171e9b0a752c94d6171525cc0a768e9f0f13f0c848472bd1d8ae3d
Analyzer Verdict Alert fortinet Malware
GET /js/prototype.js HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 604
Last-Modified: Sun, 11 Mar 2018 10:15:41 GMT
Connection: keep-alive
ETag: "5aa501cd-25c"
Accept-Ranges: bytes
vipip.info/components/com_jcomments/js/jcomments-v2.1.js_v=2.html
188.40.131.137200 OK 27 kB URL HTTP/1.1 vipip.info/components/com_jcomments/js/jcomments-v2.1.js_v=2.html
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (392)
Hash 49bbde743263700304b0a8db85be537e
63f13559970a9291181ac0ea7686ff7a916bb44a
9453749a14f4f3597f383f9d8b6fcfc3facb81737f385bc2892228b05fd11e84
Analyzer Verdict Alert fortinet Malware
GET /components/com_jcomments/js/jcomments-v2.1.js_v=2.html HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
vipip.info/js/lightbox.js
188.40.131.137200 OK 603 B URL HTTP/1.1 vipip.info/js/lightbox.js
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7ea8552c018e3248563aae6d083dffc7
df5f9c3219420473f97e2e070135f973e50aaffd
a794e226551a697b3e2f7f8c1f5288f76f5c123986f1ef48ef7bb68e3e3d1fb6
Analyzer Verdict Alert fortinet Malware
GET /js/lightbox.js HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 603
Last-Modified: Sun, 11 Mar 2018 10:15:41 GMT
Connection: keep-alive
ETag: "5aa501cd-25b"
Accept-Ranges: bytes
vipip.info/templates/siteground-j15-38/css/template.css
188.40.131.137200 OK 16 kB URL HTTP/1.1 vipip.info/templates/siteground-j15-38/css/template.css
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 (with BOM) text
Hash bb788412fcf294d597d50471c52e5524
e683461d7958fc35f5e6e789524f910cb3893b6e
c3df26543e83b69fce60268e5d3c5dab5f93b753f938b4d0469df102c4a8d909
GET /templates/siteground-j15-38/css/template.css HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: text/css
Content-Length: 16405
Last-Modified: Sun, 11 Mar 2018 10:17:01 GMT
Connection: keep-alive
ETag: "5aa5021d-4015"
Accept-Ranges: bytes
vipip.info/js/lightbox.css
188.40.131.137200 OK 582 B URL HTTP/1.1 vipip.info/js/lightbox.css
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4685b6a58f4fa5adb80dbafb1512e73a
34f38f4c3bef9391ea6a0cd5b5cfe4bb4d6848ac
dc676acbe015fd3c8b05cb9961c20f738d69b6d705df42383c4ea3de54145f77
GET /js/lightbox.css HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: text/css
Content-Length: 582
Last-Modified: Sun, 11 Mar 2018 10:15:40 GMT
Connection: keep-alive
ETag: "5aa501cc-246"
Accept-Ranges: bytes
vipip.info/voyage_search.css
188.40.131.137200 OK 7.4 kB URL HTTP/1.1 vipip.info/voyage_search.css
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
Hash 6c1ab1c9016473a791b7ffc35d0ff10b
90135ce36d7ca06957b0660c09b74a0ce3427ad5
380d9840882c16f2f3d54ec8b042760ecf7658768f723a812f8655cad44cb9ab
GET /voyage_search.css HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: text/css
Content-Length: 7357
Last-Modified: Sun, 11 Mar 2018 10:07:07 GMT
Connection: keep-alive
ETag: "5aa4ffcb-1cbd"
Accept-Ranges: bytes
vipip.info/js/scriptaculous.js_load=effects,builder.html
188.40.131.137200 OK 608 B URL HTTP/1.1 vipip.info/js/scriptaculous.js_load=effects,builder.html
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 90cc672ca80d5889b3d9ab06f66e59bb
2f1a5c1eb05c80889e49be79e38bc2e397ccce45
2471063a31d1849de41fed524302365fb3c9f3efa4ed7e995ef1ea33e085bb3e
Analyzer Verdict Alert fortinet Malware
GET /js/scriptaculous.js_load=effects,builder.html HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
vipip.info/components/com_datsogallery/js/lightbox/js/prototype.js
188.40.131.137200 OK 640 B URL HTTP/1.1 vipip.info/components/com_datsogallery/js/lightbox/js/prototype.js
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 79a00dc30c7bffead190f53615cfdea1
3d91eeed23b4edbc348e8aa52ee2f92a00649dad
a4bc9022af8e6f89ea2a3e05b32696429f5d1b2e790bb13d6cad763222b66b29
Analyzer Verdict Alert fortinet Malware
NIDS Severity Alert suricata medium ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
GET /components/com_datsogallery/js/lightbox/js/prototype.js HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 640
Last-Modified: Sun, 11 Mar 2018 10:09:21 GMT
Connection: keep-alive
ETag: "5aa50051-280"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0a38e0326d6258e2aea2f8708a86dd23
853c43d7559a51ce455f6334d35949a8f6913dd5
15e99937f68b1daef2b0bfbf724fbd460ca52c9a520a03e153083a8e57d33f06
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15E99937F68B1DAEF2B0BFBF724FBD460CA52C9A520A03E153083A8E57D33F06"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=199
Expires: Mon, 30 Jan 2023 04:12:16 GMT
Date: Mon, 30 Jan 2023 04:08:57 GMT
Connection: keep-alive
vipip.info/components/com_datsogallery/js/lightbox/js/lightbox.js
188.40.131.137200 OK 639 B URL HTTP/1.1 vipip.info/components/com_datsogallery/js/lightbox/js/lightbox.js
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 298cea6e784fa2d55f9f58e1778e996d
5eba7cfde8d78269556f4830f76eda2962689ba7
68537c6b3578ddcf8cc956232921d9d8f3155db62c078108818a14c29c96316d
Analyzer Verdict Alert fortinet Malware
NIDS Severity Alert suricata medium ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
GET /components/com_datsogallery/js/lightbox/js/lightbox.js HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 639
Last-Modified: Sun, 11 Mar 2018 10:09:20 GMT
Connection: keep-alive
ETag: "5aa50050-27f"
Accept-Ranges: bytes
vipip.info/components/com_datsogallery/js/lightbox/css/lightbox.css
188.40.131.137200 OK 619 B URL HTTP/1.1 vipip.info/components/com_datsogallery/js/lightbox/css/lightbox.css
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1b36faf169c87c161586cfd42664a045
6e5777a49bed635758914e445884ec7386654a66
96eb3655155dae87ca3049bd125c2cb891b2a2064d24ab20f17be568bc7dc297
NIDS Severity Alert suricata medium ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
GET /components/com_datsogallery/js/lightbox/css/lightbox.css HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: text/css
Content-Length: 619
Last-Modified: Sun, 11 Mar 2018 10:09:19 GMT
Connection: keep-alive
ETag: "5aa5004f-26b"
Accept-Ranges: bytes
vipip.info/components/com_datsogallery/js/lightbox/js/scriptaculous.js_load=effects.html
188.40.131.137200 OK 644 B URL HTTP/1.1 vipip.info/components/com_datsogallery/js/lightbox/js/scriptaculous.js_load=effects.html
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 88a911824e84c4af841fbdc46420780f
053855588bd400d923053b098d68020626839dcb
b8db917b319d3f2be58241252fa07efe9ff6c25734e76062861c2e9de0cab7a3
Analyzer Verdict Alert fortinet Malware
NIDS Severity Alert suricata medium ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
GET /components/com_datsogallery/js/lightbox/js/scriptaculous.js_load=effects.html HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 25382bbe556c54c0b468893cc77c9650
2ec4951cf2abcb16229ba5e2c1eec864d14968d7
f610b3aa87e402dd06f35b3c9b657785391114b697612ac45055bc80f684e081
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610B3AA87E402DD06F35B3C9B657785391114B697612AC45055BC80F684E081"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17313
Expires: Mon, 30 Jan 2023 08:57:30 GMT
Date: Mon, 30 Jan 2023 04:08:57 GMT
Connection: keep-alive
vipip.info/modules/mod_gtranslate/tmpl/lang/blank.png
188.40.131.137200 OK 95 B URL HTTP/1.1 vipip.info/modules/mod_gtranslate/tmpl/lang/blank.png
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /modules/mod_gtranslate/tmpl/lang/blank.png HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/png
Content-Length: 95
Last-Modified: Sun, 11 Mar 2018 10:15:53 GMT
Connection: keep-alive
ETag: "5aa501d9-5f"
Accept-Ranges: bytes
vipip.info/images/stories/rt.gif
188.40.131.137200 OK 2.9 kB URL HTTP/1.1 vipip.info/images/stories/rt.gif
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 665 x 25\012- data
Hash 924c61f0cd52345864be06d33dce62ec
1186c70cb561d42ab26f847f096b921bd86e166e
179457c96443949b0fcda7ff7983379ee6640ee589e5788546f07e1da256e491
GET /images/stories/rt.gif HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/gif
Content-Length: 2851
Last-Modified: Sun, 11 Mar 2018 10:10:10 GMT
Connection: keep-alive
ETag: "5aa50082-b23"
Accept-Ranges: bytes
vipip.info/images/stories/countries/thumbs/italiya/thumb_italiya-a2dad.jpg
188.40.131.137200 OK 8.6 kB URL HTTP/1.1 vipip.info/images/stories/countries/thumbs/italiya/thumb_italiya-a2dad.jpg
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 213x110, components 3\012- data
Hash fbaf90fc519aff5bee84b65f1c6632c4
3ae608daf0311f0f6d59913d1d8f49b54855a18a
2816530eb2b3ce1a1c4470fdb4e779ccb61ee542484556c84830778f3d24a0bb
GET /images/stories/countries/thumbs/italiya/thumb_italiya-a2dad.jpg HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/jpeg
Content-Length: 8557
Last-Modified: Sun, 11 Mar 2018 10:12:28 GMT
Connection: keep-alive
ETag: "5aa5010c-216d"
Accept-Ranges: bytes
vipip.info/images/stories/countries/thumbs/vetnam/thumb_vetnam-9a961.jpg
188.40.131.137200 OK 7.9 kB URL HTTP/1.1 vipip.info/images/stories/countries/thumbs/vetnam/thumb_vetnam-9a961.jpg
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 150x109, components 3\012- data
Hash aa5097d53cfd9e3068cd99b6fd4456c6
017eb4e6a3ca95cf8a7f556cb00dd60b1c2dd668
7e27fcd2658a58141d30db18a71fd53e799031d3f4915ea72bee93af1a7775f0
GET /images/stories/countries/thumbs/vetnam/thumb_vetnam-9a961.jpg HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/jpeg
Content-Length: 7887
Last-Modified: Sun, 11 Mar 2018 10:15:12 GMT
Connection: keep-alive
ETag: "5aa501b0-1ecf"
Accept-Ranges: bytes
vipip.info/images/stories/countries/thumbs/indiya/thumb_indiya-347b8.jpg
188.40.131.137200 OK 7.2 kB URL HTTP/1.1 vipip.info/images/stories/countries/thumbs/indiya/thumb_indiya-347b8.jpg
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 163x110, components 3\012- data
Hash 73290db2338fe8a40b2f9bd50b436b4c
43b6b02f7f90fe137d518bd65d362abb23eab6e3
e85fea9932bbc3ba8af779b50ea079289c835b6e404fa400ffadad3d9570b467
GET /images/stories/countries/thumbs/indiya/thumb_indiya-347b8.jpg HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/jpeg
Content-Length: 7165
Last-Modified: Sun, 11 Mar 2018 10:12:10 GMT
Connection: keep-alive
ETag: "5aa500fa-1bfd"
Accept-Ranges: bytes
vipip.info/images/stories/pt.jpg
188.40.131.137200 OK 13 kB URL HTTP/1.1 vipip.info/images/stories/pt.jpg
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 665x25, components 3\012- data
Hash efbbe74b9d5ee58b5a908f74f7d1b60d
a978775241181649959dfbf3f1fbc31a750d961e
884bd14d78e0f0ee295c3ad8091f959da8c8f20f19a11f8cee2c0ac50c318633
GET /images/stories/pt.jpg HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/jpeg
Content-Length: 12738
Last-Modified: Sun, 11 Mar 2018 10:10:10 GMT
Connection: keep-alive
ETag: "5aa50082-31c2"
Accept-Ranges: bytes
get.mycounter.ua/counter2.0.js
62.149.0.249200 OK 3.7 kB URL HTTP/1.1 get.mycounter.ua/counter2.0.js
IP 62.149.0.249:0
File type HTML document, ASCII text
Hash 60dd4a0324b6a778a81131c4dc6b2998
a723d940f991f781044a948e4f423331646bf70a
266a3771ef39c4855333a8ff90d4a48d8c19f2ddb561ceb41a5a8ab4747304f8
GET /counter2.0.js HTTP/1.1
Host: get.mycounter.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vipip.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: application/javascript
Content-Length: 3653
Last-Modified: Mon, 11 Jan 2021 22:30:07 GMT
Connection: keep-alive
ETag: "5ffcd16f-e45"
Expires: Mon, 30 Jan 2023 05:08:57 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes
vipip.info/templates/siteground-j15-38/images/bodybg.jpg
188.40.131.137200 OK 858 B URL HTTP/1.1 vipip.info/templates/siteground-j15-38/images/bodybg.jpg
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 1x400, components 3\012- data
Hash 725e8a5a1140a2e5d76f27dd3b4bf137
a4086691634ce1af49a8f87a4385ba6901f182ab
73b569b9ce3e60670f72ea108ce913caa3400ef369e20191fa73c5aba214545d
GET /templates/siteground-j15-38/images/bodybg.jpg HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/templates/siteground-j15-38/css/template.css
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/jpeg
Content-Length: 858
Last-Modified: Sun, 11 Mar 2018 10:17:05 GMT
Connection: keep-alive
ETag: "5aa50221-35a"
Accept-Ranges: bytes
vipip.info/templates/siteground-j15-38/images/menu_li.jpg
188.40.131.137200 OK 1.5 kB URL HTTP/1.1 vipip.info/templates/siteground-j15-38/images/menu_li.jpg
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 200x22, components 3\012- data
Hash 7d58ab3302a4c800ba16eca8e1ee2108
5d555f765652b97ef59637b8d8169afb880045d6
0172ef04249086b60f67e70a1d11c186abb5cbbb02af681effa3656460e10941
GET /templates/siteground-j15-38/images/menu_li.jpg HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/templates/siteground-j15-38/css/template.css
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/jpeg
Content-Length: 1467
Last-Modified: Sun, 11 Mar 2018 10:17:14 GMT
Connection: keep-alive
ETag: "5aa5022a-5bb"
Accept-Ranges: bytes
vipip.info/templates/siteground-j15-38/images/content.jpg
188.40.131.137200 OK 7.4 kB URL HTTP/1.1 vipip.info/templates/siteground-j15-38/images/content.jpg
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2009:11:01 11:01:52], progressive, precision 8, 1106x1, components 3\012- data
Hash 3af794c72305886145ea2cbf4285437a
1decab4e35204f677c173acbe0a09af91b3a674b
24bfcd2831fc671f4b911b188ce0d4dd3074ed30f432285ffc49113074b964f0
GET /templates/siteground-j15-38/images/content.jpg HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/templates/siteground-j15-38/css/template.css
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/jpeg
Content-Length: 7370
Last-Modified: Sun, 11 Mar 2018 10:17:06 GMT
Connection: keep-alive
ETag: "5aa50222-1cca"
Accept-Ranges: bytes
vipip.info/media/system/js/mootools.js
188.40.131.137200 OK 661 B URL HTTP/1.1 vipip.info/media/system/js/mootools.js
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 5x22, components 3\012- data
Hash 603e9fdfc6f591c4d0d7f62f0a71eed7
7d39d454e82461f70caf35cbdf4780ca6efd1cdc
7c25111c2f1382ecdb1faeb83661542de7cabf41759a4e814285771696021f3c
Analyzer Verdict Alert fortinet Malware
GET /media/system/js/mootools.js HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 74480
Last-Modified: Sun, 11 Mar 2018 10:15:47 GMT
Connection: keep-alive
ETag: "5aa501d3-122f0"
Accept-Ranges: bytes
vipip.info/templates/siteground-j15-38/images/top.jpg
188.40.131.137200 OK 57 kB URL HTTP/1.1 vipip.info/templates/siteground-j15-38/images/top.jpg
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1106x120, components 3\012- data
Hash c043b7210d7d62e031ec51b700db4b47
a2ea0642396751e1ff6e4614bf5a237e80c0155b
08f37041ecc36495d29d888dc5ae19ced436bd717839b8b7179140ab93ca19b2
GET /templates/siteground-j15-38/images/top.jpg HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/templates/siteground-j15-38/css/template.css
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/jpeg
Content-Length: 56685
Last-Modified: Sun, 11 Mar 2018 10:17:18 GMT
Connection: keep-alive
ETag: "5aa5022e-dd6d"
Accept-Ranges: bytes
vipip.info/templates/siteground-j15-38/images/inner_shadows.jpg
188.40.131.137200 OK 326 B URL HTTP/1.1 vipip.info/templates/siteground-j15-38/images/inner_shadows.jpg
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a5e611647ab1b273ba10b6396b7f87bb
b1121cd7e7e0a4a06e6b27a7e296bdaa92f4b7a7
7c8001d477cd98adca63aa833cb30c6278b34d6b74f29beb651ca226b305f185
NIDS Severity Alert suricata medium ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
GET /templates/siteground-j15-38/images/inner_shadows.jpg HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/templates/siteground-j15-38/css/template.css
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/jpeg
Content-Length: 326
Last-Modified: Sun, 11 Mar 2018 10:17:12 GMT
Connection: keep-alive
ETag: "5aa50228-146"
Accept-Ranges: bytes
vipip.info/templates/siteground-j15-38/images/left_body.gif
188.40.131.137200 OK 5.7 kB URL HTTP/1.1 vipip.info/templates/siteground-j15-38/images/left_body.gif
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 180 x 2000\012- data
Hash 250384e92c3c0a75f811db429fa8cb94
1609e36d4e5ca9da6ee22cb27e4d8d45a897537b
617bca1bcf57598f9fbc181c2bc1295614d51c5144222f8f45db34922e8b41b4
GET /templates/siteground-j15-38/images/left_body.gif HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/templates/siteground-j15-38/css/template.css
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/gif
Content-Length: 5710
Last-Modified: Sun, 11 Mar 2018 10:17:13 GMT
Connection: keep-alive
ETag: "5aa50229-164e"
Accept-Ranges: bytes
vipip.info/templates/siteground-j15-38/images/left_top.gif
188.40.131.137200 OK 281 B URL HTTP/1.1 vipip.info/templates/siteground-j15-38/images/left_top.gif
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 180 x 6\012- data
Hash 5f5d7ce06e1b4be7bd2820fa10b1f8e7
8940d0094d942cbd36de4884c6cf8300bb75502b
22f669ddf0f2f63185d2de9210545974b19fdd7bbc7c044f263f88fb51810389
GET /templates/siteground-j15-38/images/left_top.gif HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/templates/siteground-j15-38/css/template.css
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/gif
Content-Length: 281
Last-Modified: Sun, 11 Mar 2018 10:17:14 GMT
Connection: keep-alive
ETag: "5aa5022a-119"
Accept-Ranges: bytes
w.uptolike.com/widgets/v1/zp.js?pid=lf3d80f32213e844240a9ca52cd7feded118443550
95.163.114.204200 OK 11 kB URL HTTP/1.1 w.uptolike.com/widgets/v1/zp.js?pid=lf3d80f32213e844240a9ca52cd7feded118443550
IP 95.163.114.204:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (585)
Hash 2a240d28ec9d7b992c3fff782149a033
7d634daf65719764af549001193bc845a6aeb768
579ec484edc829963ef050cdd7c3a36f91a318feaa62a760ae91156fdf989af7
GET /widgets/v1/zp.js?pid=lf3d80f32213e844240a9ca52cd7feded118443550 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vipip.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: utl_id2=30492797801; Expires=Wed, 29 Jan 2025 04:08:57 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="CPDD9IbgMBAAIPCUv4/gMCjwlL+P4DAwAO/A5veTohcF2rNo8hvvH8c="; Expires=Wed, 29 Jan 2025 04:08:57 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
Cache-Control: max-age=31556926
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip
vipip.info/templates/siteground-j15-38/images/h3.jpg
188.40.131.137200 OK 2.9 kB URL HTTP/1.1 vipip.info/templates/siteground-j15-38/images/h3.jpg
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 180x30, components 3\012- data
Hash 1e0cea63d6255bbc7b26fb4277451376
13ed9ec5bc8f28d0e9e0afbba7ae194b70442313
9e7c5765e28b7d27ae0e143fd918d0b3fe2966285fa2fdb3e6e33a042b0a53ee
GET /templates/siteground-j15-38/images/h3.jpg HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/templates/siteground-j15-38/css/template.css
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/jpeg
Content-Length: 2865
Last-Modified: Sun, 11 Mar 2018 10:17:12 GMT
Connection: keep-alive
ETag: "5aa50228-b31"
Accept-Ranges: bytes
vipip.info/templates/siteground-j15-38/images/Volna_1.jpg
188.40.131.137200 OK 91 kB URL HTTP/1.1 vipip.info/templates/siteground-j15-38/images/Volna_1.jpg
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1106x150, components 3\012- data
Hash 56832dc0941e0303ee4bdbd561c629ec
f9323b1144384acaf50a398bb4c9d5185dff9680
5c090d238b99437030bc1bb234bcdc497a469c8da2bc2a2621e3f65206cf405c
GET /templates/siteground-j15-38/images/Volna_1.jpg HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/templates/siteground-j15-38/css/template.css
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/jpeg
Content-Length: 91065
Last-Modified: Sun, 11 Mar 2018 10:17:22 GMT
Connection: keep-alive
ETag: "5aa50232-163b9"
Accept-Ranges: bytes
vipip.info/templates/siteground-j15-38/images/menu_row.gif
188.40.131.137200 OK 53 B URL HTTP/1.1 vipip.info/templates/siteground-j15-38/images/menu_row.gif
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 3 x 5\012- data
Hash 5e908920594ee253ee7f61361aa899e2
df5c10a383a77a8caabc804bb2d8f4eb7c2ccabd
5ba1483389e38783d90ddb142b75308c501313e46cf481e505abf15f046eb6f4
GET /templates/siteground-j15-38/images/menu_row.gif HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/templates/siteground-j15-38/css/template.css
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/gif
Content-Length: 53
Last-Modified: Sun, 11 Mar 2018 10:17:16 GMT
Connection: keep-alive
ETag: "5aa5022c-35"
Accept-Ranges: bytes
vipip.info/images/stories/countries/thumbs/kipr/thumb_kipr-8410c.jpg
188.40.131.137200 OK 5.7 kB URL HTTP/1.1 vipip.info/images/stories/countries/thumbs/kipr/thumb_kipr-8410c.jpg
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 134x110, components 3\012- data
Hash f84de707122ae759663c68cf1945169e
d172d2468342e10281ff3c523b57b4327c849821
03341ca0e27eaa66a7241db28c638f2200c7c85cf4f1e781ef71eeb815e409de
GET /images/stories/countries/thumbs/kipr/thumb_kipr-8410c.jpg HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/jpeg
Content-Length: 5718
Last-Modified: Sun, 11 Mar 2018 10:12:44 GMT
Connection: keep-alive
ETag: "5aa5011c-1656"
Accept-Ranges: bytes
vipip.info/images/stories/countries/thumbs/ispaniya/thumb_ispaniya-718fc.jpg
188.40.131.137200 OK 11 kB URL HTTP/1.1 vipip.info/images/stories/countries/thumbs/ispaniya/thumb_ispaniya-718fc.jpg
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 144x110, components 3\012- data
Hash 8637b3e6ddb7c2bde0dcd366784d3939
417e63e017ed5343bd4ccc2d3410a33b73ef2fbc
2fd3266f9fcf872e6e81c7564ce728300b84d667eaa5bda4cfb3f99eef0a2054
GET /images/stories/countries/thumbs/ispaniya/thumb_ispaniya-718fc.jpg HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/jpeg
Content-Length: 10822
Last-Modified: Sun, 11 Mar 2018 10:12:20 GMT
Connection: keep-alive
ETag: "5aa50104-2a46"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a4a5ad0b33c98765994f757a1d85930b
788e5b799e34902252e968a870c32d26ce68dd56
db7e7a89917f58ac68bfd21fb7a89cb429ac35603dcef0de6331226727ea6e2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB7E7A89917F58AC68BFD21FB7A89CB429AC35603DCEF0DE6331226727EA6E2D"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17312
Expires: Mon, 30 Jan 2023 08:57:29 GMT
Date: Mon, 30 Jan 2023 04:08:57 GMT
Connection: keep-alive
get.mycounter.ua/counter.php?id=164104&w=http%3A//vipip.info/&s=1280x1024x24&c=1&j=5
62.149.0.249200 OK 535 B URL HTTP/1.1 get.mycounter.ua/counter.php?id=164104&w=http%3A//vipip.info/&s=1280x1024x24&c=1&j=5
IP 62.149.0.249:0
File type PNG image data, 88 x 31, 8-bit colormap, non-interlaced\012- data
Hash cbc0604704a0dba6c9be5c9699a45648
b32ee32e2f1948c0e0a9b6ccd1b6dbd73ad49046
0577753dd89978d43d0adce61d980531edad00882f3f73a926ee480c414f77ce
GET /counter.php?id=164104&w=http%3A//vipip.info/&s=1280x1024x24&c=1&j=5 HTTP/1.1
Host: get.mycounter.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vipip.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 535
Connection: keep-alive
Date: Mon, 30 Jan 2023 06:08:57 GMT
Server: MyCounter TCP Server v.2.0.0
Accept-Ranges: bytes
Expires: 0
Cache-control: no-cache
vipip.info/modules/mod_gtranslate/tmpl/lang/16a.png
188.40.131.137200 OK 18 kB URL HTTP/1.1 vipip.info/modules/mod_gtranslate/tmpl/lang/16a.png
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 716 x 616, 8-bit/color RGBA, non-interlaced\012- data
Hash 538262325eb1567b28cf15b15141ea4c
ca2edc664cf1b3684414d7c388f84e47d27f73a3
3fd56d8c7db1d92dc43efc018ad99d64d21e3ee3355ac3260fd1c020bcd185ca
GET /modules/mod_gtranslate/tmpl/lang/16a.png HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
Cookie: s=1
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/png
Content-Length: 18170
Last-Modified: Sun, 11 Mar 2018 10:15:52 GMT
Connection: keep-alive
ETag: "5aa501d8-46fa"
Accept-Ranges: bytes
vipip.info/images/stories/countries/thumbs/malta/thumb_malta-c3a91.jpg
188.40.131.137200 OK 6.3 kB URL HTTP/1.1 vipip.info/images/stories/countries/thumbs/malta/thumb_malta-c3a91.jpg
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 91x110, components 3\012- data
Hash a80bf6c1fe104fb7672c2effab3ba677
3d7ec760323e3405b3f8d6caeff68161b5a23f7a
8308609ff3bc172a8da255daaca78f117607231081c424b04b55a2016ffca645
GET /images/stories/countries/thumbs/malta/thumb_malta-c3a91.jpg HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/jpeg
Content-Length: 6250
Last-Modified: Sun, 11 Mar 2018 10:13:34 GMT
Connection: keep-alive
ETag: "5aa5014e-186a"
Accept-Ranges: bytes
www.acint.net/aci.js
157.90.179.28200 OK 7.8 kB IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1649)
Hash 23df47b4330754db70e9c1e32f0092d6
dea956b3a9dad9fa3cc352180be435943e8d0352
0056d5c8969a597094abb6cc9f3a383631ba9c0f13ac620d735f0788807fb4de
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vipip.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Mon, 30 Jan 2023 04:08:57 GMT
content-type: application/x-javascript
content-length: 7757
last-modified: Mon, 09 Jan 2023 08:01:40 GMT
etag: "63bbc9e4-1e4d"
content-encoding: gzip
expires: Mon, 30 Jan 2023 16:08:57 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1675051748006380
95.163.114.204200 OK 84 B URL HTTP/1.1 w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1675051748006380
IP 95.163.114.204:0
ASN #12695 LLC Digital Network
File type ASCII text, with no line terminators
Hash b2497183956bb3a0c77999f016dc53b4
871a67a13c1331cbc52c5e5bc10eae8b4ac11ffe
87bc8af3318f6ebbeaf8003bbe30510d9fed1ebe44666fb3486ddfa838a061a8
GET /widgets/v1/version.js?cb=cb__utl_cb_share_1675051748006380 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vipip.info/
Cookie: utl_id2=30492797801; utl_dat="CPDD9IbgMBAAIPCUv4/gMCjwlL+P4DAwAO/A5veTohcF2rNo8hvvH8c="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 24 Jan 2023 08:31:58 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Set-Cookie: utl_id2=30492797801; Expires=Wed, 29 Jan 2025 04:08:57 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="CPDD9IbgMBAAIPCUv4/gMCjwlL+P4DAwAO/A5veTohcF2rNo8hvvH8c="; Expires=Wed, 29 Jan 2025 04:08:57 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip
vipip.info/templates/siteground-j15-38/images/bg_b_.jpg
188.40.131.137200 OK 60 kB URL HTTP/1.1 vipip.info/templates/siteground-j15-38/images/bg_b_.jpg
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2009:11:01 11:07:45], progressive, precision 8, 1106x120, components 3\012- data
Hash 0941c6f8e6094d8ea525daa0ac15f73b
198758253f5be29854f09fdb6bed97b81c9a9b18
32d3ba64cd899061316d865fcb991e5df0366235239e34475ce64f63b70a6ab4
GET /templates/siteground-j15-38/images/bg_b_.jpg HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/templates/siteground-j15-38/css/template.css
Cookie: s=1
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/jpeg
Content-Length: 60371
Last-Modified: Sun, 11 Mar 2018 10:17:05 GMT
Connection: keep-alive
ETag: "5aa50221-ebd3"
Accept-Ranges: bytes
www.acint.net/mc/?dp=10
157.90.179.28302 Moved Temporarily 142 B IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10
www.acint.net/oci.js?t=1675051748083
157.90.179.28302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/oci.js?t=1675051748083
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /oci.js?t=1675051748083 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/oci.js?t=1675051748083
www.acint.net/hit/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=74912473&u=http%3A%2F%2Fvipip.info%2F&r=&rs=1280x1024&t=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0%2C%20%D0%A2%D1%83%D1%80%D1%86%D0%B8%D1%8F%2C%20%D0%95%D0%B3%D0%B8%D0%BF%D0%B5%D1%82%2C%20%D0%AD%D0%BA%D0%B7%D0%BE%D1%82%D0%B8%D0%BA%D0%B0%2C%20%D0%9E%D1%82%D0%B4%D1%8B%D1%85%20%D0%B2%20%D0%95%D0%B2%D1%80%D0%BE%D0%BF%D0%B5%2C%20%D0%AD%D0%BA%D1%81%D0%BA%D1%83%D1%80%D1%81%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%2C%20%D0%91%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%82%D1%83%D1%80%D0%B8%D0%B7%D0%BC%2C%20Welcome%20to%20Ukraine.&oE=1&oP=1&dT=2023-01-30T04%3A09%3A08.080&fu=4c2e3bd9-714b-487f-bfcd-3bf18e57d53a
157.90.179.28302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/hit/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=74912473&u=http%3A%2F%2Fvipip.info%2F&r=&rs=1280x1024&t=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0%2C%20%D0%A2%D1%83%D1%80%D1%86%D0%B8%D1%8F%2C%20%D0%95%D0%B3%D0%B8%D0%BF%D0%B5%D1%82%2C%20%D0%AD%D0%BA%D0%B7%D0%BE%D1%82%D0%B8%D0%BA%D0%B0%2C%20%D0%9E%D1%82%D0%B4%D1%8B%D1%85%20%D0%B2%20%D0%95%D0%B2%D1%80%D0%BE%D0%BF%D0%B5%2C%20%D0%AD%D0%BA%D1%81%D0%BA%D1%83%D1%80%D1%81%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%2C%20%D0%91%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%82%D1%83%D1%80%D0%B8%D0%B7%D0%BC%2C%20Welcome%20to%20Ukraine.&oE=1&oP=1&dT=2023-01-30T04%3A09%3A08.080&fu=4c2e3bd9-714b-487f-bfcd-3bf18e57d53a
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /hit/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=74912473&u=http%3A%2F%2Fvipip.info%2F&r=&rs=1280x1024&t=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0%2C%20%D0%A2%D1%83%D1%80%D1%86%D0%B8%D1%8F%2C%20%D0%95%D0%B3%D0%B8%D0%BF%D0%B5%D1%82%2C%20%D0%AD%D0%BA%D0%B7%D0%BE%D1%82%D0%B8%D0%BA%D0%B0%2C%20%D0%9E%D1%82%D0%B4%D1%8B%D1%85%20%D0%B2%20%D0%95%D0%B2%D1%80%D0%BE%D0%BF%D0%B5%2C%20%D0%AD%D0%BA%D1%81%D0%BA%D1%83%D1%80%D1%81%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%2C%20%D0%91%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%82%D1%83%D1%80%D0%B8%D0%B7%D0%BC%2C%20Welcome%20to%20Ukraine.&oE=1&oP=1&dT=2023-01-30T04%3A09%3A08.080&fu=4c2e3bd9-714b-487f-bfcd-3bf18e57d53a HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=74912473&u=http%3A%2F%2Fvipip.info%2F&r=&rs=1280x1024&t=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0%2C%20%D0%A2%D1%83%D1%80%D1%86%D0%B8%D1%8F%2C%20%D0%95%D0%B3%D0%B8%D0%BF%D0%B5%D1%82%2C%20%D0%AD%D0%BA%D0%B7%D0%BE%D1%82%D0%B8%D0%BA%D0%B0%2C%20%D0%9E%D1%82%D0%B4%D1%8B%D1%85%20%D0%B2%20%D0%95%D0%B2%D1%80%D0%BE%D0%BF%D0%B5%2C%20%D0%AD%D0%BA%D1%81%D0%BA%D1%83%D1%80%D1%81%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%2C%20%D0%91%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%82%D1%83%D1%80%D0%B8%D0%B7%D0%BC%2C%20Welcome%20to%20Ukraine.&oE=1&oP=1&dT=2023-01-30T04%3A09%3A08.080&fu=4c2e3bd9-714b-487f-bfcd-3bf18e57d53a
www.acint.net/mc/?dp=10
157.90.179.28302 Found 154 B IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://vipip.info/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 30 Jan 2023 04:08:57 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Mon, 30-Jan-23 04:18:57 GMT
aid=LgR5GmPXQtm7kgOhf7Q2AnAGuXDRMUDuS1dY5MiNk+f4pjYv; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=74912473&u=http%3A%2F%2Fvipip.info%2F&r=&rs=1280x1024&t=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0%2C%20%D0%A2%D1%83%D1%80%D1%86%D0%B8%D1%8F%2C%20%D0%95%D0%B3%D0%B8%D0%BF%D0%B5%D1%82%2C%20%D0%AD%D0%BA%D0%B7%D0%BE%D1%82%D0%B8%D0%BA%D0%B0%2C%20%D0%9E%D1%82%D0%B4%D1%8B%D1%85%20%D0%B2%20%D0%95%D0%B2%D1%80%D0%BE%D0%BF%D0%B5%2C%20%D0%AD%D0%BA%D1%81%D0%BA%D1%83%D1%80%D1%81%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%2C%20%D0%91%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%82%D1%83%D1%80%D0%B8%D0%B7%D0%BC%2C%20Welcome%20to%20Ukraine.&oE=1&oP=1&dT=2023-01-30T04%3A09%3A08.080&fu=4c2e3bd9-714b-487f-bfcd-3bf18e57d53a
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=74912473&u=http%3A%2F%2Fvipip.info%2F&r=&rs=1280x1024&t=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0%2C%20%D0%A2%D1%83%D1%80%D1%86%D0%B8%D1%8F%2C%20%D0%95%D0%B3%D0%B8%D0%BF%D0%B5%D1%82%2C%20%D0%AD%D0%BA%D0%B7%D0%BE%D1%82%D0%B8%D0%BA%D0%B0%2C%20%D0%9E%D1%82%D0%B4%D1%8B%D1%85%20%D0%B2%20%D0%95%D0%B2%D1%80%D0%BE%D0%BF%D0%B5%2C%20%D0%AD%D0%BA%D1%81%D0%BA%D1%83%D1%80%D1%81%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%2C%20%D0%91%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%82%D1%83%D1%80%D0%B8%D0%B7%D0%BC%2C%20Welcome%20to%20Ukraine.&oE=1&oP=1&dT=2023-01-30T04%3A09%3A08.080&fu=4c2e3bd9-714b-487f-bfcd-3bf18e57d53a
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=74912473&u=http%3A%2F%2Fvipip.info%2F&r=&rs=1280x1024&t=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%2C%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0%2C%20%D0%A2%D1%83%D1%80%D1%86%D0%B8%D1%8F%2C%20%D0%95%D0%B3%D0%B8%D0%BF%D0%B5%D1%82%2C%20%D0%AD%D0%BA%D0%B7%D0%BE%D1%82%D0%B8%D0%BA%D0%B0%2C%20%D0%9E%D1%82%D0%B4%D1%8B%D1%85%20%D0%B2%20%D0%95%D0%B2%D1%80%D0%BE%D0%BF%D0%B5%2C%20%D0%AD%D0%BA%D1%81%D0%BA%D1%83%D1%80%D1%81%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%2C%20%D0%91%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%82%D1%83%D1%80%D0%B8%D0%B7%D0%BC%2C%20Welcome%20to%20Ukraine.&oE=1&oP=1&dT=2023-01-30T04%3A09%3A08.080&fu=4c2e3bd9-714b-487f-bfcd-3bf18e57d53a HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://vipip.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 30 Jan 2023 04:08:57 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=nVqzHGPXQtkfowM6LSRhAhxHoCZjyKgakrDyVNmj6j50wels; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 03:41:41 GMT
age: 1636
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
vipip.info/templates/siteground-j15-38/favicon.ico
188.40.131.137200 OK 894 B URL HTTP/1.1 vipip.info/templates/siteground-j15-38/favicon.ico
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
File type MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel\012- data
Hash aafd82715c03d121bbc508cb5564fa95
3e7a8674b766dee31da85ab47eac271968538c89
d1b79ec6fe6fbeeb183a8016fda6c55b2dfe9a8377d55dae63728857b870688e
GET /templates/siteground-j15-38/favicon.ico HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
Cookie: s=1; fid=4c2e3bd9-714b-487f-bfcd-3bf18e57d53a
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 894
Connection: keep-alive
Last-Modified: Sun, 11 Mar 2018 10:16:59 GMT
ETag: "37e-5672053607cc0"
Accept-Ranges: bytes
counter.yadro.ru/hit?t54.6;r;s1280*1024*24;uhttp%3A//vipip.info/;0.43406928320450944
88.212.201.198302 Moved Temporarily 32 B URL HTTP/1.1 counter.yadro.ru/hit?t54.6;r;s1280*1024*24;uhttp%3A//vipip.info/;0.43406928320450944
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type HTML document, ASCII text
Hash 3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
GET /hit?t54.6;r;s1280*1024*24;uhttp%3A//vipip.info/;0.43406928320450944 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 302 Moved Temporarily
Date: Mon, 30 Jan 2023 04:08:57 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit?t54.6;r;s1280*1024*24;uhttp%3A//vipip.info/;0.43406928320450944
Content-Length: 32
Expires: Sat, 29 Jan 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
mc.yandex.ru/metrika/watch.js
87.250.251.119302 Moved temporarily 0 B URL HTTP/1.1 mc.yandex.ru/metrika/watch.js
IP 87.250.251.119:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 302 Moved temporarily
Content-Length: 0
Location: https://mc.yandex.ru/metrika/watch.js
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10048
Expires: Mon, 30 Jan 2023 06:56:26 GMT
Date: Mon, 30 Jan 2023 04:08:58 GMT
Connection: keep-alive
a.utraff.com/sync?ssp=Sape
172.67.217.151204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=Sape
IP 172.67.217.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=Sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 30 Jan 2023 04:08:58 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Wed, 01 Mar 2023 07:08:58 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Wed, 01 Mar 2023 07:08:58 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LA22HVMuqwVfQQoK1G83w6kMQmmauJfQjpyeruiv6a2ddo26jKxy7M5p2PoglcZPpgxprcNmB6nfmIZwHscQnnBqxRQhUjUiTKVKcAghDLpsrPYim5JsveCsRdFPXyg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791759732928b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dm-eu.hybrid.ai/match?id=106&vid=1CB35A9DD942D7633A03A31F0261242D
37.18.103.21204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=1CB35A9DD942D7633A03A31F0261242D
IP 37.18.103.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 30 Jan 2023 04:08:58 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=3d85cbfa3874bcd75741; Expires=Tue, 30 Jan 2024 04:08:57 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 509
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.acint.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d5922d7d7a0587dd4f7bd1efda209331
114ff3c4d8948df7350b176a910bc91d8617d8c1
d769bd78f5c383c81c165fd85139ae31011d41d8e4f73aafa7db265a73a93114
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D769BD78F5C383C81C165FD85139AE31011D41D8E4F73AAFA7DB265A73A93114"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10254
Expires: Mon, 30 Jan 2023 06:59:52 GMT
Date: Mon, 30 Jan 2023 04:08:58 GMT
Connection: keep-alive
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1CB35A9DD942D7633A03A31F0261242D
95.216.101.186204 No Content 0 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1CB35A9DD942D7633A03A31F0261242D
IP 95.216.101.186:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 04:08:58 GMT
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 4cfb1605a580eff39143a99d1bd8337c
a92abe5c4f515b0e801cb940ac68fdb61538d486
154af73c522512729424ea0359a33c156805726b7bdd7dcfb898be53cb578b84
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 03 Feb 2023 02:58:15 GMT
ETag: "a92abe5c4f515b0e801cb940ac68fdb61538d486"
Last-Modified: Mon, 30 Jan 2023 02:58:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3031
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791759741b191bfe-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 84eac0dd3a64fcee09b9ad9e8d5245db
26f9cd1020f052cead6529b8099de54156572ffd
5f019b04cb268febc7ddb43fc6eb6da5717ea4ebd7b0fb0410aae581c33fd925
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Fri, 03 Feb 2023 01:15:26 GMT
ETag: "26f9cd1020f052cead6529b8099de54156572ffd"
Last-Modified: Mon, 30 Jan 2023 01:15:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 316
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791759743ee0b4fd-OSL
www.acint.net/oci/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=33990362&oid=39e8192718f4ed5a678fc273d654392b
157.90.179.28302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/oci/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=33990362&oid=39e8192718f4ed5a678fc273d654392b
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /oci/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=33990362&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/oci/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=33990362&oid=39e8192718f4ed5a678fc273d654392b
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 53c0ff47b60a331633e7b9fafa8ef578
dd85cb6a1d0b196a4193c0cc443fff5c686ee572
936ec0dda0dac37efa1e1dc1af3b0936d47b0a23ee36022b70f2c7aa1127cca2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "936EC0DDA0DAC37EFA1E1DC1AF3B0936D47B0A23EE36022B70F2C7AA1127CCA2"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9078
Expires: Mon, 30 Jan 2023 06:40:16 GMT
Date: Mon, 30 Jan 2023 04:08:58 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 68f7ff249727f8b6050f7378b713cbd5
7dce75f0c997142f0049cc12d55dab99d7802df1
e3c5be6e0802bd9f12ae2cd4d62894c7ee66bf5cc7bc80a5442ce154ac665131
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 03 Feb 2023 02:05:04 GMT
ETag: "7dce75f0c997142f0049cc12d55dab99d7802df1"
Last-Modified: Mon, 30 Jan 2023 02:05:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1220
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791759745b221bfe-OSL
counter.yadro.ru/hit?t54.6;r;s1280*1024*24;uhttp%3A//vipip.info/;0.43406928320450944
88.212.201.198200 OK 406 B URL HTTP/1.1 counter.yadro.ru/hit?t54.6;r;s1280*1024*24;uhttp%3A//vipip.info/;0.43406928320450944
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash 4f96f55254a8c8ccc9390a2d0395b576
77cfee43527a35d62b7ebf7713bc4f1f328cbe84
2de07ae45d3c4126777ed0369856b2519cf2aef6480427f7e12377a96fe2b9f6
GET /hit?t54.6;r;s1280*1024*24;uhttp%3A//vipip.info/;0.43406928320450944 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://vipip.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: image/gif
Content-Length: 406
Connection: keep-alive
Expires: Sat, 29 Jan 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 235f9af9ade2e15f312c64600ddda187
e6f73a95d201ca7d57ab22d9c0b9c220267c9413
469c16ae2108fbcb64bea4781d67e73dd4de3efbe3c07c2eea357c67312acb4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469C16AE2108FBCB64BEA4781D67E73DD4DE3EFBE3C07C2EEA357C67312ACB4B"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12934
Expires: Mon, 30 Jan 2023 07:44:32 GMT
Date: Mon, 30 Jan 2023 04:08:58 GMT
Connection: keep-alive
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
65.109.23.99302 Found 43 B URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP 65.109.23.99:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Mon, 30 Jan 2023 04:08:58 GMT
x-request-id: 94b8400b-2fe7-4909-bcc5-5bce530fb3c1
set-cookie: bvuid=8pk9a5ykjr; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=8pk9a5ykjr; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=8pk9a5ykjr
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d4a800b5c9f1979f5b4a0cdf3d65b13
dc7a9fd0ec264f3b67af5b9fcfe13ba964b53fd8
fa7e9f375c3049504137d7503d379c2808eaf364fc8dccb7c8b805d8da2eda68
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA7E9F375C3049504137D7503D379C2808EAF364FC8DCCB7C8B805D8DA2EDA68"
Last-Modified: Sun, 29 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12298
Expires: Mon, 30 Jan 2023 07:33:56 GMT
Date: Mon, 30 Jan 2023 04:08:58 GMT
Connection: keep-alive
www.acint.net/oci/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=33990362&oid=39e8192718f4ed5a678fc273d654392b
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/oci/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=33990362&oid=39e8192718f4ed5a678fc273d654392b
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /oci/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=33990362&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://vipip.info/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGPXQtkfowM6LSRhAhxHoCZjyKgakrDyVNmj6j50wels; cSyncDp7v2=1675051737; cSyncDp14v3=1675051737; cSyncDp17=1675051737; cSyncDp32=1675051737; cSyncDp45v3=1675051737; cSyncDp53v2=1675051737; cSyncDp54v2=1675051737; cSyncDp62=1675051737; cSyncDp67v2=1675051737; cSyncDp68=1675051737; cSyncDp71=1675051737; cSyncDp77=1675051737; cSyncDp84=1675051737; cSyncDp85=1675051737; cSyncDp95v3=1675051737; cSyncDp98v2=1675051737; cSyncDp101=1675051737; cSyncDp104v2=1675051737; cSyncDp107=1675051737; cSyncDp110=1675051737; cSyncDp111v2=1675051737; cSyncDp112v2=1675051737; cSyncDp125v3=1675051737; cSyncDp126=1675051737; cSyncDp127=1675051737; cSyncDp129=1675051737; cSyncDp136v2=1675051737; cSyncDp138=1675051737; cSyncDp146=1675051737; cSyncDp148=1675051737; cSyncDp149v2=1675051737; cSyncDp151=1675051737; cSyncDp178=1675051737; cSyncDp179=1675051737; cSyncDp186=1675051737; cSyncDp221=1675051737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 30 Jan 2023 04:08:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
193.3.184.218302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP 193.3.184.218:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=4402420ADA42D76319003F0F02B381C5
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkICRGPXQtoPPwAZxYGzAhqV8atIMjlWevdAJ1D6DrUWGB5R; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 2a047a3b21119c1f0c17b52878701b38
3a2d879fc33d1c1fdef4d9c75009334b07b4c999
45232f70ee8d95afc6df8859eaa5b4ea9cd43153ebbd43d4a469a64cba77911c
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 03 Feb 2023 01:53:50 GMT
ETag: "3a2d879fc33d1c1fdef4d9c75009334b07b4c999"
Last-Modified: Mon, 30 Jan 2023 01:53:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 56
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79175974bf11b4fd-OSL
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
185.147.80.35302 Found 74 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP 185.147.80.35:0
File type HTML document, ASCII text
Hash fe19667b3a1033d7f2b935fce5a25d59
43ce74ba57355ff9a93aeb068dfab4d724d905e6
424e183bf85d423e69413b06d7cfd63b0f895146df0bbec0c5d25f5f0dbf8ba8
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 74
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=DXNOYIUN
Set-Cookie: uid=DXNOYIUN; Expires=Thu, 27 Jan 2033 04:08:58 GMT
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b11d0427118cdf8ccb5b93f3ddd37036
81922c5f9ec29e442f349b90ce755e4cc5d6a23a
13fc200284151b15572402449bbb7cc54e4874aedf6a59effcb3c58866bfe85b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "13FC200284151B15572402449BBB7CC54E4874AEDF6A59EFFCB3C58866BFE85B"
Last-Modified: Fri, 27 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8675
Expires: Mon, 30 Jan 2023 06:33:33 GMT
Date: Mon, 30 Jan 2023 04:08:58 GMT
Connection: keep-alive
sync.dmp.otm-r.com/match/sape?id=1CB35A9DD942D7633A03A31F0261242D
148.251.9.22204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=1CB35A9DD942D7633A03A31F0261242D
IP 148.251.9.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.17.2
date: Mon, 30 Jan 2023 04:08:58 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync
148.251.237.106302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP 148.251.237.106:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 30 Jan 2023 04:06:40 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1675051738348;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1675051738348;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7db8890920fa9c3aef5794cc816457a6
bb2d238b7c60bd1ec0287e0ecc064c0493248fbe
6be367476a14e7c4a9d3a21eef490565260ae6adbad64d6196dd1ab33fb4820e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BE367476A14E7C4A9D3A21EEF490565260AE6ADBAD64D6196DD1AB33FB4820E"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4925
Expires: Mon, 30 Jan 2023 05:31:03 GMT
Date: Mon, 30 Jan 2023 04:08:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5de111a92eba92e70ce94cfc03efe673
5cb8157ce2701ed741a7ece2179bb58e3bed5b85
ff1a94757e8e62e65c1e529dbdaac31a1034bb5c797a02cac6b4f3caf06d4e5c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF1A94757E8E62E65C1E529DBDAAC31A1034BB5C797A02CAC6B4F3CAF06D4E5C"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1407
Expires: Mon, 30 Jan 2023 04:32:25 GMT
Date: Mon, 30 Jan 2023 04:08:58 GMT
Connection: keep-alive
sync.republer.com/match?dsp=sape
23.88.82.46204 No Content 0 B URL HTTP/2 sync.republer.com/match?dsp=sape
IP 23.88.82.46:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?dsp=sape HTTP/1.1
Host: sync.republer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 04:08:58 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0a25f371a954c455634e7b426531fc1d
51904886535a2e4d441483b5f3d35df7a32fa6a0
55ca874617410ff12bd201295c3ec43249c05120dcbd830984ab41e8017d98a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "55CA874617410FF12BD201295C3EC43249C05120DCBD830984AB41E8017D98A8"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4400
Expires: Mon, 30 Jan 2023 05:22:18 GMT
Date: Mon, 30 Jan 2023 04:08:58 GMT
Connection: keep-alive
1cb35a9dd942d7633a03a31f0261242d-sp.ops.beeline.ru/p?ssp=sp&id=1CB35A9DD942D7633A03A31F0261242D
37.9.245.57301 Moved Permanently 0 B URL HTTP/2 1cb35a9dd942d7633a03a31f0261242d-sp.ops.beeline.ru/p?ssp=sp&id=1CB35A9DD942D7633A03A31F0261242D
IP 37.9.245.57:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&id=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: 1cb35a9dd942d7633a03a31f0261242d-sp.ops.beeline.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 30 Jan 2023 04:08:58 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=cd96475a-9473-44d8-a4a1-e311931c00a9
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=cd96475a-9473-44d8-a4a1-e311931c00a9; expires=Sun, 21 Jan 2024 04:08:58 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.61
X-Firefox-Spdy: h2
s.uuidksinc.net/match/396/?remote_uid=1CB35A9DD942D7633A03A31F0261242D
31.220.27.135302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=1CB35A9DD942D7633A03A31F0261242D
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Mon, 30 Jan 2023 04:08:58 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=Lz5W8A3TQ5Maj1QMPAXW
set-cookie: jcsuuid=Lz5W8A3TQ5Maj1QMPAXW; expires=Tue, 30 Jan 2024 04:08:58 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.162.143.37101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.143.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nQau8WinoN1ULoetW5nAJw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ktrq2j+AxVOuGcoFWQAi9DKX8GA=
ut.rktch.com/matchspm?pi=1000005&pui=1CB35A9DD942D7633A03A31F0261242D
89.108.97.2302 Found 0 B URL HTTP/1.1 ut.rktch.com/matchspm?pi=1000005&pui=1CB35A9DD942D7633A03A31F0261242D
IP 89.108.97.2:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /matchspm?pi=1000005&pui=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: ut.rktch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=757a74b59e5360250443c8d11014616774a5; Max-Age=2592000; Expires=Wed, 01 Mar 2023 04:08:58 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5de111a92eba92e70ce94cfc03efe673
5cb8157ce2701ed741a7ece2179bb58e3bed5b85
ff1a94757e8e62e65c1e529dbdaac31a1034bb5c797a02cac6b4f3caf06d4e5c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF1A94757E8E62E65C1E529DBDAAC31A1034BB5C797A02CAC6B4F3CAF06D4E5C"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7978
Expires: Mon, 30 Jan 2023 06:21:56 GMT
Date: Mon, 30 Jan 2023 04:08:58 GMT
Connection: keep-alive
www.acint.net/match?dp=95&euid=DXNOYIUN
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=DXNOYIUN
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=DXNOYIUN HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGPXQtkfowM6LSRhAhxHoCZjyKgakrDyVNmj6j50wels; cSyncDp7v2=1675051737; cSyncDp14v3=1675051737; cSyncDp17=1675051737; cSyncDp32=1675051737; cSyncDp45v3=1675051737; cSyncDp53v2=1675051737; cSyncDp54v2=1675051737; cSyncDp62=1675051737; cSyncDp67v2=1675051737; cSyncDp68=1675051737; cSyncDp71=1675051737; cSyncDp77=1675051737; cSyncDp84=1675051737; cSyncDp85=1675051737; cSyncDp95v3=1675051737; cSyncDp98v2=1675051737; cSyncDp101=1675051737; cSyncDp104v2=1675051737; cSyncDp107=1675051737; cSyncDp110=1675051737; cSyncDp111v2=1675051737; cSyncDp112v2=1675051737; cSyncDp125v3=1675051737; cSyncDp126=1675051737; cSyncDp127=1675051737; cSyncDp129=1675051737; cSyncDp136v2=1675051737; cSyncDp138=1675051737; cSyncDp146=1675051737; cSyncDp148=1675051737; cSyncDp149v2=1675051737; cSyncDp151=1675051737; cSyncDp178=1675051737; cSyncDp179=1675051737; cSyncDp186=1675051737; cSyncDp221=1675051737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 30 Jan 2023 04:08:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mediatoday.ru/core/match.gif?s=32&id=1CB35A9DD942D7633A03A31F0261242D
139.45.228.111200 OK 43 B URL HTTP/2 mediatoday.ru/core/match.gif?s=32&id=1CB35A9DD942D7633A03A31F0261242D
IP 139.45.228.111:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /core/match.gif?s=32&id=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.22.0
date: Mon, 30 Jan 2023 04:08:58 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUf4RHJ05mb0qgv; expires=Thu, 27-Jan-2033 04:08:58 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&uid=1CB35A9DD942D7633A03A31F0261242D
31.172.81.159302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=1CB35A9DD942D7633A03A31F0261242D
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRkMWZjNWYxYy1hMDUzLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Sun, 25 Jan 2043 04:08:58 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjahd2eBmIgMUNCMzVBOUREOTQyRDc2MzNBMDNBMzFGMDI2MTI0MkSiARDR_F8coFMR7aHEACWQyCQ3
ETag: d1fc5f1c-a053-11ed-a1c4-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bfef68d3eb1aa2431ad11fc6e46b0a40
771278fe4238732678458298eb00f68a02079803
bcf879ab02273ab6f38983b3ca5910f7e38c4ca34d66245c8d6563ada8a29257
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BCF879AB02273AB6F38983B3CA5910F7E38C4CA34D66245C8D6563ADA8A29257"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10753
Expires: Mon, 30 Jan 2023 07:08:11 GMT
Date: Mon, 30 Jan 2023 04:08:58 GMT
Connection: keep-alive
www.acint.net/mc/?dp=10&tc=1
157.90.179.28200 OK 60 kB URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
Hash 13ad31f036baa825a92f73d773ac73fa
b9c12a7debaed1e848d0d4ca3dec2e57acef370b
7f2d7583e10b55cf15345576951d5003e3756c2bd4c0e43fb5f8f247f6709ea2
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://vipip.info/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGPXQtkfowM6LSRhAhxHoCZjyKgakrDyVNmj6j50wels
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 30 Jan 2023 04:08:57 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1675051737; expires=Tue, 31-Jan-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53v2=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp54v2=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp77=1675051737; expires=Mon, 13-Feb-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp84=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp98v2=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1675051737; expires=Mon, 13-Feb-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp111v2=1675051737; expires=Mon, 13-Feb-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp112v2=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v3=1675051737; expires=Tue, 14-Feb-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp138=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp179=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1675051737; expires=Wed, 01-Mar-23 04:08:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
148.251.237.106302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP 148.251.237.106:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1675051738348
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Mon, 30 Jan 2023 04:06:40 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=2c01a819-e398-4300-86f6-7d9bdbfbef65;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=2c01a819-e398-4300-86f6-7d9bdbfbef65;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=2c01a819-e398-4300-86f6-7d9bdbfbef65
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
stat.adlabs.ru/merge_gpsid/?sid=50&id=1CB35A9DD942D7633A03A31F0261242D
109.248.237.36302 Found 0 B URL HTTP/2 stat.adlabs.ru/merge_gpsid/?sid=50&id=1CB35A9DD942D7633A03A31F0261242D
IP 109.248.237.36:0
ASN #201009 Centre of server systems Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge_gpsid/?sid=50&id=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: stat.adlabs.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 30 Jan 2023 03:53:30 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=1CB35A9DD942D7633A03A31F0261242D
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3fd8ee22f595f9b36ac1dba33a32da68
24ebcebf72cd379d3726d38c826e4198d3818d3b
72a5428472bc70a32877b073699d44622fc8fc57a7df00e7d10e9ebc144e15e1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72A5428472BC70A32877B073699D44622FC8FC57A7DF00E7D10E9EBC144E15E1"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17509
Expires: Mon, 30 Jan 2023 09:00:47 GMT
Date: Mon, 30 Jan 2023 04:08:58 GMT
Connection: keep-alive
acint.net/match?dp=110&euid=928eacffd12d45a2abdee7eb5c8a5385
157.90.179.28200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=928eacffd12d45a2abdee7eb5c8a5385
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=928eacffd12d45a2abdee7eb5c8a5385 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGPXQtkfowM6LSRhAhxHoCZjyKgakrDyVNmj6j50wels; cSyncDp7v2=1675051737; cSyncDp14v3=1675051737; cSyncDp17=1675051737; cSyncDp32=1675051737; cSyncDp45v3=1675051737; cSyncDp53v2=1675051737; cSyncDp54v2=1675051737; cSyncDp62=1675051737; cSyncDp67v2=1675051737; cSyncDp68=1675051737; cSyncDp71=1675051737; cSyncDp77=1675051737; cSyncDp84=1675051737; cSyncDp85=1675051737; cSyncDp95v3=1675051737; cSyncDp98v2=1675051737; cSyncDp101=1675051737; cSyncDp104v2=1675051737; cSyncDp107=1675051737; cSyncDp110=1675051737; cSyncDp111v2=1675051737; cSyncDp112v2=1675051737; cSyncDp125v3=1675051737; cSyncDp126=1675051737; cSyncDp127=1675051737; cSyncDp129=1675051737; cSyncDp136v2=1675051737; cSyncDp138=1675051737; cSyncDp146=1675051737; cSyncDp148=1675051737; cSyncDp149v2=1675051737; cSyncDp151=1675051737; cSyncDp178=1675051737; cSyncDp179=1675051737; cSyncDp186=1675051737; cSyncDp221=1675051737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 30 Jan 2023 04:08:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
nr.bidderstack.com/sape/cm?user_id=1CB35A9DD942D7633A03A31F0261242D
23.88.12.14200 OK 44 B URL HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=1CB35A9DD942D7633A03A31F0261242D
IP 23.88.12.14:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
GET /sape/cm?user_id=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Access-Control-Allow-Credentials: true
acint.net/match?dp=14&euid=4402420ADA42D76319003F0F02B381C5
157.90.179.28200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=4402420ADA42D76319003F0F02B381C5
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=4402420ADA42D76319003F0F02B381C5 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGPXQtkfowM6LSRhAhxHoCZjyKgakrDyVNmj6j50wels; cSyncDp7v2=1675051737; cSyncDp14v3=1675051737; cSyncDp17=1675051737; cSyncDp32=1675051737; cSyncDp45v3=1675051737; cSyncDp53v2=1675051737; cSyncDp54v2=1675051737; cSyncDp62=1675051737; cSyncDp67v2=1675051737; cSyncDp68=1675051737; cSyncDp71=1675051737; cSyncDp77=1675051737; cSyncDp84=1675051737; cSyncDp85=1675051737; cSyncDp95v3=1675051737; cSyncDp98v2=1675051737; cSyncDp101=1675051737; cSyncDp104v2=1675051737; cSyncDp107=1675051737; cSyncDp110=1675051737; cSyncDp111v2=1675051737; cSyncDp112v2=1675051737; cSyncDp125v3=1675051737; cSyncDp126=1675051737; cSyncDp127=1675051737; cSyncDp129=1675051737; cSyncDp136v2=1675051737; cSyncDp138=1675051737; cSyncDp146=1675051737; cSyncDp148=1675051737; cSyncDp149v2=1675051737; cSyncDp151=1675051737; cSyncDp178=1675051737; cSyncDp179=1675051737; cSyncDp186=1675051737; cSyncDp221=1675051737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 30 Jan 2023 04:08:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/check?sspuid=1CB35A9DD942D7633A03A31F0261242D
31.172.81.158302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/check?sspuid=1CB35A9DD942D7633A03A31F0261242D
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/check?sspuid=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape
www.acint.net/match?dp=111&euid=cd96475a-9473-44d8-a4a1-e311931c00a9
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=111&euid=cd96475a-9473-44d8-a4a1-e311931c00a9
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=111&euid=cd96475a-9473-44d8-a4a1-e311931c00a9 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGPXQtkfowM6LSRhAhxHoCZjyKgakrDyVNmj6j50wels; cSyncDp7v2=1675051737; cSyncDp14v3=1675051737; cSyncDp17=1675051737; cSyncDp32=1675051737; cSyncDp45v3=1675051737; cSyncDp53v2=1675051737; cSyncDp54v2=1675051737; cSyncDp62=1675051737; cSyncDp67v2=1675051737; cSyncDp68=1675051737; cSyncDp71=1675051737; cSyncDp77=1675051737; cSyncDp84=1675051737; cSyncDp85=1675051737; cSyncDp95v3=1675051737; cSyncDp98v2=1675051737; cSyncDp101=1675051737; cSyncDp104v2=1675051737; cSyncDp107=1675051737; cSyncDp110=1675051737; cSyncDp111v2=1675051737; cSyncDp112v2=1675051737; cSyncDp125v3=1675051737; cSyncDp126=1675051737; cSyncDp127=1675051737; cSyncDp129=1675051737; cSyncDp136v2=1675051737; cSyncDp138=1675051737; cSyncDp146=1675051737; cSyncDp148=1675051737; cSyncDp149v2=1675051737; cSyncDp151=1675051737; cSyncDp178=1675051737; cSyncDp179=1675051737; cSyncDp186=1675051737; cSyncDp221=1675051737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 30 Jan 2023 04:08:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=127&euid=Lz5W8A3TQ5Maj1QMPAXW
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=Lz5W8A3TQ5Maj1QMPAXW
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=Lz5W8A3TQ5Maj1QMPAXW HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGPXQtkfowM6LSRhAhxHoCZjyKgakrDyVNmj6j50wels; cSyncDp7v2=1675051737; cSyncDp14v3=1675051737; cSyncDp17=1675051737; cSyncDp32=1675051737; cSyncDp45v3=1675051737; cSyncDp53v2=1675051737; cSyncDp54v2=1675051737; cSyncDp62=1675051737; cSyncDp67v2=1675051737; cSyncDp68=1675051737; cSyncDp71=1675051737; cSyncDp77=1675051737; cSyncDp84=1675051737; cSyncDp85=1675051737; cSyncDp95v3=1675051737; cSyncDp98v2=1675051737; cSyncDp101=1675051737; cSyncDp104v2=1675051737; cSyncDp107=1675051737; cSyncDp110=1675051737; cSyncDp111v2=1675051737; cSyncDp112v2=1675051737; cSyncDp125v3=1675051737; cSyncDp126=1675051737; cSyncDp127=1675051737; cSyncDp129=1675051737; cSyncDp136v2=1675051737; cSyncDp138=1675051737; cSyncDp146=1675051737; cSyncDp148=1675051737; cSyncDp149v2=1675051737; cSyncDp151=1675051737; cSyncDp178=1675051737; cSyncDp179=1675051737; cSyncDp186=1675051737; cSyncDp221=1675051737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 30 Jan 2023 04:08:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=71&euid=2c01a819-e398-4300-86f6-7d9bdbfbef65
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=2c01a819-e398-4300-86f6-7d9bdbfbef65
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=2c01a819-e398-4300-86f6-7d9bdbfbef65 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGPXQtkfowM6LSRhAhxHoCZjyKgakrDyVNmj6j50wels; cSyncDp7v2=1675051737; cSyncDp14v3=1675051737; cSyncDp17=1675051737; cSyncDp32=1675051737; cSyncDp45v3=1675051737; cSyncDp53v2=1675051737; cSyncDp54v2=1675051737; cSyncDp62=1675051737; cSyncDp67v2=1675051737; cSyncDp68=1675051737; cSyncDp71=1675051737; cSyncDp77=1675051737; cSyncDp84=1675051737; cSyncDp85=1675051737; cSyncDp95v3=1675051737; cSyncDp98v2=1675051737; cSyncDp101=1675051737; cSyncDp104v2=1675051737; cSyncDp107=1675051737; cSyncDp110=1675051737; cSyncDp111v2=1675051737; cSyncDp112v2=1675051737; cSyncDp125v3=1675051737; cSyncDp126=1675051737; cSyncDp127=1675051737; cSyncDp129=1675051737; cSyncDp136v2=1675051737; cSyncDp138=1675051737; cSyncDp146=1675051737; cSyncDp148=1675051737; cSyncDp149v2=1675051737; cSyncDp151=1675051737; cSyncDp178=1675051737; cSyncDp179=1675051737; cSyncDp186=1675051737; cSyncDp221=1675051737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 30 Jan 2023 04:08:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.adspend.space/sape?uid=1CB35A9DD942D7633A03A31F0261242D
212.76.129.183302 Found 149 B URL HTTP/2 sync.adspend.space/sape?uid=1CB35A9DD942D7633A03A31F0261242D
IP 212.76.129.183:0
File type HTML document, ASCII text
Hash b224c47c8941996d5b6b8369a8a24735
62ca2ab99c246c68ada0a796276d8604e6de952d
3cd7e41a0e8db3971b51701962b04d839bdf2e361264dce0c9b571534d1d3603
GET /sape?uid=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 30 Jan 2023 04:08:58 GMT
content-type: text/html; charset=utf-8
content-length: 149
location: https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D44667f12-e13f-46de-9847-6ad6679b0da5
set-cookie: as-user=44667f12-e13f-46de-9847-6ad6679b0da5; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
match.new-programmatic.com/userbind?src=sape&id=1CB35A9DD942D7633A03A31F0261242D
217.65.2.150204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=1CB35A9DD942D7633A03A31F0261242D
IP 217.65.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Mon, 30 Jan 2023 04:05:54 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
sync.bumlam.com/?src=sap1&s_data=CAIQARjahd2eBmIgMUNCMzVBOUREOTQyRDc2MzNBMDNBMzFGMDI2MTI0MkSiARDR_F8coFMR7aHEACWQyCQ3
31.172.81.159200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARjahd2eBmIgMUNCMzVBOUREOTQyRDc2MzNBMDNBMzFGMDI2MTI0MkSiARDR_F8coFMR7aHEACWQyCQ3
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARjahd2eBmIgMUNCMzVBOUREOTQyRDc2MzNBMDNBMzFGMDI2MTI0MkSiARDR_F8coFMR7aHEACWQyCQ3 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRkMWZjNWYxYy1hMDUzLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRkMWZjNWYxYy1hMDUzLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Sun, 25 Jan 2043 04:08:58 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash e3595065f25083f2b4c55154068885ce
9af7c3d86002a14164329afdc1be25c2c056afc7
c31e3eb579748a17da2ef0e534be0a9a6992735ce9f4cb6183355b015024532f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 11:26:44 GMT
Expires: Sun, 05 Feb 2023 11:26:43 GMT
Etag: "9af7c3d86002a14164329afdc1be25c2c056afc7"
Cache-Control: max-age=544064,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791759754905b505-OSL
cs.agency2.ru/p?ssp=sp&uid=1CB35A9DD942D7633A03A31F0261242D
23.111.107.44301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=1CB35A9DD942D7633A03A31F0261242D
IP 23.111.107.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=ad0c8fbe-46af-4078-94fe-b19d174ad589
Set-Cookie: uuid=ad0c8fbe-46af-4078-94fe-b19d174ad589; expires=Sun, 21 Jan 2024 04:08:58 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
sync.bumlam.com/?src=sape
31.172.81.159302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRkMWZjNWYxYy1hMDUzLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRkMWZjNWYxYy1hMDUzLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Sun, 25 Jan 2043 04:08:58 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=d1fc5f1c-a053-11ed-a1c4-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 448eee096991e3fb582942ba2934b6b5
de58b4da4bb6b4e4a6eca3af7b0cf6d3d62f193c
a383439aa0da9fc504a7a1005a27119e59207f58485cabdaf503e5c9fdc66e7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A383439AA0DA9FC504A7A1005A27119E59207F58485CABDAF503E5C9FDC66E7B"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2238
Expires: Mon, 30 Jan 2023 04:46:16 GMT
Date: Mon, 30 Jan 2023 04:08:58 GMT
Connection: keep-alive
dmp.gotechnology.io/match/sape?id=1CB35A9DD942D7633A03A31F0261242D
142.132.209.138302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=1CB35A9DD942D7633A03A31F0261242D
IP 142.132.209.138:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 30 Jan 2023 04:08:58 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=1CB35A9DD942D7633A03A31F0261242D&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash cd74174131d5447f2242c38a91f7d853
a74a982d078681499bb200b17f5cfc5124ba5be3
11c4f75434e9726d62eb73a73e1697c3c20e2d8b452ca2b263f4821481b06d89
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 03:41:02 GMT
Expires: Sat, 04 Feb 2023 03:41:01 GMT
Etag: "a74a982d078681499bb200b17f5cfc5124ba5be3"
Cache-Control: max-age=429722,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79175974ca7bb523-OSL
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
138.201.160.249301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP 138.201.160.249:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash b418d3fee111d1f64f90c4ea06e3baa2
966cf645c78f9424960dad1c38c10eb3150fad00
8cb370147aa7b36e1c03aa542c163384edf6f956a9cc9a37b842835c89399065
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 30 Jan 2023 04:08:58 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=3b1aff27-3ab8-40f3-7864-f32639458fd5
serverid: TODO
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/sync_ok?guid=d1fc5f1c-a053-11ed-a1c4-002590c82437
31.172.81.158302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/sync_ok?guid=d1fc5f1c-a053-11ed-a1c4-002590c82437
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/sync_ok?guid=d1fc5f1c-a053-11ed-a1c4-002590c82437 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRkMWZjNWYxYy1hMDUzLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://d1fc5f1c-a053-11ed-a1c4-002590c82437.n3.sync.bumlam.com/?src=sape
www.acint.net/match?dp=186&euid=ad0c8fbe-46af-4078-94fe-b19d174ad589
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=ad0c8fbe-46af-4078-94fe-b19d174ad589
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=ad0c8fbe-46af-4078-94fe-b19d174ad589 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGPXQtkfowM6LSRhAhxHoCZjyKgakrDyVNmj6j50wels; cSyncDp7v2=1675051737; cSyncDp14v3=1675051737; cSyncDp17=1675051737; cSyncDp32=1675051737; cSyncDp45v3=1675051737; cSyncDp53v2=1675051737; cSyncDp54v2=1675051737; cSyncDp62=1675051737; cSyncDp67v2=1675051737; cSyncDp68=1675051737; cSyncDp71=1675051737; cSyncDp77=1675051737; cSyncDp84=1675051737; cSyncDp85=1675051737; cSyncDp95v3=1675051737; cSyncDp98v2=1675051737; cSyncDp101=1675051737; cSyncDp104v2=1675051737; cSyncDp107=1675051737; cSyncDp110=1675051737; cSyncDp111v2=1675051737; cSyncDp112v2=1675051737; cSyncDp125v3=1675051737; cSyncDp126=1675051737; cSyncDp127=1675051737; cSyncDp129=1675051737; cSyncDp136v2=1675051737; cSyncDp138=1675051737; cSyncDp146=1675051737; cSyncDp148=1675051737; cSyncDp149v2=1675051737; cSyncDp151=1675051737; cSyncDp178=1675051737; cSyncDp179=1675051737; cSyncDp186=1675051737; cSyncDp221=1675051737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 30 Jan 2023 04:08:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vipip.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 30 Jan 2023 04:08:58 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Mon, 30 Jan 2023 05:08:58 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
dmp.gotechnology.io/match/sape?id=1CB35A9DD942D7633A03A31F0261242D&chk=1
142.132.209.138302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=1CB35A9DD942D7633A03A31F0261242D&chk=1
IP 142.132.209.138:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1CB35A9DD942D7633A03A31F0261242D&chk=1 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Mon, 30 Jan 2023 04:08:58 GMT
content-length: 0
location: https://an.yandex.ru/mapuid/gonetdspis/NDAzNzNlMzhjYTk2ZjYwMw
set-cookie: pid=NDAzNzNlMzhjYTk2ZjYwMw; expires=Tue, 30 Jan 2024 04:08:58 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
adlmerge.com/merge_gpsid/?sid=50&id=1CB35A9DD942D7633A03A31F0261242D
95.211.66.35200 OK 450 B URL HTTP/2 adlmerge.com/merge_gpsid/?sid=50&id=1CB35A9DD942D7633A03A31F0261242D
IP 95.211.66.35:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash b1e61330f4e2e77f801118aee26199a4
616610b1b31048610dac6cdc685a5c1493fe1554
9017c9fd5e40cfa30a2d547e882e24b1aacb99996a9edb6aa19d9dd32fbb48e9
GET /merge_gpsid/?sid=50&id=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: adlmerge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Mon, 30 Jan 2023 04:08:58 GMT
content-type: image/gif
iseu: eu
X-Firefox-Spdy: h2
www.acint.net/match?dp=126&euid=3b1aff27-3ab8-40f3-7864-f32639458fd5
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=3b1aff27-3ab8-40f3-7864-f32639458fd5
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=3b1aff27-3ab8-40f3-7864-f32639458fd5 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGPXQtkfowM6LSRhAhxHoCZjyKgakrDyVNmj6j50wels; cSyncDp7v2=1675051737; cSyncDp14v3=1675051737; cSyncDp17=1675051737; cSyncDp32=1675051737; cSyncDp45v3=1675051737; cSyncDp53v2=1675051737; cSyncDp54v2=1675051737; cSyncDp62=1675051737; cSyncDp67v2=1675051737; cSyncDp68=1675051737; cSyncDp71=1675051737; cSyncDp77=1675051737; cSyncDp84=1675051737; cSyncDp85=1675051737; cSyncDp95v3=1675051737; cSyncDp98v2=1675051737; cSyncDp101=1675051737; cSyncDp104v2=1675051737; cSyncDp107=1675051737; cSyncDp110=1675051737; cSyncDp111v2=1675051737; cSyncDp112v2=1675051737; cSyncDp125v3=1675051737; cSyncDp126=1675051737; cSyncDp127=1675051737; cSyncDp129=1675051737; cSyncDp136v2=1675051737; cSyncDp138=1675051737; cSyncDp146=1675051737; cSyncDp148=1675051737; cSyncDp149v2=1675051737; cSyncDp151=1675051737; cSyncDp178=1675051737; cSyncDp179=1675051737; cSyncDp186=1675051737; cSyncDp221=1675051737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 30 Jan 2023 04:08:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D44667f12-e13f-46de-9847-6ad6679b0da5
212.76.129.183302 Found 102 B URL HTTP/2 sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D44667f12-e13f-46de-9847-6ad6679b0da5
IP 212.76.129.183:0
File type HTML document, ASCII text
Hash 2460b8a3c100c26e1a48ef6c6f4fca76
3f9b27128ebf232c0634b4b78f89c4521b9eac37
f7e1c443751cdbd016464ecb377da73453a9415adf87ab59e7cbe83296af46e4
GET /check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D44667f12-e13f-46de-9847-6ad6679b0da5 HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: as-user=44667f12-e13f-46de-9847-6ad6679b0da5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 30 Jan 2023 04:08:58 GMT
content-type: text/html; charset=utf-8
content-length: 102
location: https://www.acint.net/match?dp=98&euid=44667f12-e13f-46de-9847-6ad6679b0da5
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
www.acint.net/match?dp=98&euid=44667f12-e13f-46de-9847-6ad6679b0da5
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=98&euid=44667f12-e13f-46de-9847-6ad6679b0da5
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=98&euid=44667f12-e13f-46de-9847-6ad6679b0da5 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGPXQtkfowM6LSRhAhxHoCZjyKgakrDyVNmj6j50wels; cSyncDp7v2=1675051737; cSyncDp14v3=1675051737; cSyncDp17=1675051737; cSyncDp32=1675051737; cSyncDp45v3=1675051737; cSyncDp53v2=1675051737; cSyncDp54v2=1675051737; cSyncDp62=1675051737; cSyncDp67v2=1675051737; cSyncDp68=1675051737; cSyncDp71=1675051737; cSyncDp77=1675051737; cSyncDp84=1675051737; cSyncDp85=1675051737; cSyncDp95v3=1675051737; cSyncDp98v2=1675051737; cSyncDp101=1675051737; cSyncDp104v2=1675051737; cSyncDp107=1675051737; cSyncDp110=1675051737; cSyncDp111v2=1675051737; cSyncDp112v2=1675051737; cSyncDp125v3=1675051737; cSyncDp126=1675051737; cSyncDp127=1675051737; cSyncDp129=1675051737; cSyncDp136v2=1675051737; cSyncDp138=1675051737; cSyncDp146=1675051737; cSyncDp148=1675051737; cSyncDp149v2=1675051737; cSyncDp151=1675051737; cSyncDp178=1675051737; cSyncDp179=1675051737; cSyncDp186=1675051737; cSyncDp221=1675051737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 30 Jan 2023 04:08:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 49760b006de2592e8e905dba4aaa25d0
6e053122e2ff192fd7d74fe3db44eaa82c26736b
6f5bca8734d3064e8d8cece1015ed9bf79cca67eaaee89ce46459c79431df4c0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F5BCA8734D3064E8D8CECE1015ED9BF79CCA67EAAEE89CE46459C79431DF4C0"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16929
Expires: Mon, 30 Jan 2023 08:51:07 GMT
Date: Mon, 30 Jan 2023 04:08:58 GMT
Connection: keep-alive
d1fc5f1c-a053-11ed-a1c4-002590c82437.n3.sync.bumlam.com/?src=sape
188.120.241.43302 Found 0 B URL HTTP/2 d1fc5f1c-a053-11ed-a1c4-002590c82437.n3.sync.bumlam.com/?src=sape
IP 188.120.241.43:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: d1fc5f1c-a053-11ed-a1c4-002590c82437.n3.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRkMWZjNWYxYy1hMDUzLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.1
date: Mon, 30 Jan 2023 04:08:58 GMT
content-length: 0
location: https://pix.bumlam.com/sync/sape/done
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 04:08:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=HLNandlC12M6A6MfAmEkLQ
142.250.74.66200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=HLNandlC12M6A6MfAmEkLQ
IP 142.250.74.66:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=agentstvo_sape_limited&google_hm=HLNandlC12M6A6MfAmEkLQ HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Mon, 30 Jan 2023 04:08:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash cbd7256a4182005da12e2c6eded1ca00
8a9f3966f24d552a40821051e295a0f55d8f373d
37da0608c68fd479b9ddda4ade0877d270d4144de8cb7346519dbaaf54d1ad0b
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 03 Feb 2023 02:48:05 GMT
ETag: "8a9f3966f24d552a40821051e295a0f55d8f373d"
Last-Modified: Mon, 30 Jan 2023 02:48:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3052
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79175978386ab4fd-OSL
pix.bumlam.com/sync/sape/done
31.172.81.158200 OK 43 B URL HTTP/1.1 pix.bumlam.com/sync/sape/done
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRkMWZjNWYxYy1hMDUzLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash cbd7256a4182005da12e2c6eded1ca00
8a9f3966f24d552a40821051e295a0f55d8f373d
37da0608c68fd479b9ddda4ade0877d270d4144de8cb7346519dbaaf54d1ad0b
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 03 Feb 2023 02:48:05 GMT
ETag: "8a9f3966f24d552a40821051e295a0f55d8f373d"
Last-Modified: Mon, 30 Jan 2023 02:48:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3052
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79175978587db4fd-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 9fd1151ae7afcbe361a85289969fd0ce
e4c8d5d6b8c53e371b8b74a884a0a777a2054b02
631e4f3468f90e14ef5af841dc3e9b668cc5bf8fcd91fbf2e66fc638763cda4e
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Fri, 03 Feb 2023 02:41:28 GMT
ETag: "e4c8d5d6b8c53e371b8b74a884a0a777a2054b02"
Last-Modified: Mon, 30 Jan 2023 02:41:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 840
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791759786883b4fd-OSL
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
195.209.108.51302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP 195.209.108.51:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-4344681640; expires=Wed, 29 Jan 2025 04:08:58 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4344681640
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
5.101.76.186302 Found 42 B URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP 5.101.76.186:0
ASN #48096 Enterprise Cloud Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=928eacffd12d45a2abdee7eb5c8a5385
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=928eacffd12d45a2abdee7eb5c8a5385; expires=Mon, 29 Jan 2024 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Mon, 30 Jan 2023 04:08:57 GMT
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 7ef466ee9d4f854ed022e6f153a5fe44
a58dfd53e70f3c76063f5925660b02fa6dea8cb2
896e2b0f80aeb3553f35702c6f58107b64c7c3cece195763a281438762cb9d67
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Fri, 03 Feb 2023 02:48:48 GMT
ETag: "a58dfd53e70f3c76063f5925660b02fa6dea8cb2"
Last-Modified: Mon, 30 Jan 2023 02:48:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 15
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79175978888eb4fd-OSL
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 0e897c0ed51a17b199fe1b0e0c57c362
2f176923d551b1d80215e2ca1701020387a763b0
aae436e55c60fdf5316f181e6f8b16c3f1965733a268e4106f62b0511203c22c
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 16:18:24 GMT
Expires: Thu, 02 Feb 2023 16:18:23 GMT
Etag: "2f176923d551b1d80215e2ca1701020387a763b0"
Cache-Control: max-age=600601,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 471
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79175978bdf6b4fa-OSL
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4344681640
195.209.108.51302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4344681640
IP 195.209.108.51:0
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4344681640 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Wed, 29 Jan 2025 04:08:59 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9c72bc4308e4dce330ff9f92cb4664f8
4232f171beada6fbe504d66c8c614dbf43ee7b4d
87fc77a8bd643903b7cd9ae102d2cfa643b70c1d3bc7eee03b7bd3f7e53fe0e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87FC77A8BD643903B7CD9AE102D2CFA643B70C1D3BC7EEE03B7BD3F7E53FE0E3"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=829
Expires: Mon, 30 Jan 2023 04:22:48 GMT
Date: Mon, 30 Jan 2023 04:08:59 GMT
Connection: keep-alive
ad.mail.ru/cm.gif?p=48&id=1CB35A9DD942D7633A03A31F0261242D
95.163.41.56200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=1CB35A9DD942D7633A03A31F0261242D
IP 95.163.41.56:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:08:59 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=1HAhUT0mKM2F002B5m3hyDoF:::0-0-0-8f19b9b:CAASENlXgq26Hvu0CzP1ZIIHpuUaYBdmBCaDnzwC-eDJRtTxa6gD_imtWP1uhf2f095UHG4Gqq4DlUisRHABtgkc109TWdzl2zpxlPWzHc4sv_hG93ELOpHIjtJa36kQIIt0DmLJhIGI_dS3m1qrq6O6t1DPKw; path=/; expires=Wed, 31-Jan-24 04:08:59 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Mon, 30 Jan 2023 10:08:59 GMT
cache-control: max-age=21600
last-modified: Mon, 30 Jan 2023 04:08:59 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 264ded5ab7534a2df48979e7bdeb1b3d
1fcc8103f8fa054e194b59077e97fe5449388eb5
837c19c546706e9180c464c51aae9a0dcd188a7928c4d06b8935c3307c685ef1
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 30 Jan 2023 04:08:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 29 Jan 2023 22:26:28 GMT
Expires: Mon, 30 Jan 2023 22:26:28 GMT
ETag: "1fcc8103f8fa054e194b59077e97fe5449388eb5"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
sape-sync.rutarget.ru/sync
87.242.93.185302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP 87.242.93.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 30 Jan 2023 04:08:59 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=RI8iNV0NKoWH
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=RI8iNV0NKoWH; Path=/; Domain=.rutarget.ru; Expires=Sat, 29 Jul 2023 04:08:59 GMT; SameSite=None; Secure
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 04:08:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/alphasslcasha256g4
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.20.226:0
Hash 43c046c3ea3af57d034b03f0f175308d
dcb2fbd46a6737bd43815639ddb2a4bd07012648
8efc78364820a1dfba18a37aa774aa7281519b184303f627d50103e961ce01a3
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:08:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Fri, 03 Feb 2023 02:49:48 GMT
ETag: "dcb2fbd46a6737bd43815639ddb2a4bd07012648"
Last-Modified: Mon, 30 Jan 2023 02:49:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2671
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7917597918bab4fd-OSL
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
157.90.179.28302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGPXQtkfowM6LSRhAhxHoCZjyKgakrDyVNmj6j50wels; cSyncDp7v2=1675051737; cSyncDp14v3=1675051737; cSyncDp17=1675051737; cSyncDp32=1675051737; cSyncDp45v3=1675051737; cSyncDp53v2=1675051737; cSyncDp54v2=1675051737; cSyncDp62=1675051737; cSyncDp67v2=1675051737; cSyncDp68=1675051737; cSyncDp71=1675051737; cSyncDp77=1675051737; cSyncDp84=1675051737; cSyncDp85=1675051737; cSyncDp95v3=1675051737; cSyncDp98v2=1675051737; cSyncDp101=1675051737; cSyncDp104v2=1675051737; cSyncDp107=1675051737; cSyncDp110=1675051737; cSyncDp111v2=1675051737; cSyncDp112v2=1675051737; cSyncDp125v3=1675051737; cSyncDp126=1675051737; cSyncDp127=1675051737; cSyncDp129=1675051737; cSyncDp136v2=1675051737; cSyncDp138=1675051737; cSyncDp146=1675051737; cSyncDp148=1675051737; cSyncDp149v2=1675051737; cSyncDp151=1675051737; cSyncDp178=1675051737; cSyncDp179=1675051737; cSyncDp186=1675051737; cSyncDp221=1675051737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 30 Jan 2023 04:08:59 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1CB35A9DD942D7633A03A31F0261242D
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
tag.digitaltarget.ru/adcm.js
185.15.175.157200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP 185.15.175.157:0
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 04:08:59 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Mon, 30 Jan 2023 04:04:37 GMT
Connection: keep-alive
ETag: "63d741d5-beb"
Accept-Ranges: bytes
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
35.190.24.218307 Temporary Redirect 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
IP 35.190.24.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
server: Weborama Collect Frontend
date: Mon, 30 Jan 2023 04:08:59 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1933192932
vary: Origin
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Mon, 30 Jan 2023 04:08:59 GMT
set-cookie: AFFICHE_W=KdINcbp-n3Ip10; expires=Tue, 27 Feb 2024 04:08:59 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 673b3376c8d09e8b7b6559f118c9c8a9
7c9bbb4dd4a5b36424e357a64734c27698898e63
c8185d7be91fd2aec27ef692ad62581187d99f8d80249f48c096171e4fa0f2f5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:08:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 14:03:28 GMT
Expires: Sat, 04 Feb 2023 14:03:27 GMT
Etag: "7c9bbb4dd4a5b36424e357a64734c27698898e63"
Cache-Control: max-age=467067,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7917597809e8b505-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 382d5e4fde742fed0500bbad5d87b706
fe482c26d1809c9a24135802aecfa6bbcf5080f1
eb217e6780a50f976676c84d6bb0833e6157b032f720a65ca8812275aadf5a63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB217E6780A50F976676C84D6BB0833E6157B032F720A65CA8812275AADF5A63"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9681
Expires: Mon, 30 Jan 2023 06:50:20 GMT
Date: Mon, 30 Jan 2023 04:08:59 GMT
Connection: keep-alive
www.acint.net/match?dp=104&euid=RI8iNV0NKoWH
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=RI8iNV0NKoWH
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=RI8iNV0NKoWH HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGPXQtkfowM6LSRhAhxHoCZjyKgakrDyVNmj6j50wels; cSyncDp7v2=1675051737; cSyncDp14v3=1675051737; cSyncDp17=1675051737; cSyncDp32=1675051737; cSyncDp45v3=1675051737; cSyncDp53v2=1675051737; cSyncDp54v2=1675051737; cSyncDp62=1675051737; cSyncDp67v2=1675051737; cSyncDp68=1675051737; cSyncDp71=1675051737; cSyncDp77=1675051737; cSyncDp84=1675051737; cSyncDp85=1675051737; cSyncDp95v3=1675051737; cSyncDp98v2=1675051737; cSyncDp101=1675051737; cSyncDp104v2=1675051737; cSyncDp107=1675051737; cSyncDp110=1675051737; cSyncDp111v2=1675051737; cSyncDp112v2=1675051737; cSyncDp125v3=1675051737; cSyncDp126=1675051737; cSyncDp127=1675051737; cSyncDp129=1675051737; cSyncDp136v2=1675051737; cSyncDp138=1675051737; cSyncDp146=1675051737; cSyncDp148=1675051737; cSyncDp149v2=1675051737; cSyncDp151=1675051737; cSyncDp178=1675051737; cSyncDp179=1675051737; cSyncDp186=1675051737; cSyncDp221=1675051737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 30 Jan 2023 04:08:59 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 3f204689ad56617174a544462d0dd6a7
18dd641d4fde1254605cb937b89d64daab823b51
2618c141c04f28fce74cef6732e04512ead8ef96e66f38669fd095fc311770b9
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:08:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 03 Feb 2023 01:47:05 GMT
ETag: "18dd641d4fde1254605cb937b89d64daab823b51"
Last-Modified: Mon, 30 Jan 2023 01:47:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3403
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7917597948d1b4fd-OSL
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
77.245.57.72400 Bad Request 22 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
File type ASCII text, with no line terminators
Hash b0b11e1c78b526b61477f8e9ee540be0
d5e73002987ff54626542b116d98a8f4aa9ee2eb
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 400 Bad Request
Server: nginx
Date: Mon, 30 Jan 2023 04:08:59 GMT
Content-Length: 22
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1CB35A9DD942D7633A03A31F0261242D
81.222.128.215200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1CB35A9DD942D7633A03A31F0261242D
IP 81.222.128.215:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 04:08:59 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
188.42.34.65302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP 188.42.34.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Tue, 30 Jan 2024 04:08:59 GMT; Path=/; Domain=.betweendigital.com
tuuid=64ccbc8d-cb4f-521e-b218-1509d1cf57d2; Max-Age=31536000; Expires=Tue, 30 Jan 2024 04:08:59 GMT; Path=/; Domain=.betweendigital.com
ut=Y9dC2wAGVRi7alrggM3WHhXIYBwNUXw1tYXBUw==; Max-Age=31536000; Expires=Tue, 30 Jan 2024 04:08:59 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1933192932
35.190.24.218204 No Content 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1933192932
IP 35.190.24.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1933192932 HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Weborama Collect Frontend
date: Mon, 30 Jan 2023 04:08:59 GMT
vary: Origin
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Mon, 30 Jan 2023 04:08:59 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 673b3376c8d09e8b7b6559f118c9c8a9
7c9bbb4dd4a5b36424e357a64734c27698898e63
c8185d7be91fd2aec27ef692ad62581187d99f8d80249f48c096171e4fa0f2f5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:08:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 14:03:28 GMT
Expires: Sat, 04 Feb 2023 14:03:27 GMT
Etag: "7c9bbb4dd4a5b36424e357a64734c27698898e63"
Cache-Control: max-age=467067,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791759787bf1b523-OSL
sm.rtb.mts.ru/p?ssp=sape&id=1CB35A9DD942D7633A03A31F0261242D
217.66.147.36301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=1CB35A9DD942D7633A03A31F0261242D
IP 217.66.147.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 30 Jan 2023 04:18:38 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=1CB35A9DD942D7633A03A31F0261242D
Set-Cookie: dspid=3ad33ab1-5b7c-479b-95c9-1ee6b8a9a303; expires=Sun, 21 Jan 2024 04:08:59 GMT; domain=.mts.ru; path=/; secure; SameSite=None
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
188.42.34.65200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.34.65:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Tue, 30 Jan 2024 04:08:59 GMT; Path=/; Domain=.betweendigital.com
tuuid=770bedba-8ce5-521e-8081-127fe35650a4; Max-Age=31536000; Expires=Tue, 30 Jan 2024 04:08:59 GMT; Path=/; Domain=.betweendigital.com
ut=Y9dC2wALCDgWdty1d5uMqE0yiPTgTHtm3c4NaA==; Max-Age=31536000; Expires=Tue, 30 Jan 2024 04:08:59 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=1CB35A9DD942D7633A03A31F0261242D
193.232.150.69302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1CB35A9DD942D7633A03A31F0261242D
IP 193.232.150.69:0
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 30 Jan 2023 04:08:59 GMT
content-length: 0
x-backend-id: f13-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=sNSyBKV17mA.AikABlGGAN0oCA;Path=/;Domain=.adhigh.net;Expires=Tue, 30-Jan-2024 04:08:59 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=1CB35A9DD942D7633A03A31F0261242D&bounced=1
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=1CB35A9DD942D7633A03A31F0261242D
188.42.34.65302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=1CB35A9DD942D7633A03A31F0261242D
IP 188.42.34.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=1CB35A9DD942D7633A03A31F0261242D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Tue, 30 Jan 2024 04:08:59 GMT; Path=/; Domain=.betweendigital.com
tuuid=f1732f26-299a-521e-bc70-c3afdfa78174; Max-Age=31536000; Expires=Tue, 30 Jan 2024 04:08:59 GMT; Path=/; Domain=.betweendigital.com
ut=Y9dC2wAJO0j_79jxmFEiS4zy5xtfiqyNqtGS0g==; Max-Age=31536000; Expires=Tue, 30 Jan 2024 04:08:59 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 264ded5ab7534a2df48979e7bdeb1b3d
1fcc8103f8fa054e194b59077e97fe5449388eb5
837c19c546706e9180c464c51aae9a0dcd188a7928c4d06b8935c3307c685ef1
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 30 Jan 2023 04:08:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 29 Jan 2023 22:26:28 GMT
Expires: Mon, 30 Jan 2023 22:26:28 GMT
ETag: "1fcc8103f8fa054e194b59077e97fe5449388eb5"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
an.yandex.ru/mapuid/sapeis/1CB35A9DD942D7633A03A31F0261242D
87.250.250.90302 Found 16 kB URL HTTP/2 an.yandex.ru/mapuid/sapeis/1CB35A9DD942D7633A03A31F0261242D
IP 87.250.250.90:0
Hash 9e9eb65ab29083e2e88fd49545ef8bfa
8bfb9bfed6351195c0ea61a642d5b681dba176b1
5a6d4893b595c9260f46723511b59d1b2fbfa76e0ab99cac9b5aa51caa3b476f
GET /mapuid/sapeis/1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/1CB35A9DD942D7633A03A31F0261242D?redir-setuniq=1
date: Mon, 30 Jan 2023 04:08:58 GMT
set-cookie: yandexuid=2387820601675051738; domain=.yandex.ru; path=/; expires=Thu, 27-Jan-2033 04:08:58 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30 Jan 2023 04:08:58 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Mon, 30 Jan 2023 04:08:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 75a5500127902348d80359c36c55b587
f8adb4286602ef7ffdc6db3beb2c9a3ee505853b
6d5a10b611936cffaf6aec9e431d70842e3476efae0b402d6cc6c3489e5e94a9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 04:08:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 02:18:44 GMT
Expires: Sat, 04 Feb 2023 02:18:43 GMT
Etag: "f8adb4286602ef7ffdc6db3beb2c9a3ee505853b"
Cache-Control: max-age=424783,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79175978ddf1b515-OSL
an.yandex.ru/mapuid/gonetdspis/NDAzNzNlMzhjYTk2ZjYwMw?redir-setuniq=1
87.250.250.90200 OK 118 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/NDAzNzNlMzhjYTk2ZjYwMw?redir-setuniq=1
IP 87.250.250.90:0
Hash d72ffa9040183a53fee44adec3a16950
38e3187cccfb1ed41d47a98c15500f404cc43ac7
5b30c1484eb96b53cc6eb5c33f029c84deb3ec22aa1da45d5c0959922e17bc01
GET /mapuid/gonetdspis/NDAzNzNlMzhjYTk2ZjYwMw?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Mon, 30 Jan 2023 04:08:59 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30 Jan 2023 04:08:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Mon, 30 Jan 2023 04:08:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/NDAzNzNlMzhjYTk2ZjYwMw
87.250.250.90302 Found 20 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/NDAzNzNlMzhjYTk2ZjYwMw
IP 87.250.250.90:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /mapuid/gonetdspis/NDAzNzNlMzhjYTk2ZjYwMw HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/gonetdspis/NDAzNzNlMzhjYTk2ZjYwMw?redir-setuniq=1
date: Mon, 30 Jan 2023 04:08:59 GMT
set-cookie: yandexuid=9725755791675051739; domain=.yandex.ru; path=/; expires=Thu, 27-Jan-2033 04:08:59 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30 Jan 2023 04:08:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Mon, 30 Jan 2023 04:08:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=1CB35A9DD942D7633A03A31F0261242D&bounced=1
193.232.150.69200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1CB35A9DD942D7633A03A31F0261242D&bounced=1
IP 193.232.150.69:0
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=1CB35A9DD942D7633A03A31F0261242D&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:08:59 GMT
content-type: image/gif
content-length: 49
x-backend-id: f13-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=1CB35A9DD942D7633A03A31F0261242D
89.108.120.68302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=1CB35A9DD942D7633A03A31F0261242D
IP 89.108.120.68:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=1CB35A9DD942D7633A03A31F0261242D HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 30 Jan 2023 04:08:59 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=1CB35A9DD942D7633A03A31F0261242D&bounce=1
expires: Mon, 30 Jan 2023 04:08:58 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Mon, 30 Jan 2023 04:08:58 GMT
set-cookie: __upin=g1oNO9ROgP1qbWyPMpqzJQ;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675051739;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=1CB35A9DD942D7633A03A31F0261242D&bounce=1
89.108.120.68204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=1CB35A9DD942D7633A03A31F0261242D&bounce=1
IP 89.108.120.68:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=1CB35A9DD942D7633A03A31F0261242D&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 04:08:59 GMT
expires: Mon, 30 Jan 2023 04:08:58 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Mon, 30 Jan 2023 04:08:58 GMT
set-cookie: __upin=kxBi0TFBOxNzzDKAyt4RbQ;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675051739;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e475adb38619b1ced4af8b8ca473110
246fa62bdf1b38a9f6bd0ef1f223052ed3bc7137
e38dd6d492ab354eda38f8c762239e298e098b6f8446430b010aee19c80c0306
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E38DD6D492AB354EDA38F8C762239E298E098B6F8446430B010AEE19C80C0306"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1157
Expires: Mon, 30 Jan 2023 04:28:16 GMT
Date: Mon, 30 Jan 2023 04:08:59 GMT
Connection: keep-alive
dmg.digitaltarget.ru/1/1093/i/i?i=333152462160494.223100333526943&a=77&e=1CB35A9DD942D7633A03A31F0261242D&pref=http%3A%2F%2Fvipip.info%2F&c=ss:77.up:1CB35A9DD942D7633A03A31F0261242D.sync:up.xdua:du8oZnc31jMIwPEc2r6yCcJW.xps:xpshWUIL6HYuS8kh7I0ogBPLM.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.146307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=333152462160494.223100333526943&a=77&e=1CB35A9DD942D7633A03A31F0261242D&pref=http%3A%2F%2Fvipip.info%2F&c=ss:77.up:1CB35A9DD942D7633A03A31F0261242D.sync:up.xdua:du8oZnc31jMIwPEc2r6yCcJW.xps:xpshWUIL6HYuS8kh7I0ogBPLM.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=333152462160494.223100333526943&a=77&e=1CB35A9DD942D7633A03A31F0261242D&pref=http%3A%2F%2Fvipip.info%2F&c=ss:77.up:1CB35A9DD942D7633A03A31F0261242D.sync:up.xdua:du8oZnc31jMIwPEc2r6yCcJW.xps:xpshWUIL6HYuS8kh7I0ogBPLM.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Mon, 30 Jan 2023 04:08:59 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675051739382&i=333152462160494.223100333526943&a=77&e=1CB35A9DD942D7633A03A31F0261242D&pref=http%3A%2F%2Fvipip.info%2F&c=ss:77.up:1CB35A9DD942D7633A03A31F0261242D.sync:up.xdua:du8oZnc31jMIwPEc2r6yCcJW.xps:xpshWUIL6HYuS8kh7I0ogBPLM.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=-jiDzSYbX.PMiyH7s950; Max-Age=93312000; Expires=Wed, 14 Jan 2026 04:08:59 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/1/1093/i/i?i=333152462160494.492221945160097&a=77&e=1CB35A9DD942D7633A03A31F0261242D&pref=http%3A%2F%2Fvipip.info%2F&c=ss:77.up:1CB35A9DD942D7633A03A31F0261242D.sync:up.xdua:du8oZnc31jMIwPEc2r6yCcJW.xps:xpshWUIL6HYuS8kh7I0ogBPLM.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.146307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=333152462160494.492221945160097&a=77&e=1CB35A9DD942D7633A03A31F0261242D&pref=http%3A%2F%2Fvipip.info%2F&c=ss:77.up:1CB35A9DD942D7633A03A31F0261242D.sync:up.xdua:du8oZnc31jMIwPEc2r6yCcJW.xps:xpshWUIL6HYuS8kh7I0ogBPLM.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=333152462160494.492221945160097&a=77&e=1CB35A9DD942D7633A03A31F0261242D&pref=http%3A%2F%2Fvipip.info%2F&c=ss:77.up:1CB35A9DD942D7633A03A31F0261242D.sync:up.xdua:du8oZnc31jMIwPEc2r6yCcJW.xps:xpshWUIL6HYuS8kh7I0ogBPLM.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Mon, 30 Jan 2023 04:08:59 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675051739386&i=333152462160494.492221945160097&a=77&e=1CB35A9DD942D7633A03A31F0261242D&pref=http%3A%2F%2Fvipip.info%2F&c=ss:77.up:1CB35A9DD942D7633A03A31F0261242D.sync:up.xdua:du8oZnc31jMIwPEc2r6yCcJW.xps:xpshWUIL6HYuS8kh7I0ogBPLM.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=y0ut27JLUsFl-zW72PGm; Max-Age=93312000; Expires=Wed, 14 Jan 2026 04:08:59 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675051739382&i=333152462160494.223100333526943&a=77&e=1CB35A9DD942D7633A03A31F0261242D&pref=http%3A%2F%2Fvipip.info%2F&c=ss:77.up:1CB35A9DD942D7633A03A31F0261242D.sync:up.xdua:du8oZnc31jMIwPEc2r6yCcJW.xps:xpshWUIL6HYuS8kh7I0ogBPLM.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.146200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675051739382&i=333152462160494.223100333526943&a=77&e=1CB35A9DD942D7633A03A31F0261242D&pref=http%3A%2F%2Fvipip.info%2F&c=ss:77.up:1CB35A9DD942D7633A03A31F0261242D.sync:up.xdua:du8oZnc31jMIwPEc2r6yCcJW.xps:xpshWUIL6HYuS8kh7I0ogBPLM.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1675051739382&i=333152462160494.223100333526943&a=77&e=1CB35A9DD942D7633A03A31F0261242D&pref=http%3A%2F%2Fvipip.info%2F&c=ss:77.up:1CB35A9DD942D7633A03A31F0261242D.sync:up.xdua:du8oZnc31jMIwPEc2r6yCcJW.xps:xpshWUIL6HYuS8kh7I0ogBPLM.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 04:08:59 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675051739386&i=333152462160494.492221945160097&a=77&e=1CB35A9DD942D7633A03A31F0261242D&pref=http%3A%2F%2Fvipip.info%2F&c=ss:77.up:1CB35A9DD942D7633A03A31F0261242D.sync:up.xdua:du8oZnc31jMIwPEc2r6yCcJW.xps:xpshWUIL6HYuS8kh7I0ogBPLM.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.146200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675051739386&i=333152462160494.492221945160097&a=77&e=1CB35A9DD942D7633A03A31F0261242D&pref=http%3A%2F%2Fvipip.info%2F&c=ss:77.up:1CB35A9DD942D7633A03A31F0261242D.sync:up.xdua:du8oZnc31jMIwPEc2r6yCcJW.xps:xpshWUIL6HYuS8kh7I0ogBPLM.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1675051739386&i=333152462160494.492221945160097&a=77&e=1CB35A9DD942D7633A03A31F0261242D&pref=http%3A%2F%2Fvipip.info%2F&c=ss:77.up:1CB35A9DD942D7633A03A31F0261242D.sync:up.xdua:du8oZnc31jMIwPEc2r6yCcJW.xps:xpshWUIL6HYuS8kh7I0ogBPLM.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 04:08:59 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 2
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6435
Expires: Mon, 30 Jan 2023 05:56:14 GMT
Date: Mon, 30 Jan 2023 04:08:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6435
Expires: Mon, 30 Jan 2023 05:56:14 GMT
Date: Mon, 30 Jan 2023 04:08:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6435
Expires: Mon, 30 Jan 2023 05:56:14 GMT
Date: Mon, 30 Jan 2023 04:08:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 20:46:17 GMT
age: 26562
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx-qjsrMLYpLmE-8QmpR46BeRySbUGL2Rrr6LqhEQ8jaEEj_6Aj0qg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 22610
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf294e5c-6457-4bdc-b8e4-6cde89bb64f8.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf294e5c-6457-4bdc-b8e4-6cde89bb64f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 029e272400d7190359cd2eabbf418188
6300f72a4e44444fc9e4027fb47a85122650b0f2
ef353caae33db21140027a07d1bf3956c2476baaa69c12c1de3c369ac69b13dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf294e5c-6457-4bdc-b8e4-6cde89bb64f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6927
x-amzn-requestid: 6749dadd-1cbd-4e35-9dae-20337098eccf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGjtGWwoAMF87Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf847d-3c470030501c0e572e9f2560;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:10:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AZgJTalW0bIj3KeZYEB5vTy9yVErnDqk8EC2Si8WWFnOjzMiqc8mxw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:15:27 GMT
age: 21212
etag: "6300f72a4e44444fc9e4027fb47a85122650b0f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8d680cbaee5ef3e7b8e09b174ed6ecf
6651a0d3041920798240ea67e827c3d458769fa9
4c74e8ebff95e67da678248d3dc1d3f42d98c8a0d33d54d9d2bde36314c9f952
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3678
x-amzn-requestid: 21cd1ae3-b769-418a-b7f8-5efa486db859
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEvE-RIAMFpmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-6998009c289996563d78616a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Or8AGZIZTzP_EuRHaCfCNrdPQIw2OQW37MKvOTFQIQgO0h18ct0-Xg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:34:10 GMT
age: 20089
etag: "6651a0d3041920798240ea67e827c3d458769fa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80079413-a219-4943-96b4-3e14e10bb5ba.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80079413-a219-4943-96b4-3e14e10bb5ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36ff8d0c9899da25e80edbb858b164de
3e2491c5465f3c427a11c32bdfee27767559bb3f
b060501c6d82e97bd4826a62b790d58cd9d7ece8e1590267bc9b48033f3ce9b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80079413-a219-4943-96b4-3e14e10bb5ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7223
x-amzn-requestid: b05a1db9-29e2-42d0-9eca-9a0f462c87c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3IHtpIAMFUkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e693-7e13d93143b5e666313a4b8f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: y8z-TFrhe0-x-KHZd2pIVITumrB18bqIzK_vX9em0eEpt3U8i0sozA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:07 GMT
age: 22552
etag: "3e2491c5465f3c427a11c32bdfee27767559bb3f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b7a437-43da-4218-a8ea-3aa936541e3f.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b7a437-43da-4218-a8ea-3aa936541e3f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0729af7c574710c33356c8c3c7757d6
aec801b4158398d2d3222e7247532a1b0ba446e3
057d2ed0960c8d83dda10de975594b21ddeaaf8dcc07a106f3b3c121afb90e57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b7a437-43da-4218-a8ea-3aa936541e3f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8159
x-amzn-requestid: 52245e9a-4ea7-470c-ad88-1051471fc543
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbvBxGv2oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4920b-6b6d100e11edfa5307b67933;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 03:10:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kwcwF6EPJ3ZltIfFkoJPMbf0yFQCMQrk-QQE8RzFF-bxJCBp_YDBIg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 03:56:52 GMT
age: 727
etag: "aec801b4158398d2d3222e7247532a1b0ba446e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.acint.net/ping/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=36489213&dT=2023-01-30T04%3A09%3A11.084
157.90.179.28302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/ping/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=36489213&dT=2023-01-30T04%3A09%3A11.084
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ping/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=36489213&dT=2023-01-30T04%3A09%3A11.084 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Mon, 30 Jan 2023 04:09:00 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/ping/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=36489213&dT=2023-01-30T04%3A09%3A11.084
www.acint.net/ping/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=36489213&dT=2023-01-30T04%3A09%3A11.084
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=36489213&dT=2023-01-30T04%3A09%3A11.084
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.5.0&uid=9661ce5c-5bc7-4f08-a386-b07a429ed894&dp=10&tz=%2B00%3A00&nc=36489213&dT=2023-01-30T04%3A09%3A11.084 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://vipip.info/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGPXQtkfowM6LSRhAhxHoCZjyKgakrDyVNmj6j50wels; cSyncDp7v2=1675051737; cSyncDp14v3=1675051737; cSyncDp17=1675051737; cSyncDp32=1675051737; cSyncDp45v3=1675051737; cSyncDp53v2=1675051737; cSyncDp54v2=1675051737; cSyncDp62=1675051737; cSyncDp67v2=1675051737; cSyncDp68=1675051737; cSyncDp71=1675051737; cSyncDp77=1675051737; cSyncDp84=1675051737; cSyncDp85=1675051737; cSyncDp95v3=1675051737; cSyncDp98v2=1675051737; cSyncDp101=1675051737; cSyncDp104v2=1675051737; cSyncDp107=1675051737; cSyncDp110=1675051737; cSyncDp111v2=1675051737; cSyncDp112v2=1675051737; cSyncDp125v3=1675051737; cSyncDp126=1675051737; cSyncDp127=1675051737; cSyncDp129=1675051737; cSyncDp136v2=1675051737; cSyncDp138=1675051737; cSyncDp146=1675051737; cSyncDp148=1675051737; cSyncDp149v2=1675051737; cSyncDp151=1675051737; cSyncDp178=1675051737; cSyncDp179=1675051737; cSyncDp186=1675051737; cSyncDp221=1675051737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 30 Jan 2023 04:09:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/oci.js?t=1675051748083
157.90.179.28200 OK 0 B URL HTTP/2 www.acint.net/oci.js?t=1675051748083
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
GET /oci.js?t=1675051748083 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://vipip.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 30 Jan 2023 04:08:57 GMT
content-type: application/x-javascript
last-modified: Mon, 09 Jan 2023 08:02:02 GMT
etag: W/"63bbc9fa-7dac"
content-encoding: gzip
X-Firefox-Spdy: h2
vipip.info/templates/siteground-j15-38/images/flash.swf
188.40.131.137200 OK 0 B URL HTTP/1.1 vipip.info/templates/siteground-j15-38/images/flash.swf
IP 188.40.131.137:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Malware
GET /templates/siteground-j15-38/images/flash.swf HTTP/1.1
Host: vipip.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vipip.info/templates/siteground-j15-38/css/template.css
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 30 Jan 2023 04:08:57 GMT
Content-Type: application/x-shockwave-flash
Content-Length: 167359
Last-Modified: Sun, 11 Mar 2018 10:17:11 GMT
Connection: keep-alive
ETag: "5aa50227-28dbf"
Accept-Ranges: bytes