Report - ventl.ru/starsessions/

Report Overview

Submitted URL
ventl.ru/starsessions/
IP
172.67.183.115
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-04 13:44:01
Access
public
Website Title
starsessions
Final URL
ventl.ru/starsessions/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
adx.com.ru	43296	2017-05-19	2017-06-05	2024-05-03	964 B	1.3 kB	83.222.105.118
sync.dmp.otm-r.com	19534	2014-01-16	2017-02-03	2024-05-01	991 B	948 B	188.40.68.29
ssp.bidvol.com	31817	2019-09-24	2020-02-22	2024-05-01	437 B	825 B	65.109.65.187
kimberlite.io	166512	2017-03-16	2017-09-14	2024-05-03	456 B	761 B	217.199.220.44
pixel.dsp.onetarget.ru	unknown	2019-04-18	2024-03-13	2024-04-27	462 B	728 B	130.193.53.230
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-04	1.0 kB	27 kB	216.58.207.227
pix.bumlam.com	92002	2015-08-10	2022-03-29	2024-05-02	1.5 kB	2.1 kB	31.172.81.160
cs.agency2.ru	unknown	2008-10-06	2022-04-29	2024-04-30	452 B	721 B	23.111.107.44
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-05-03	2.8 kB	869 kB	142.250.74.99
ssp-rtb.sape.ru	31166	2006-06-19	2016-02-02	2024-04-30	1.6 kB	2.0 kB	193.3.184.212
sync.upravel.com	28097	2017-03-25	2017-05-29	2024-04-24	968 B	1.7 kB	195.201.193.165
sync.dsp.solta.io	unknown	2022-07-19	2022-09-21	2024-05-02	457 B	248 B	217.199.220.73
mc.acint.net	unknown	2014-02-06	2024-01-29	2024-04-30	15 kB	5.3 kB	193.3.184.131
gw-iad-bid.ymmobi.com	unknown	2021-01-29	2023-10-14	2024-05-02	563 B	556 B	47.253.61.56
ventl.ru	unknown	unknown	No data	No data	8.3 kB	48 kB	172.67.183.115
www.acint.net	29072	2014-02-06	2014-02-14	2024-05-03	18 kB	58 kB	193.3.184.131
a.utraff.com	39874	2016-09-27	2019-02-27	2024-04-27	452 B	1.0 kB	104.26.6.189
exchange.buzzoola.com	18389	2010-08-11	2014-10-17	2024-05-03	1.3 kB	1.3 kB	144.76.119.17
match.new-programmatic.com	33613	2020-02-18	2020-02-18	2024-04-30	473 B	213 B	217.65.2.150
sync.gonet-ads.com	unknown	2022-04-05	2023-02-03	2024-04-29	461 B	343 B	188.42.105.236
ssp.al-adtech.com	unknown	2024-01-16	2024-01-30	2024-05-03	424 B	668 B	45.139.25.124
match.qtarget.tech	unknown	2022-12-26	2023-01-28	2024-04-30	1.9 kB	852 B	95.163.92.180
s.ccsyncuuid.net	unknown	2023-02-28	2023-06-17	2024-04-11	464 B	0 B	0.0.0.0
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	2.9 kB	84 kB	142.250.74.100
sync.bumlam.com	3243	2015-08-10	2015-08-10	2024-05-03	1.5 kB	1.9 kB	31.172.81.159
s.uuidksinc.net	3423	2015-05-05	2015-07-20	2024-04-30	463 B	322 B	31.220.27.155
match.ohmy.bid	unknown	2022-06-09	2023-05-23	2024-05-01	497 B	443 B	167.235.10.91
sync.programmatica.com	unknown	2016-10-12	2022-12-17	2024-04-30	424 B	224 B	158.160.128.78
ssp.bestssp.com	90974	2016-05-05	2017-06-10	2024-05-03	541 B	456 B	83.222.96.170
4df991ba-0a1c-11ef-9b7b-002590c82436.n2.sync.bumlam.com	unknown	unknown	No data	No data	527 B	247 B	62.109.24.241
dm-eu.hybrid.ai	28847	2017-12-19	2021-01-25	2024-05-03	458 B	528 B	37.230.131.21
sync.adspend.space	unknown	2022-02-11	2022-10-20	2024-05-02	1.0 kB	3.4 kB	172.67.168.127
sync.opendsp.ru	unknown	2022-08-24	2022-09-01	2024-05-02	458 B	248 B	82.148.20.186
ads.adlook.me	43352	2016-07-15	2018-11-28	2024-05-03	598 B	518 B	46.243.182.89
acint.net	22962	2014-02-06	2014-02-14	2024-05-03	6.1 kB	1.8 kB	193.3.184.131
nr.bidderstack.com	352019	2017-04-25	2019-02-11	2024-05-03	927 B	873 B	167.235.186.124

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	ccsyncuuid.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	ventl.ru/include/js/fastlogin.js	628 B	2024-05-04	2024-05-04
Pretty URL ventl.ru/include/js/fastlogin.js IP 172.67.183.115 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 15:44:10 Last Seen2024-05-04 15:44:10 Times Seen1 Hash e1cd86ce1328e6e56fda70f9e5dde8b5 d9fd05e33b3d942f72e1538fd7a420fed7b0f5c7 653b51cf3c93074058001de7b900b86351580531246ea144790248a8440a8f7b Loading...

	ventl.ru/starsessions/	250 B	2023-03-07	2024-05-18
Pretty URL ventl.ru/starsessions/ IP 172.67.183.115 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:42:22 Last Seen2024-05-18 00:07:00 Times Seen672 Hash 537357420024d824760d7686fbdf31fe 5e14660b667fdc602c82300ccf3253afc242e4bb ca2f5769fc415a62dd2cd8af83b9b64604715e602f6de4c7741f9992a7003a29 Loading...

	www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__ru.js	549 kB	2024-04-24	2024-05-07
Pretty URL www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__ru.js IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 10:43:25 Last Seen2024-05-07 17:02:15 Times Seen62 Hash b8236cd6f4e5e87ab16b8047278c56f7 ff06d09b3687e2e9770c9325ae094bb08a724128 0a58dfa276432686dba854d707d329d5ccfbee43fc859c36220dc6c75c01ee01 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8&co=aHR0cHM6Ly92ZW50bC5ydTo0NDM.&hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=xzolqlx3caus	69 B	2023-03-07	2024-05-18
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8&co=aHR0cHM6Ly92ZW50bC5ydTo0NDM.&hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=xzolqlx3caus IP 142.250.74.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:05 Last Seen2024-05-18 14:58:42 Times Seen102437 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	ventl.ru/starsessions/	635 B	2024-05-04	2024-05-04
Pretty URL ventl.ru/starsessions/ IP 172.67.183.115 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 15:44:10 Last Seen2024-05-04 15:44:10 Times Seen1 Hash 4937ad60ceff038827640fd305848619 baa4e457b6f8f42e189275dc9d961b46eb2b5b84 7d966e70ca41c64bce05230f3f4eceba5c9aa4922a56617750b9ce333587698a Loading...

	www.google.com/recaptcha/api2/bframe?hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8	0 B	2023-03-07	2024-05-18
Pretty URL www.google.com/recaptcha/api2/bframe?hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8 IP 142.250.74.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 15:09:39 Times Seen37788124 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.google.com/recaptcha/api.js?hl=ru	850 B	2024-05-04	2024-05-04
Pretty URL www.google.com/recaptcha/api.js?hl=ru IP 142.250.74.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 15:44:10 Last Seen2024-05-04 15:44:10 Times Seen1 Hash 9011ed413f5fcbda535770ba0eafa59c de0827101fd05452558e049a8711822ab0e3cbbf f0a1169752359904b63ccb2414468b7332e7add104a45e5383056eb63f1da185 Loading...

	www.acint.net/aci.js	31 kB	2024-01-12	2024-05-18
Pretty URL www.acint.net/aci.js IP 193.3.184.131 ASN #50214 QWARTA LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-12 02:40:42 Last Seen2024-05-18 14:36:19 Times Seen933 Hash e81f962d48edbcbedc89edfdb08d0b3c 324f1ffc62d43e229b192083b118b1ac4a5643c6 d9453129c16b0215069d80e4b526c0546b259fae8d615e1b3aa775a8d76bac57 Loading...

	www.acint.net/oci.js?t=1714830214857	32 kB	2023-03-12	2024-05-18
Pretty URL www.acint.net/oci.js?t=1714830214857 IP 193.3.184.131 ASN #50214 QWARTA LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:09:04 Last Seen2024-05-18 14:36:19 Times Seen2279 Hash c3fa5133b6899a2abb39fb79ed94300f dc1d5c75420b38cd7509a783ed09345d0ff78ac4 66b141eb9ae44c86efc510844a71cf208c02d02abe03af3a7d8cc26736d3e19c Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8&co=aHR0cHM6Ly92ZW50bC5ydTo0NDM.&hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=xzolqlx3caus	37 kB	2024-05-04	2024-05-04
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8&co=aHR0cHM6Ly92ZW50bC5ydTo0NDM.&hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=xzolqlx3caus IP 142.250.74.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 15:44:10 Last Seen2024-05-04 15:44:10 Times Seen1 Hash 5d4abbc603b42916b9d72ff1aa5cc1ff 575d394179c2d52774294ee5aaea0cb0b13d9e73 ea51f53a8b43e82701db29d96e03cc866f0bd53e5a97c837c1593b89bde61bd9 Loading...

	www.google.com/js/bg/Ka1BqJ8qqr7GVFY8ckyfe5sDiZjR9d2vliJ-h9yILmk.js	18 kB	2024-05-04	2024-05-18
Pretty URL www.google.com/js/bg/Ka1BqJ8qqr7GVFY8ckyfe5sDiZjR9d2vliJ-h9yILmk.js IP 142.250.74.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 12:25:22 Last Seen2024-05-18 08:59:17 Times Seen629 Hash 3e99048a5a604ff3d779dbe93486bd78 02866f5b2fbbc54b30acae2e50461c46394c02c6 29ad41a89f2aaabec654563c724c9f7b9b038998d1f5ddaf96227e87dc882e69 Loading...

	ventl.ru/include/js/postform.js	1.5 kB	2024-05-04	2024-05-04
Pretty URL ventl.ru/include/js/postform.js IP 172.67.183.115 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 15:44:10 Last Seen2024-05-04 15:44:10 Times Seen1 Hash becb94b4b8a90f3e573397b2c0aecc45 dc0969bd7fecf0aa5cd5cab8007f219824ca777e 0676c1157f72f95db1436869c3f4d41d3a633f09071cab98ef048dd07d7454c9 Loading...

	www.acint.net/mc/?dp=10&tc=1	0 B	2023-03-07	2024-05-18
Pretty URL www.acint.net/mc/?dp=10&tc=1 IP 193.3.184.131 ASN #50214 QWARTA LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 15:09:39 Times Seen37788124 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Eval - af6e92cfff86864e93b2da36cf9f4746	22 B	2024-05-04	2024-05-18
Pretty Observations First Seen2024-05-04 12:25:23 Last Seen2024-05-18 08:59:17 Times Seen266 Hash af6e92cfff86864e93b2da36cf9f4746 cc2935e0930ce17e1bbfbb7d83ef1cf58e1ac0c6 26fe3bac55b7f4c820116cf07230af3311d35ef1c6f5d832e354fb98d3563f58 Loading...

	#2 Eval - ed7e4218f85a919a0681dc0de9d251d6	19 kB	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 15:44:10 Last Seen2024-05-04 15:44:10 Times Seen1 Hash ed7e4218f85a919a0681dc0de9d251d6 304f1b3bf5b090f916474fca00e6787084fac3a2 ccae4296b2a0e9a4fad5ebfca6c1de818076a24939dfb4b160bd75b0935ae5e3 Loading...

	#3 Eval - 39c6b7e61ed37b9568568094478b9f9c	22 B	2024-05-04	2024-05-18
Pretty Observations First Seen2024-05-04 12:25:23 Last Seen2024-05-18 08:59:17 Times Seen267 Hash 39c6b7e61ed37b9568568094478b9f9c bed32e5813a32e8778646972b22e18b2d48c7c0b 002bb2cd1a1904739ca6c3c561dbe701fb1d16a6e5b420977fe3d31811cde1d4 Loading...

	#4 Eval - c4ceed659f6c24a5e28ce9ffa3cf5ee5	62 B	2024-05-04	2024-05-18
Pretty Observations First Seen2024-05-04 12:25:23 Last Seen2024-05-18 08:59:17 Times Seen269 Hash c4ceed659f6c24a5e28ce9ffa3cf5ee5 e9712e43e4dbbfb224222b1fd7e516e6d99a2ac5 44ac69b11aee4cf1cdb1772d67b3888dac768d23c2ae3ec48e5ed81775141b92 Loading...

HTTP Transactions (103)

URL IP Response Size

ventl.ru/img/smilies/happy.gif

172.67.183.115

200 OK

497 B

URL GET HTTP/3
ventl.ru/img/smilies/happy.gif
IP
172.67.183.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerGoogle Trust Services LLC
Subjectventl.ru
Fingerprint49:5F:4F:F1:98:5A:8F:6E:3A:11:86:63:6D:25:66:6F:85:5B:48:FB
ValidityMon, 25 Mar 2024 13:10:48 GMT - Sun, 23 Jun 2024 13:10:47 GMT

File type
GIF image data, version 89a, 20 x 20
Size
497 B (497 bytes)
Hash
363912ad5ad30e9ca590950fe254a3ce
2fb1d6463f690ffc9ddeb4660e35a0b767fa3d52
19409754abb73e4e3a8a828c7c5baf6664e5fe7a44fd96b54a3e4c0b09d68a9b

HTTP Headers

GET /img/smilies/happy.gif HTTP/1.1
Host: ventl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/starsessions/
Cookie: PHPSESSID=caj41vhlc1micacdc6q9631qj5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 13:43:34 GMT
content-type: image/gif
content-length: 497
last-modified: Sun, 04 Aug 2013 03:00:00 GMT
etag: "3086647-1f1-4e31663344c00"
age: 3813
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BFNPpWUQc%2Bd774n4ivAM%2BlOZq4oXazrVLz0e8VBOSq%2F7GIXRB9%2Fhs8SHf%2FmJC7E%2Frcm1B5GvrRjNan7h0fKbNWkREUrsyK9gAa3Lt88J3jIxsMc6%2B5CzpGuxmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8eba839b7b524-OSL
alt-svc: h3=":443"; ma=86400

ventl.ru/img/smilies/smile.gif

172.67.183.115

200 OK

492 B

URL GET HTTP/3
ventl.ru/img/smilies/smile.gif
IP
172.67.183.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerGoogle Trust Services LLC
Subjectventl.ru
Fingerprint49:5F:4F:F1:98:5A:8F:6E:3A:11:86:63:6D:25:66:6F:85:5B:48:FB
ValidityMon, 25 Mar 2024 13:10:48 GMT - Sun, 23 Jun 2024 13:10:47 GMT

File type
GIF image data, version 89a, 20 x 20
Size
492 B (492 bytes)
Hash
1cba53949121b57190f959f75b596569
48295c00556563339a1f9c92a8659380b39a3629
58c626b8d7023fbf3319ca24c03b16dcdaa411b36c71af12f4391e3958aa6f8b

HTTP Headers

GET /img/smilies/smile.gif HTTP/1.1
Host: ventl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/starsessions/
Cookie: PHPSESSID=caj41vhlc1micacdc6q9631qj5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 13:43:34 GMT
content-type: image/gif
content-length: 492
last-modified: Sun, 04 Aug 2013 03:00:00 GMT
etag: "308664c-1ec-4e31663344c00"
age: 3813
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CysleLRkUbf4iqNV7hyAUWanB2Sxs4fTtsrqRMsTP31Obonfw7AALX9P843cSOObJlbbh71MB76DiLsIhxfByep1Pvxsa4aihlI%2FhBW9uCkMS6IHwvWVwxmMsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8eba839afb524-OSL
alt-svc: h3=":443"; ma=86400

ventl.ru/img/smilies/wink.gif

172.67.183.115

200 OK

496 B

URL GET HTTP/3
ventl.ru/img/smilies/wink.gif
IP
172.67.183.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerGoogle Trust Services LLC
Subjectventl.ru
Fingerprint49:5F:4F:F1:98:5A:8F:6E:3A:11:86:63:6D:25:66:6F:85:5B:48:FB
ValidityMon, 25 Mar 2024 13:10:48 GMT - Sun, 23 Jun 2024 13:10:47 GMT

File type
GIF image data, version 89a, 20 x 20
Size
496 B (496 bytes)
Hash
85a414d817f207cf6e7fd60f26b2a7a8
25d684a2acc214d16a737ba91e549383695ae51f
33d99dd8f38f2cff2284d6108c295538bb01232e9af1bb441fd74e5a8beb2bee

HTTP Headers

GET /img/smilies/wink.gif HTTP/1.1
Host: ventl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/starsessions/
Cookie: PHPSESSID=caj41vhlc1micacdc6q9631qj5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 13:43:34 GMT
content-type: image/gif
content-length: 496
last-modified: Sun, 04 Aug 2013 03:00:00 GMT
etag: "308664e-1f0-4e31663344c00"
age: 3813
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2VMOu9KsOZNECkzT5x4Qpt4HCZHjwgIyugoxvgLLBtPsDYB4WUPiZWz%2B%2Fcj8zmIfxWVSSS3jhLuS2t8svRuGTg8vnmCu%2F%2BDd%2BrzFa7DB%2BcFR7%2F8AZnl2whfIFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8eba839b5b524-OSL
alt-svc: h3=":443"; ma=86400

ventl.ru/img/smilies/cool.gif

172.67.183.115

200 OK

492 B

URL GET HTTP/3
ventl.ru/img/smilies/cool.gif
IP
172.67.183.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerGoogle Trust Services LLC
Subjectventl.ru
Fingerprint49:5F:4F:F1:98:5A:8F:6E:3A:11:86:63:6D:25:66:6F:85:5B:48:FB
ValidityMon, 25 Mar 2024 13:10:48 GMT - Sun, 23 Jun 2024 13:10:47 GMT

File type
GIF image data, version 89a, 20 x 20
Size
492 B (492 bytes)
Hash
3c25507fded6f9ed09928fec8fb06399
a9e7604755670cb53f97a10530705d0be31442f5
cc341b04124accf2e6a6278d8a10c1e6975647dc92bd49f18fc66452e693fef1

HTTP Headers

GET /img/smilies/cool.gif HTTP/1.1
Host: ventl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/starsessions/
Cookie: PHPSESSID=caj41vhlc1micacdc6q9631qj5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 13:43:34 GMT
content-type: image/gif
content-length: 492
last-modified: Sun, 04 Aug 2013 03:00:00 GMT
etag: "3086645-1ec-4e31663344c00"
age: 3813
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2rPuC9nxaBgI7wIW9ycHCr819sE%2F3wfLNhg9Za0rnEhXrHbBvI%2BWWPJbOwDrKmtpld%2B1fHpk1u%2FMmLrQ0UxV4%2BRZUevCzXeVgiyKn5iw7nx59C7UDKZbF%2BqHQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8eba839bdb524-OSL
alt-svc: h3=":443"; ma=86400

ventl.ru/img/smilies/sceptic.gif

172.67.183.115

200 OK

488 B

URL GET HTTP/3
ventl.ru/img/smilies/sceptic.gif
IP
172.67.183.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerGoogle Trust Services LLC
Subjectventl.ru
Fingerprint49:5F:4F:F1:98:5A:8F:6E:3A:11:86:63:6D:25:66:6F:85:5B:48:FB
ValidityMon, 25 Mar 2024 13:10:48 GMT - Sun, 23 Jun 2024 13:10:47 GMT

File type
GIF image data, version 89a, 20 x 20
Size
488 B (488 bytes)
Hash
c6bf7818c7d0863d784a66e0db83c90e
9f7031139dae63372bb984f2482acd5a6ad1a0bc
1ae6252e40a5e3c91b0241385570ecd5b3c183985f4a8fc39b5f6c463c051335

HTTP Headers

GET /img/smilies/sceptic.gif HTTP/1.1
Host: ventl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/starsessions/
Cookie: PHPSESSID=caj41vhlc1micacdc6q9631qj5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 13:43:34 GMT
content-type: image/gif
content-length: 488
last-modified: Sun, 04 Aug 2013 03:00:00 GMT
etag: "3086649-1e8-4e31663344c00"
age: 3813
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NyKx8OWs8m7mm%2B8EO7ZxK%2FnuBqUgEIzHECXqxJQqcuQZFTqGU%2FCh5Vx9nv2jQ0Vqmyz89HN5vE9O64%2Bdv67kXHdKu3H72C8XPKAr4dPQxE9oj%2Fh6F8Y070Bvlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8eba839bfb524-OSL
alt-svc: h3=":443"; ma=86400

ventl.ru/img/smilies/tongue.gif

172.67.183.115

200 OK

491 B

URL GET HTTP/3
ventl.ru/img/smilies/tongue.gif
IP
172.67.183.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerGoogle Trust Services LLC
Subjectventl.ru
Fingerprint49:5F:4F:F1:98:5A:8F:6E:3A:11:86:63:6D:25:66:6F:85:5B:48:FB
ValidityMon, 25 Mar 2024 13:10:48 GMT - Sun, 23 Jun 2024 13:10:47 GMT

File type
GIF image data, version 89a, 20 x 20
Size
491 B (491 bytes)
Hash
df35e03a6ed232e6b8d6b8ee462ad22d
382dcb696bcea091594f96183f92c5d2fc14263c
394944150ea52aab6565fd9ca8c66584c8747c2e9a1b1c88a0e4a3a6e96b37e3

HTTP Headers

GET /img/smilies/tongue.gif HTTP/1.1
Host: ventl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/starsessions/
Cookie: PHPSESSID=caj41vhlc1micacdc6q9631qj5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 13:43:34 GMT
content-type: image/gif
content-length: 491
last-modified: Sun, 04 Aug 2013 03:00:00 GMT
etag: "308664d-1eb-4e31663344c00"
age: 3813
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w3nRl6%2BBLLJwCHx909q8Ad2qSSisRWZujbQJ%2FJBvAwFk8tfaTkMsaY1GDWmkUgphIDOUPaEHXdPJYUIw%2FXFOnpVwdhR91JwwMww17YPE06vXw5S8UVSg1I3SFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8eba839b9b524-OSL
alt-svc: h3=":443"; ma=86400

ventl.ru/img/smilies/shocked.gif

172.67.183.115

200 OK

490 B

URL GET HTTP/3
ventl.ru/img/smilies/shocked.gif
IP
172.67.183.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerGoogle Trust Services LLC
Subjectventl.ru
Fingerprint49:5F:4F:F1:98:5A:8F:6E:3A:11:86:63:6D:25:66:6F:85:5B:48:FB
ValidityMon, 25 Mar 2024 13:10:48 GMT - Sun, 23 Jun 2024 13:10:47 GMT

File type
GIF image data, version 89a, 20 x 20
Size
490 B (490 bytes)
Hash
13463455aa08278823828364d615d6d3
ff155215c8bed98fc6a79c38dd5725bc2dba415e
0f7676279c10ca79d03e1ef920be2da49f0e148250c7b261eddab9ad83d2291c

HTTP Headers

GET /img/smilies/shocked.gif HTTP/1.1
Host: ventl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/starsessions/
Cookie: PHPSESSID=caj41vhlc1micacdc6q9631qj5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 13:43:34 GMT
content-type: image/gif
content-length: 490
last-modified: Sun, 04 Aug 2013 03:00:00 GMT
etag: "308664b-1ea-4e31663344c00"
age: 3813
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QTe0%2BjtnWs1lXvcF4U8XTY2z%2FAkpeXdKLf2gwv%2BKk7uabTo7AwWe%2BNsXSnvR4T%2BUJx8b3m6Zc5rniQMY6nf9SVbwTyX4VeAkH4ZTGJpmt0jkl86GMrA%2FRVUbag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8eba839c6b524-OSL
alt-svc: h3=":443"; ma=86400

ventl.ru/img/smilies/sad.gif

172.67.183.115

200 OK

491 B

URL GET HTTP/3
ventl.ru/img/smilies/sad.gif
IP
172.67.183.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerGoogle Trust Services LLC
Subjectventl.ru
Fingerprint49:5F:4F:F1:98:5A:8F:6E:3A:11:86:63:6D:25:66:6F:85:5B:48:FB
ValidityMon, 25 Mar 2024 13:10:48 GMT - Sun, 23 Jun 2024 13:10:47 GMT

File type
GIF image data, version 89a, 20 x 20
Size
491 B (491 bytes)
Hash
5ecb7a089e08e1afa3e48e886f84a520
779794e838512ac8c7ec2efd209b52301e9a454c
4bf8fc1a2aaa227e46d34d017aff3d56fe391a08ae48027eaf22f3a2ca9c5630

HTTP Headers

GET /img/smilies/sad.gif HTTP/1.1
Host: ventl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/starsessions/
Cookie: PHPSESSID=caj41vhlc1micacdc6q9631qj5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 13:43:34 GMT
content-type: image/gif
content-length: 491
last-modified: Sun, 04 Aug 2013 03:00:00 GMT
etag: "3086648-1eb-4e31663344c00"
age: 3813
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RLNYGc%2BlW0hm8ubvmE%2FWM1AmItsztCvR8BkFiz7ZXBRHsYXGsyXNkKCXMGz%2FIEf8cp6IBJ358L0rbA2FGbil6I3Bhp3coM5qp1cT8m2NhLPGyoe%2FtpWgbhYGhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8eba839c0b524-OSL
alt-svc: h3=":443"; ma=86400

ventl.ru/img/smilies/serious.gif

172.67.183.115

200 OK

489 B

URL GET HTTP/3
ventl.ru/img/smilies/serious.gif
IP
172.67.183.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerGoogle Trust Services LLC
Subjectventl.ru
Fingerprint49:5F:4F:F1:98:5A:8F:6E:3A:11:86:63:6D:25:66:6F:85:5B:48:FB
ValidityMon, 25 Mar 2024 13:10:48 GMT - Sun, 23 Jun 2024 13:10:47 GMT

File type
GIF image data, version 89a, 20 x 20
Size
489 B (489 bytes)
Hash
5e257f858141bc6a3482e08dea101255
78b249d84caf19c66a162f76c27176be5ed777a5
ea0d4f572e5a90d92b6478bb04d9f599cf3d3ffcc92be32ef240f7899b521cc0

HTTP Headers

GET /img/smilies/serious.gif HTTP/1.1
Host: ventl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/starsessions/
Cookie: PHPSESSID=caj41vhlc1micacdc6q9631qj5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 13:43:34 GMT
content-type: image/gif
content-length: 489
last-modified: Sun, 04 Aug 2013 03:00:00 GMT
etag: "308664a-1e9-4e31663344c00"
age: 3813
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2BTR11tv3YIlpDzfP7KW64F8tkuZ8YqjuGV1FeKbkUPOF3EWd9Iuwqhei0vcuyRcnlKMB4AQdQDfxynBSwOC8Vvwfek52QXWh86sRAmyS5oDIgqULvj6b3%2BTsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8eba839c2b524-OSL
alt-svc: h3=":443"; ma=86400

ventl.ru/img/smilies/angry.gif

172.67.183.115

200 OK

500 B

URL GET HTTP/3
ventl.ru/img/smilies/angry.gif
IP
172.67.183.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerGoogle Trust Services LLC
Subjectventl.ru
Fingerprint49:5F:4F:F1:98:5A:8F:6E:3A:11:86:63:6D:25:66:6F:85:5B:48:FB
ValidityMon, 25 Mar 2024 13:10:48 GMT - Sun, 23 Jun 2024 13:10:47 GMT

File type
GIF image data, version 89a, 20 x 20
Size
500 B (500 bytes)
Hash
7efa98d1ed13716ae1c8f92061650696
5a8b27da046b37e5bbb2593e57364a3fc8c45c1c
a194939cfd38b744360bd8af5e43a9725c4ec675f23e849e00742bb7e0200a86

HTTP Headers

GET /img/smilies/angry.gif HTTP/1.1
Host: ventl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/starsessions/
Cookie: PHPSESSID=caj41vhlc1micacdc6q9631qj5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 13:43:34 GMT
content-type: image/gif
content-length: 500
last-modified: Sun, 04 Aug 2013 03:00:00 GMT
etag: "3086644-1f4-4e31663344c00"
age: 3813
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eSMFEJPHIUz5xhA833OWcq1RVRwLYpqVTHccRJhY2nJleNndJUOBtieVX8H3c79xnLvRgYE9s4avLIPU8ofsvDjb5B9P%2B8kOv1cnrH03Wn%2FhnzoWWjtw0eYaZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8eba839c8b524-OSL
alt-svc: h3=":443"; ma=86400

ventl.ru/img/smilies/crying.gif

172.67.183.115

200 OK

500 B

URL GET HTTP/3
ventl.ru/img/smilies/crying.gif
IP
172.67.183.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerGoogle Trust Services LLC
Subjectventl.ru
Fingerprint49:5F:4F:F1:98:5A:8F:6E:3A:11:86:63:6D:25:66:6F:85:5B:48:FB
ValidityMon, 25 Mar 2024 13:10:48 GMT - Sun, 23 Jun 2024 13:10:47 GMT

File type
GIF image data, version 89a, 20 x 20
Size
500 B (500 bytes)
Hash
011f70d0d0445e0622613720b5e938d7
023911f9e2e5b0cc8387fd7874845784863eec3b
8f7b35016075f9b1b7e340cbdd42ed36a19f2dd29b0656a504ae9f9372ee518e

HTTP Headers

GET /img/smilies/crying.gif HTTP/1.1
Host: ventl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/starsessions/
Cookie: PHPSESSID=caj41vhlc1micacdc6q9631qj5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 13:43:34 GMT
content-type: image/gif
content-length: 500
last-modified: Sun, 04 Aug 2013 03:00:00 GMT
etag: "3086646-1f4-4e31663344c00"
age: 3813
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jt6YvME1yaHYowMt%2B4TSMTW%2BTj6GN%2FNmDoqBaDtWyJSqIJDlaICgqCfrO%2BpkobnenLFrs82fjT10kasIsRU3Urb4yMIUk3YyRrIK9WSTmOM0Ul24JCaCwJh9NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8eba849d2b524-OSL
alt-svc: h3=":443"; ma=86400

www.google.com/recaptcha/api.js?hl=ru

142.250.74.100

200 OK

1.1 kB

URL GET HTTP/2
www.google.com/recaptcha/api.js?hl=ru
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99
ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT

File type
gzip compressed data
Size
1.1 kB (1059 bytes)
Hash
db3214bb656508d72d4e2736d9a69bc9
16fc286173b0dc37e97bdc915d73a090daf451cc
2c3b4a66e2334b4e394b2d1b291edfd653030d7d62957382e504d131d4bfd794

HTTP Headers

GET /recaptcha/api.js?hl=ru HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sat, 04 May 2024 13:43:34 GMT
date: Sat, 04 May 2024 13:43:34 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.acint.net/aci.js

193.3.184.131

200 OK

8.8 kB

URL GET HTTP/2
www.acint.net/aci.js
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
JavaScript source, ASCII text, with very long lines (31112), with no line terminators
Size
8.8 kB (8760 bytes)
Hash
e81f962d48edbcbedc89edfdb08d0b3c
324f1ffc62d43e229b192083b118b1ac4a5643c6
d9453129c16b0215069d80e4b526c0546b259fae8d615e1b3aa775a8d76bac57

HTTP Headers

GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 13:43:34 GMT
content-type: application/x-javascript
content-length: 8760
last-modified: Wed, 17 Jan 2024 22:00:10 GMT
etag: "65a84dea-2238"
content-encoding: gzip
expires: Sun, 05 May 2024 01:43:34 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2

www.acint.net/hit/?v=0.7.0&uid=e92127bb-9f5e-43a7-bcbc-2cbe2214e7da&dp=10&tz=%2B00%3A00&nc=011242&u=https%3A%2F%2Fventl.ru%2Fstarsessions%2F&r=&rs=1280x1024&t=starsessions&oE=1&oP=1&dT=2024-05-04T13%3A43%3A34.852&fu=888c9070-e4f3-4d67-9cc7-18e7bb30974c

193.3.184.131

200 OK

43 B

URL GET HTTP/2
www.acint.net/hit/?v=0.7.0&uid=e92127bb-9f5e-43a7-bcbc-2cbe2214e7da&dp=10&tz=%2B00%3A00&nc=011242&u=https%3A%2F%2Fventl.ru%2Fstarsessions%2F&r=&rs=1280x1024&t=starsessions&oE=1&oP=1&dT=2024-05-04T13%3A43%3A34.852&fu=888c9070-e4f3-4d67-9cc7-18e7bb30974c
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hit/?v=0.7.0&uid=e92127bb-9f5e-43a7-bcbc-2cbe2214e7da&dp=10&tz=%2B00%3A00&nc=011242&u=https%3A%2F%2Fventl.ru%2Fstarsessions%2F&r=&rs=1280x1024&t=starsessions&oE=1&oP=1&dT=2024-05-04T13%3A43%3A34.852&fu=888c9070-e4f3-4d67-9cc7-18e7bb30974c HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 13:43:34 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

www.acint.net/mc/?dp=10

193.3.184.131

302 Found

154 B

URL GET HTTP/2
www.acint.net/mc/?dp=10
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 13:43:34 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Sat, 04-May-24 13:53:34 GMT
aid=fwAACWY2O4ZB1DUAkwsYAg7o122IoaupucBcXgAudKInY3kN; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__ru.js

142.250.74.99

200 OK

209 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__ru.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/bframe?hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (873)
Size
209 kB (209260 bytes)
Hash
b8236cd6f4e5e87ab16b8047278c56f7
ff06d09b3687e2e9770c9325ae094bb08a724128
0a58dfa276432686dba854d707d329d5ccfbee43fc859c36220dc6c75c01ee01

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__ru.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ventl.ru
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 209260
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 12:30:03 GMT
expires: Fri, 02 May 2025 12:30:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 177211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ventl.ru/favicon.ico

172.67.183.115

200 OK

707 B

URL GET HTTP/3
ventl.ru/favicon.ico
IP
172.67.183.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerGoogle Trust Services LLC
Subjectventl.ru
Fingerprint49:5F:4F:F1:98:5A:8F:6E:3A:11:86:63:6D:25:66:6F:85:5B:48:FB
ValidityMon, 25 Mar 2024 13:10:48 GMT - Sun, 23 Jun 2024 13:10:47 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
707 B (707 bytes)
Hash
f076c210a32a4e400f7232adb8c0767a
c99d85b7c9905f7efb85e1abfb2f82d1ca6cb7d1
16b73c65ae670b555b53b01ec98b680e3a9fffc1ccb493369a78dfbe97d9c3d5

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ventl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/starsessions/
Cookie: PHPSESSID=caj41vhlc1micacdc6q9631qj5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 13:43:34 GMT
content-type: image/vnd.microsoft.icon
last-modified: Sun, 04 Aug 2013 09:07:25 GMT
etag: W/"3086584-47e-4e31b85304d40"
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oy4TnY2FqqZ8BWzNSmNcnhVJPcJzYdsNpxIO4vWawPrHa%2B%2BbKJyymQJfsA9l09woUYi8%2FafATS1HXVeis%2FpIIIBOabYhuIH62yZJmfb4mQ7jYJQGrdn8MFt6oA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8ebaa4cb2b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.utraff.com/sync?ssp=8&id=0500007F863B3666FE348F4102E1D281

104.26.6.189

204 No Content

0 B

URL GET HTTP/2
a.utraff.com/sync?ssp=8&id=0500007F863B3666FE348F4102E1D281
IP
104.26.6.189:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerGoogle Trust Services LLC
Subjectutraff.com
Fingerprint33:5E:E6:D1:25:D0:06:4F:AC:56:7F:BD:6C:A7:DD:31:72:25:35:57
ValiditySat, 06 Apr 2024 06:57:44 GMT - Fri, 05 Jul 2024 06:57:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync?ssp=8&id=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 04 May 2024 13:43:35 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Mon, 03 Jun 2024 16:43:35 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Mon, 03 Jun 2024 16:43:35 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G4Ld5LhR%2BWURGBx69%2FrlchsO4J%2Bd%2FfZx1Dkj1avObT%2FZgptQVTQ5dLUl0Tbzjwf6hfDjObvxDSRnNV3W94SNy9JLsSfw5kN4KMF7GJu3cAyFLr%2BwJoe5B8rkXkPU5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8ebaccacf568f-OSL
X-Firefox-Spdy: h2

dm-eu.hybrid.ai/match?id=106&vid=0500007F863B3666FE348F4102E1D281

37.230.131.21

204 No Content

0 B

URL GET HTTP/2
dm-eu.hybrid.ai/match?id=106&vid=0500007F863B3666FE348F4102E1D281
IP
37.230.131.21:443
ASN
#200197 Hybrid Adtech Sp.z.o.o.

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerSectigo Limited
Subject*.hybrid.ai
Fingerprint40:F9:88:C5:EF:2B:26:9C:61:DC:CC:ED:B1:67:03:F4:E2:CC:B7:C8
ValidityThu, 14 Sep 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?id=106&vid=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 04 May 2024 13:43:35 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=4c7da36f34577016664a; Expires=Sun, 04 May 2025 13:43:34 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 548
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.acint.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2

ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D

193.3.184.212

302 Moved Temporarily

142 B

URL GET HTTP/1.1
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP
193.3.184.212:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.sape.ru
Fingerprint73:95:22:E3:B6:12:3E:90:3A:10:10:DC:38:ED:28:2D:82:7B:EB:E2
ValidityWed, 10 Apr 2024 03:20:28 GMT - Tue, 09 Jul 2024 03:20:27 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sat, 04 May 2024 13:43:35 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=1203420A873B36660C00643E0294A2BE
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDEmY2O4c+ZAAMvqKUArvX8n5hoMTcsIRTgVf9jbD2FlZh; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None

sync.bumlam.com/?src=sap1&uid=0500007F863B3666FE348F4102E1D281

31.172.81.159

302 Moved Temporarily

0 B

URL GET HTTP/1.1
sync.bumlam.com/?src=sap1&uid=0500007F863B3666FE348F4102E1D281
IP
31.172.81.159:443
ASN
#44066 firstcolo GmbH

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint9F:E0:4A:B3:57:B0:3C:3E:13:7F:9F:FF:82:A2:91:87:45:9F:A4:7F
ValidityThu, 28 Mar 2024 09:09:43 GMT - Wed, 26 Jun 2024 09:09:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sap1&uid=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 May 2024 13:43:35 GMT
Content-Length: 0
Connection: close
Set-Cookie: suuid3=IiQ0ZGY5OTFiYS0wYTFjLTExZWYtOWI3Yi0wMDI1OTBjODI0MzY*; Path=/; Expires=Fri, 29 Apr 2044 13:43:35 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARiH99ixBmIgMDUwMDAwN0Y4NjNCMzY2NkZFMzQ4RjQxMDJFMUQyODGiARBN-ZG6ChwR75t7ACWQyCQ2
ETag: 4df991ba-0a1c-11ef-9b7b-002590c82436
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

exchange.buzzoola.com/cookiesync/dsp/sape-banner?uid=0500007F863B3666FE348F4102E1D281&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126

144.76.119.17

307 Temporary Redirect

269 B

URL GET HTTP/2
exchange.buzzoola.com/cookiesync/dsp/sape-banner?uid=0500007F863B3666FE348F4102E1D281&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126
IP
144.76.119.17:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
269 B (269 bytes)
Hash
ebeebec35f8f2d81abf33f7b01b56c09
25d33bc284f9b391bb1794200fd3153fdf3ee4fd
a2555e1faed4ef9875c7f2eccb7d8ca0a6dd6a6e5c5d93777062a2cd95f0e69e

HTTP Headers

GET /cookiesync/dsp/sape-banner?uid=0500007F863B3666FE348F4102E1D281&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126 HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
server: nginx
date: Sat, 04 May 2024 13:43:35 GMT
content-type: text/html; charset=utf-8
content-length: 269
location: /cookiesync/dsp/sape-banner?set_buzzoola_cookie=t&uid=0500007F863B3666FE348F4102E1D281&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126
set-cookie: uuid=e4e8c95e-696b-473e-6718-182bbc5594ed; Path=/; Domain=buzzoola.com; Expires=Mon, 03 Jun 2024 13:43:35 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2

match.new-programmatic.com/userbind?src=sape&id=0500007F863B3666FE348F4102E1D281

217.65.2.150

204 No Content

0 B

URL GET HTTP/1.1
match.new-programmatic.com/userbind?src=sape&id=0500007F863B3666FE348F4102E1D281
IP
217.65.2.150:443
ASN
#3175 Citytelecom LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subjectnew-programmatic.com
FingerprintDC:66:9C:C9:66:1A:E4:EF:2D:CF:20:88:F1:EB:C8:72:0E:CE:CD:2D
ValidityThu, 04 Apr 2024 19:59:41 GMT - Wed, 03 Jul 2024 19:59:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userbind?src=sape&id=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Sat, 04 May 2024 13:43:35 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

s.uuidksinc.net/match/396/?remote_uid=0500007F863B3666FE348F4102E1D281

31.220.27.155

302 Found

0 B

URL GET HTTP/2
s.uuidksinc.net/match/396/?remote_uid=0500007F863B3666FE348F4102E1D281
IP
31.220.27.155:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subjectuuidksinc.net
Fingerprint60:4F:7E:0B:93:FF:04:3B:02:AF:A2:9C:5C:5D:D8:F5:78:B9:39:3A
ValidityFri, 08 Mar 2024 23:20:32 GMT - Thu, 06 Jun 2024 23:20:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/396/?remote_uid=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.23.2
date: Sat, 04 May 2024 13:43:35 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=Dn6BgqvhV1MIgDlG7iJP
set-cookie: jcsuuid=Dn6BgqvhV1MIgDlG7iJP; expires=Sun, 04 May 2025 13:43:35 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

pix.bumlam.com/sync/sape/check?sspuid=0500007F863B3666FE348F4102E1D281

31.172.81.160

302 Found

0 B

URL GET HTTP/1.1
pix.bumlam.com/sync/sape/check?sspuid=0500007F863B3666FE348F4102E1D281
IP
31.172.81.160:443
ASN
#44066 firstcolo GmbH

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint9F:E0:4A:B3:57:B0:3C:3E:13:7F:9F:FF:82:A2:91:87:45:9F:A4:7F
ValidityThu, 28 Mar 2024 09:09:43 GMT - Wed, 26 Jun 2024 09:09:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/sape/check?sspuid=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 13:43:35 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape

sync.upravel.com/sape/sync

195.201.193.165

302 Found

0 B

URL GET HTTP/2
sync.upravel.com/sape/sync
IP
195.201.193.165:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerGlobalSign nv-sa
Subject*.upravel.com
Fingerprint4C:ED:03:57:58:43:18:2C:CC:41:F3:3B:19:72:75:BD:29:C1:04:08
ValiditySat, 29 Apr 2023 07:48:21 GMT - Thu, 30 May 2024 07:48:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 13:43:35 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1714830215547;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1714830215547;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D

167.235.10.91

302 Found

0 B

URL GET HTTP/1.1
match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D
IP
167.235.10.91:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subjectmatch.ohmy.bid
Fingerprint93:CC:18:6B:4E:10:D1:20:7F:8C:75:21:78:30:60:00:A2:B6:B0:39
ValiditySat, 23 Mar 2024 20:09:13 GMT - Fri, 21 Jun 2024 20:09:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cm?ssp=sape&redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D HTTP/1.1
Host: match.ohmy.bid
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 13:43:35 GMT
Content-Length: 0
Connection: keep-alive
Bidder: bid-14 1.1542.871fc768
Location: https://mc.acint.net/match?dp=217&euid=a39cce4e-01e3-4ef9-ac07-65c0712bee18
Set-Cookie: uid=a39cce4e-01e3-4ef9-ac07-65c0712bee18.66363b87.14b3e1230ba46849; domain=.ohmy.bid; path=/; expires=Mon, 03-Jun-2024 13:43:35 GMT; SameSite=None; Secure;
Access-Control-Allow-Credentials: true

www.acint.net/match?dp=98&euid=09b1353a-94a7-49b2-81ae-88e38eb8598a

193.3.184.131

302 Found

154 B

URL GET HTTP/2
www.acint.net/match?dp=98&euid=09b1353a-94a7-49b2-81ae-88e38eb8598a
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /match?dp=98&euid=09b1353a-94a7-49b2-81ae-88e38eb8598a HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 13:43:35 GMT
content-type: text/html
content-length: 154
location: https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
set-cookie: cSyncDp14v4=1714830215; expires=Mon, 03-Jun-24 13:43:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sync.programmatica.com/match/01

158.160.128.78

200 OK

43 B

URL GET HTTP/2
sync.programmatica.com/match/01
IP
158.160.128.78:443
ASN
#200350 Yandex.Cloud LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subjectsync.programmatica.com
Fingerprint4A:E3:48:0E:7D:F3:3F:AA:D4:E0:E7:46:CC:AF:29:0A:F0:5A:C2:57
ValiditySun, 24 Mar 2024 10:21:50 GMT - Sat, 22 Jun 2024 10:21:49 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /match/01 HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 13:43:35 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

ssp.bidvol.com/usersync?dspcsid=8&redirect=1

65.109.65.187

302 Found

154 B

URL GET HTTP/2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP
65.109.65.187:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subjectssp.bidvol.com
Fingerprint34:B1:B5:9C:6B:A0:B1:69:EE:36:11:6C:B8:F9:7A:93:54:67:DF:82
ValidityFri, 03 May 2024 12:01:30 GMT - Thu, 01 Aug 2024 12:01:29 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.22.0
date: Sat, 04 May 2024 13:43:35 GMT
x-request-id: 4c3289c0-f1c9-48b9-bd24-db2796ab1d32
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
set-cookie: bvuid=1assxbfjt0; Max-Age=2147483647; Domain=.bidvol.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=1assxbfjt0; Max-Age=2147483647; Domain=.bidvol.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
location: https://www.acint.net/match?dp=129&euid=1assxbfjt0
X-Firefox-Spdy: h2

acint.net/match?dp=14&euid=1203420A873B36660C00643E0294A2BE

193.3.184.131

200 OK

43 B

URL GET HTTP/2
acint.net/match?dp=14&euid=1203420A873B36660C00643E0294A2BE
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=14&euid=1203420A873B36660C00643E0294A2BE HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 13:43:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/oci/?v=0.7.0&uid=e92127bb-9f5e-43a7-bcbc-2cbe2214e7da&dp=10&tz=%2B00%3A00&nc=701954&oid=9ff350b615091c0f6cbf094af0928028

193.3.184.131

200 OK

43 B

URL GET HTTP/2
www.acint.net/oci/?v=0.7.0&uid=e92127bb-9f5e-43a7-bcbc-2cbe2214e7da&dp=10&tz=%2B00%3A00&nc=701954&oid=9ff350b615091c0f6cbf094af0928028
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /oci/?v=0.7.0&uid=e92127bb-9f5e-43a7-bcbc-2cbe2214e7da&dp=10&tz=%2B00%3A00&nc=701954&oid=9ff350b615091c0f6cbf094af0928028 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 13:43:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

nr.bidderstack.com/sape/cm?user_id=0500007F863B3666FE348F4102E1D281

167.235.186.124

302 Found

0 B

URL GET HTTP/1.1
nr.bidderstack.com/sape/cm?user_id=0500007F863B3666FE348F4102E1D281
IP
167.235.186.124:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerGoDaddy.com, Inc.
Subject*.bidderstack.com
Fingerprint7A:83:29:BF:37:01:78:02:DF:C1:07:D8:A2:10:AB:0A:DD:11:66:B0
ValidityTue, 21 Nov 2023 08:57:57 GMT - Sun, 22 Dec 2024 08:57:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/cm?user_id=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 13:43:35 GMT
Content-Length: 0
Connection: keep-alive
Location: /sape/cm?user_id=0500007F863B3666FE348F4102E1D281&pupa=1
Set-Cookie: pupa=187da8a4-5e7b-8768-ed39-68cc113f0aec; domain=.bidderstack.com; path=/; expires=Sun, 04-May-2025 13:43:35 GMT;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

cs.agency2.ru/p?ssp=sp&uid=0500007F863B3666FE348F4102E1D281

23.111.107.44

301 Moved Permanently

0 B

URL GET HTTP/1.1
cs.agency2.ru/p?ssp=sp&uid=0500007F863B3666FE348F4102E1D281
IP
23.111.107.44:443
ASN
#39134 Edinaya Set Limited Liability Company

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subjectapi.agency2.ru
Fingerprint02:6A:FB:9D:0A:83:4C:93:CA:FA:19:3D:E7:2F:70:6A:A8:40:97:BE
ValiditySun, 14 Apr 2024 23:34:36 GMT - Sat, 13 Jul 2024 23:34:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sp&uid=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Sat, 04 May 2024 13:43:35 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=100b9ad1-4aa2-42c6-b9a0-f46467cffbb4
Set-Cookie: uuid=100b9ad1-4aa2-42c6-b9a0-f46467cffbb4; expires=Fri, 25 Apr 2025 13:43:35 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44

sync.gonet-ads.com/match/sape.js?id=0500007F863B3666FE348F4102E1D281

188.42.105.236

200 OK

43 B

URL GET HTTP/2
sync.gonet-ads.com/match/sape.js?id=0500007F863B3666FE348F4102E1D281
IP
188.42.105.236:443
ASN
#7979 SERVERS-COM

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerSectigo Limited
Subject*.gonet-ads.com
Fingerprint2B:BE:BF:75:0A:67:AA:2D:FA:0A:7F:92:F4:37:AE:9B:DD:47:68:2D
ValidityWed, 07 Jun 2023 00:00:00 GMT - Tue, 11 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /match/sape.js?id=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: sync.gonet-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 13:43:35 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

sync.adspend.space/sape?uid=0500007F863B3666FE348F4102E1D281

172.67.168.127

302 Found

1.6 kB

URL GET HTTP/2
sync.adspend.space/sape?uid=0500007F863B3666FE348F4102E1D281
IP
172.67.168.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerGoogle Trust Services LLC
Subjectadspend.space
Fingerprint86:42:73:83:B4:96:F1:E2:8E:8F:5F:67:2B:A5:20:3C:AE:F0:FE:57
ValiditySat, 16 Mar 2024 00:50:56 GMT - Fri, 14 Jun 2024 00:50:55 GMT

File type
data
Size
1.6 kB (1586 bytes)
Hash
f2abd46c8651d76ea987119a35d608ba
9185cbcea6a6d09a46886ca4d2098acaae1e8ea4
0b1c6256d6f6b4566c9df9ed173aca70408690a01307399ec032da8e6d38eb5c

HTTP Headers

GET /sape?uid=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 04 May 2024 13:43:35 GMT
content-type: text/html; charset=utf-8
location: https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D09b1353a-94a7-49b2-81ae-88e38eb8598a
set-cookie: as-user=09b1353a-94a7-49b2-81ae-88e38eb8598a; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZoathlQzvsT7TB69idobWKVMWMBtLXId6L0i1OEYQn52nJmQ77zueI4JaCE%2FaJ4GeHmk%2FhsSG0yFkd5Ra9qCYy8VZtmPUGU%2BF%2BLOjWnjm8Ok%2Fb9Vw5PaOBBfyvZEMZndy1h%2BdbY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8ebad0b915684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

kimberlite.io/rtb/sync/sape2?u=0500007F863B3666FE348F4102E1D281

217.199.220.44

307 Temporary Redirect

0 B

URL GET HTTP/1.1
kimberlite.io/rtb/sync/sape2?u=0500007F863B3666FE348F4102E1D281
IP
217.199.220.44:443
ASN
#61400 Start LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerGlobalSign nv-sa
Subject*.kimberlite.io
Fingerprint27:9B:57:5F:3C:19:A5:31:A3:1B:E6:A4:8E:CF:2F:73:78:4E:46:C1
ValidityThu, 29 Feb 2024 12:20:14 GMT - Tue, 01 Apr 2025 12:20:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rtb/sync/sape2?u=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Sat, 04 May 2024 13:43:35 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: u=ZjY7h3stUD8~XyghKPj3rJ5SpsnC3kZVdipnML0; path=/; max-age=7776000; samesite=none; httponly; secure
as=OFrH4WY2O4c; max-age=604800; samesite=none; httponly; secure
f=https%3A%2F%2Fwww.acint.net%2Frmatch%3Fdp%3D243%26euid%3DZjY7h3stUD8%26r%3Dhttps%253A%252F%252Facint.net%252Fcmatch%253Fdp%253D243; max-age=30; samesite=none; httponly; secure
n=1; max-age=30; samesite=none; httponly; secure
location: https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZjY7h3stUD8
referrer-policy: no-referrer
server-timing: app;srv=6;dur=0.0002

sync.opendsp.ru/match/sape_ex?id=0500007F863B3666FE348F4102E1D281

82.148.20.186

200 OK

43 B

URL GET HTTP/2
sync.opendsp.ru/match/sape_ex?id=0500007F863B3666FE348F4102E1D281
IP
82.148.20.186:443
ASN
#50340 OOO Network of data-centers Selectel

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subjectsync.opendsp.ru
Fingerprint61:B4:DA:9F:EB:AB:9D:73:4C:76:FB:7C:3B:0B:80:A4:0F:14:18:28
ValidityThu, 04 Apr 2024 10:36:13 GMT - Wed, 03 Jul 2024 10:36:12 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /match/sape_ex?id=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: sync.opendsp.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 13:43:35 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

pixel.dsp.onetarget.ru/sape/pixel?id=0500007F863B3666FE348F4102E1D281

130.193.53.230

302 Found

0 B

URL GET HTTP/2
pixel.dsp.onetarget.ru/sape/pixel?id=0500007F863B3666FE348F4102E1D281
IP
130.193.53.230:443
ASN
#200350 Yandex.Cloud LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subjectpixel.dsp.onetarget.ru
FingerprintC3:A5:98:2E:46:6A:1A:4F:85:6D:4A:FE:11:88:B1:D1:5F:AE:43:DD
ValidityFri, 15 Mar 2024 12:44:47 GMT - Thu, 13 Jun 2024 12:44:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/pixel?id=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: pixel.dsp.onetarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 04 May 2024 13:43:35 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=5813217&id=d6a336ca-b679-495b-ac56-5a8db02374f3
set-cookie: USER_ID=d6a336ca-b679-495b-ac56-5a8db02374f3;max-age=2147483647;Secure;HttpOnly;SameSite=None
SAPE_USER_ID=0500007F863B3666FE348F4102E1D281;max-age=30758400;Secure;HttpOnly;SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
X-Firefox-Spdy: h2

ssp.al-adtech.com/api/sync/sape

45.139.25.124

302 Found

0 B

URL GET HTTP/1.1
ssp.al-adtech.com/api/sync/sape
IP
45.139.25.124:443
ASN
#34959 Kviktel LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.al-adtech.com
Fingerprint09:19:46:AF:0C:12:1A:6D:06:41:56:6B:AF:2F:C2:69:A3:3F:1A:37
ValidityMon, 15 Apr 2024 04:45:07 GMT - Sun, 14 Jul 2024 04:45:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/sync/sape HTTP/1.1
Host: ssp.al-adtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Sat, 04 May 2024 13:43:35 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Allow-Origin: 
Access-Control-Allow-Credentials: true
Location: https://mc.acint.net/rmatch?dp=261&euid=18adeadd-d770-4493-80ac-a180a7fb3ecd&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261
Set-Cookie: afp_cookie=gAAAAABmNjuH87oLr9pIhoOIOBiC7HjtjyiiftbM1HpzTd2JYW1IZz9wdMcNlRHKRqt2dAGiPgCWWEilvKsJay8rBReNQSSXdF-yKF0kFEDSI2yuLYImlVi51e9vYdMSr5ychFsDeAfDGCXHV5ij6wZkPSqgCE68DckcLkrIxWfiqugnJluwqwDOdFS8NwaoAarhhAWoISHxIKhCYZy8TVNwrp7jCJpbrA==$; expires=Tue, 04 Jun 2024 13:43:35 GMT; path=/; secure; SameSite=None

sync.bumlam.com/?src=sap1&s_data=CAIQARiH99ixBmIgMDUwMDAwN0Y4NjNCMzY2NkZFMzQ4RjQxMDJFMUQyODGiARBN-ZG6ChwR75t7ACWQyCQ2

31.172.81.160

200 OK

0 B

URL GET HTTP/1.1
sync.bumlam.com/?src=sap1&s_data=CAIQARiH99ixBmIgMDUwMDAwN0Y4NjNCMzY2NkZFMzQ4RjQxMDJFMUQyODGiARBN-ZG6ChwR75t7ACWQyCQ2
IP
31.172.81.160:443
ASN
#44066 firstcolo GmbH

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint9F:E0:4A:B3:57:B0:3C:3E:13:7F:9F:FF:82:A2:91:87:45:9F:A4:7F
ValidityThu, 28 Mar 2024 09:09:43 GMT - Wed, 26 Jun 2024 09:09:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sap1&s_data=CAIQARiH99ixBmIgMDUwMDAwN0Y4NjNCMzY2NkZFMzQ4RjQxMDJFMUQyODGiARBN-ZG6ChwR75t7ACWQyCQ2 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiQ0ZGY5OTFiYS0wYTFjLTExZWYtOWI3Yi0wMDI1OTBjODI0MzY*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 13:43:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: close
Set-Cookie: suuid3=IiQ0ZGY5OTFiYS0wYTFjLTExZWYtOWI3Yi0wMDI1OTBjODI0MzY*; Path=/; Expires=Fri, 29 Apr 2044 13:43:35 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

exchange.buzzoola.com/cookiesync/dsp/sape-banner?set_buzzoola_cookie=t&uid=0500007F863B3666FE348F4102E1D281&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126

144.76.119.17

302 Found

156 B

URL GET HTTP/2
exchange.buzzoola.com/cookiesync/dsp/sape-banner?set_buzzoola_cookie=t&uid=0500007F863B3666FE348F4102E1D281&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126
IP
144.76.119.17:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
156 B (156 bytes)
Hash
1e62047da13bc3248af054571a2bef98
0a1c239e255c4a86a8688f74c54ddce1a407d5dc
2307126d098d9ca95a44d51c8c9eabec69e4a78c565c8e5c9a88e5200080e539

HTTP Headers

GET /cookiesync/dsp/sape-banner?set_buzzoola_cookie=t&uid=0500007F863B3666FE348F4102E1D281&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126 HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: uuid=e4e8c95e-696b-473e-6718-182bbc5594ed
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 13:43:35 GMT
content-type: text/html; charset=utf-8
content-length: 156
location: https://mc.acint.net/rmatch?dp=126&euid=e4e8c95e-696b-473e-6718-182bbc5594ed&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126
serverid: TODO
X-Firefox-Spdy: h2

sync.dsp.solta.io/match/sape?id=0500007F863B3666FE348F4102E1D281

217.199.220.73

200 OK

43 B

URL GET HTTP/2
sync.dsp.solta.io/match/sape?id=0500007F863B3666FE348F4102E1D281
IP
217.199.220.73:443
ASN
#61400 Start LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerGlobalSign nv-sa
Subject*.dsp.solta.io
Fingerprint6D:7F:91:92:30:E1:6A:A0:9B:86:49:7A:21:7F:5B:A4:23:8F:92:BC
ValidityWed, 02 Aug 2023 16:38:38 GMT - Mon, 02 Sep 2024 16:38:37 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /match/sape?id=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: sync.dsp.solta.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 13:43:35 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

www.acint.net/match?dp=127&euid=Dn6BgqvhV1MIgDlG7iJP

193.3.184.131

200 OK

43 B

URL GET HTTP/2
www.acint.net/match?dp=127&euid=Dn6BgqvhV1MIgDlG7iJP
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=127&euid=Dn6BgqvhV1MIgDlG7iJP HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 13:43:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css

142.250.74.99

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/bframe?hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
ASCII text, with very long lines (56412), with no line terminators
Size
25 kB (24617 bytes)
Hash
2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 23:24:54 GMT
expires: Fri, 02 May 2025 23:24:54 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/css
vary: Accept-Encoding
age: 137921
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0

195.201.193.165

302 Found

0 B

URL GET HTTP/2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP
195.201.193.165:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerGlobalSign nv-sa
Subject*.upravel.com
Fingerprint4C:ED:03:57:58:43:18:2C:CC:41:F3:3B:19:72:75:BD:29:C1:04:08
ValiditySat, 29 Apr 2023 07:48:21 GMT - Thu, 30 May 2024 07:48:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: session_tptc=1714830215547
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 13:43:35 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=94e8e999-f752-4ded-b10c-c79bcc45051d;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=94e8e999-f752-4ded-b10c-c79bcc45051d;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/rmatch?dp=71&euid=94e8e999-f752-4ded-b10c-c79bcc45051d&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14

193.3.184.212

302 Moved Temporarily

142 B

URL GET HTTP/1.1
ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14
IP
193.3.184.212:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.sape.ru
Fingerprint73:95:22:E3:B6:12:3E:90:3A:10:10:DC:38:ED:28:2D:82:7B:EB:E2
ValidityWed, 10 Apr 2024 03:20:28 GMT - Tue, 09 Jul 2024 03:20:27 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14 HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: sspuid=CkIDEmY2O4c+ZAAMvqKUArvX8n5hoMTcsIRTgVf9jbD2FlZh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sat, 04 May 2024 13:43:35 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=1203420A873B36660C00643E0294A2BE
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0

mc.acint.net/rmatch?dp=110&euid=887fb1ebfad842359f93f8e9fe7dc2fb&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D110

193.3.184.131

302 Found

154 B

URL GET HTTP/2
mc.acint.net/rmatch?dp=110&euid=887fb1ebfad842359f93f8e9fe7dc2fb&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D110
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=110&euid=887fb1ebfad842359f93f8e9fe7dc2fb&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D110 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 13:43:35 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=110
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/match?dp=217&euid=a39cce4e-01e3-4ef9-ac07-65c0712bee18

193.3.184.131

200 OK

43 B

URL GET HTTP/2
mc.acint.net/match?dp=217&euid=a39cce4e-01e3-4ef9-ac07-65c0712bee18
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=217&euid=a39cce4e-01e3-4ef9-ac07-65c0712bee18 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 13:43:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14

193.3.184.212

302 Moved Temporarily

142 B

URL GET HTTP/1.1
ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14
IP
193.3.184.212:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.sape.ru
Fingerprint73:95:22:E3:B6:12:3E:90:3A:10:10:DC:38:ED:28:2D:82:7B:EB:E2
ValidityWed, 10 Apr 2024 03:20:28 GMT - Tue, 09 Jul 2024 03:20:27 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14 HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: sspuid=CkIDEmY2O4c+ZAAMvqKUArvX8n5hoMTcsIRTgVf9jbD2FlZh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sat, 04 May 2024 13:43:35 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=1203420A873B36660C00643E0294A2BE
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0

ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D95%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D95%26euid%3D

83.222.96.170

302 Found

126 B

URL GET HTTP/2
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D95%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D95%26euid%3D
IP
83.222.96.170:443
ASN
#42632 MnogoByte LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerGlobalSign nv-sa
Subject*.bestssp.com
Fingerprint25:15:42:2E:1C:54:0F:74:CF:89:02:5A:5E:AC:98:DA:1C:34:B3:B3
ValidityMon, 24 Jul 2023 17:15:54 GMT - Sat, 24 Aug 2024 17:15:53 GMT

File type
HTML document, ASCII text
Size
126 B (126 bytes)
Hash
f8974b9e9edb03879d8accc223b74f36
b6f9a78b5fd146ddfcf2029972d73c661fa091b7
0e6b86a39d752cd24f5a54c07db28d566754791f076530ed67f7e7b484c6214f

HTTP Headers

GET /sspmatch?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D95%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.22.0
date: Sat, 04 May 2024 13:43:35 GMT
content-type: text/html; charset=utf-8
content-length: 126
location: https://mc.acint.net/rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=HCUWADHN
set-cookie: uid=HCUWADHN; Expires=Tue, 02 May 2034 13:43:35 GMT
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__ru.js

142.250.74.99

200 OK

209 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__ru.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/bframe?hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (873)
Size
209 kB (209260 bytes)
Hash
b8236cd6f4e5e87ab16b8047278c56f7
ff06d09b3687e2e9770c9325ae094bb08a724128
0a58dfa276432686dba854d707d329d5ccfbee43fc859c36220dc6c75c01ee01

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__ru.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 209260
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 12:30:03 GMT
expires: Fri, 02 May 2025 12:30:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 177212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

sync.bumlam.com/?src=sape

31.172.81.160

302 Moved Temporarily

0 B

URL GET HTTP/1.1
sync.bumlam.com/?src=sape
IP
31.172.81.160:443
ASN
#44066 firstcolo GmbH

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint9F:E0:4A:B3:57:B0:3C:3E:13:7F:9F:FF:82:A2:91:87:45:9F:A4:7F
ValidityThu, 28 Mar 2024 09:09:43 GMT - Wed, 26 Jun 2024 09:09:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiQ0ZGY5OTFiYS0wYTFjLTExZWYtOWI3Yi0wMDI1OTBjODI0MzY*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 May 2024 13:43:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: close
Set-Cookie: suuid3=IiQ0ZGY5OTFiYS0wYTFjLTExZWYtOWI3Yi0wMDI1OTBjODI0MzY*; Path=/; Expires=Fri, 29 Apr 2044 13:43:35 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=4df991ba-0a1c-11ef-9b7b-002590c82436
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true

gw-iad-bid.ymmobi.com/dsp/user/sync?dspid=c2FwZV9kc3A=&gdpr=0&gdpr_consent=0&us_privacy=0&callback=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D293%26euid%3D%7Bym_user_id%7D

47.253.61.56

302 Found

0 B

URL GET HTTP/2
gw-iad-bid.ymmobi.com/dsp/user/sync?dspid=c2FwZV9kc3A=&gdpr=0&gdpr_consent=0&us_privacy=0&callback=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D293%26euid%3D%7Bym_user_id%7D
IP
47.253.61.56:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerDigiCert, Inc.
Subject*.ymmobi.com
FingerprintAA:CB:8B:48:C7:AB:0D:56:82:39:63:A5:E1:5E:34:8B:62:7B:6F:52
ValiditySun, 04 Feb 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dsp/user/sync?dspid=c2FwZV9kc3A=&gdpr=0&gdpr_consent=0&us_privacy=0&callback=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D293%26euid%3D%7Bym_user_id%7D HTTP/1.1
Host: gw-iad-bid.ymmobi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 04 May 2024 13:43:35 GMT
content-length: 0
location: https://mc.acint.net/match?dp=293&euid=ym_user_e55807bb-fd95-492b-83c7-ed68f6ef2167
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
access-control-allow-credentials: true
set-cookie: ym_user_cookie=ym_user_e55807bb-fd95-492b-83c7-ed68f6ef2167; max-age=31104000; domain=ymmobi.com; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

adx.com.ru/sape-sync?uid=0500007F863B3666FE348F4102E1D281

83.222.105.118

302 Found

85 B

URL GET HTTP/2
adx.com.ru/sape-sync?uid=0500007F863B3666FE348F4102E1D281
IP
83.222.105.118:443
ASN
#42632 MnogoByte LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerGlobalSign nv-sa
Subject*.adx.com.ru
FingerprintB6:86:21:C8:F9:AF:00:9E:42:EC:E3:77:AC:A3:5B:2B:E7:C4:46:B3
ValidityFri, 26 May 2023 11:44:59 GMT - Wed, 26 Jun 2024 11:44:58 GMT

File type
HTML document, ASCII text
Size
85 B (85 bytes)
Hash
11d973351069b804a10baf5692d7ea28
0cd4b3d5931253ba6ecf08cce283d4e05687936f
b0879196311eae9d64fbd8ad07fd12653e0b95a1145e66eb3d889dc3b5fcbd04

HTTP Headers

GET /sape-sync?uid=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: adx.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.26.0
date: Sat, 04 May 2024 13:43:35 GMT
content-type: text/html; charset=utf-8
content-length: 85
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
location: /sync?sspKey=25&sspUserID=0500007F863B3666FE348F4102E1D281
p3p: CP="adx.com.ru does not have a P3P policy"
set-cookie: user=66363b87991c7a0001cf0318; Path=/; Domain=adx.com.ru; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2

www.acint.net/match?dp=186&euid=100b9ad1-4aa2-42c6-b9a0-f46467cffbb4

193.3.184.131

200 OK

43 B

URL GET HTTP/2
www.acint.net/match?dp=186&euid=100b9ad1-4aa2-42c6-b9a0-f46467cffbb4
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=186&euid=100b9ad1-4aa2-42c6-b9a0-f46467cffbb4 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 13:43:36 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/rmatch?dp=261&euid=18adeadd-d770-4493-80ac-a180a7fb3ecd&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261

193.3.184.131

302 Found

154 B

URL GET HTTP/2
mc.acint.net/rmatch?dp=261&euid=18adeadd-d770-4493-80ac-a180a7fb3ecd&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=261&euid=18adeadd-d770-4493-80ac-a180a7fb3ecd&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 13:43:36 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=261
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/rmatch?dp=126&euid=e4e8c95e-696b-473e-6718-182bbc5594ed&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126

193.3.184.131

302 Found

154 B

URL GET HTTP/2
mc.acint.net/rmatch?dp=126&euid=e4e8c95e-696b-473e-6718-182bbc5594ed&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=126&euid=e4e8c95e-696b-473e-6718-182bbc5594ed&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 13:43:36 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=126
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

pix.bumlam.com/sync/sape/sync_ok?guid=4df991ba-0a1c-11ef-9b7b-002590c82436

31.172.81.160

302 Found

0 B

URL GET HTTP/1.1
pix.bumlam.com/sync/sape/sync_ok?guid=4df991ba-0a1c-11ef-9b7b-002590c82436
IP
31.172.81.160:443
ASN
#44066 firstcolo GmbH

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint9F:E0:4A:B3:57:B0:3C:3E:13:7F:9F:FF:82:A2:91:87:45:9F:A4:7F
ValidityThu, 28 Mar 2024 09:09:43 GMT - Wed, 26 Jun 2024 09:09:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/sape/sync_ok?guid=4df991ba-0a1c-11ef-9b7b-002590c82436 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiQ0ZGY5OTFiYS0wYTFjLTExZWYtOWI3Yi0wMDI1OTBjODI0MzY*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 13:43:36 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://4df991ba-0a1c-11ef-9b7b-002590c82436.n2.sync.bumlam.com/?src=sape

acint.net/match?dp=14&euid=1203420A873B36660C00643E0294A2BE

193.3.184.131

200 OK

43 B

URL GET HTTP/2
acint.net/match?dp=14&euid=1203420A873B36660C00643E0294A2BE
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=14&euid=1203420A873B36660C00643E0294A2BE HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 13:43:36 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/rmatch?dp=71&euid=94e8e999-f752-4ded-b10c-c79bcc45051d&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71

193.3.184.131

302 Found

154 B

URL GET HTTP/2
www.acint.net/rmatch?dp=71&euid=94e8e999-f752-4ded-b10c-c79bcc45051d&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=71&euid=94e8e999-f752-4ded-b10c-c79bcc45051d&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 13:43:36 GMT
content-type: text/html
content-length: 154
location: https://acint.net/cmatch?dp=71
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

acint.net/match?dp=14&euid=1203420A873B36660C00643E0294A2BE

193.3.184.131

200 OK

43 B

URL GET HTTP/2
acint.net/match?dp=14&euid=1203420A873B36660C00643E0294A2BE
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=14&euid=1203420A873B36660C00643E0294A2BE HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 13:43:36 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/match?dp=293&euid=ym_user_e55807bb-fd95-492b-83c7-ed68f6ef2167

193.3.184.131

200 OK

43 B

URL GET HTTP/2
mc.acint.net/match?dp=293&euid=ym_user_e55807bb-fd95-492b-83c7-ed68f6ef2167
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=293&euid=ym_user_e55807bb-fd95-492b-83c7-ed68f6ef2167 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 13:43:36 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/cmatch?dp=110

193.3.184.131

302 Found

154 B

URL GET HTTP/2
mc.acint.net/cmatch?dp=110
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /cmatch?dp=110 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 13:43:36 GMT
content-type: text/html
content-length: 154
location: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0500007F863B3666FE348F4102E1D281
set-cookie: cSyncDp7v3=1714830216; expires=Mon, 03-Jun-24 13:43:36 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=HCUWADHN

193.3.184.131

302 Found

154 B

URL GET HTTP/2
mc.acint.net/rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=HCUWADHN
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=HCUWADHN HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 13:43:36 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=95
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

adx.com.ru/sync?sspKey=25&sspUserID=0500007F863B3666FE348F4102E1D281

83.222.105.118

302 Found

231 B

URL GET HTTP/2
adx.com.ru/sync?sspKey=25&sspUserID=0500007F863B3666FE348F4102E1D281
IP
83.222.105.118:443
ASN
#42632 MnogoByte LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerGlobalSign nv-sa
Subject*.adx.com.ru
FingerprintB6:86:21:C8:F9:AF:00:9E:42:EC:E3:77:AC:A3:5B:2B:E7:C4:46:B3
ValidityFri, 26 May 2023 11:44:59 GMT - Wed, 26 Jun 2024 11:44:58 GMT

File type
HTML document, ASCII text
Size
231 B (231 bytes)
Hash
698e40e447b1f51962bad276841f83f4
06c18bf1fe32071815e2076bdeb524f692905a38
cdd1e9148bd5094b32666357fc43d8137479e55d16312bbd581b3d2444b3a46f

HTTP Headers

GET /sync?sspKey=25&sspUserID=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: adx.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: user=66363b87991c7a0001cf0318
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx/1.26.0
date: Sat, 04 May 2024 13:43:36 GMT
content-type: text/html; charset=utf-8
content-length: 231
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D66363b87991c7a0001cf0318%2526r%253D%26webouid%3D{WEBO_CID}
p3p: CP="adx.com.ru does not have a P3P policy"
X-Firefox-Spdy: h2

mc.acint.net/cmatch?dp=126

193.3.184.131

302 Found

154 B

URL GET HTTP/2
mc.acint.net/cmatch?dp=126
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /cmatch?dp=126 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215; cSyncDp7v3=1714830216
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 13:43:36 GMT
content-type: text/html
content-length: 154
location: https://match.qtarget.tech/userbind?src=sape&id=0500007F863B3666FE348F4102E1D281
set-cookie: cSyncDp241v2=1714830216; expires=Mon, 03-Jun-24 13:43:36 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/cmatch?dp=261

193.3.184.131

302 Found

154 B

URL GET HTTP/2
mc.acint.net/cmatch?dp=261
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /cmatch?dp=261 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215; cSyncDp7v3=1714830216
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 13:43:36 GMT
content-type: text/html
content-length: 154
location: https://match.qtarget.tech/userbind?src=sape&id=0500007F863B3666FE348F4102E1D281
set-cookie: cSyncDp241v2=1714830216; expires=Mon, 03-Jun-24 13:43:36 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

acint.net/cmatch?dp=71

193.3.184.131

302 Found

154 B

URL GET HTTP/2
acint.net/cmatch?dp=71
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /cmatch?dp=71 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215; cSyncDp7v3=1714830216
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 13:43:36 GMT
content-type: text/html
content-length: 154
location: https://match.qtarget.tech/userbind?src=sape&id=0500007F863B3666FE348F4102E1D281
set-cookie: cSyncDp241v2=1714830216; expires=Mon, 03-Jun-24 13:43:36 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/cmatch?dp=95

193.3.184.131

302 Found

154 B

URL GET HTTP/2
mc.acint.net/cmatch?dp=95
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /cmatch?dp=95 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215; cSyncDp7v3=1714830216
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 13:43:36 GMT
content-type: text/html
content-length: 154
location: https://match.qtarget.tech/userbind?src=sape&id=0500007F863B3666FE348F4102E1D281
set-cookie: cSyncDp241v2=1714830216; expires=Mon, 03-Jun-24 13:43:36 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8&co=aHR0cHM6Ly92ZW50bC5ydTo0NDM.&hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=xzolqlx3caus
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 16:31:04 GMT
expires: Sat, 03 May 2025 16:31:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 76352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

216.58.207.227

200 OK

9.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8&co=aHR0cHM6Ly92ZW50bC5ydTo0NDM.&hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=xzolqlx3caus
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9832, version 1.0
Size
9.8 kB (9832 bytes)
Hash
efe937997e08e15b056a3643e2734636
d02decbf472a0928b054cc8e4b13684539a913db
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9832
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:47:22 GMT
expires: Fri, 02 May 2025 01:47:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
content-type: font/woff2
age: 215774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.99

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8&co=aHR0cHM6Ly92ZW50bC5ydTo0NDM.&hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=xzolqlx3caus
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 00:37:29 GMT
expires: Fri, 10 May 2024 00:37:29 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 133567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/js/bg/Ka1BqJ8qqr7GVFY8ckyfe5sDiZjR9d2vliJ-h9yILmk.js

142.250.74.100

200 OK

7.5 kB

URL GET HTTP/3
www.google.com/js/bg/Ka1BqJ8qqr7GVFY8ckyfe5sDiZjR9d2vliJ-h9yILmk.js
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8&co=aHR0cHM6Ly92ZW50bC5ydTo0NDM.&hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=xzolqlx3caus
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (17613)
Size
7.5 kB (7481 bytes)
Hash
3e99048a5a604ff3d779dbe93486bd78
02866f5b2fbbc54b30acae2e50461c46394c02c6
29ad41a89f2aaabec654563c724c9f7b9b038998d1f5ddaf96227e87dc882e69

HTTP Headers

GET /js/bg/Ka1BqJ8qqr7GVFY8ckyfe5sDiZjR9d2vliJ-h9yILmk.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8&co=aHR0cHM6Ly92ZW50bC5ydTo0NDM.&hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=xzolqlx3caus
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7481
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 21:21:00 GMT
expires: Fri, 02 May 2025 21:21:00 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Apr 2024 11:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 145356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__ru.js

142.250.74.99

200 OK

209 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__ru.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/bframe?hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (873)
Size
209 kB (209260 bytes)
Hash
b8236cd6f4e5e87ab16b8047278c56f7
ff06d09b3687e2e9770c9325ae094bb08a724128
0a58dfa276432686dba854d707d329d5ccfbee43fc859c36220dc6c75c01ee01

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__ru.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 209260
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 12:30:03 GMT
expires: Fri, 02 May 2025 12:30:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 177213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

4df991ba-0a1c-11ef-9b7b-002590c82436.n2.sync.bumlam.com/?src=sape

62.109.24.241

302 Found

0 B

URL GET HTTP/2
4df991ba-0a1c-11ef-9b7b-002590c82436.n2.sync.bumlam.com/?src=sape
IP
62.109.24.241:443
ASN
#29182 JSC IOT

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.n1.sync.bumlam.com
Fingerprint56:15:00:9D:2E:AA:5A:76:1C:B1:0B:D1:55:0B:30:25:EA:DA:C9:FA
ValidityTue, 12 Mar 2024 12:36:27 GMT - Mon, 10 Jun 2024 12:36:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape HTTP/1.1
Host: 4df991ba-0a1c-11ef-9b7b-002590c82436.n2.sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiQ0ZGY5OTFiYS0wYTFjLTExZWYtOWI3Yi0wMDI1OTBjODI0MzY*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.26.0
date: Sat, 04 May 2024 13:43:36 GMT
content-length: 0
location: https://pix.bumlam.com/sync/sape/done
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
X-Firefox-Spdy: h2

pix.bumlam.com/sync/sape/done

31.172.81.160

200 OK

43 B

URL GET HTTP/1.1
pix.bumlam.com/sync/sape/done
IP
31.172.81.160:443
ASN
#44066 firstcolo GmbH

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint9F:E0:4A:B3:57:B0:3C:3E:13:7F:9F:FF:82:A2:91:87:45:9F:A4:7F
ValidityThu, 28 Mar 2024 09:09:43 GMT - Wed, 26 Jun 2024 09:09:42 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiQ0ZGY5OTFiYS0wYTFjLTExZWYtOWI3Yi0wMDI1OTBjODI0MzY*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 13:43:36 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

match.qtarget.tech/userbind?src=sape&id=0500007F863B3666FE348F4102E1D281

95.163.92.180

204 No Content

0 B

URL GET HTTP/1.1
match.qtarget.tech/userbind?src=sape&id=0500007F863B3666FE348F4102E1D281
IP
95.163.92.180:443
ASN
#12695 LLC Digital Network

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subjectdsp.qtarget.tech
Fingerprint24:73:C6:BB:59:50:7A:E0:31:C6:8F:43:2D:DD:E3:63:4A:F7:F7:24
ValiditySun, 11 Feb 2024 18:29:31 GMT - Sat, 11 May 2024 18:29:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userbind?src=sape&id=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: match.qtarget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Sat, 04 May 2024 13:43:36 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

match.qtarget.tech/userbind?src=sape&id=0500007F863B3666FE348F4102E1D281

95.163.92.180

204 No Content

0 B

URL GET HTTP/1.1
match.qtarget.tech/userbind?src=sape&id=0500007F863B3666FE348F4102E1D281
IP
95.163.92.180:443
ASN
#12695 LLC Digital Network

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subjectdsp.qtarget.tech
Fingerprint24:73:C6:BB:59:50:7A:E0:31:C6:8F:43:2D:DD:E3:63:4A:F7:F7:24
ValiditySun, 11 Feb 2024 18:29:31 GMT - Sat, 11 May 2024 18:29:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userbind?src=sape&id=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: match.qtarget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Sat, 04 May 2024 13:43:36 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

match.qtarget.tech/userbind?src=sape&id=0500007F863B3666FE348F4102E1D281

95.163.92.180

204 No Content

0 B

URL GET HTTP/1.1
match.qtarget.tech/userbind?src=sape&id=0500007F863B3666FE348F4102E1D281
IP
95.163.92.180:443
ASN
#12695 LLC Digital Network

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subjectdsp.qtarget.tech
Fingerprint24:73:C6:BB:59:50:7A:E0:31:C6:8F:43:2D:DD:E3:63:4A:F7:F7:24
ValiditySun, 11 Feb 2024 18:29:31 GMT - Sat, 11 May 2024 18:29:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userbind?src=sape&id=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: match.qtarget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Sat, 04 May 2024 13:43:36 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

match.qtarget.tech/userbind?src=sape&id=0500007F863B3666FE348F4102E1D281

95.163.92.180

204 No Content

0 B

URL GET HTTP/1.1
match.qtarget.tech/userbind?src=sape&id=0500007F863B3666FE348F4102E1D281
IP
95.163.92.180:443
ASN
#12695 LLC Digital Network

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subjectdsp.qtarget.tech
Fingerprint24:73:C6:BB:59:50:7A:E0:31:C6:8F:43:2D:DD:E3:63:4A:F7:F7:24
ValiditySun, 11 Feb 2024 18:29:31 GMT - Sat, 11 May 2024 18:29:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userbind?src=sape&id=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: match.qtarget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Sat, 04 May 2024 13:43:36 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

www.google.com/recaptcha/api2/bframe?hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8

142.250.74.100

200 OK

26 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/bframe?hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
HTML document, ASCII text, with very long lines (56439)
Size
26 kB (25814 bytes)
Hash
f8b235b92058a87bf154fa53b96217b6
b79f51bf462f97c35120c02d12481e68fade5d30
dae88a0e0c9f96ca68145eca1c3cbab5031513853af3afe80b7b747306ee4d80

HTTP Headers

GET /recaptcha/api2/bframe?hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 13:43:37 GMT
content-security-policy: script-src 'nonce-t5yXDZhqcMzWpIq5KyhBpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__ru.js

142.250.74.99

200 OK

209 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__ru.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/bframe?hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (873)
Size
209 kB (209260 bytes)
Hash
b8236cd6f4e5e87ab16b8047278c56f7
ff06d09b3687e2e9770c9325ae094bb08a724128
0a58dfa276432686dba854d707d329d5ccfbee43fc859c36220dc6c75c01ee01

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__ru.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 209260
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 12:30:03 GMT
expires: Fri, 02 May 2025 12:30:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 177214
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

sync.dmp.otm-r.com/match/sape?id=0500007F863B3666FE348F4102E1D281

188.40.68.29

302 Found

96 B

URL GET HTTP/2
sync.dmp.otm-r.com/match/sape?id=0500007F863B3666FE348F4102E1D281
IP
188.40.68.29:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerGlobalSign nv-sa
Subject*.dmp.otm-r.com
FingerprintC6:A2:9D:82:0D:D1:C1:2D:A4:ED:7F:05:13:52:5B:94:6B:10:58:D6
ValidityMon, 19 Jun 2023 10:50:51 GMT - Sat, 20 Jul 2024 10:50:50 GMT

File type
HTML document, ASCII text
Size
96 B (96 bytes)
Hash
c415af9b93737da8e0d6f50647854b81
70fa38269109c060cc6e9eb4687f480a2cee40c0
022bdd4d4aeb39bcf902cc2fc3d6832d32e0ac55eedea23ae1f6d2fdd20737ce

HTTP Headers

GET /match/sape?id=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.21.0
date: Sat, 04 May 2024 13:43:37 GMT
content-type: text/html; charset=utf-8
content-length: 96
access-control-allow-origin: *
location: /match/sape?id=0500007F863B3666FE348F4102E1D281&otcm_check=1714830217
set-cookie: mpid=NjYzNjNiODkwMjBmNDcwNQ==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2

www.acint.net/ping/?v=0.7.0&uid=e92127bb-9f5e-43a7-bcbc-2cbe2214e7da&dp=10&tz=%2B00%3A00&nc=813197&dT=2024-05-04T13%3A43%3A37.858

193.3.184.131

200 OK

43 B

URL GET HTTP/2
www.acint.net/ping/?v=0.7.0&uid=e92127bb-9f5e-43a7-bcbc-2cbe2214e7da&dp=10&tz=%2B00%3A00&nc=813197&dT=2024-05-04T13%3A43%3A37.858
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /ping/?v=0.7.0&uid=e92127bb-9f5e-43a7-bcbc-2cbe2214e7da&dp=10&tz=%2B00%3A00&nc=813197&dT=2024-05-04T13%3A43%3A37.858 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215; cSyncDp7v3=1714830216; cSyncDp241v2=1714830216
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 13:43:37 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sync.dmp.otm-r.com/match/sape?id=0500007F863B3666FE348F4102E1D281&otcm_check=1714830217

188.40.68.29

302 Found

94 B

URL GET HTTP/2
sync.dmp.otm-r.com/match/sape?id=0500007F863B3666FE348F4102E1D281&otcm_check=1714830217
IP
188.40.68.29:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerGlobalSign nv-sa
Subject*.dmp.otm-r.com
FingerprintC6:A2:9D:82:0D:D1:C1:2D:A4:ED:7F:05:13:52:5B:94:6B:10:58:D6
ValidityMon, 19 Jun 2023 10:50:51 GMT - Sat, 20 Jul 2024 10:50:50 GMT

File type
HTML document, ASCII text
Size
94 B (94 bytes)
Hash
33a10afa35bfe0adb3434d1c209fc7de
f8c41a8fd29847687288a09524444c8b1b69faaf
229afce77da617fbcf93c311388f7d28d1df17fa43b40ca6a6ace9ce8a46f2bf

HTTP Headers

GET /match/sape?id=0500007F863B3666FE348F4102E1D281&otcm_check=1714830217 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: mpid=NjYzNjNiODkwMjBmNDcwNQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx/1.21.0
date: Sat, 04 May 2024 13:43:37 GMT
content-type: text/html; charset=utf-8
content-length: 94
access-control-allow-origin: *
location: https://www.acint.net/match?dp=68&euid=NjYzNjNiODkwMjBmNDcwNQ%3D%3D
set-cookie: mpid=NjYzNjNiODkwMjBmNDcwNQ==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2

www.acint.net/match?dp=68&euid=NjYzNjNiODkwMjBmNDcwNQ%3D%3D

193.3.184.131

200 OK

43 B

URL GET HTTP/2
www.acint.net/match?dp=68&euid=NjYzNjNiODkwMjBmNDcwNQ%3D%3D
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=68&euid=NjYzNjNiODkwMjBmNDcwNQ%3D%3D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215; cSyncDp7v3=1714830216; cSyncDp241v2=1714830216
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 13:43:37 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

nr.bidderstack.com/sape/cm?user_id=0500007F863B3666FE348F4102E1D281&pupa=1

167.235.186.124

302 Found

0 B

URL GET HTTP/1.1
nr.bidderstack.com/sape/cm?user_id=0500007F863B3666FE348F4102E1D281&pupa=1
IP
167.235.186.124:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerGoDaddy.com, Inc.
Subject*.bidderstack.com
Fingerprint7A:83:29:BF:37:01:78:02:DF:C1:07:D8:A2:10:AB:0A:DD:11:66:B0
ValidityTue, 21 Nov 2023 08:57:57 GMT - Sun, 22 Dec 2024 08:57:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/cm?user_id=0500007F863B3666FE348F4102E1D281&pupa=1 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 13:43:39 GMT
Content-Length: 0
Connection: keep-alive
Location: https://www.acint.net/match?dp=251&euid=5e751f84-b127-7699-7623-05b57901190e
Set-Cookie: pupa=5e751f84-b127-7699-7623-05b57901190e; domain=.bidderstack.com; path=/; expires=Sun, 04-May-2025 13:43:39 GMT;
csorigin2=244; domain=.bidderstack.com; path=/; expires=Sat, 04-May-2024 13:48:39 GMT;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

www.acint.net/match?dp=251&euid=5e751f84-b127-7699-7623-05b57901190e

193.3.184.131

200 OK

43 B

URL GET HTTP/2
www.acint.net/match?dp=251&euid=5e751f84-b127-7699-7623-05b57901190e
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=251&euid=5e751f84-b127-7699-7623-05b57901190e HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215; cSyncDp7v3=1714830216; cSyncDp241v2=1714830216
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 13:43:39 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/ping/?v=0.7.0&uid=e92127bb-9f5e-43a7-bcbc-2cbe2214e7da&dp=10&tz=%2B00%3A00&nc=348451&dT=2024-05-04T13%3A43%3A57.860

193.3.184.131

43 B

URL
www.acint.net/ping/?v=0.7.0&uid=e92127bb-9f5e-43a7-bcbc-2cbe2214e7da&dp=10&tz=%2B00%3A00&nc=348451&dT=2024-05-04T13%3A43%3A57.860
IP
193.3.184.131:0
ASN
#50214 QWARTA LLC

Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /ping/?v=0.7.0&uid=e92127bb-9f5e-43a7-bcbc-2cbe2214e7da&dp=10&tz=%2B00%3A00&nc=348451&dT=2024-05-04T13%3A43%3A57.860 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214; cSyncDp14v4=1714830215; cSyncDp7v3=1714830216; cSyncDp241v2=1714830216
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 13:43:57 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

ventl.ru/starsessions/

172.67.183.115

200 OK

13 kB

URL User Request GET HTTP/2
ventl.ru/starsessions/
IP
172.67.183.115:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectventl.ru
Fingerprint49:5F:4F:F1:98:5A:8F:6E:3A:11:86:63:6D:25:66:6F:85:5B:48:FB
ValidityMon, 25 Mar 2024 13:10:48 GMT - Sun, 23 Jun 2024 13:10:47 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3551), with CRLF, LF line terminators
Size
13 kB (13292 bytes)
Hash
9e432f1d6d3ccc417e56c70179e3e456
8f6e10b4a2045855d5dd9227ae8c9118777d3f03
1928bdf399d14b1aafaee58827fee94d47b90130419e7229b7cb18ee83ee6478

HTTP Headers

GET /starsessions/ HTTP/1.1
Host: ventl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 13:43:34 GMT
content-type: text/html; charset=windows-1251
x-powered-by: PHP/5.3.3
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Sat, 04 May 2024 13:43:34 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=caj41vhlc1micacdc6q9631qj5; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NgD4Iw0cULjAPHWgqrhRQVizzsJEgD8lGZs7n%2FWEKmQ%2FSNDYfRFg6sWRVAHQC0Zw3ZuqIMH%2FuSjCMUByquZowzqaVVC5Gl7DYJ5zwfnt532LHydAuBnmFhP2ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8eba58b1b56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.acint.net/oci.js?t=1714830214857

193.3.184.131

200 OK

32 kB

URL GET HTTP/2
www.acint.net/oci.js?t=1714830214857
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
JavaScript source, ASCII text, with very long lines (32168)
Size
32 kB (32169 bytes)
Hash
c3fa5133b6899a2abb39fb79ed94300f
dc1d5c75420b38cd7509a783ed09345d0ff78ac4
66b141eb9ae44c86efc510844a71cf208c02d02abe03af3a7d8cc26736d3e19c

HTTP Headers

GET /oci.js?t=1714830214857 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 13:43:34 GMT
content-type: application/x-javascript
last-modified: Wed, 17 Jan 2024 22:00:10 GMT
etag: W/"65a84dea-7dac"
content-encoding: gzip
X-Firefox-Spdy: h2

www.acint.net/match?dp=129&euid=1assxbfjt0

193.3.184.131

302 Found

43 B

URL GET HTTP/2
www.acint.net/match?dp=129&euid=1assxbfjt0
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type

Size
43 B (43 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?dp=129&euid=1assxbfjt0 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission; cSyncDp14v6=1714830214; cSyncDp17v2=1714830214; cSyncDp45v5=1714830214; cSyncDp53v5=1714830214; cSyncDp62v2=1714830214; cSyncDp67v3=1714830214; cSyncDp68v3=1714830214; cSyncDp71v2=1714830214; cSyncDp80v2=1714830214; cSyncDp85v2=1714830214; cSyncDp95v4=1714830214; cSyncDp98v3=1714830214; cSyncDp104v2=1714830214; cSyncDp107v2=1714830214; cSyncDp110v3=1714830214; cSyncDp125v4=1714830214; cSyncDp126v3=1714830214; cSyncDp127v2=1714830214; cSyncDp129v2=1714830214; cSyncDp136v3=1714830214; cSyncDp146v2=1714830214; cSyncDp148v2=1714830214; cSyncDp149v3=1714830214; cSyncDp151v2=1714830214; cSyncDp251v1=1714830214; cSyncDp186v2=1714830214; cSyncDp217v2=1714830214; cSyncDp235v2=1714830214; cSyncDp239v2=1714830214; cSyncDp243v2=1714830214; cSyncDp260v2=1714830214; cSyncDp244v2=1714830214; cSyncDp248v2=1714830214; cSyncDp261v1=1714830214; cSyncDp289v2=1714830214; cSyncDp293v1=1714830214; cSyncDp296v2=1714830214; cSyncDp312v1=1714830214
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 13:43:35 GMT
content-type: text/html
content-length: 154
location: https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
set-cookie: cSyncDp14v4=1714830215; expires=Mon, 03-Jun-24 13:43:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

ventl.ru/design/common.css

172.67.183.115

200 OK

159 B

URL GET HTTP/3
ventl.ru/design/common.css
IP
172.67.183.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerGoogle Trust Services LLC
Subjectventl.ru
Fingerprint49:5F:4F:F1:98:5A:8F:6E:3A:11:86:63:6D:25:66:6F:85:5B:48:FB
ValidityMon, 25 Mar 2024 13:10:48 GMT - Sun, 23 Jun 2024 13:10:47 GMT

File type
ASCII text, with no line terminators
Size
159 B (159 bytes)
Hash
b25408b16b53ae21a4c7ec7dfa7ebf43
5156a81c88353bc19a7e5eba775f343ee2bcf19d
c8223c1725a83243ded20be4be76e5fa1fedf30d7cb710e50d29efae04c8366a

HTTP Headers

GET /design/common.css HTTP/1.1
Host: ventl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/starsessions/
Cookie: PHPSESSID=caj41vhlc1micacdc6q9631qj5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 13:43:34 GMT
content-type: text/css
last-modified: Sun, 04 Aug 2013 03:00:00 GMT
etag: W/"308658e-9f-4e31663344c00"
age: 3814
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F14p8zorzhbMW2Vg6Q%2Fb57t4cwPI2PD7QVf7NGMeYJoK0igZ4FqlLUmz3NP56JdAmUin82IgwDc9BQeuDoqchcMPSDzKccKRyeIe8youmcKHDkDKp2R1yHVm7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8eba829a4b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ventl.ru/files/logos/starsessions.

172.67.183.115

200 OK

14 kB

URL GET HTTP/3
ventl.ru/files/logos/starsessions.
IP
172.67.183.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerGoogle Trust Services LLC
Subjectventl.ru
Fingerprint49:5F:4F:F1:98:5A:8F:6E:3A:11:86:63:6D:25:66:6F:85:5B:48:FB
ValidityMon, 25 Mar 2024 13:10:48 GMT - Sun, 23 Jun 2024 13:10:47 GMT

File type
data
Size
14 kB (14031 bytes)
Hash
769cc8332d61eeaf5589f5ecf2966af5
2cf420094135ca19e895ddc77bed5ec24ad5d2e9
ad10dd54a18ef2962dc41c16723a1df6289e78cc17f89027891d743918f1f373

HTTP Headers

GET /files/logos/starsessions. HTTP/1.1
Host: ventl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/starsessions/
Cookie: PHPSESSID=caj41vhlc1micacdc6q9631qj5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 13:43:34 GMT
content-type: text/plain; charset=windows-1251
last-modified: Sat, 04 May 2024 13:39:45 GMT
etag: W/"3080796-36cf-617a0f8291391"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QhQqqsmu8Whl7K4wJB4jWsE3baByKxCAH5gqHd5BrPlMNBqk%2B5sV5rE%2B7%2By6X4Ft%2FWYdL2lmHFhKUFRbttHOemddz4g29I0mWdIICml5tA3kcOZsq5EHca%2FUBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8eba829aab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ventl.ru/include/js/fastlogin.js

172.67.183.115

200 OK

628 B

URL GET HTTP/3
ventl.ru/include/js/fastlogin.js
IP
172.67.183.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerGoogle Trust Services LLC
Subjectventl.ru
Fingerprint49:5F:4F:F1:98:5A:8F:6E:3A:11:86:63:6D:25:66:6F:85:5B:48:FB
ValidityMon, 25 Mar 2024 13:10:48 GMT - Sun, 23 Jun 2024 13:10:47 GMT

File type
ASCII text, with very long lines (668), with no line terminators
Size
628 B (628 bytes)
Hash
79b523fb6b96d10a467b5575bdf3f022
d1acfc65a3f61860f9d9f47437537dbf58576173
f5425e4a0496fc33e237226b4b74732289b987cfb24028b2f24b040ddc3773d2

HTTP Headers

GET /include/js/fastlogin.js HTTP/1.1
Host: ventl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/starsessions/
Cookie: PHPSESSID=caj41vhlc1micacdc6q9631qj5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 13:43:34 GMT
content-type: text/javascript
last-modified: Sun, 04 Aug 2013 02:59:58 GMT
etag: W/"3086653-274-4e3166315c780"
age: 3813
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N5W3jnodUX8FSYCyJgC2IdgOZ84DtFHjmEn8oULLepKdPIrHNZ0xGv4KJxgMxiiksldw9Fb2nsLfz0xdBQA6Ro7XoipwB9AJ5a4DHIXKi5QrLD1GvCQGtIxqnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8eba849dab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ads.adlook.me/csync?pid=sape&uid=0500007F863B3666FE348F4102E1D281&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D110%26euid%3D%7BuserId%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D110

46.243.182.89

302 Found

0 B

URL GET HTTP/2
ads.adlook.me/csync?pid=sape&uid=0500007F863B3666FE348F4102E1D281&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D110%26euid%3D%7BuserId%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D110
IP
46.243.182.89:443
ASN
#209974 Itglobalcom Rus LLC

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /csync?pid=sape&uid=0500007F863B3666FE348F4102E1D281&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D110%26euid%3D%7BuserId%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D110 HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://mc.acint.net/rmatch?dp=110&euid=887fb1ebfad842359f93f8e9fe7dc2fb&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D110
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=887fb1ebfad842359f93f8e9fe7dc2fb; expires=Sat, 03 May 2025 21:00:00 GMT; path=/; SameSite=None; secure; samesite=none
adlk_cmatch=sape%3A0500007F863B3666FE348F4102E1D281; expires=Fri, 31 Dec 9999 20:59:59 GMT; path=/; SameSite=None; secure; samesite=none
date: Sat, 04 May 2024 13:43:34 GMT
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/webworker.js?hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m

142.250.74.100

200 OK

102 B

URL GET HTTP/3
www.google.com/recaptcha/api2/webworker.js?hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8&co=aHR0cHM6Ly92ZW50bC5ydTo0NDM.&hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=xzolqlx3caus
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
c647692b90dcf9264f7c2066e1104b46
0b4497a3ff0400a3ddae757db8ba2bc1d960a877
c03412d85356792f067b9fb274699a78364b08e10a83771a8b12762028cd23db

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8&co=aHR0cHM6Ly92ZW50bC5ydTo0NDM.&hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=xzolqlx3caus
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 04 May 2024 13:43:36 GMT
date: Sat, 04 May 2024 13:43:36 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ventl.ru/include/js/postform.js

172.67.183.115

200 OK

1.3 kB

URL GET HTTP/3
ventl.ru/include/js/postform.js
IP
172.67.183.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerGoogle Trust Services LLC
Subjectventl.ru
Fingerprint49:5F:4F:F1:98:5A:8F:6E:3A:11:86:63:6D:25:66:6F:85:5B:48:FB
ValidityMon, 25 Mar 2024 13:10:48 GMT - Sun, 23 Jun 2024 13:10:47 GMT

File type
Unicode text, UTF-8 text, with very long lines (1461), with no line terminators
Size
1.3 kB (1328 bytes)
Hash
4a361042eda53f8d99d608561febd105
62e6801ccdcd36e6ac9a22d87166ba9a5d770406
bc92925988b1db87226bc6de6a308d1edefb0f3eaf8d645c77038ad48cf7eee6

HTTP Headers

GET /include/js/postform.js HTTP/1.1
Host: ventl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/starsessions/
Cookie: PHPSESSID=caj41vhlc1micacdc6q9631qj5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 13:43:34 GMT
content-type: text/javascript
last-modified: Sun, 21 Oct 2018 02:40:14 GMT
etag: W/"3086655-530-578b40e5d5f80"
age: 3813
x-cache: HIT from hc2.hts.ru
x-cache-lookup: HIT from hc2.hts.ru:80
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HozitdqBpagHfuRdZYhu2Km1NvYX2dgMbmo9baTuWbhEVj%2Fyi2%2FmAxc%2BvxxmAh2yuXPwsWzyJ4%2BukDTbJQdWkOcj%2FpAnmQV8JDSFv9mEs9yTrwbikoLp3tiheA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e8eba829adb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

s.ccsyncuuid.net/match/5/?remote_uid=0500007F863B3666FE348F4102E1D281

0.0.0.0

0 B

URL GET
s.ccsyncuuid.net/match/5/?remote_uid=0500007F863B3666FE348F4102E1D281
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.acint.net/mc/?dp=10&tc=1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /match/5/?remote_uid=0500007F863B3666FE348F4102E1D281 HTTP/1.1
Host: s.ccsyncuuid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D09b1353a-94a7-49b2-81ae-88e38eb8598a

172.67.168.127

302 Found

43 B

URL GET HTTP/2
sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D09b1353a-94a7-49b2-81ae-88e38eb8598a
IP
172.67.168.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.acint.net/mc/?dp=10&tc=1
Certificate
IssuerGoogle Trust Services LLC
Subjectadspend.space
Fingerprint86:42:73:83:B4:96:F1:E2:8E:8F:5F:67:2B:A5:20:3C:AE:F0:FE:57
ValiditySat, 16 Mar 2024 00:50:56 GMT - Fri, 14 Jun 2024 00:50:55 GMT

File type

Size
43 B (43 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D09b1353a-94a7-49b2-81ae-88e38eb8598a HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: as-user=09b1353a-94a7-49b2-81ae-88e38eb8598a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 04 May 2024 13:43:35 GMT
content-type: text/html; charset=utf-8
location: https://www.acint.net/match?dp=98&euid=09b1353a-94a7-49b2-81ae-88e38eb8598a
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, OPTIONS
access-control-allow-headers: Content-Type, authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FulLbTl7T2nqk2FIdr32ExzIHYuWKmuR2k4pXQ8xiRpUYZgymEWrfKnoNq5eFFrzs6bCI6%2BX6vTRy1%2BswGs4xRCQlCvCp1b%2FAjDFIjupgJnFJLsiTcS2uZEUJWVYK%2FvRhSd6bgI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e8ebae2d1d5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.acint.net/mc/?dp=10&tc=1

193.3.184.131

200 OK

6.5 kB

URL GET HTTP/2
www.acint.net/mc/?dp=10&tc=1
IP
193.3.184.131:443
ASN
#50214 QWARTA LLC

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with very long lines (6765), with no line terminators
Size
6.5 kB (6484 bytes)
Hash
2e49bc65a79939a77a65a29cff6806ad
5ea1bcc356eeb0a615d43517c30db76a0cb94f0c
c5e2d2a175f9085ef7576fcc8215c8a5755eafe291f61eb4eee3ed869f3f24e6

HTTP Headers

GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ventl.ru/
DNT: 1
Connection: keep-alive
Cookie: aid=fwAABWY2O4ZBjzT+gdLhAp5UkUwtEEpnocIstAhpuRBAQsyw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 13:43:34 GMT
content-type: text/html
set-cookie: cSyncDp14v6=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v5=1714830214; expires=Sun, 05-May-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53v5=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v3=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68v3=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp80v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v4=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp98v3=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1714830214; expires=Sat, 18-May-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110v3=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v4=1714830214; expires=Sun, 19-May-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126v3=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v3=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v3=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp251v1=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp217v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp235v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp239v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp243v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp260v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp244v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp248v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp261v1=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp289v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp293v1=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp296v2=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp312v1=1714830214; expires=Mon, 03-Jun-24 13:43:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8&co=aHR0cHM6Ly92ZW50bC5ydTo0NDM.&hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=xzolqlx3caus

142.250.74.100

200 OK

46 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/anchor?ar=1&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8&co=aHR0cHM6Ly92ZW50bC5ydTo0NDM.&hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=xzolqlx3caus
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://ventl.ru/starsessions/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
HTML document, ASCII text, with very long lines (37032)
Size
46 kB (45716 bytes)
Hash
9d84b338f2a955387ee1d3573bfdc5bf
b9cee99e03a3144c7c71795abe548a671fff20d0
cdb521b49efea0267033cbbb925f17c8ce8b007b8e772d332a7b18c6007a1874

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6LfZXnIUAAAAAD8euzymsKhq2nRSezAK5hMrhfb8&co=aHR0cHM6Ly92ZW50bC5ydTo0NDM.&hl=ru&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=xzolqlx3caus HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ventl.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 13:43:35 GMT
content-security-policy: script-src 'nonce-z55ku8RXh786PcB8_PPq9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML