Report - moviesubtitles.ru/movie-21791.html

Report Overview

Submitted URL
moviesubtitles.ru/movie-21791.html
IP
91.234.33.166
ASN
#56485 Oleksandr Siedinkin
Submitted
2023-02-02 04:56:07
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
exchange.buzzoola.com	18389	2014-10-17T17:20:27Z	2023-03-13T08:33:52Z	483 B	382 B	176.9.81.69
sync.programmatica.com	unknown	2022-12-17T02:18:07Z	2023-03-13T08:33:52Z	887 B	715 B	167.235.117.42
sync.adkernel.com	4993	2017-04-19T11:25:22Z	2023-03-13T05:36:44Z	469 B	190 B	77.245.57.72
x01.aidata.io	12188	2016-03-31T17:36:46Z	2023-03-13T06:54:15Z	865 B	1.3 kB	89.108.119.43
ssp.bidvol.com	31817	2020-02-22T13:37:29Z	2023-03-13T08:33:52Z	398 B	631 B	65.109.65.188
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	2.9 kB	14 kB	104.18.21.226
sync.adspend.space	unknown	2022-10-20T08:12:42Z	2023-03-13T08:33:52Z	954 B	993 B	212.76.129.183
www.acint.net	29072	2014-02-14T22:23:16Z	2023-03-13T08:33:52Z	19 kB	21 kB	193.3.184.227
ssp.bestssp.com	90974	2017-06-10T10:55:20Z	2023-03-13T06:54:27Z	438 B	361 B	185.147.80.35
sync.dmp.otm-r.com	19534	2017-02-03T08:19:51Z	2023-03-13T08:33:52Z	419 B	135 B	159.69.59.100
s.uuidksinc.net	3423	2015-07-20T14:00:35Z	2023-03-13T05:57:41Z	424 B	322 B	31.220.27.135
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	1.7 kB	4.8 kB	104.18.32.68
tag.digitaltarget.ru	98193	2015-07-21T16:24:58Z	2023-03-13T08:33:52Z	745 B	19 kB	185.15.175.145
ads.adlook.me	43352	2018-11-28T13:50:19Z	2023-03-13T08:33:52Z	442 B	325 B	176.122.21.226
a.utraff.com	39874	2019-02-27T11:01:37Z	2023-03-13T08:33:52Z	380 B	1.1 kB	104.21.59.66
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-13T05:14:17Z	714 B	3.8 kB	104.18.21.226
counter.yadro.ru	7275	2014-09-09T20:41:17Z	2023-03-13T07:26:53Z	702 B	543 B	88.212.201.198
ads.betweendigital.com	1571	2012-10-30T06:08:04Z	2023-03-13T06:54:29Z	2.8 kB	3.6 kB	188.42.196.115
ad.mail.ru	7643	2012-06-22T21:38:09Z	2023-03-13T09:01:54Z	412 B	756 B	95.163.41.56
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	2.7 kB	54 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	7.4 kB	20 kB	23.36.77.32
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.155.255.170
sync.bumlam.com	3243	2015-08-10T23:04:25Z	2023-03-13T08:33:52Z	1.4 kB	1.9 kB	31.172.81.160
nr.bidderstack.com	352019	2019-02-11T15:43:50Z	2023-03-13T08:33:52Z	421 B	222 B	23.88.12.13
dmp.gotechnology.io	48839	2019-06-17T18:08:58Z	2023-02-25T12:17:28Z	875 B	932 B	142.132.209.138
px.adhigh.net	10272	2013-01-03T22:02:08Z	2023-03-13T06:54:23Z	848 B	1.0 kB	193.232.150.46
an.yandex.ru	2577	2017-01-30T06:11:51Z	2023-03-03T18:27:36Z	856 B	8.5 kB	77.88.21.90
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
cs.agency2.ru	unknown	2022-04-29T16:24:02Z	2023-03-13T08:33:52Z	413 B	721 B	23.111.107.44
e1e19398-a2b5-11ed-a1c4-002590c82437.n3.sync.bumlam.com	unknown			488 B	165 B	80.87.198.24
ad.adriver.ru	19548	2012-08-31T19:10:27Z	2023-03-13T06:54:23Z	875 B	1.4 kB	195.209.108.36
match.new-programmatic.com	33613	2020-02-18T21:50:06Z	2023-03-13T08:33:52Z	434 B	213 B	217.65.2.150
ssp.adriver.ru	12439	2014-01-10T14:39:33Z	2023-03-13T08:33:52Z	881 B	376 B	81.222.128.214
sape-sync.rutarget.ru	173587	2018-08-07T16:11:47Z	2023-03-13T08:33:52Z	380 B	409 B	188.72.107.228
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
sync.upravel.com	28097	2017-05-29T11:13:46Z	2023-03-13T08:33:52Z	890 B	1.7 kB	144.76.138.28
pix.bumlam.com	92002	2022-03-29T11:19:43Z	2023-03-13T08:33:52Z	1.4 kB	2.1 kB	31.172.81.172
sync.1dmp.io	10017	2016-02-09T12:52:58Z	2023-03-13T08:33:52Z	502 B	230 B	87.242.89.90
acint.net	22962	2014-02-14T22:23:16Z	2023-03-13T08:33:52Z	2.4 kB	780 B	193.3.184.227
moviesubtitles.ru	unknown	2019-03-30T15:37:54Z	2023-03-09T16:17:53Z	365 B	579 B	91.234.33.166
dm-eu.hybrid.ai	28847	2021-01-25T12:48:59Z	2023-03-13T06:16:11Z	419 B	528 B	37.18.103.16
sm.rtb.mts.ru	27154	2019-03-26T15:10:01Z	2023-03-13T08:33:52Z	838 B	1.0 kB	217.66.147.37
dmg.digitaltarget.ru	21471	2015-04-23T16:50:51Z	2023-03-13T06:26:03Z	2.7 kB	3.2 kB	185.15.175.130
www.moviesubtitles.ru	unknown	2014-11-09T16:43:19Z	2023-03-09T16:17:54Z	12 kB	77 kB	91.234.33.166
jsc.mgid.com	7902	2012-09-30T20:50:35Z	2023-03-13T04:50:31Z	707 B	1.5 kB	104.19.135.78
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	682 B	1.2 kB	93.184.220.29
ssp-rtb.sape.ru	31166	2016-02-02T18:01:03Z	2023-03-13T08:33:52Z	447 B	773 B	193.3.184.214
ocsp.usertrust.com	899	2012-05-21T17:43:18Z	2023-03-13T08:38:38Z	342 B	1.0 kB	172.64.155.188

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-02	medium	moviesubtitles.ru/movie-21791.html	Phishing
2023-02-02	medium	www.moviesubtitles.ru/movie-21791.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	tag.digitaltarget.ru/adcm.js	3.1 kB	2023-03-07	2023-05-06
Pretty URL tag.digitaltarget.ru/adcm.js IP 185.15.175.145 ASN #43226 SafeData LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2023-05-06 00:46:41 Times Seen299 Hash e7097284185069f52fc736bcd50cda13 1cdfdf2d869841202079ddf91e0a00a8610812e6 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80 Loading...

	tag.digitaltarget.ru/processor.js?i=645273286328099	16 kB	2023-03-09	2023-05-06
Pretty URL tag.digitaltarget.ru/processor.js?i=645273286328099 IP 185.15.175.145 ASN #43226 SafeData LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:01:11 Last Seen2023-05-06 00:46:42 Times Seen346 Hash 736e2fb1da94f3277e3f931048c1b9f3 196387db95a17da825b629de3542eff901b09905 4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc Loading...

	www.moviesubtitles.ru/movie-21791.html	650 B	2023-03-07	2023-04-07
Pretty URL www.moviesubtitles.ru/movie-21791.html IP 91.234.33.166 ASN #56485 Oleksandr Siedinkin Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:22 Last Seen2023-04-07 00:59:49 Times Seen8 Hash b1d3e9b3782d6a57645b68d2fa4284f8 d0e2dea1b9084e70a572b29ba19d01416b3a4e5b d4998259f0908384250fc51c328a3b0ba5d397448c096e2f38e5ac7776a1ad32 Loading...

	jsc.mgid.com/m/o/moviesubtitles.org.216908.js?t=123124	0 B	2023-03-07	2024-04-18
Pretty URL jsc.mgid.com/m/o/moviesubtitles.org.216908.js?t=123124 IP 104.19.135.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 12:17:42 Times Seen36938364 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.acint.net/aci.js	24 kB	2023-03-12	2023-03-13
Pretty URL www.acint.net/aci.js IP 193.3.184.227 ASN #50214 QWARTA LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:09:04 Last Seen2023-03-13 14:56:48 Times Seen1 Hash 2a3b4729cdc781aa2e88c6c401334a07 18ad3734a2be60b76759c16234ac977446aad8b5 10e905d0c5be1b88a72a3259db9500b7d3e2f5bc3787b7a36cf3d8dfb572dd7c Loading...

	www.acint.net/oci.js?t=1675313782055	32 kB	2023-03-12	2024-04-18
Pretty URL www.acint.net/oci.js?t=1675313782055 IP 193.3.184.227 ASN #50214 QWARTA LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:09:04 Last Seen2024-04-18 11:53:07 Times Seen2020 Hash c3fa5133b6899a2abb39fb79ed94300f dc1d5c75420b38cd7509a783ed09345d0ff78ac4 66b141eb9ae44c86efc510844a71cf208c02d02abe03af3a7d8cc26736d3e19c Loading...

	www.acint.net/mc/?dp=10&tc=1	199 B	2023-03-13	2023-03-13
Pretty URL www.acint.net/mc/?dp=10&tc=1 IP 193.3.184.227 ASN #50214 QWARTA LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:44:24 Last Seen2023-03-13 14:44:24 Times Seen1 Hash b1e5e38e5bd80dea691ab368029ba251 782b6b51ceae30cece1e0754e9e26b7c0bf11af8 db1d9318e26365da69ac889d422e41d0e35f010308819239f16a30ddcd80beb5 Loading...

	www.moviesubtitles.ru/movie-21791.html	749 B	2023-03-07	2023-03-29
Pretty URL www.moviesubtitles.ru/movie-21791.html IP 91.234.33.166 ASN #56485 Oleksandr Siedinkin Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:22 Last Seen2023-03-29 22:22:20 Times Seen6 Hash 70ec1443a82f206a23526e7846b9a8bd a89887c98ba9479b290a8aeb819bee2a6b84f217 263ad5e610f65d7fc806de1fb4cc0e41def344d5dfb098dea84f2c23ce2ddd88 Loading...

	www.moviesubtitles.ru/movie-21791.html	250 B	2023-03-07	2024-04-18
Pretty URL www.moviesubtitles.ru/movie-21791.html IP 91.234.33.166 ASN #56485 Oleksandr Siedinkin Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:22 Last Seen2024-04-18 11:53:07 Times Seen610 Hash 537357420024d824760d7686fbdf31fe 5e14660b667fdc602c82300ccf3253afc242e4bb ca2f5769fc415a62dd2cd8af83b9b64604715e602f6de4c7741f9992a7003a29 Loading...

		Size	First Seen	Last Seen
	#1 Write - b256d97fbb697428b7a1286ea33539c0	26 B	2023-03-07	2024-04-18
Pretty Observations First Seen2023-03-07 01:17:24 Last Seen2024-04-18 08:05:50 Times Seen988 Hash b256d97fbb697428b7a1286ea33539c0 7e4e54e0434406746420141881f419ac165d3edc f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623 Loading...

	#2 Write - c19f538c372ae503040832c1aa6499b7	664 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 14:44:24 Last Seen2023-03-13 14:44:24 Times Seen1 Hash c19f538c372ae503040832c1aa6499b7 58db8c26d925b477cc0a363b3fc8d06e7b31b3db cfc4aed37b10840d60448757f307637eb901b9c3bd083074e3ae2a1b6d30bbcb Loading...

HTTP Transactions (166)

URL IP Response Size

moviesubtitles.ru/movie-21791.html

91.234.33.166

301 Moved Permanently

336 B

URL HTTP/1.1
moviesubtitles.ru/movie-21791.html
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
336 B (336 bytes)
Hash
735096334c49bb044c2b49bbb46abbf3
f5ab90a1dd888e31773d7a332febff292d190a6f
1ce2b835ccdc4e9b3b9036ff93a34bb84be0f1a011fec56964bc1eabd56a0fc7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /movie-21791.html HTTP/1.1
Host: moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 04:55:56 GMT
Server: Apache/2.2.15 (CentOS)
Location: http://www.moviesubtitles.ru/movie-21791.html
Content-Length: 336
Connection: close
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2293
Expires: Thu, 02 Feb 2023 05:34:09 GMT
Date: Thu, 02 Feb 2023 04:55:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2581
Expires: Thu, 02 Feb 2023 05:38:57 GMT
Date: Thu, 02 Feb 2023 04:55:56 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 04:36:03 GMT
content-type: application/json
age: 1193
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14840
Expires: Thu, 02 Feb 2023 09:03:16 GMT
Date: Thu, 02 Feb 2023 04:55:56 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: kq7MY43BI300zIZSbpD2sT0QfI7tI8m8gLpVZA3+501oXcmRePHj8WPbGv3uVh9lnP6ieevjXfM=
x-amz-request-id: P1XMHCR22QTSRZN3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 04:51:50 GMT
age: 246
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

www.moviesubtitles.ru/movie-21791.html

91.234.33.166

200 OK

3.9 kB

URL HTTP/1.1
www.moviesubtitles.ru/movie-21791.html
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (2085), with LF, NEL line terminators
Size
3.9 kB (3905 bytes)
Hash
04500be72c9406fb9f5c16b5836e9a35
22b88a1c79fb1069b7be06b0d65bcc83fc133a2f
c62505292d26e8b9b34d8e19d043ef6d27b4845c155d35245450a09bfc5a2b24

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /movie-21791.html HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:56 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Set-Cookie: visited=1; expires=Thu, 02-Feb-2023 16:55:56 GMT
Cache-Control: no-cache
content-encoding: gzip
vary: accept-encoding
Content-Length: 3905
Connection: close
Content-Type: text/html

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 04:55:56 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.moviesubtitles.ru/style.css

91.234.33.166

200 OK

6.4 kB

URL HTTP/1.1
www.moviesubtitles.ru/style.css
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
assembler source, ASCII text, with CRLF, CR, LF line terminators
Size
6.4 kB (6376 bytes)
Hash
9e1a8eb7c6ccb69ebe66c6eff9b50a74
f994f042ea4f3bfbbf39f14475456338d09c59d3
fac1af2a81fadf8855c6d7f601c799a036f5baafd514110a7301603594611931

HTTP Headers

GET /style.css HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sat, 21 Feb 2015 14:42:50 GMT
ETag: "140017-18e8-50f9a2ee9ae80"
Accept-Ranges: bytes
Content-Length: 6376
Connection: close
Content-Type: text/css

jsc.mgid.com/m/o/moviesubtitles.org.216908.js?t=123124

104.19.135.78

301 Moved Permanently

0 B

URL HTTP/1.1
jsc.mgid.com/m/o/moviesubtitles.org.216908.js?t=123124
IP
104.19.135.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /m/o/moviesubtitles.org.216908.js?t=123124 HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/

HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 04:55:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 02 Feb 2023 05:55:57 GMT
Location: https://jsc.mgid.com/m/o/moviesubtitles.org.216908.js?t=123124
Set-Cookie: __cf_bm=hDArGuAvo5U0EdTFBxINdYHkIiasHUN4GKlLy92BIyk-1675313757-0-AdXBAMbNBLAPfyDNlQTOWjQqsDRxxXKp5MyxpSFk2oLwyv4qYI3eQIjj0ZfFjT2JbV0yCAJCSS+5mVuxK6uy6os=; path=/; expires=Thu, 02-Feb-23 05:25:57 GMT; domain=.mgid.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7930566668a5b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

www.moviesubtitles.ru/images/downloads.png

91.234.33.166

200 OK

1.4 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/downloads.png
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
1.4 kB (1366 bytes)
Hash
7fd5b180dc46f8c67613cccc7e20e0d4
d43020c7452a2f1d509686fecdbac5575429bd30
f90383d5f41c09c41b56e347936281964b84d56fd19571e45f940c8b83e91d30

HTTP Headers

GET /images/downloads.png HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Fri, 03 Oct 2014 18:19:46 GMT
ETag: "1a8cfd-556-50488c71a3480"
Accept-Ranges: bytes
Content-Length: 1366
Connection: close
Content-Type: image/png

www.moviesubtitles.ru/images/save.png

91.234.33.166

200 OK

1.4 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/save.png
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
1.4 kB (1425 bytes)
Hash
37c7938af69b3400a3684a527a1c2762
acf0f418b4ccb641248dd53d587a8e5745496e7f
189ffd31de1499d872c27dbedeb96edec58881031ed2d3759bb232e785714501

HTTP Headers

GET /images/save.png HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Fri, 03 Oct 2014 18:25:18 GMT
ETag: "1a8d14-591-50488dae41f80"
Accept-Ranges: bytes
Content-Length: 1425
Connection: close
Content-Type: image/png

www.moviesubtitles.ru/images/time.png

91.234.33.166

200 OK

1.4 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/time.png
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
1.4 kB (1425 bytes)
Hash
28de7ce62f47a07bd6bff880c7f8509f
d20691c7b3e65de7de979d8fd95676cb3143404b
ea7552169b38706119e1224959b852bcc926182bffe3d5bfc4b689a945cb724d

HTTP Headers

GET /images/time.png HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Fri, 03 Oct 2014 18:21:34 GMT
ETag: "1a3914-591-50488cd8a2780"
Accept-Ranges: bytes
Content-Length: 1425
Connection: close
Content-Type: image/png

www.moviesubtitles.ru/images/episode.png

91.234.33.166

200 OK

1.2 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/episode.png
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
1.2 kB (1243 bytes)
Hash
7591c1ed5262b4ee66baa8c4ff95fc36
343564fa8be1ef7024c5cf60e615210943403ebb
39597086460cc2a7d95d04d0160764edb387060479861f0ad197634372ab802e

HTTP Headers

GET /images/episode.png HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Fri, 03 Oct 2014 18:03:14 GMT
ETag: "1a8d29-4db-504888bf97c80"
Accept-Ranges: bytes
Content-Length: 1243
Connection: close
Content-Type: image/png

www.moviesubtitles.ru/images/number.png

91.234.33.166

200 OK

662 B

URL HTTP/1.1
www.moviesubtitles.ru/images/number.png
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
662 B (662 bytes)
Hash
f01582e962cca9fb7573e8cf5f06bb59
502a4311d70171a759f0a7397a989f1c6cbcc0a3
68b0af4f86abe5a659bd5d8f78fd7e3c6226321a7c5e9f0ba970f23bb7885713

HTTP Headers

GET /images/number.png HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Fri, 03 Oct 2014 18:06:20 GMT
ETag: "1a8d25-296-50488970f9f00"
Accept-Ranges: bytes
Content-Length: 662
Connection: close
Content-Type: image/png

www.moviesubtitles.ru/images/flags/fr.gif

91.234.33.166

200 OK

1.0 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/flags/fr.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 89a, 18 x 12\012- data
Size
1.0 kB (1006 bytes)
Hash
7f66797472eb9360e0bd22bfcfb9de1f
bf34e4f438b27e599ea28076beedce0e690f6b49
1df59d2f9889b0553295fe997df9f1e5adec5a34abc798178d2cb313c6a196c9

HTTP Headers

GET /images/flags/fr.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:15:00 GMT
ETag: "1a8d0a-3ee-443143c7bdd00"
Accept-Ranges: bytes
Content-Length: 1006
Connection: close
Content-Type: image/gif

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
943cd391edbe689ff602ee277fb042eb
64cd72bde2fe397324233fb30598220bcb3b2763
db648205a10a4c4cf4beec24da828042ea44a3980e8fadc5d3667ffe88428b05

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4217
Cache-Control: max-age=148136
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:55:57 GMT
Etag: "63dad18d-117"
Expires: Fri, 03 Feb 2023 22:04:53 GMT
Last-Modified: Wed, 01 Feb 2023 20:54:37 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279

www.moviesubtitles.ru/images/statistics.png

91.234.33.166

200 OK

5.2 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/statistics.png
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced\012- data
Size
5.2 kB (5172 bytes)
Hash
bd9107990f488c1d5b2425149f6a6147
b51a4f17cf263132afa95a729409de8495041f8a
84ff5eb90d238d97a3b1f954bae5c5bf6f65db1b3256f7668d08e564c0c774f2

HTTP Headers

GET /images/statistics.png HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:21:24 GMT
ETag: "1a8d2e-1434-44314535f3d00"
Accept-Ranges: bytes
Content-Length: 5172
Connection: close
Content-Type: image/png

www.moviesubtitles.ru/images/bigbox.gif

91.234.33.166

200 OK

7.9 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/bigbox.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 87a, 1040 x 64\012- data
Size
7.9 kB (7881 bytes)
Hash
37b7b1f9fcf66c9007016a2e42fbbef0
8a5d357eddde847d002a4bc6bb1f7b39c6398b8f
fb83423071c39ae28ee49e9da7ad4eadbcb215f8a80b438541139eb0f9eb3558

HTTP Headers

GET /images/bigbox.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/style.css
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sat, 26 Feb 2011 13:44:10 GMT
ETag: "1a8cf7-1ec9-49d2fa428be80"
Accept-Ranges: bytes
Content-Length: 7881
Connection: close
Content-Type: image/gif

www.moviesubtitles.ru/images/barbg.gif

91.234.33.166

200 OK

982 B

URL HTTP/1.1
www.moviesubtitles.ru/images/barbg.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 89a, 82 x 32\012- data
Size
982 B (982 bytes)
Hash
8a4331a30416cf454ad2b0abc835c896
13f3a5a40cb75258f71b43b98abaa566138a4963
2367039c876efe5532796cdfeec5298a8026316c7091c7b8b44c425084f16558

HTTP Headers

GET /images/barbg.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/style.css
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:21:08 GMT
ETag: "1a8d01-3d6-44314526b1900"
Accept-Ranges: bytes
Content-Length: 982
Connection: close
Content-Type: image/gif

www.moviesubtitles.ru/images/movies/21791.jpg

91.234.33.166

200 OK

6.3 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/movies/21791.jpg
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 80x118, components 3\012- data
Size
6.3 kB (6261 bytes)
Hash
a0d841ac81b475fb01c6d6320efabc87
62cd32c7e386c5a6bd4850099d1cd50e15c02951
3a0a69a56d7e593806a75c793d83b890d2ffb30eec057b18fee63628e78b6379

HTTP Headers

GET /images/movies/21791.jpg HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 07 Apr 2019 11:06:12 GMT
ETag: "1a8a35-1875-585eeb52eb100"
Accept-Ranges: bytes
Content-Length: 6261
Connection: close
Content-Type: image/jpeg

jsc.mgid.com/m/o/moviesubtitles.org.216908.js?t=123124

104.19.135.78

200 OK

0 B

URL HTTP/2
jsc.mgid.com/m/o/moviesubtitles.org.216908.js?t=123124
IP
104.19.135.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /m/o/moviesubtitles.org.216908.js?t=123124 HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.moviesubtitles.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 04:55:57 GMT
content-type: text/javascript
content-length: 0
cf-bgj: minify
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Wed, 31 Mar 2021 16:05:35 GMT
x-amz-id-2: mOVhpU5QjPFpVpc8/F4Orx31YdIYkumhn/1a4VPMbCVJiErQxTx9kHGJsjlEOEu5b7DqTM3+XP4w53c6xuu9kg==
x-amz-request-id: CDGANV44PGP1Q934
x-amz-version-id: null
cf-cache-status: HIT
expires: Thu, 02 Feb 2023 07:55:57 GMT
cache-control: public, max-age=10800
accept-ranges: bytes
set-cookie: __cf_bm=EcWw4yNWrFYiRDoN0VfTzh8RSufbZmJnhxckh3VTJQ0-1675313757-0-ARAzFgfTrZEM0WknRbv249Wp5hzGGLVHvUjiqyKhr18JY/WVLfrGQz6twZ9rQVlYhEB8bUt9kGsR1Hyq+a+861Y=; path=/; expires=Thu, 02-Feb-23 05:25:57 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 79305666f940b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.moviesubtitles.ru/images/flag-english.png

91.234.33.166

200 OK

576 B

URL HTTP/1.1
www.moviesubtitles.ru/images/flag-english.png
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
PNG image data, 30 x 16, 8-bit colormap, non-interlaced\012- data
Size
576 B (576 bytes)
Hash
582ec9b89bc5aede2500c3187203214e
33ec525494a51db14d03873e148aee4ff086f06c
051d6cd2ed19ffbc284afead8be7c74ae1c8a0a13355ed2aaa9d8d0827099c8a

HTTP Headers

GET /images/flag-english.png HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:21:14 GMT
ETag: "1a8cf9-240-4431452c6a680"
Accept-Ranges: bytes
Content-Length: 576
Connection: close
Content-Type: image/png

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d82139609e323e908fac5d93cc352a0
16464d86dbab5ffda5e66d870c5d139ee69f9422
dafce9d952b644da844563623a477eec073d696e74275b56b8329ed44b64aa57

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAFCE9D952B644DA844563623A477EEC073D696E74275B56B8329ED44B64AA57"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9069
Expires: Thu, 02 Feb 2023 07:27:06 GMT
Date: Thu, 02 Feb 2023 04:55:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d82139609e323e908fac5d93cc352a0
16464d86dbab5ffda5e66d870c5d139ee69f9422
dafce9d952b644da844563623a477eec073d696e74275b56b8329ed44b64aa57

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAFCE9D952B644DA844563623A477EEC073D696E74275B56B8329ED44B64AA57"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9069
Expires: Thu, 02 Feb 2023 07:27:06 GMT
Date: Thu, 02 Feb 2023 04:55:57 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
943cd391edbe689ff602ee277fb042eb
64cd72bde2fe397324233fb30598220bcb3b2763
db648205a10a4c4cf4beec24da828042ea44a3980e8fadc5d3667ffe88428b05

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4217
Cache-Control: max-age=148136
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:55:57 GMT
Etag: "63dad18d-117"
Expires: Fri, 03 Feb 2023 22:04:53 GMT
Last-Modified: Wed, 01 Feb 2023 20:54:37 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279

www.moviesubtitles.ru/images/barcurrent.gif

91.234.33.166

200 OK

1.4 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/barcurrent.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 89a, 82 x 32\012- data
Size
1.4 kB (1415 bytes)
Hash
e001323087c18a2f90e64e4512377a2d
6f473acb9e3f3f6d8c33c871bb8ebb05462d8ce2
2f19583005a10b907e0cc8f7914e2026e135e1299adbc71428a1d82769e4d29f

HTTP Headers

GET /images/barcurrent.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/style.css
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:21:08 GMT
ETag: "1a8cf1-587-44314526b1900"
Accept-Ranges: bytes
Content-Length: 1415
Connection: close
Content-Type: image/gif

www.acint.net/aci.js

193.3.184.227

200 OK

7.8 kB

URL HTTP/2
www.acint.net/aci.js
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
ASCII text, with very long lines (1649)
Size
7.8 kB (7757 bytes)
Hash
23df47b4330754db70e9c1e32f0092d6
dea956b3a9dad9fa3cc352180be435943e8d0352
0056d5c8969a597094abb6cc9f3a383631ba9c0f13ac620d735f0788807fb4de

HTTP Headers

GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:55:57 GMT
content-type: application/x-javascript
content-length: 7757
last-modified: Mon, 09 Jan 2023 08:01:05 GMT
etag: "63bbc9c1-1e4d"
content-encoding: gzip
expires: Thu, 02 Feb 2023 16:55:57 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2

www.moviesubtitles.ru/images/searchbg.gif

91.234.33.166

200 OK

5.2 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/searchbg.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 87a, 589 x 64\012- data
Size
5.2 kB (5191 bytes)
Hash
d3420ea5dfaaf22395a05278feea5f65
56c8857463874bb7ea2e42da56bca9dccc54c540
c7c6e6a5d0d5a4419a93508564d93c3a4da70e027756493d0b8817f801e93a69

HTTP Headers

GET /images/searchbg.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/style.css
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sat, 26 Feb 2011 13:48:52 GMT
ETag: "1a8d1f-1447-49d2fb4f7b900"
Accept-Ranges: bytes
Content-Length: 5191
Connection: close
Content-Type: image/gif

www.moviesubtitles.ru/images/flags/en.gif

91.234.33.166

200 OK

1.0 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/flags/en.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 89a, 18 x 12\012- data
Size
1.0 kB (1006 bytes)
Hash
93cb87bcf85c3b2756f6b296494cbc37
14d88657745649cff40766b2f43a0daf75fb955a
afd35d185a9c29cdf52a6d00347efb737cfa717cc161635809351a6aa7eca943

HTTP Headers

GET /images/flags/en.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:14:58 GMT
ETag: "1a8d0d-3ee-443143c5d5880"
Accept-Ranges: bytes
Content-Length: 1006
Connection: close
Content-Type: image/gif

www.moviesubtitles.ru/images/input.gif

91.234.33.166

200 OK

734 B

URL HTTP/1.1
www.moviesubtitles.ru/images/input.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 89a, 299 x 28\012- data
Size
734 B (734 bytes)
Hash
4af5d9c254829f246d81119b9b4c7e65
d67ddce29bddbb54c62d04d0e3dac27c9698f73e
e1d8b29aa8f506dc8b80b87347d0b320813e204f39a94a7925fb8799a5c52d02

HTTP Headers

GET /images/input.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/style.css
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:21:18 GMT
ETag: "1a8d30-2de-443145303af80"
Accept-Ranges: bytes
Content-Length: 734
Connection: close
Content-Type: image/gif

www.moviesubtitles.ru/images/rip.gif

91.234.33.166

200 OK

351 B

URL HTTP/1.1
www.moviesubtitles.ru/images/rip.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 89a, 16 x 16\012- data
Size
351 B (351 bytes)
Hash
c4e53fb68f4833116f9dfa5d7f397df7
cc30445d49d5b274bcff23412ab6f2c70c97dee2
e8319ba048083e908dc5e38111165f2e37e9e67c70e80d6d89678207f54e5e2b

HTTP Headers

GET /images/rip.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Fri, 03 Oct 2014 18:24:18 GMT
ETag: "1a8d33-15f-50488d7509880"
Accept-Ranges: bytes
Content-Length: 351
Connection: close
Content-Type: image/gif

www.moviesubtitles.ru/images/boxtop.gif

91.234.33.166

200 OK

540 B

URL HTTP/1.1
www.moviesubtitles.ru/images/boxtop.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 87a, 300 x 19\012- data
Size
540 B (540 bytes)
Hash
f5ff371a9530b68267ae7c547b8254ee
0ccee3f9e81daaa4348643fd8c67ad247a345bf2
4233e40a98547af295ddbe5099bc9761efb6d034b17cf7a2e389c6bfaa93499a

HTTP Headers

GET /images/boxtop.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/style.css
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sat, 26 Feb 2011 13:12:20 GMT
ETag: "1a8d2c-21c-49d2f32507500"
Accept-Ranges: bytes
Content-Length: 540
Connection: close
Content-Type: image/gif

www.moviesubtitles.ru/images/box.gif

91.234.33.166

200 OK

2.0 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/box.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 87a, 300 x 500\012- data
Size
2.0 kB (1952 bytes)
Hash
dfad9115ed7a961db995572ccad40dca
2236e570c546886e7510ced44d32a09a6b0e8fa0
222366ee8355a834cdf3dac8cb4a0a5b7eb1b162a44d1c3a718fbeeadae1e650

HTTP Headers

GET /images/box.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/style.css
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sat, 26 Feb 2011 13:13:58 GMT
ETag: "1a8cf2-7a0-49d2f3827d180"
Accept-Ranges: bytes
Content-Length: 1952
Connection: close
Content-Type: image/gif

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 04:49:05 GMT
age: 412
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.acint.net/oci.js?t=1675313782055

193.3.184.227

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/oci.js?t=1675313782055
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /oci.js?t=1675313782055 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 04:55:57 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/oci.js?t=1675313782055

www.acint.net/hit/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=29025214&u=http%3A%2F%2Fwww.moviesubtitles.ru%2Fmovie-21791.html&r=&rs=1280x1024&t=Moviesubtitles.org%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D1%8B%20%D0%BA%20%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%83%20%22Ralph%20Breaks%20the%20Internet%20(2018)%22&oE=1&oP=1&dT=2023-02-02T04%3A56%3A22.054&fu=a519784e-83d0-4f53-a824-1e20ae305c1e

193.3.184.227

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/hit/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=29025214&u=http%3A%2F%2Fwww.moviesubtitles.ru%2Fmovie-21791.html&r=&rs=1280x1024&t=Moviesubtitles.org%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D1%8B%20%D0%BA%20%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%83%20%22Ralph%20Breaks%20the%20Internet%20(2018)%22&oE=1&oP=1&dT=2023-02-02T04%3A56%3A22.054&fu=a519784e-83d0-4f53-a824-1e20ae305c1e
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /hit/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=29025214&u=http%3A%2F%2Fwww.moviesubtitles.ru%2Fmovie-21791.html&r=&rs=1280x1024&t=Moviesubtitles.org%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D1%8B%20%D0%BA%20%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%83%20%22Ralph%20Breaks%20the%20Internet%20(2018)%22&oE=1&oP=1&dT=2023-02-02T04%3A56%3A22.054&fu=a519784e-83d0-4f53-a824-1e20ae305c1e HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 04:55:57 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=29025214&u=http%3A%2F%2Fwww.moviesubtitles.ru%2Fmovie-21791.html&r=&rs=1280x1024&t=Moviesubtitles.org%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D1%8B%20%D0%BA%20%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%83%20%22Ralph%20Breaks%20the%20Internet%20(2018)%22&oE=1&oP=1&dT=2023-02-02T04%3A56%3A22.054&fu=a519784e-83d0-4f53-a824-1e20ae305c1e

www.acint.net/mc/?dp=10

193.3.184.227

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/mc/?dp=10
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 04:55:57 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10

www.moviesubtitles.ru/images/flags/gr.gif

91.234.33.166

200 OK

1.0 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/flags/gr.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 89a, 18 x 12\012- data
Size
1.0 kB (1006 bytes)
Hash
cee23846c8603623882ed5134406806c
9623f1e77d92024d07f580aa20c2412bb2c2bdb1
4028eb4779d91c503ad51bb8984e09cdef9d4070118ca4ee1581460fa81d7ef7

HTTP Headers

GET /images/flags/gr.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:15:00 GMT
ETag: "1a8d06-3ee-443143c7bdd00"
Accept-Ranges: bytes
Content-Length: 1006
Connection: close
Content-Type: image/gif

www.moviesubtitles.ru/images/flags/es.gif

91.234.33.166

200 OK

1.0 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/flags/es.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 89a, 18 x 12\012- data
Size
1.0 kB (1006 bytes)
Hash
4fc4c91dbb8012db776af9b476c4e1cd
6aecc143ce67204b927d99a83c5adf7bc331f8fe
e9f8b8fabb38524354f0bd87e91a4f4e702555956d29cc6db1b899fc0b5980b0

HTTP Headers

GET /images/flags/es.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:14:58 GMT
ETag: "1a8d11-3ee-443143c5d5880"
Accept-Ranges: bytes
Content-Length: 1006
Connection: close
Content-Type: image/gif

www.moviesubtitles.ru/images/flags/ar.gif

91.234.33.166

200 OK

237 B

URL HTTP/1.1
www.moviesubtitles.ru/images/flags/ar.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 87a, 18 x 12\012- data
Size
237 B (237 bytes)
Hash
394cbae01e70ed0ab07ea8a62e549e18
85691c70465a7c26e05186e4ea67547ab5e8192a
fc36b56a21d6c67e47ad2329aab99fbb6a836aa3683d4fafb22c47e25f6dff33

HTTP Headers

GET /images/flags/ar.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:14:56 GMT
ETag: "1a8d07-ed-443143c3ed400"
Accept-Ranges: bytes
Content-Length: 237
Connection: close
Content-Type: image/gif

www.moviesubtitles.ru/images/flags/br.gif

91.234.33.166

200 OK

1.0 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/flags/br.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 89a, 18 x 12\012- data
Size
1.0 kB (1006 bytes)
Hash
667c1c786e5365ea1ff2c51baed8e6a7
274b24ec9ee848710ff7b0ddf1ee46ee60eb505f
030a7ff4bbac3e311d7120f41844a4e6df33da06ed13a4c18f105b26a7abd117

HTTP Headers

GET /images/flags/br.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:14:58 GMT
ETag: "1a8d0e-3ee-443143c5d5880"
Accept-Ranges: bytes
Content-Length: 1006
Connection: close
Content-Type: image/gif

www.moviesubtitles.ru/images/flags/tr.gif

91.234.33.166

200 OK

995 B

URL HTTP/1.1
www.moviesubtitles.ru/images/flags/tr.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 89a, 18 x 12\012- data
Size
995 B (995 bytes)
Hash
23c0420906ac063753138c20bacd3e1a
5a2b0bc253c629cbd727590af18e2cc1816dd8c4
e79e65dba1dac21432fd206c0a02c02acea900da44e1cdcf8c7a14a3937121c2

HTTP Headers

GET /images/flags/tr.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:15:02 GMT
ETag: "1a8d09-3e3-443143c9a6180"
Accept-Ranges: bytes
Content-Length: 995
Connection: close
Content-Type: image/gif

www.moviesubtitles.ru/images/flags/pl.gif

91.234.33.166

200 OK

1.0 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/flags/pl.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 89a, 18 x 12\012- data
Size
1.0 kB (1006 bytes)
Hash
a929046f3f0c7781989a284371a7f43b
1848d36e3a104294cf2a974177857947f15942c5
159c6e57f9073caed43e08f74325364ade5b064f1ab69dcf744092bd5c9c9363

HTTP Headers

GET /images/flags/pl.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:15:00 GMT
ETag: "1a8d08-3ee-443143c7bdd00"
Accept-Ranges: bytes
Content-Length: 1006
Connection: close
Content-Type: image/gif

www.acint.net/mc/?dp=10

193.3.184.227

302 Found

154 B

URL HTTP/2
www.acint.net/mc/?dp=10
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.moviesubtitles.ru/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Thu, 02 Feb 2023 04:55:57 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Thu, 02-Feb-23 05:05:57 GMT
aid=CkIDFWPbQl02IRNPFcHlAnz4bUOmZpsVP4XFkMxXGd8FpM/b; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

193.3.184.227

200 OK

43 B

URL HTTP/2
www.acint.net/hit/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=29025214&u=http%3A%2F%2Fwww.moviesubtitles.ru%2Fmovie-21791.html&r=&rs=1280x1024&t=Moviesubtitles.org%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D1%8B%20%D0%BA%20%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%83%20%22Ralph%20Breaks%20the%20Internet%20(2018)%22&oE=1&oP=1&dT=2023-02-02T04%3A56%3A22.054&fu=a519784e-83d0-4f53-a824-1e20ae305c1e
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hit/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=29025214&u=http%3A%2F%2Fwww.moviesubtitles.ru%2Fmovie-21791.html&r=&rs=1280x1024&t=Moviesubtitles.org%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D1%8B%20%D0%BA%20%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%83%20%22Ralph%20Breaks%20the%20Internet%20(2018)%22&oE=1&oP=1&dT=2023-02-02T04%3A56%3A22.054&fu=a519784e-83d0-4f53-a824-1e20ae305c1e HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.moviesubtitles.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:55:57 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=CkIDE2PbQl0Xrwo7Dqe2ApSaRRFqz5/HFI8qt1c/7wYHa+0V; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

www.moviesubtitles.ru/images/flags/ru.gif

91.234.33.166

200 OK

1.0 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/flags/ru.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 89a, 18 x 12\012- data
Size
1.0 kB (1006 bytes)
Hash
daa2a635125539998a491f04ce53dc60
8b7daa6c7adef9a3db8c2d05b3830c3be3d9dcdd
987407b3bff6c7785ecdb057b9b4be01c28db9dc0343b68a2ada547d02c9f2f1

HTTP Headers

GET /images/flags/ru.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:15:02 GMT
ETag: "1a8d0b-3ee-443143c9a6180"
Accept-Ranges: bytes
Content-Length: 1006
Connection: close
Content-Type: image/gif

www.moviesubtitles.ru/images/flags/it.gif

91.234.33.166

200 OK

1.0 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/flags/it.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 89a, 18 x 12\012- data
Size
1.0 kB (1006 bytes)
Hash
72b0c360b078e4b7d58840c12ec89525
de2359dc1eeead31e25142059f4e3a111b4ffb69
ee14d785626c45c528e752688029655d38c572371fdcd17f7dee0254aad90218

HTTP Headers

GET /images/flags/it.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:15:00 GMT
ETag: "1a8d0f-3ee-443143c7bdd00"
Accept-Ranges: bytes
Content-Length: 1006
Connection: close
Content-Type: image/gif

www.moviesubtitles.ru/images/flags/de.gif

91.234.33.166

200 OK

1.0 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/flags/de.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 89a, 18 x 12\012- data
Size
1.0 kB (1003 bytes)
Hash
1f31389417402bf187e3276579adcfc1
658045e62fa454a1903324b7fd6dba8ed8fbb10a
66671616f880ade1bee6a9afbced9011f1fe1b179ff9860766f700825e8bc9ae

HTTP Headers

GET /images/flags/de.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:14:58 GMT
ETag: "1a8d0c-3eb-443143c5d5880"
Accept-Ranges: bytes
Content-Length: 1003
Connection: close
Content-Type: image/gif

www.moviesubtitles.ru/images/flags/ua.gif

91.234.33.166

200 OK

995 B

URL HTTP/1.1
www.moviesubtitles.ru/images/flags/ua.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 87a, 18 x 12\012- data
Size
995 B (995 bytes)
Hash
6bb8be6dabf4f8e4a73459c8d089868f
059c1653ee5571065e8dcf327a2b51075366221c
b0d33277bf37bb100870305fb4c5f8c0c94ff0b975bef1ab45ac30b0a3f3e4f7

HTTP Headers

GET /images/flags/ua.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:15:02 GMT
ETag: "1a8d12-3e3-443143c9a6180"
Accept-Ranges: bytes
Content-Length: 995
Connection: close
Content-Type: image/gif

www.moviesubtitles.ru/images/flags/hu.gif

91.234.33.166

200 OK

1.0 kB

URL HTTP/1.1
www.moviesubtitles.ru/images/flags/hu.gif
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
GIF image data, version 89a, 18 x 12\012- data
Size
1.0 kB (1006 bytes)
Hash
3212a65eba5018fdee554234c45fb5ff
854e9b6f0ca3989ba503e1866dce91009c97f310
16c2ad04feae30953806f138957821108d525139fee7aa9434bb15126e422f54

HTTP Headers

GET /images/flags/hu.gif HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:15:00 GMT
ETag: "1a8d13-3ee-443143c7bdd00"
Accept-Ranges: bytes
Content-Length: 1006
Connection: close
Content-Type: image/gif

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20183
Expires: Thu, 02 Feb 2023 10:32:20 GMT
Date: Thu, 02 Feb 2023 04:55:57 GMT
Connection: keep-alive

www.moviesubtitles.ru/images/flag-russian.png

91.234.33.166

200 OK

399 B

URL HTTP/1.1
www.moviesubtitles.ru/images/flag-russian.png
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
PNG image data, 30 x 16, 8-bit colormap, non-interlaced\012- data
Size
399 B (399 bytes)
Hash
a8500a6f5e2f4849edd2bc560ab40283
55be906ab46003c0a78c3b3746f1e743027831a1
b27cba19783619a43b17e973e14ed138f3aa87840e896d39811156b961e8b78f

HTTP Headers

GET /images/flag-russian.png HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:21:14 GMT
ETag: "1a8d03-18f-4431452c6a680"
Accept-Ranges: bytes
Content-Length: 399
Connection: close
Content-Type: image/png

www.moviesubtitles.ru/images/flag-ukrainian.png

91.234.33.166

200 OK

384 B

URL HTTP/1.1
www.moviesubtitles.ru/images/flag-ukrainian.png
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
PNG image data, 30 x 16, 8-bit colormap, non-interlaced\012- data
Size
384 B (384 bytes)
Hash
40bb6252f3a845bce3aefd9bf69eca8e
621cb198075ef7b4d1682ccef1bfed764f1c93a8
1cbeb88e936ac4d4e90c39e8337cf728c2ecf850a79a10290655954a5f15ca0d

HTTP Headers

GET /images/flag-ukrainian.png HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:21:14 GMT
ETag: "1a8d17-180-4431452c6a680"
Accept-Ranges: bytes
Content-Length: 384
Connection: close
Content-Type: image/png

www.acint.net/mc/?dp=10&tc=1

193.3.184.227

200 OK

1.3 kB

URL HTTP/2
www.acint.net/mc/?dp=10&tc=1
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
data
Size
1.3 kB (1314 bytes)
Hash
5f9e8a18d43a3b54de4c52df2aa1455d
d1a6cbbe548d67528f92489fa9ca3bdad7f11e5b
968123e365b4d007f05e7de70eadd69e51e37c79f2c8b20cd821f8ad93dfe9cd

HTTP Headers

GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.moviesubtitles.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2PbQl0Xrwo7Dqe2ApSaRRFqz5/HFI8qt1c/7wYHa+0V
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:55:57 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1675313757; expires=Fri, 03-Feb-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53v2=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp98v2=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1675313757; expires=Thu, 16-Feb-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v3=1675313757; expires=Fri, 17-Feb-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp235=1675313757; expires=Sat, 04-Mar-23 04:55:57 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2

www.moviesubtitles.ru/favicon.ico

91.234.33.166

200 OK

7.9 kB

URL HTTP/1.1
www.moviesubtitles.ru/favicon.ico
IP
91.234.33.166:0
ASN
#56485 Oleksandr Siedinkin

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Size
7.9 kB (7886 bytes)
Hash
9a270ff72cdddededa2b98343837c598
04f8da4d1df983e7725a865035695926f1131d73
cb1379df51fdde9b61c6c0773cc1398c12b5406314b4438b745271823661259e

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.moviesubtitles.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/movie-21791.html
Cookie: visited=1; fid=a519784e-83d0-4f53-a824-1e20ae305c1e

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:57 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sun, 06 Jan 2008 21:23:06 GMT
ETag: "140019-1ece-443145973a280"
Accept-Ranges: bytes
Content-Length: 7886
Connection: close
Content-Type: image/vnd.microsoft.icon

a.utraff.com/sync?ssp=Sape

104.21.59.66

204 No Content

0 B

URL HTTP/2
a.utraff.com/sync?ssp=Sape
IP
104.21.59.66:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync?ssp=Sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 02 Feb 2023 04:55:57 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Sat, 04 Mar 2023 07:55:57 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Sat, 04 Mar 2023 07:55:57 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vu991GTnNo82k9cAG5vIwTWFLz7R1ZbHkB15VhIAU74u14TzPdG1Sg7psJjl749Vhoan3mhClMrKq%2F%2FQDlYgkbPuQsO9DqMuuP0XbkwTddGgx1Ufpu%2B3gbrM%2BS70il4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7930566aadff0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.acint.net/oci/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=05377250&oid=39e8192718f4ed5a678fc273d654392b

193.3.184.227

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/oci/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=05377250&oid=39e8192718f4ed5a678fc273d654392b
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /oci/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=05377250&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 04:55:57 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/oci/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=05377250&oid=39e8192718f4ed5a678fc273d654392b

dm-eu.hybrid.ai/match?id=106&vid=1303420A5D42DB633B0AAF1702B6A70E

37.18.103.16

204 No Content

0 B

URL HTTP/2
dm-eu.hybrid.ai/match?id=106&vid=1303420A5D42DB633B0AAF1702B6A70E
IP
37.18.103.16:0
ASN
#205675 Hybrid LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?id=106&vid=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 02 Feb 2023 04:55:57 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=fbb46dd13845f3156249; Expires=Fri, 02 Feb 2024 04:55:56 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 509
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.acint.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c70fa210db8cb3a65d555bef49e050bc
8a834fe202d34465e13fdaefc7562702097e0fdc
d13d61f106ad0d5b69027daa0e626df63e0aaeac2f46f244f0806bcc90f69e0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D13D61F106AD0D5B69027DAA0E626DF63E0AAEAC2F46F244F0806BCC90F69E0F"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11350
Expires: Thu, 02 Feb 2023 08:05:07 GMT
Date: Thu, 02 Feb 2023 04:55:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
213bf18096690cc57ffe2b030352f8ce
6d09271ba2e35da23eac601cccea7e3ec3b4a604
7969d8481f3db7aa880ccee7fee64582d724455df82d006481ec54816a726d9f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7969D8481F3DB7AA880CCEE7FEE64582D724455DF82D006481EC54816A726D9F"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9552
Expires: Thu, 02 Feb 2023 07:35:09 GMT
Date: Thu, 02 Feb 2023 04:55:57 GMT
Connection: keep-alive

ocsp2.globalsign.com/gsalphasha2g2

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
9cfe41b6a33ed44fedc0fd0fdcef7ae4
1b78950825e8b9b78d5fbaed9734765402dd371c
c40c428def3e947190edc846794b5353a45a53939f255a3eeffde2b008e368a9

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 06 Feb 2023 02:47:27 GMT
ETag: "1b78950825e8b9b78d5fbaed9734765402dd371c"
Last-Modified: Thu, 02 Feb 2023 02:47:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1925
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7930566ba9ac1c0a-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d5aa03d944374e364d4fdbb8f9cbf95e
43e3c5a8a5ff027de3c9ad9a41b572e4f33e72f9
483314668ec3c34108277a26d39a4282ce255e416cb5cec43e3d30d5340b8138

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "483314668EC3C34108277A26D39A4282CE255E416CB5CEC43E3D30D5340B8138"
Last-Modified: Wed, 01 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8249
Expires: Thu, 02 Feb 2023 07:13:27 GMT
Date: Thu, 02 Feb 2023 04:55:58 GMT
Connection: keep-alive

ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D

185.147.80.35

302 Found

74 B

URL HTTP/1.1
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP
185.147.80.35:0
ASN
#41722 Miran Ltd.

File type
HTML document, ASCII text
Size
74 B (74 bytes)
Hash
5dd88d846a68bd09debd410a562c12af
6a7f4cb3d44d25ff0af3af7cccab87a306df24cb
f999bd7f9c289573e47e345c87e99f392749960d1c2f1c0ac30336fda92d855a

HTTP Headers

GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 74
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=IAWKFILC
Set-Cookie: uid=IAWKFILC; Expires=Sun, 30 Jan 2033 04:55:58 GMT

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
594197b8439126d23e121f1ca0c13432
4f486347f2c158dd22320bf163d9021558df4d20
8f051c699a35cafa718c89fb163edb8d8869676ec77df84780b8ed83ad9e76ab

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F051C699A35CAFA718C89FB163EDB8D8869676EC77DF84780B8ED83AD9E76AB"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6983
Expires: Thu, 02 Feb 2023 06:52:21 GMT
Date: Thu, 02 Feb 2023 04:55:58 GMT
Connection: keep-alive

ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D

193.3.184.214

302 Moved Temporarily

142 B

URL HTTP/1.1
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP
193.3.184.214:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=3203420A5E42DB634C0085900219231D
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDMmPbQl6QhQBMHSMZAnHze/QS3rGfbhpiZj8RWTfnk6nk; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None

ocsp2.globalsign.com/gsalphasha2g2

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
2d71b883e815e5377e30ea9ecb86f44e
48c6855735bd96b91cbed064acae766bec8987cd
9a8d9f53386a17f038963b77ab5c72eec95a16aa30782ccde15bb3d94b7c32ae

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 06 Feb 2023 01:48:58 GMT
ETag: "48c6855735bd96b91cbed064acae766bec8987cd"
Last-Modified: Thu, 02 Feb 2023 01:48:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 896
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7930566ba823b517-OSL

push.services.mozilla.com/

35.155.255.170

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.155.255.170:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lioYCkjxBzuF383EYoHw0Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: z770JexagSTuX4ymhk/qogiwszM=

sync.upravel.com/sape/sync

144.76.138.28

302 Found

0 B

URL HTTP/2
sync.upravel.com/sape/sync
IP
144.76.138.28:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1675313758023;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1675313758023;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

www.acint.net/oci/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=05377250&oid=39e8192718f4ed5a678fc273d654392b

193.3.184.227

200 OK

43 B

URL HTTP/2
www.acint.net/oci/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=05377250&oid=39e8192718f4ed5a678fc273d654392b
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /oci/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=05377250&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.moviesubtitles.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2PbQl0Xrwo7Dqe2ApSaRRFqz5/HFI8qt1c/7wYHa+0V; cSyncDp7v2=1675313757; cSyncDp14v3=1675313757; cSyncDp17=1675313757; cSyncDp32=1675313757; cSyncDp45v3=1675313757; cSyncDp53v2=1675313757; cSyncDp62=1675313757; cSyncDp67v2=1675313757; cSyncDp68=1675313757; cSyncDp71=1675313757; cSyncDp85=1675313757; cSyncDp95v3=1675313757; cSyncDp98v2=1675313757; cSyncDp101=1675313757; cSyncDp104v2=1675313757; cSyncDp107=1675313757; cSyncDp110=1675313757; cSyncDp125v3=1675313757; cSyncDp126=1675313757; cSyncDp127=1675313757; cSyncDp129=1675313757; cSyncDp136v2=1675313757; cSyncDp146=1675313757; cSyncDp148=1675313757; cSyncDp149v2=1675313757; cSyncDp151=1675313757; cSyncDp178=1675313757; cSyncDp186=1675313757; cSyncDp221=1675313757; cSyncDp235=1675313757
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
51cfb5862bf78d09a0767f42c8ce6977
343dd79322dd325633f06085c247e80f33672de7
1b42170b66a980e2318a0218e42e467044232be0254de130e4ac8594757f25e3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B42170B66A980E2318A0218E42E467044232BE0254DE130E4AC8594757F25E3"
Last-Modified: Tue, 31 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19146
Expires: Thu, 02 Feb 2023 10:15:04 GMT
Date: Thu, 02 Feb 2023 04:55:58 GMT
Connection: keep-alive

sync.dmp.otm-r.com/match/sape?id=1303420A5D42DB633B0AAF1702B6A70E

159.69.59.100

204 No Content

0 B

URL HTTP/2
sync.dmp.otm-r.com/match/sape?id=1303420A5D42DB633B0AAF1702B6A70E
IP
159.69.59.100:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/sape?id=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx/1.17.10
date: Thu, 02 Feb 2023 04:55:58 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

counter.yadro.ru/hit?t15.1;r;s1280*1024*24;uhttp%3A//www.moviesubtitles.ru/movie-21791.html;i%uFFFD%uFFFDMoviesubtitles.org%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0441%u0443%u0431%u0442%u0438%u0442%u0440%u044B%20%u043A%20%u0444%u0438%u043B%u044C%u043C%u0443%20%22Ralph%20Breaks%20the%20Internet%20%282018%29;0.18908705625625122

88.212.201.198

200 OK

240 B

URL HTTP/1.1
counter.yadro.ru/hit?t15.1;r;s1280*1024*24;uhttp%3A//www.moviesubtitles.ru/movie-21791.html;i%uFFFD%uFFFDMoviesubtitles.org%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0441%u0443%u0431%u0442%u0438%u0442%u0440%u044B%20%u043A%20%u0444%u0438%u043B%u044C%u043C%u0443%20%22Ralph%20Breaks%20the%20Internet%20%282018%29;0.18908705625625122
IP
88.212.201.198:0
ASN
#39134 United Network LLC

File type
GIF image data, version 89a, 88 x 31\012- data
Size
240 B (240 bytes)
Hash
03aa4539c5c178f7b586d122ab661a8d
25bfbc8fb51755847c91e7817f599fcc8d6ce188
8752e49831a32036e764eb85852b944cd6ade9bbb08e53ee2ef7acea096ecd81

HTTP Headers

GET /hit?t15.1;r;s1280*1024*24;uhttp%3A//www.moviesubtitles.ru/movie-21791.html;i%uFFFD%uFFFDMoviesubtitles.org%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0441%u0443%u0431%u0442%u0438%u0442%u0440%u044B%20%u043A%20%u0444%u0438%u043B%u044C%u043C%u0443%20%22Ralph%20Breaks%20the%20Internet%20%282018%29;0.18908705625625122 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.moviesubtitles.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: image/gif
Content-Length: 240
Connection: keep-alive
Expires: Tue, 01 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bac30724b4d5e7813c3f649da4c1be81
68709ea92544ba83880208fb1a9923010a97652d
319df7ec746969bf3e8b84e1a846d2bb09f3e9f6fd2ef0887989698357ed245f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "319DF7EC746969BF3E8B84E1A846D2BB09F3E9F6FD2EF0887989698357ED245F"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11674
Expires: Thu, 02 Feb 2023 08:10:32 GMT
Date: Thu, 02 Feb 2023 04:55:58 GMT
Connection: keep-alive

sync.bumlam.com/?src=sap1&uid=1303420A5D42DB633B0AAF1702B6A70E

31.172.81.160

302 Moved Temporarily

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sap1&uid=1303420A5D42DB633B0AAF1702B6A70E
IP
31.172.81.160:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sap1&uid=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRlMWUxOTM5OC1hMmI1LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Wed, 28 Jan 2043 04:55:58 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjehO2eBmIgMTMwMzQyMEE1RDQyREI2MzNCMEFBRjE3MDJCNkE3MEWiARDh4ZOYorUR7aHEACWQyCQ3
ETag: e1e19398-a2b5-11ed-a1c4-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

s.uuidksinc.net/match/396/?remote_uid=1303420A5D42DB633B0AAF1702B6A70E

31.220.27.135

302 Found

0 B

URL HTTP/2
s.uuidksinc.net/match/396/?remote_uid=1303420A5D42DB633B0AAF1702B6A70E
IP
31.220.27.135:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/396/?remote_uid=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.19.0
date: Thu, 02 Feb 2023 04:55:58 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=f12wWlZqyPuRc8JSOoh9
set-cookie: jcsuuid=f12wWlZqyPuRc8JSOoh9; expires=Fri, 02 Feb 2024 04:55:58 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0

144.76.138.28

302 Found

0 B

URL HTTP/2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP
144.76.138.28:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1675313758023
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=4bf82795-49c9-43a0-8a33-67914eeb4220;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=4bf82795-49c9-43a0-8a33-67914eeb4220;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=4bf82795-49c9-43a0-8a33-67914eeb4220
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

pix.bumlam.com/sync/sape/check?sspuid=1303420A5D42DB633B0AAF1702B6A70E

31.172.81.172

302 Found

0 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/check?sspuid=1303420A5D42DB633B0AAF1702B6A70E
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/sape/check?sspuid=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape

www.acint.net/match?dp=95&euid=IAWKFILC

193.3.184.227

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=95&euid=IAWKFILC
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=95&euid=IAWKFILC HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2PbQl0Xrwo7Dqe2ApSaRRFqz5/HFI8qt1c/7wYHa+0V; cSyncDp7v2=1675313757; cSyncDp14v3=1675313757; cSyncDp17=1675313757; cSyncDp32=1675313757; cSyncDp45v3=1675313757; cSyncDp53v2=1675313757; cSyncDp62=1675313757; cSyncDp67v2=1675313757; cSyncDp68=1675313757; cSyncDp71=1675313757; cSyncDp85=1675313757; cSyncDp95v3=1675313757; cSyncDp98v2=1675313757; cSyncDp101=1675313757; cSyncDp104v2=1675313757; cSyncDp107=1675313757; cSyncDp110=1675313757; cSyncDp125v3=1675313757; cSyncDp126=1675313757; cSyncDp127=1675313757; cSyncDp129=1675313757; cSyncDp136v2=1675313757; cSyncDp146=1675313757; cSyncDp148=1675313757; cSyncDp149v2=1675313757; cSyncDp151=1675313757; cSyncDp178=1675313757; cSyncDp186=1675313757; cSyncDp221=1675313757; cSyncDp235=1675313757
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
ad50fd429d43590d1ef8635ee01498ea
f0917fd3a14ea4f5b1e97dcd534338c5ff06c8af
50edbb5e017eb9381fccaf770b4fc5dc94e970ea2631eec51e180ac69d59a70b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 15:41:07 GMT
Expires: Tue, 07 Feb 2023 15:41:06 GMT
Etag: "f0917fd3a14ea4f5b1e97dcd534338c5ff06c8af"
Cache-Control: max-age=470107,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7930566bfc75b4ff-OSL

sync.bumlam.com/?src=sap1&s_data=CAIQARjehO2eBmIgMTMwMzQyMEE1RDQyREI2MzNCMEFBRjE3MDJCNkE3MEWiARDh4ZOYorUR7aHEACWQyCQ3

31.172.81.160

200 OK

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sap1&s_data=CAIQARjehO2eBmIgMTMwMzQyMEE1RDQyREI2MzNCMEFBRjE3MDJCNkE3MEWiARDh4ZOYorUR7aHEACWQyCQ3
IP
31.172.81.160:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sap1&s_data=CAIQARjehO2eBmIgMTMwMzQyMEE1RDQyREI2MzNCMEFBRjE3MDJCNkE3MEWiARDh4ZOYorUR7aHEACWQyCQ3 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRlMWUxOTM5OC1hMmI1LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRlMWUxOTM5OC1hMmI1LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Wed, 28 Jan 2043 04:55:58 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29cbed0f6d8c99166782eb19e3b3b40a
a79f0c9f23b25cd341b7810ae7c65b4f2c606193
17b752520814b21a538551090467600dc8cefa1ca4da6f660c8046c729ccf316

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17B752520814B21A538551090467600DC8CEFA1CA4DA6F660C8046C729CCF316"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3949
Expires: Thu, 02 Feb 2023 06:01:47 GMT
Date: Thu, 02 Feb 2023 04:55:58 GMT
Connection: keep-alive

sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1303420A5D42DB633B0AAF1702B6A70E

87.242.89.90

200 OK

12 B

URL HTTP/2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1303420A5D42DB633B0AAF1702B6A70E
IP
87.242.89.90:0
ASN
#25532 LLC masterhost

File type
exported SGML document, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
d8932e1cb3ee147415fbf5591a7217ca
97da5b95fb7f60ecd8d9ed0e5a05d83ad5a9c070
c0327cbcde50f1ab8228334a550b947301123d6f6f7d625707cb6d08a1faec35

HTTP Headers

GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: text/html
content-length: 12
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
etag: "63d8131e-c"
accept-ranges: bytes
server: elb
X-Firefox-Spdy: h2

ocsp.globalsign.com/alphasslcasha256g4

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/alphasslcasha256g4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1437 bytes)
Hash
5c76d7240c2eba1e781efcbf6538a8c7
7989ea379b82a8d3fe31e4288a4a5a2374a96bb5
669c9d9aa4f2a610d4f620f0dcf490c27e667b8820a6764e4ebc96d18599fce4

HTTP Headers

POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Mon, 06 Feb 2023 01:14:16 GMT
ETag: "7989ea379b82a8d3fe31e4288a4a5a2374a96bb5"
Last-Modified: Thu, 02 Feb 2023 01:14:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 973
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7930566c4cd0b503-OSL

www.acint.net/match?dp=127&euid=f12wWlZqyPuRc8JSOoh9

193.3.184.227

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=127&euid=f12wWlZqyPuRc8JSOoh9
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=127&euid=f12wWlZqyPuRc8JSOoh9 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2PbQl0Xrwo7Dqe2ApSaRRFqz5/HFI8qt1c/7wYHa+0V; cSyncDp7v2=1675313757; cSyncDp14v3=1675313757; cSyncDp17=1675313757; cSyncDp32=1675313757; cSyncDp45v3=1675313757; cSyncDp53v2=1675313757; cSyncDp62=1675313757; cSyncDp67v2=1675313757; cSyncDp68=1675313757; cSyncDp71=1675313757; cSyncDp85=1675313757; cSyncDp95v3=1675313757; cSyncDp98v2=1675313757; cSyncDp101=1675313757; cSyncDp104v2=1675313757; cSyncDp107=1675313757; cSyncDp110=1675313757; cSyncDp125v3=1675313757; cSyncDp126=1675313757; cSyncDp127=1675313757; cSyncDp129=1675313757; cSyncDp136v2=1675313757; cSyncDp146=1675313757; cSyncDp148=1675313757; cSyncDp149v2=1675313757; cSyncDp151=1675313757; cSyncDp178=1675313757; cSyncDp186=1675313757; cSyncDp221=1675313757; cSyncDp235=1675313757
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D

176.9.81.69

301 Moved Permanently

115 B

URL HTTP/2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP
176.9.81.69:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text
Size
115 B (115 bytes)
Hash
7ee68820266a182fbb025409d0744caf
8a18bd47052596b901c7fc4972c71e33a35136f4
6d6188efc74730b0c8f27fdfa4ab5f084ff8380b18dc92fd15e44ba39154c56c

HTTP Headers

GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=ad149588-0e24-4068-4812-e58f0bc32abc
serverid: TODO
X-Firefox-Spdy: h2

sync.bumlam.com/?src=sape

31.172.81.160

302 Moved Temporarily

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sape
IP
31.172.81.160:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRlMWUxOTM5OC1hMmI1LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRlMWUxOTM5OC1hMmI1LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Wed, 28 Jan 2043 04:55:58 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=e1e19398-a2b5-11ed-a1c4-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true

www.acint.net/match?dp=71&euid=4bf82795-49c9-43a0-8a33-67914eeb4220

193.3.184.227

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=71&euid=4bf82795-49c9-43a0-8a33-67914eeb4220
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=71&euid=4bf82795-49c9-43a0-8a33-67914eeb4220 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2PbQl0Xrwo7Dqe2ApSaRRFqz5/HFI8qt1c/7wYHa+0V; cSyncDp7v2=1675313757; cSyncDp14v3=1675313757; cSyncDp17=1675313757; cSyncDp32=1675313757; cSyncDp45v3=1675313757; cSyncDp53v2=1675313757; cSyncDp62=1675313757; cSyncDp67v2=1675313757; cSyncDp68=1675313757; cSyncDp71=1675313757; cSyncDp85=1675313757; cSyncDp95v3=1675313757; cSyncDp98v2=1675313757; cSyncDp101=1675313757; cSyncDp104v2=1675313757; cSyncDp107=1675313757; cSyncDp110=1675313757; cSyncDp125v3=1675313757; cSyncDp126=1675313757; cSyncDp127=1675313757; cSyncDp129=1675313757; cSyncDp136v2=1675313757; cSyncDp146=1675313757; cSyncDp148=1675313757; cSyncDp149v2=1675313757; cSyncDp151=1675313757; cSyncDp178=1675313757; cSyncDp186=1675313757; cSyncDp221=1675313757; cSyncDp235=1675313757
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

acint.net/match?dp=110&euid=6acd91fef1f04ec484dc94e434189fd7

193.3.184.227

200 OK

43 B

URL HTTP/2
acint.net/match?dp=110&euid=6acd91fef1f04ec484dc94e434189fd7
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=110&euid=6acd91fef1f04ec484dc94e434189fd7 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2PbQl0Xrwo7Dqe2ApSaRRFqz5/HFI8qt1c/7wYHa+0V; cSyncDp7v2=1675313757; cSyncDp14v3=1675313757; cSyncDp17=1675313757; cSyncDp32=1675313757; cSyncDp45v3=1675313757; cSyncDp53v2=1675313757; cSyncDp62=1675313757; cSyncDp67v2=1675313757; cSyncDp68=1675313757; cSyncDp71=1675313757; cSyncDp85=1675313757; cSyncDp95v3=1675313757; cSyncDp98v2=1675313757; cSyncDp101=1675313757; cSyncDp104v2=1675313757; cSyncDp107=1675313757; cSyncDp110=1675313757; cSyncDp125v3=1675313757; cSyncDp126=1675313757; cSyncDp127=1675313757; cSyncDp129=1675313757; cSyncDp136v2=1675313757; cSyncDp146=1675313757; cSyncDp148=1675313757; cSyncDp149v2=1675313757; cSyncDp151=1675313757; cSyncDp178=1675313757; cSyncDp186=1675313757; cSyncDp221=1675313757; cSyncDp235=1675313757
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sync.adspend.space/sape?uid=1303420A5D42DB633B0AAF1702B6A70E

212.76.129.183

302 Found

149 B

URL HTTP/2
sync.adspend.space/sape?uid=1303420A5D42DB633B0AAF1702B6A70E
IP
212.76.129.183:0
ASN
#42632 MnogoByte LLC

File type
HTML document, ASCII text
Size
149 B (149 bytes)
Hash
c3a76ecf81d320dd721cf9636e3ea11d
a6a0fa98d7836d64246db41df67b254e77b314fc
b9544f35541a287ab6a599bf2dbc59863943a3a4cef5134f01e5ae451825d47d

HTTP Headers

GET /sape?uid=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: text/html; charset=utf-8
content-length: 149
location: https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D14bc45a1-2fe7-4073-9ad0-9b58b19701c8
set-cookie: as-user=14bc45a1-2fe7-4073-9ad0-9b58b19701c8; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

acint.net/match?dp=14&euid=3203420A5E42DB634C0085900219231D

193.3.184.227

200 OK

43 B

URL HTTP/2
acint.net/match?dp=14&euid=3203420A5E42DB634C0085900219231D
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=14&euid=3203420A5E42DB634C0085900219231D HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2PbQl0Xrwo7Dqe2ApSaRRFqz5/HFI8qt1c/7wYHa+0V; cSyncDp7v2=1675313757; cSyncDp14v3=1675313757; cSyncDp17=1675313757; cSyncDp32=1675313757; cSyncDp45v3=1675313757; cSyncDp53v2=1675313757; cSyncDp62=1675313757; cSyncDp67v2=1675313757; cSyncDp68=1675313757; cSyncDp71=1675313757; cSyncDp85=1675313757; cSyncDp95v3=1675313757; cSyncDp98v2=1675313757; cSyncDp101=1675313757; cSyncDp104v2=1675313757; cSyncDp107=1675313757; cSyncDp110=1675313757; cSyncDp125v3=1675313757; cSyncDp126=1675313757; cSyncDp127=1675313757; cSyncDp129=1675313757; cSyncDp136v2=1675313757; cSyncDp146=1675313757; cSyncDp148=1675313757; cSyncDp149v2=1675313757; cSyncDp151=1675313757; cSyncDp178=1675313757; cSyncDp186=1675313757; cSyncDp221=1675313757; cSyncDp235=1675313757
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sync.programmatica.com/match/RTBSape?id=1303420A5D42DB633B0AAF1702B6A70E

167.235.117.42

302 Found

0 B

URL HTTP/2
sync.programmatica.com/match/RTBSape?id=1303420A5D42DB633B0AAF1702B6A70E
IP
167.235.117.42:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/RTBSape?id=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 04:55:58 GMT
content-length: 0
location: https://sync.programmatica.com/match/RTBSape?id=1303420A5D42DB633B0AAF1702B6A70E&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

pix.bumlam.com/sync/sape/sync_ok?guid=e1e19398-a2b5-11ed-a1c4-002590c82437

31.172.81.172

302 Found

0 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/sync_ok?guid=e1e19398-a2b5-11ed-a1c4-002590c82437
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/sape/sync_ok?guid=e1e19398-a2b5-11ed-a1c4-002590c82437 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRlMWUxOTM5OC1hMmI1LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://e1e19398-a2b5-11ed-a1c4-002590c82437.n3.sync.bumlam.com/?src=sape

www.acint.net/match?dp=126&euid=ad149588-0e24-4068-4812-e58f0bc32abc

193.3.184.227

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=126&euid=ad149588-0e24-4068-4812-e58f0bc32abc
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=126&euid=ad149588-0e24-4068-4812-e58f0bc32abc HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2PbQl0Xrwo7Dqe2ApSaRRFqz5/HFI8qt1c/7wYHa+0V; cSyncDp7v2=1675313757; cSyncDp14v3=1675313757; cSyncDp17=1675313757; cSyncDp32=1675313757; cSyncDp45v3=1675313757; cSyncDp53v2=1675313757; cSyncDp62=1675313757; cSyncDp67v2=1675313757; cSyncDp68=1675313757; cSyncDp71=1675313757; cSyncDp85=1675313757; cSyncDp95v3=1675313757; cSyncDp98v2=1675313757; cSyncDp101=1675313757; cSyncDp104v2=1675313757; cSyncDp107=1675313757; cSyncDp110=1675313757; cSyncDp125v3=1675313757; cSyncDp126=1675313757; cSyncDp127=1675313757; cSyncDp129=1675313757; cSyncDp136v2=1675313757; cSyncDp146=1675313757; cSyncDp148=1675313757; cSyncDp149v2=1675313757; cSyncDp151=1675313757; cSyncDp178=1675313757; cSyncDp186=1675313757; cSyncDp221=1675313757; cSyncDp235=1675313757
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

cs.agency2.ru/p?ssp=sp&uid=1303420A5D42DB633B0AAF1702B6A70E

23.111.107.44

301 Moved Permanently

0 B

URL HTTP/1.1
cs.agency2.ru/p?ssp=sp&uid=1303420A5D42DB633B0AAF1702B6A70E
IP
23.111.107.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sp&uid=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=33ef6f9a-2a44-4fe5-95d3-9ddc2e694b49
Set-Cookie: uuid=33ef6f9a-2a44-4fe5-95d3-9ddc2e694b49; expires=Wed, 24 Jan 2024 04:55:58 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d5acd22c976d3d94068c9349b497482
be20fc6f4c6c202daf5eae4b1fd892115294a89c
111e5f4b82ed37ac2356e3878e7bdb60a5190475dbbef9a7b2e349c45e10ae13

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "111E5F4B82ED37AC2356E3878E7BDB60A5190475DBBEF9A7B2E349C45E10AE13"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4202
Expires: Thu, 02 Feb 2023 06:06:00 GMT
Date: Thu, 02 Feb 2023 04:55:58 GMT
Connection: keep-alive

nr.bidderstack.com/sape/cm?user_id=1303420A5D42DB633B0AAF1702B6A70E

23.88.12.13

200 OK

44 B

URL HTTP/1.1
nr.bidderstack.com/sape/cm?user_id=1303420A5D42DB633B0AAF1702B6A70E
IP
23.88.12.13:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
44 B (44 bytes)
Hash
f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

HTTP Headers

GET /sape/cm?user_id=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Access-Control-Allow-Credentials: true

sync.programmatica.com/match/RTBSape?id=1303420A5D42DB633B0AAF1702B6A70E&chk=1

167.235.117.42

200 OK

43 B

URL HTTP/2
sync.programmatica.com/match/RTBSape?id=1303420A5D42DB633B0AAF1702B6A70E&chk=1
IP
167.235.117.42:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /match/RTBSape?id=1303420A5D42DB633B0AAF1702B6A70E&chk=1 HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: image/gif
content-length: 43
set-cookie: pid=NGJkMjc4YWFhZDZkMTc0Ng; expires=Fri, 02 Aug 2024 04:55:58 GMT; domain=.programmatica.com; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D14bc45a1-2fe7-4073-9ad0-9b58b19701c8

212.76.129.183

302 Found

102 B

URL HTTP/2
sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D14bc45a1-2fe7-4073-9ad0-9b58b19701c8
IP
212.76.129.183:0
ASN
#42632 MnogoByte LLC

File type
HTML document, ASCII text
Size
102 B (102 bytes)
Hash
bd07172b3f22a243679b93072786c7c9
f15c24c8497d7599f59e96c9025d7e0c6e31da76
5f02c8ad204bac82f5890b590a5254791fe0f2056050df6a68b14d67f5f48ee4

HTTP Headers

GET /check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D14bc45a1-2fe7-4073-9ad0-9b58b19701c8 HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: as-user=14bc45a1-2fe7-4073-9ad0-9b58b19701c8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: text/html; charset=utf-8
content-length: 102
location: https://www.acint.net/match?dp=98&euid=14bc45a1-2fe7-4073-9ad0-9b58b19701c8
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

www.acint.net/match?dp=186&euid=33ef6f9a-2a44-4fe5-95d3-9ddc2e694b49

193.3.184.227

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=186&euid=33ef6f9a-2a44-4fe5-95d3-9ddc2e694b49
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=186&euid=33ef6f9a-2a44-4fe5-95d3-9ddc2e694b49 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2PbQl0Xrwo7Dqe2ApSaRRFqz5/HFI8qt1c/7wYHa+0V; cSyncDp7v2=1675313757; cSyncDp14v3=1675313757; cSyncDp17=1675313757; cSyncDp32=1675313757; cSyncDp45v3=1675313757; cSyncDp53v2=1675313757; cSyncDp62=1675313757; cSyncDp67v2=1675313757; cSyncDp68=1675313757; cSyncDp71=1675313757; cSyncDp85=1675313757; cSyncDp95v3=1675313757; cSyncDp98v2=1675313757; cSyncDp101=1675313757; cSyncDp104v2=1675313757; cSyncDp107=1675313757; cSyncDp110=1675313757; cSyncDp125v3=1675313757; cSyncDp126=1675313757; cSyncDp127=1675313757; cSyncDp129=1675313757; cSyncDp136v2=1675313757; cSyncDp146=1675313757; cSyncDp148=1675313757; cSyncDp149v2=1675313757; cSyncDp151=1675313757; cSyncDp178=1675313757; cSyncDp186=1675313757; cSyncDp221=1675313757; cSyncDp235=1675313757
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=98&euid=14bc45a1-2fe7-4073-9ad0-9b58b19701c8

193.3.184.227

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=98&euid=14bc45a1-2fe7-4073-9ad0-9b58b19701c8
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=98&euid=14bc45a1-2fe7-4073-9ad0-9b58b19701c8 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2PbQl0Xrwo7Dqe2ApSaRRFqz5/HFI8qt1c/7wYHa+0V; cSyncDp7v2=1675313757; cSyncDp14v3=1675313757; cSyncDp17=1675313757; cSyncDp32=1675313757; cSyncDp45v3=1675313757; cSyncDp53v2=1675313757; cSyncDp62=1675313757; cSyncDp67v2=1675313757; cSyncDp68=1675313757; cSyncDp71=1675313757; cSyncDp85=1675313757; cSyncDp95v3=1675313757; cSyncDp98v2=1675313757; cSyncDp101=1675313757; cSyncDp104v2=1675313757; cSyncDp107=1675313757; cSyncDp110=1675313757; cSyncDp125v3=1675313757; cSyncDp126=1675313757; cSyncDp127=1675313757; cSyncDp129=1675313757; cSyncDp136v2=1675313757; cSyncDp146=1675313757; cSyncDp148=1675313757; cSyncDp149v2=1675313757; cSyncDp151=1675313757; cSyncDp178=1675313757; cSyncDp186=1675313757; cSyncDp221=1675313757; cSyncDp235=1675313757
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=129&euid=ploon4xysg

193.3.184.227

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=129&euid=ploon4xysg
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=129&euid=ploon4xysg HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2PbQl0Xrwo7Dqe2ApSaRRFqz5/HFI8qt1c/7wYHa+0V; cSyncDp7v2=1675313757; cSyncDp14v3=1675313757; cSyncDp17=1675313757; cSyncDp32=1675313757; cSyncDp45v3=1675313757; cSyncDp53v2=1675313757; cSyncDp62=1675313757; cSyncDp67v2=1675313757; cSyncDp68=1675313757; cSyncDp71=1675313757; cSyncDp85=1675313757; cSyncDp95v3=1675313757; cSyncDp98v2=1675313757; cSyncDp101=1675313757; cSyncDp104v2=1675313757; cSyncDp107=1675313757; cSyncDp110=1675313757; cSyncDp125v3=1675313757; cSyncDp126=1675313757; cSyncDp127=1675313757; cSyncDp129=1675313757; cSyncDp136v2=1675313757; cSyncDp146=1675313757; cSyncDp148=1675313757; cSyncDp149v2=1675313757; cSyncDp151=1675313757; cSyncDp178=1675313757; cSyncDp186=1675313757; cSyncDp221=1675313757; cSyncDp235=1675313757
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
1afd3517ebc844038700db8c82d69ae3
1327e511903b229cd36c1647fdb71c17d4ce7bdd
ff3430f1affa22881cd632c75d9f51cb97deb53a2cd76f3ee3be5e4b0518192a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 23:26:49 GMT
Expires: Wed, 08 Feb 2023 23:26:48 GMT
Etag: "1327e511903b229cd36c1647fdb71c17d4ce7bdd"
Cache-Control: max-age=584449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7930566d6d10b4ff-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
db7e0be65c783c07cac86e8e9e040ddb
917c3c0c522f73baf8f2f5715d3325598dbb939a
7b9f9540b486e157a1eb57236f3e8ffe5f279bed4c28e5da356147de7bf9f726

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B9F9540B486E157A1EB57236F3E8FFE5F279BED4C28E5DA356147DE7BF9F726"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14599
Expires: Thu, 02 Feb 2023 08:59:17 GMT
Date: Thu, 02 Feb 2023 04:55:58 GMT
Connection: keep-alive

dmp.gotechnology.io/match/sape?id=1303420A5D42DB633B0AAF1702B6A70E

142.132.209.138

302 Found

0 B

URL HTTP/2
dmp.gotechnology.io/match/sape?id=1303420A5D42DB633B0AAF1702B6A70E
IP
142.132.209.138:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/sape?id=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 04:55:58 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=1303420A5D42DB633B0AAF1702B6A70E&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

dmp.gotechnology.io/match/sape?id=1303420A5D42DB633B0AAF1702B6A70E&chk=1

142.132.209.138

302 Found

0 B

URL HTTP/2
dmp.gotechnology.io/match/sape?id=1303420A5D42DB633B0AAF1702B6A70E&chk=1
IP
142.132.209.138:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/sape?id=1303420A5D42DB633B0AAF1702B6A70E&chk=1 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 04:55:58 GMT
content-length: 0
location: https://ads.betweendigital.com/match?bidder_id=98&external_user_id=NjQ1ZmUyMjA3ZTg3M2ZkMA
set-cookie: pid=NjQ1ZmUyMjA3ZTg3M2ZkMA; expires=Fri, 02 Feb 2024 04:55:58 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

e1e19398-a2b5-11ed-a1c4-002590c82437.n3.sync.bumlam.com/?src=sape

80.87.198.24

302 Found

0 B

URL HTTP/2
e1e19398-a2b5-11ed-a1c4-002590c82437.n3.sync.bumlam.com/?src=sape
IP
80.87.198.24:0
ASN
#29182 JSC IOT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape HTTP/1.1
Host: e1e19398-a2b5-11ed-a1c4-002590c82437.n3.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRlMWUxOTM5OC1hMmI1LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.22.1
date: Thu, 02 Feb 2023 04:55:58 GMT
content-length: 0
location: https://pix.bumlam.com/sync/sape/done
X-Firefox-Spdy: h2

pix.bumlam.com/sync/sape/done

31.172.81.172

200 OK

43 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/done
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRlMWUxOTM5OC1hMmI1LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
26896c6042f71e76e9612b93ced1f1dc
fd7a548019cc4e48be4129f578c0579e8d127269
fa16e2e7e3c433eb56017508ed7cb011bd0a94e5ca51e5bc20cd87c8ba3ab024

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA16E2E7E3C433EB56017508ED7CB011BD0A94E5CA51E5BC20CD87C8BA3AB024"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7541
Expires: Thu, 02 Feb 2023 07:01:39 GMT
Date: Thu, 02 Feb 2023 04:55:58 GMT
Connection: keep-alive

match.new-programmatic.com/userbind?src=sape&id=1303420A5D42DB633B0AAF1702B6A70E

217.65.2.150

204 No Content

0 B

URL HTTP/1.1
match.new-programmatic.com/userbind?src=sape&id=1303420A5D42DB633B0AAF1702B6A70E
IP
217.65.2.150:0
ASN
#3175 Filanco LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userbind?src=sape&id=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
b033740c44865030356184729dcf6d7e
7831e60099bf000323d9b95493127f692754a8bc
23df5b5e1bab6596faac33987d0c4cacd09bdd5fb44f43b12b7a2983f1551a8a

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 06 Feb 2023 03:52:51 GMT
ETag: "7831e60099bf000323d9b95493127f692754a8bc"
Last-Modified: Thu, 02 Feb 2023 03:52:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 752
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7930566f6e84b503-OSL

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
b033740c44865030356184729dcf6d7e
7831e60099bf000323d9b95493127f692754a8bc
23df5b5e1bab6596faac33987d0c4cacd09bdd5fb44f43b12b7a2983f1551a8a

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 06 Feb 2023 03:52:51 GMT
ETag: "7831e60099bf000323d9b95493127f692754a8bc"
Last-Modified: Thu, 02 Feb 2023 03:52:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 752
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7930566f8e8fb503-OSL

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

938 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
938 B (938 bytes)
Hash
8d1704aa68d04fd80db66a01edb4f35f
9503fc287323aee329fc076aa8abad1c0e1cf25d
da3eeaf8aed1f09d326ce2705eb30100f0146ad8f41486e20f31b8db4c4e0d85

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Mon, 06 Feb 2023 01:34:21 GMT
ETag: "9503fc287323aee329fc076aa8abad1c0e1cf25d"
Last-Modified: Thu, 02 Feb 2023 01:34:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2673
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7930566fbeacb503-OSL

ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691

195.209.108.36

302 Moved Temporarily

0 B

URL HTTP/1.1
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP
195.209.108.36:0
ASN
#52007 LLC AdRiver

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-5520914957; expires=Sat, 01 Feb 2025 04:55:58 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5520914957
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1303420A5D42DB633B0AAF1702B6A70E

81.222.128.214

200 OK

42 B

URL HTTP/1.1
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1303420A5D42DB633B0AAF1702B6A70E
IP
81.222.128.214:0
ASN
#20597 PVimpelCom

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cgi-bin/sync.cgi?dsp_id=153&external_id=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

ocsp.globalsign.com/alphasslcasha256g4

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/alphasslcasha256g4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1437 bytes)
Hash
45cc3902d7987738771c0f6a04adc91f
d3a49731c42d4d3512df494aa67dab40e78dd5ce
6172e0b12566e35ffc9d899f64103af8d002a8d0aaad5999bf215f83e556d193

HTTP Headers

POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Mon, 06 Feb 2023 02:54:55 GMT
ETag: "d3a49731c42d4d3512df494aa67dab40e78dd5ce"
Last-Modified: Thu, 02 Feb 2023 02:54:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2580
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7930566fcebab503-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:03:25 GMT
Expires: Wed, 08 Feb 2023 02:03:24 GMT
Etag: "a9569ad568776c896099e2e7b4291dbe7101cb9b"
Cache-Control: max-age=507445,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7930566f9e68b4ff-OSL

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
f2aa47894a98f584f80c3f0a4ce3456b
31091b3b175cd0a4326702b6f6dbe756e85860d8
896c40b188e8e205d8d3ffbdf972e2d408922edbb27a441e5b573e8a5ecef5e9

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 06 Feb 2023 03:46:47 GMT
ETag: "31091b3b175cd0a4326702b6f6dbe756e85860d8"
Last-Modified: Thu, 02 Feb 2023 03:46:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1578
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7930566fdeceb503-OSL

ocsp.usertrust.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
c60ca4b761622aee6dac8fcd5a7b47bb
bf27b8a42a03073eb548b79b3adfc1c4a09921ba
55e4d169563b096866bbab23531097fd09fa620a64f56261165cf190aa90aaa7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 04:18:19 GMT
Expires: Mon, 06 Feb 2023 04:18:18 GMT
Etag: "bf27b8a42a03073eb548b79b3adfc1c4a09921ba"
Cache-Control: max-age=604094,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1404
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7930566fecb60b3d-OSL

sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D

77.245.57.72

400 Bad Request

22 B

URL HTTP/1.1
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP
77.245.57.72:0
ASN
#36057 WEBAIR-INTERNET-MTL

File type
ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
b0b11e1c78b526b61477f8e9ee540be0
d5e73002987ff54626542b116d98a8f4aa9ee2eb
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

HTTP Headers

GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Length: 22
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache

ads.betweendigital.com/match?bidder_id=73&external_user_id=1303420A5D42DB633B0AAF1702B6A70E

188.42.196.115

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=73&external_user_id=1303420A5D42DB633B0AAF1702B6A70E
IP
188.42.196.115:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=73&external_user_id=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=1303420A5D42DB633B0AAF1702B6A70E&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:55:58 GMT; Path=/; Domain=.betweendigital.com
tuuid=9cf442da-755a-5221-8e59-b462ed82f63c; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:55:58 GMT; Path=/; Domain=.betweendigital.com
ut=Y9tCXgAK-JgqiVcvM9iqA6V6QrXgQs6cuPKoWg==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:55:58 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09905a9da2b8c534b2a2339f7ed3ea0f
c9757e32b8d0032fe15e166141f832a9133d575f
48f74cadddfc2aaa06f4831abb571ce1717243a159508098f25922762d694c15

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F74CADDDFC2AAA06F4831ABB571CE1717243A159508098F25922762D694C15"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4205
Expires: Thu, 02 Feb 2023 06:06:03 GMT
Date: Thu, 02 Feb 2023 04:55:58 GMT
Connection: keep-alive

ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5520914957

195.209.108.36

302 Moved Temporarily

40 B

URL HTTP/1.1
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5520914957
IP
195.209.108.36:0
ASN
#52007 LLC AdRiver

File type
ASCII text, with CRLF line terminators
Size
40 B (40 bytes)
Hash
251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b

HTTP Headers

GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5520914957 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Sat, 01 Feb 2025 04:55:58 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
645b149853d2e8d8b460e09a5231bcec
cd54f27e759f0b079221bd069e91508fcce95c50
7d654dbb8003ab9047d1b9b60455ab21bf937e4cddcb36ea0165f17664c076fc

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 06 Feb 2023 03:52:48 GMT
ETag: "cd54f27e759f0b079221bd069e91508fcce95c50"
Last-Modified: Thu, 02 Feb 2023 03:52:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 378
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793056703f02b503-OSL

ads.betweendigital.com/match?bidder_id=98&external_user_id=NjQ1ZmUyMjA3ZTg3M2ZkMA

188.42.196.115

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=98&external_user_id=NjQ1ZmUyMjA3ZTg3M2ZkMA
IP
188.42.196.115:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=98&external_user_id=NjQ1ZmUyMjA3ZTg3M2ZkMA HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=98&external_user_id=NjQ1ZmUyMjA3ZTg3M2ZkMA&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:55:58 GMT; Path=/; Domain=.betweendigital.com
tuuid=242205b4-6219-5221-a6b9-4beec56209b0; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:55:58 GMT; Path=/; Domain=.betweendigital.com
ut=Y9tCXgALbcgP2Gbgeovnqs6Hy83-fnT4A76L7g==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:55:58 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
e94be1e17fca2b35386966a173ffd7c6
e48233c2fbe869a3f060f5ac50fd5e9bc3497ec5
b9bf7f3fdc78d0ed1aaa5aa9c0e659bf3cd18cba0d17bfe01db04727a865e888

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 06 Feb 2023 02:26:56 GMT
ETag: "e48233c2fbe869a3f060f5ac50fd5e9bc3497ec5"
Last-Modified: Thu, 02 Feb 2023 02:26:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 51
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793056704f09b503-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
47104af366e237afec3af30f37af7dba
b24492f724ba1d4395df66bc2e0de1bdabc4264d
59c7255b4bd417487377052a2b4ec75029319525bad73a5ef43dce28d79efbbb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 14:18:45 GMT
Expires: Tue, 07 Feb 2023 14:18:44 GMT
Etag: "b24492f724ba1d4395df66bc2e0de1bdabc4264d"
Cache-Control: max-age=465165,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793056701e96b4ff-OSL

ads.betweendigital.com/match?bidder_id=73&external_user_id=1303420A5D42DB633B0AAF1702B6A70E&crf=1

188.42.196.115

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=73&external_user_id=1303420A5D42DB633B0AAF1702B6A70E&crf=1
IP
188.42.196.115:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=73&external_user_id=1303420A5D42DB633B0AAF1702B6A70E&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:55:58 GMT; Path=/; Domain=.betweendigital.com
tuuid=b0fc3653-df08-5221-b0dd-936cd306d132; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:55:58 GMT; Path=/; Domain=.betweendigital.com
ut=Y9tCXgALkPA1lW5yNX6Dlr2w1o7nstDjuCWTcQ==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:55:58 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

sape-sync.rutarget.ru/sync

188.72.107.228

302 Moved Temporarily

0 B

URL HTTP/1.1
sape-sync.rutarget.ru/sync
IP
188.72.107.228:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=F7oW9DJ0fp9u
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=F7oW9DJ0fp9u; Path=/; Domain=.rutarget.ru; Expires=Tue, 01 Aug 2023 04:55:58 GMT; SameSite=None; Secure

ad.mail.ru/cm.gif?p=48&id=1303420A5D42DB633B0AAF1702B6A70E

95.163.41.56

200 OK

43 B

URL HTTP/2
ad.mail.ru/cm.gif?p=48&id=1303420A5D42DB633B0AAF1702B6A70E
IP
95.163.41.56:0
ASN
#47764 Mail.Ru LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /cm.gif?p=48&id=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=2C5K7Z33tMYF0025BJ2YWUIF:::0-0-0-8f59b1e:CAASEEQusUQAu5sSxYvk6JVV0ToaYE_kdmWLGPPE1jLwGmun-mqfPmjtv_c31u57U6a-uFD5XGIUi06q9mkPNYIETv2OudYq_DDx4scrmztYJ5P0tlDSPTuu71dYxC3woqsjT7yMdYahVVdGP7QUE_URwnMCdQ; path=/; expires=Sat, 03-Feb-24 04:55:58 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Thu, 02 Feb 2023 10:55:58 GMT
cache-control: max-age=21600
last-modified: Thu, 02 Feb 2023 04:55:58 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2

tag.digitaltarget.ru/adcm.js

185.15.175.145

200 OK

3.1 kB

URL HTTP/1.1
tag.digitaltarget.ru/adcm.js
IP
185.15.175.145:0
ASN
#43226 SafeData LLC

File type
ASCII text, with very long lines (3051), with no line terminators
Size
3.1 kB (3051 bytes)
Hash
e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

HTTP Headers

GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Thu, 02 Feb 2023 04:34:10 GMT
Connection: keep-alive
ETag: "63db3d42-beb"
Accept-Ranges: bytes

ads.betweendigital.com/match?bidder_id=98&external_user_id=NjQ1ZmUyMjA3ZTg3M2ZkMA&crf=1

188.42.196.115

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=98&external_user_id=NjQ1ZmUyMjA3ZTg3M2ZkMA&crf=1
IP
188.42.196.115:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=98&external_user_id=NjQ1ZmUyMjA3ZTg3M2ZkMA&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:55:58 GMT; Path=/; Domain=.betweendigital.com
tuuid=116b2123-1d35-5221-8e76-5b64edad193a; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:55:58 GMT; Path=/; Domain=.betweendigital.com
ut=Y9tCXgAL-mhnIZwvwqPf7xMW60DszFsewhkofw==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:55:58 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D

193.3.184.227

302 Found

154 B

URL HTTP/2
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2PbQl0Xrwo7Dqe2ApSaRRFqz5/HFI8qt1c/7wYHa+0V; cSyncDp7v2=1675313757; cSyncDp14v3=1675313757; cSyncDp17=1675313757; cSyncDp32=1675313757; cSyncDp45v3=1675313757; cSyncDp53v2=1675313757; cSyncDp62=1675313757; cSyncDp67v2=1675313757; cSyncDp68=1675313757; cSyncDp71=1675313757; cSyncDp85=1675313757; cSyncDp95v3=1675313757; cSyncDp98v2=1675313757; cSyncDp101=1675313757; cSyncDp104v2=1675313757; cSyncDp107=1675313757; cSyncDp110=1675313757; cSyncDp125v3=1675313757; cSyncDp126=1675313757; cSyncDp127=1675313757; cSyncDp129=1675313757; cSyncDp136v2=1675313757; cSyncDp146=1675313757; cSyncDp148=1675313757; cSyncDp149v2=1675313757; cSyncDp151=1675313757; cSyncDp178=1675313757; cSyncDp186=1675313757; cSyncDp221=1675313757; cSyncDp235=1675313757
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1303420A5D42DB633B0AAF1702B6A70E
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

x01.aidata.io/0.gif?pid=9401454&id=1303420A5D42DB633B0AAF1702B6A70E

89.108.119.43

302 Found

0 B

URL HTTP/2
x01.aidata.io/0.gif?pid=9401454&id=1303420A5D42DB633B0AAF1702B6A70E
IP
89.108.119.43:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0.gif?pid=9401454&id=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 04:55:58 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=1303420A5D42DB633B0AAF1702B6A70E&bounce=1
expires: Thu, 02 Feb 2023 04:55:57 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Thu, 02 Feb 2023 04:55:57 GMT
set-cookie: __upin=Ig6glxpDNA2wm4m59FvRVQ;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675313758;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1303420A5D42DB633B0AAF1702B6A70E

81.222.128.214

200 OK

42 B

URL HTTP/1.1
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1303420A5D42DB633B0AAF1702B6A70E
IP
81.222.128.214:0
ASN
#20597 PVimpelCom

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cgi-bin/sync.cgi?ssp_id=43&external_id=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

www.acint.net/match?dp=104&euid=F7oW9DJ0fp9u

193.3.184.227

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=104&euid=F7oW9DJ0fp9u
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=104&euid=F7oW9DJ0fp9u HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2PbQl0Xrwo7Dqe2ApSaRRFqz5/HFI8qt1c/7wYHa+0V; cSyncDp7v2=1675313757; cSyncDp14v3=1675313757; cSyncDp17=1675313757; cSyncDp32=1675313757; cSyncDp45v3=1675313757; cSyncDp53v2=1675313757; cSyncDp62=1675313757; cSyncDp67v2=1675313757; cSyncDp68=1675313757; cSyncDp71=1675313757; cSyncDp85=1675313757; cSyncDp95v3=1675313757; cSyncDp98v2=1675313757; cSyncDp101=1675313757; cSyncDp104v2=1675313757; cSyncDp107=1675313757; cSyncDp110=1675313757; cSyncDp125v3=1675313757; cSyncDp126=1675313757; cSyncDp127=1675313757; cSyncDp129=1675313757; cSyncDp136v2=1675313757; cSyncDp146=1675313757; cSyncDp148=1675313757; cSyncDp149v2=1675313757; cSyncDp151=1675313757; cSyncDp178=1675313757; cSyncDp186=1675313757; cSyncDp221=1675313757; cSyncDp235=1675313757
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sm.rtb.mts.ru/p?ssp=sape&id=1303420A5D42DB633B0AAF1702B6A70E

217.66.147.37

301 Moved Permanently

0 B

URL HTTP/1.1
sm.rtb.mts.ru/p?ssp=sape&id=1303420A5D42DB633B0AAF1702B6A70E
IP
217.66.147.37:0
ASN
#29209 MTS PJSC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sape&id=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=1303420A5D42DB633B0AAF1702B6A70E
Set-Cookie: dspid=7e17c7a4-a978-4881-a277-1009e0dc9ae1; expires=Wed, 24 Jan 2024 04:55:58 GMT; domain=.mts.ru; path=/; secure; SameSite=None

px.adhigh.net/p/cm/sape?u=1303420A5D42DB633B0AAF1702B6A70E

193.232.150.46

302 Found

0 B

URL HTTP/2
px.adhigh.net/p/cm/sape?u=1303420A5D42DB633B0AAF1702B6A70E
IP
193.232.150.46:0
ASN
#48061 Limited Liability Company GPM Digital Technologies

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/cm/sape?u=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 04:55:58 GMT
content-length: 0
x-backend-id: f19-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=u71kBCsEW2G0.AikABlGGEHtCZQ;Path=/;Domain=.adhigh.net;Expires=Fri, 02-Feb-2024 04:55:58 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=1303420A5D42DB633B0AAF1702B6A70E&bounced=1
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:03:25 GMT
Expires: Wed, 08 Feb 2023 02:03:24 GMT
Etag: "a9569ad568776c896099e2e7b4291dbe7101cb9b"
Cache-Control: max-age=507445,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7930566fac0ab511-OSL

x01.aidata.io/0.gif?pid=9401454&id=1303420A5D42DB633B0AAF1702B6A70E&bounce=1

89.108.119.43

204 No Content

0 B

URL HTTP/2
x01.aidata.io/0.gif?pid=9401454&id=1303420A5D42DB633B0AAF1702B6A70E&bounce=1
IP
89.108.119.43:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0.gif?pid=9401454&id=1303420A5D42DB633B0AAF1702B6A70E&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Thu, 02 Feb 2023 04:55:58 GMT
expires: Thu, 02 Feb 2023 04:55:57 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Thu, 02 Feb 2023 04:55:57 GMT
set-cookie: __upin=FdypkS1NdoGwK9GSrPD3ww;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675313758;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D

188.42.196.115

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP
188.42.196.115:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:55:58 GMT; Path=/; Domain=.betweendigital.com
tuuid=a9694be4-b643-5221-89c7-47c0ea1c059e; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:55:58 GMT; Path=/; Domain=.betweendigital.com
ut=Y9tCXgANVhCnvk1Td6a2iO8vAfwzWHkGBDGA1Q==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:55:58 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

tag.digitaltarget.ru/processor.js?i=645273286328099

185.15.175.145

200 OK

16 kB

URL HTTP/1.1
tag.digitaltarget.ru/processor.js?i=645273286328099
IP
185.15.175.145:0
ASN
#43226 SafeData LLC

File type
ASCII text, with very long lines (15892), with no line terminators
Size
16 kB (15892 bytes)
Hash
736e2fb1da94f3277e3f931048c1b9f3
196387db95a17da825b629de3542eff901b09905
4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc

HTTP Headers

GET /processor.js?i=645273286328099 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Type: application/javascript
Content-Length: 15892
Last-Modified: Thu, 02 Feb 2023 04:34:10 GMT
Connection: keep-alive
ETag: "63db3d42-3e14"
Accept-Ranges: bytes

sm.rtb.mts.ru/match/second?ssp=30&exu=1303420A5D42DB633B0AAF1702B6A70E

217.66.147.37

200 OK

0 B

URL HTTP/1.1
sm.rtb.mts.ru/match/second?ssp=30&exu=1303420A5D42DB633B0AAF1702B6A70E
IP
217.66.147.37:0
ASN
#29209 MTS PJSC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/second?ssp=30&exu=1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:55:58 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

px.adhigh.net/p/cm/sape?u=1303420A5D42DB633B0AAF1702B6A70E&bounced=1

193.232.150.46

200 OK

49 B

URL HTTP/2
px.adhigh.net/p/cm/sape?u=1303420A5D42DB633B0AAF1702B6A70E&bounced=1
IP
193.232.150.46:0
ASN
#48061 Limited Liability Company GPM Digital Technologies

File type
GIF image data, version 89a, 1 x 1\012- data
Size
49 B (49 bytes)
Hash
889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

HTTP Headers

GET /p/cm/sape?u=1303420A5D42DB633B0AAF1702B6A70E&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 04:55:58 GMT
content-type: image/gif
content-length: 49
x-backend-id: f19-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1

188.42.196.115

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP
188.42.196.115:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:55:58 GMT; Path=/; Domain=.betweendigital.com
tuuid=25c226c9-706b-5221-b2d2-86d4d109c48a; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:55:58 GMT; Path=/; Domain=.betweendigital.com
ut=Y9tCXgAN4rAzLSdFRj8GkGI3TjUDJFPXsQXfDA==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:55:58 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fc797e4e4215c50a42918f78bf25dd9b
3a9d446065eb8b0d530dab59538a290125b4647b
9fe7badd15d6591176c688dafa284fdf9d8f991109e0c3a9e56a17d8c61efd2e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FE7BADD15D6591176C688DAFA284FDF9D8F991109E0C3A9E56A17D8C61EFD2E"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14294
Expires: Thu, 02 Feb 2023 08:54:13 GMT
Date: Thu, 02 Feb 2023 04:55:59 GMT
Connection: keep-alive

dmg.digitaltarget.ru/1/1093/i/i?i=419510940371118.427885411024587&a=77&e=1303420A5D42DB633B0AAF1702B6A70E&pref=http%3A%2F%2Fwww.moviesubtitles.ru%2F&c=ss:77.up:1303420A5D42DB633B0AAF1702B6A70E.sync:up.xdua:duLL13PEN7p_b3k4nGXoXqTO.xps:xps65F6pn4KfjD4PBBxjsHIXz.dn:acint__net.adcm:hit.tg:adcmjs_noorient

185.15.175.130

307 Temporary Redirect

0 B

URL HTTP/1.1
dmg.digitaltarget.ru/1/1093/i/i?i=419510940371118.427885411024587&a=77&e=1303420A5D42DB633B0AAF1702B6A70E&pref=http%3A%2F%2Fwww.moviesubtitles.ru%2F&c=ss:77.up:1303420A5D42DB633B0AAF1702B6A70E.sync:up.xdua:duLL13PEN7p_b3k4nGXoXqTO.xps:xps65F6pn4KfjD4PBBxjsHIXz.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
185.15.175.130:0
ASN
#43226 SafeData LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/1093/i/i?i=419510940371118.427885411024587&a=77&e=1303420A5D42DB633B0AAF1702B6A70E&pref=http%3A%2F%2Fwww.moviesubtitles.ru%2F&c=ss:77.up:1303420A5D42DB633B0AAF1702B6A70E.sync:up.xdua:duLL13PEN7p_b3k4nGXoXqTO.xps:xps65F6pn4KfjD4PBBxjsHIXz.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 02 Feb 2023 04:55:59 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675313759050&i=419510940371118.427885411024587&a=77&e=1303420A5D42DB633B0AAF1702B6A70E&pref=http%3A%2F%2Fwww.moviesubtitles.ru%2F&c=ss:77.up:1303420A5D42DB633B0AAF1702B6A70E.sync:up.xdua:duLL13PEN7p_b3k4nGXoXqTO.xps:xps65F6pn4KfjD4PBBxjsHIXz.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=syOsLi8Luag2k0D7c1-t; Max-Age=93312000; Expires=Sat, 17 Jan 2026 04:55:59 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/1/1093/i/i?i=419510940371118.117721617067024&a=77&e=1303420A5D42DB633B0AAF1702B6A70E&pref=http%3A%2F%2Fwww.moviesubtitles.ru%2F&c=ss:77.up:1303420A5D42DB633B0AAF1702B6A70E.sync:up.xdua:duLL13PEN7p_b3k4nGXoXqTO.xps:xps65F6pn4KfjD4PBBxjsHIXz.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

185.15.175.130

307 Temporary Redirect

0 B

URL HTTP/1.1
dmg.digitaltarget.ru/1/1093/i/i?i=419510940371118.117721617067024&a=77&e=1303420A5D42DB633B0AAF1702B6A70E&pref=http%3A%2F%2Fwww.moviesubtitles.ru%2F&c=ss:77.up:1303420A5D42DB633B0AAF1702B6A70E.sync:up.xdua:duLL13PEN7p_b3k4nGXoXqTO.xps:xps65F6pn4KfjD4PBBxjsHIXz.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
185.15.175.130:0
ASN
#43226 SafeData LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/1093/i/i?i=419510940371118.117721617067024&a=77&e=1303420A5D42DB633B0AAF1702B6A70E&pref=http%3A%2F%2Fwww.moviesubtitles.ru%2F&c=ss:77.up:1303420A5D42DB633B0AAF1702B6A70E.sync:up.xdua:duLL13PEN7p_b3k4nGXoXqTO.xps:xps65F6pn4KfjD4PBBxjsHIXz.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 02 Feb 2023 04:55:59 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675313759061&i=419510940371118.117721617067024&a=77&e=1303420A5D42DB633B0AAF1702B6A70E&pref=http%3A%2F%2Fwww.moviesubtitles.ru%2F&c=ss:77.up:1303420A5D42DB633B0AAF1702B6A70E.sync:up.xdua:duLL13PEN7p_b3k4nGXoXqTO.xps:xps65F6pn4KfjD4PBBxjsHIXz.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=3gERiFpbowKl5Zi7z.u9; Max-Age=93312000; Expires=Sat, 17 Jan 2026 04:55:59 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675313759050&i=419510940371118.427885411024587&a=77&e=1303420A5D42DB633B0AAF1702B6A70E&pref=http%3A%2F%2Fwww.moviesubtitles.ru%2F&c=ss:77.up:1303420A5D42DB633B0AAF1702B6A70E.sync:up.xdua:duLL13PEN7p_b3k4nGXoXqTO.xps:xps65F6pn4KfjD4PBBxjsHIXz.dn:acint__net.adcm:hit.tg:adcmjs_noorient

185.15.175.130

200 OK

64 B

URL HTTP/1.1
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675313759050&i=419510940371118.427885411024587&a=77&e=1303420A5D42DB633B0AAF1702B6A70E&pref=http%3A%2F%2Fwww.moviesubtitles.ru%2F&c=ss:77.up:1303420A5D42DB633B0AAF1702B6A70E.sync:up.xdua:duLL13PEN7p_b3k4nGXoXqTO.xps:xps65F6pn4KfjD4PBBxjsHIXz.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
185.15.175.130:0
ASN
#43226 SafeData LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8

HTTP Headers

GET /awg/custom/1093/i/i?call_source=awg&ts=1675313759050&i=419510940371118.427885411024587&a=77&e=1303420A5D42DB633B0AAF1702B6A70E&pref=http%3A%2F%2Fwww.moviesubtitles.ru%2F&c=ss:77.up:1303420A5D42DB633B0AAF1702B6A70E.sync:up.xdua:duLL13PEN7p_b3k4nGXoXqTO.xps:xps65F6pn4KfjD4PBBxjsHIXz.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:55:59 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 4
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675313759061&i=419510940371118.117721617067024&a=77&e=1303420A5D42DB633B0AAF1702B6A70E&pref=http%3A%2F%2Fwww.moviesubtitles.ru%2F&c=ss:77.up:1303420A5D42DB633B0AAF1702B6A70E.sync:up.xdua:duLL13PEN7p_b3k4nGXoXqTO.xps:xps65F6pn4KfjD4PBBxjsHIXz.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

185.15.175.130

200 OK

64 B

URL HTTP/1.1
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675313759061&i=419510940371118.117721617067024&a=77&e=1303420A5D42DB633B0AAF1702B6A70E&pref=http%3A%2F%2Fwww.moviesubtitles.ru%2F&c=ss:77.up:1303420A5D42DB633B0AAF1702B6A70E.sync:up.xdua:duLL13PEN7p_b3k4nGXoXqTO.xps:xps65F6pn4KfjD4PBBxjsHIXz.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
185.15.175.130:0
ASN
#43226 SafeData LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8

HTTP Headers

GET /awg/custom/1093/i/i?call_source=awg&ts=1675313759061&i=419510940371118.117721617067024&a=77&e=1303420A5D42DB633B0AAF1702B6A70E&pref=http%3A%2F%2Fwww.moviesubtitles.ru%2F&c=ss:77.up:1303420A5D42DB633B0AAF1702B6A70E.sync:up.xdua:duLL13PEN7p_b3k4nGXoXqTO.xps:xps65F6pn4KfjD4PBBxjsHIXz.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:55:59 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6501
Expires: Thu, 02 Feb 2023 06:44:20 GMT
Date: Thu, 02 Feb 2023 04:55:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6501
Expires: Thu, 02 Feb 2023 06:44:20 GMT
Date: Thu, 02 Feb 2023 04:55:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6501
Expires: Thu, 02 Feb 2023 06:44:20 GMT
Date: Thu, 02 Feb 2023 04:55:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6501
Expires: Thu, 02 Feb 2023 06:44:20 GMT
Date: Thu, 02 Feb 2023 04:55:59 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23ac16a6-b0c6-4c81-9bd1-78ee332bf49a.jpeg

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23ac16a6-b0c6-4c81-9bd1-78ee332bf49a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14593 bytes)
Hash
0ceb09fa3caa0fcda4a6314141e2d019
d08f43956f6859e4c2385231bb5506262257445f
a2100701c69f86920b14714b19ec14db9ebfd91000f0ec2397b8f27d981bc1ee

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23ac16a6-b0c6-4c81-9bd1-78ee332bf49a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14593
x-amzn-requestid: 796fc590-5a08-4765-b861-e5f707e4d7f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdLoFHQoAMFaAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbe3-3f93635c337e77e453bba394;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gYo5IyA5mM2B5nw6O2QkkZ6-go2CzG8Nwb_pWSixGplAl7LsbmWUiQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:19 GMT
age: 24940
etag: "d08f43956f6859e4c2385231bb5506262257445f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5356 bytes)
Hash
7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 23824
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

an.yandex.ru/mapuid/sapeis/1303420A5D42DB633B0AAF1702B6A70E?redir-setuniq=1

77.88.21.90

200 OK

7.5 kB

URL HTTP/2
an.yandex.ru/mapuid/sapeis/1303420A5D42DB633B0AAF1702B6A70E?redir-setuniq=1
IP
77.88.21.90:0
ASN
#13238 YANDEX LLC

File type
data
Size
7.5 kB (7466 bytes)
Hash
da2cefa7c43575df9a8c1ffb7b8e71fb
bd19e4d25a564dcbb03aa3f241e679f01270107a
74903c2fac53bcfa2b03c3b85fdee5c5b437c7fcbec65b4ea81acf08b53b1f2f

HTTP Headers

GET /mapuid/sapeis/1303420A5D42DB633B0AAF1702B6A70E?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
timing-allow-origin: *
date: Thu, 02 Feb 2023 04:55:58 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 04:55:58 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 02 Feb 2023 04:55:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11198 bytes)
Hash
93ef9da6520124f03883a2b5241e0623
41b557bb05e1769c124aa0195c398e2dbd1fc0e9
dd6a1589ae40fb69c60f1675ea49a6a1a00d43e29d1a18f0d30b7c4e9bceee5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11198
x-amzn-requestid: f21313a6-3ca8-4c58-981c-a1700769719c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKUGu6IAMFsww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-1d60cc337f91692e436f2990;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: E6YLzYtdv40sBiYxz_GALMjA-Jk2RF9Ghflw68EvB2ty5XDxSQMUjg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:17:09 GMT
age: 23930
etag: "41b557bb05e1769c124aa0195c398e2dbd1fc0e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53ad6bfb-91d6-4204-960a-49f84cc18db2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8296 bytes)
Hash
5129c5bd93215d4f092922326826223e
b6df7a2f09b0efd9342589ffde5621ca6f894285
07fb43e6e0e11d9cd4bcf5d51d248f0fb85d41e231042bc7ad6c1897b3e82556

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53ad6bfb-91d6-4204-960a-49f84cc18db2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8296
x-amzn-requestid: 5961f5cd-2288-44e2-9eb2-35c115cdd95f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGqWoAMF34A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-609946154fa2e547084125e4;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: I8d6YKUvs4JH7qeMADQEm5Kl7r7GSvGvjnhxxfXgTclLuRVHeKKjJw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:04:58 GMT
age: 24661
etag: "b6df7a2f09b0efd9342589ffde5621ca6f894285"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 02:29:58 GMT
age: 8761
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.acint.net/ping/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=25166444&dT=2023-02-02T04%3A56%3A25.056

193.3.184.227

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/ping/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=25166444&dT=2023-02-02T04%3A56%3A25.056
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /ping/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=25166444&dT=2023-02-02T04%3A56%3A25.056 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.moviesubtitles.ru/

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 04:56:00 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/ping/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=25166444&dT=2023-02-02T04%3A56%3A25.056

www.acint.net/ping/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=25166444&dT=2023-02-02T04%3A56%3A25.056

193.3.184.227

200 OK

43 B

URL HTTP/2
www.acint.net/ping/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=25166444&dT=2023-02-02T04%3A56%3A25.056
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /ping/?v=0.5.0&uid=803af8c5-9e17-488a-806f-6025d4352adb&dp=10&tz=%2B00%3A00&nc=25166444&dT=2023-02-02T04%3A56%3A25.056 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.moviesubtitles.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDE2PbQl0Xrwo7Dqe2ApSaRRFqz5/HFI8qt1c/7wYHa+0V; cSyncDp7v2=1675313757; cSyncDp14v3=1675313757; cSyncDp17=1675313757; cSyncDp32=1675313757; cSyncDp45v3=1675313757; cSyncDp53v2=1675313757; cSyncDp62=1675313757; cSyncDp67v2=1675313757; cSyncDp68=1675313757; cSyncDp71=1675313757; cSyncDp85=1675313757; cSyncDp95v3=1675313757; cSyncDp98v2=1675313757; cSyncDp101=1675313757; cSyncDp104v2=1675313757; cSyncDp107=1675313757; cSyncDp110=1675313757; cSyncDp125v3=1675313757; cSyncDp126=1675313757; cSyncDp127=1675313757; cSyncDp129=1675313757; cSyncDp136v2=1675313757; cSyncDp146=1675313757; cSyncDp148=1675313757; cSyncDp149v2=1675313757; cSyncDp151=1675313757; cSyncDp178=1675313757; cSyncDp186=1675313757; cSyncDp221=1675313757; cSyncDp235=1675313757
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:56:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/oci.js?t=1675313782055

193.3.184.227

200 OK

0 B

URL HTTP/2
www.acint.net/oci.js?t=1675313782055
IP
193.3.184.227:0
ASN
#50214 QWARTA LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /oci.js?t=1675313782055 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.moviesubtitles.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:55:57 GMT
content-type: application/x-javascript
last-modified: Mon, 09 Jan 2023 08:01:14 GMT
etag: W/"63bbc9ca-7dac"
content-encoding: gzip
X-Firefox-Spdy: h2

ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D

176.122.21.226

302 Found

0 B

URL HTTP/2
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP
176.122.21.226:0
ASN
#48096 Enterprise Cloud Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=6acd91fef1f04ec484dc94e434189fd7
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=6acd91fef1f04ec484dc94e434189fd7; expires=Thu, 01 Feb 2024 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Thu, 02 Feb 2023 04:55:57 GMT
X-Firefox-Spdy: h2

ssp.bidvol.com/usersync?dspcsid=8&redirect=1

65.109.65.188

302 Found

0 B

URL HTTP/2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP
65.109.65.188:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.22.0
date: Thu, 02 Feb 2023 04:55:58 GMT
x-request-id: bb6eb571-df86-4b78-bcfb-25f3435e04a0
set-cookie: bvuid=ploon4xysg; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=ploon4xysg; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=ploon4xysg
X-Firefox-Spdy: h2

an.yandex.ru/mapuid/sapeis/1303420A5D42DB633B0AAF1702B6A70E

77.88.21.90

302 Found

0 B

URL HTTP/2
an.yandex.ru/mapuid/sapeis/1303420A5D42DB633B0AAF1702B6A70E
IP
77.88.21.90:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mapuid/sapeis/1303420A5D42DB633B0AAF1702B6A70E HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/1303420A5D42DB633B0AAF1702B6A70E?redir-setuniq=1
date: Thu, 02 Feb 2023 04:55:58 GMT
set-cookie: yandexuid=1490693701675313758; domain=.yandex.ru; path=/; expires=Sun, 30-Jan-2033 04:55:58 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 04:55:58 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 02 Feb 2023 04:55:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML