50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https:/d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%B2%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D1%86%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0
172.67.214.84200 OK 25 kB URL HTTP/1.1 50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https:/d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%B2%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D1%86%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0
IP 172.67.214.84:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12693), with CRLF, LF line terminators
Hash 114589a50637859ecbc29443e90ea845
99543c05e0347acb1eb15c26555612f746d138ce
bfbf751f81a1d68d723f7c9ff4acb07f0295290ec3446432ace98fb3f9a355db
NIDS Severity Alert suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
GET /index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https:/d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%B2%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D1%86%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0 HTTP/1.1
Host: 50.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:25:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-transform
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sd5wkW5XnffnAZt1Kami2hifM1NljaSNBsBJRSp2LTc%2BxJEjj%2BU%2FRw2xV%2Be9j5rXaZ6dXKIDX1P5X37R0bJzYvH5qxT7KeMNCTIRl5UShuN7d%2F1nO8MojOnv%2BjMkgJvU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7932e8a51dcc1c02-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12485
Expires: Thu, 02 Feb 2023 15:53:24 GMT
Date: Thu, 02 Feb 2023 12:25:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5409
Expires: Thu, 02 Feb 2023 13:55:28 GMT
Date: Thu, 02 Feb 2023 12:25:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 11:43:31 GMT
content-type: application/json
age: 2508
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8557
Expires: Thu, 02 Feb 2023 14:47:56 GMT
Date: Thu, 02 Feb 2023 12:25:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FMIQC9o+4/efx6rFxxMSsEgJrOIWA0SZKVJOPltOPFBl3H/4dO3KVrPxu8ujmRPDO+hnVpfq0Ac=
x-amz-request-id: A6Z79KZ0EXGC2HSY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 12:23:06 GMT
age: 133
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
50.biqund.com/assets/styles/arrow.css?v1
172.67.214.84200 OK 2.1 kB URL HTTP/1.1 50.biqund.com/assets/styles/arrow.css?v1
IP 172.67.214.84:0
Hash 42f2eac8fc2d717d43b63c19404d009d
f160ecec8abed0763a70ab4c412697cb661bb9a7
2c64ecb52bdbe782356e6b4c2763127a375d1114c858011f73455cfd27232efc
GET /assets/styles/arrow.css?v1 HTTP/1.1
Host: 50.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https:/d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%B2%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D1%86%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:25:19 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 12:29:48 GMT
ETag: W/"636262bc-1a14"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4412
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QquO67IcrY%2Be95M6%2BHYmf1IKCyAZN%2BnMnZCJ%2Bv1CkEwUBjkAqn74EUM9DcagtBx6TNrUo5rTrEA6DGsAeDr0Rk7Ws2AMvkwoCA6ZOKZ%2FPKj%2F8v92ZVIUYxDv6%2FQm3Hid"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7932e8a72fad1c02-OSL
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 12:25:19 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
50.biqund.com/199f8c6.php?utm_source=ogdd&utm_campaign=26670
172.67.214.84200 OK 17 kB URL HTTP/1.1 50.biqund.com/199f8c6.php?utm_source=ogdd&utm_campaign=26670
IP 172.67.214.84:0
File type Unicode text, UTF-8 text, with very long lines (42846), with no line terminators
Hash 671e8353a6488581dd408c2954905b90
113e8c5db5ff113d4eb0c4b7b1f8e516dd5997d0
13125afb040d05352412b5ca59e0da474941a6c5c8616c02301fb1fb5e90eb0b
GET /199f8c6.php?utm_source=ogdd&utm_campaign=26670 HTTP/1.1
Host: 50.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https:/d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%B2%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D1%86%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:25:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5v7z1zMm94xORFQRFdVHNkne%2FfkJ3asQkbavP1AOu7ZWOj8ZRywW37IegMN1Ng1Q7qyVmKONBLKpxfwWACMezcG97TL3Q2tl6aPaPvWzptdFNZqgDVUMiIUmx6Xi%2F5N"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7932e8a72ef50b51-OSL
alt-svc: h2=":443"; ma=60
50.biqund.com/favicon.ico
172.67.214.84200 OK 4.0 kB URL HTTP/1.1 50.biqund.com/favicon.ico
IP 172.67.214.84:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash a51793fe0317686ba089709c57a35b1a
61575816c708298644a9c26859edc3a17ae91ebd
b81a8f8301df8f22e0ca12689afd9855d710026631f486c9538fdb08b129b084
GET /favicon.ico HTTP/1.1
Host: 50.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https:/d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%B2%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D1%86%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:25:19 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 12:29:48 GMT
ETag: W/"636262bc-1007"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4412
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmY9jeV7YCiF6DOeJRa67ADDdHeUKl9lGajEBFT9NeHbq%2F4x%2Bhc8zafv4x%2FPas4FuWZEHnhH9aGK%2FGAOTS8zwYU8xXyZ8etKw%2Bq4U837QhXFvepaZhV9eQEBlmONCFxB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7932e8a828010b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 14672c54ecc880f0a3b0b3be8bb3aa8f
79d44e4380222773fb11678c58a0c4c470a46b57
41f3cbae3e0eaaeb020f29c665e4fcebad612839f6b467a17eed3fb6be6e4182
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41F3CBAE3E0EAAEB020F29C665E4FCEBAD612839F6B467A17EED3FB6BE6E4182"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17911
Expires: Thu, 02 Feb 2023 17:23:50 GMT
Date: Thu, 02 Feb 2023 12:25:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 13407c2147fc2d590f4032f46ed3d723
c719ff7116ddcfc8c9ef85b697387a29800a4b38
1c3873e6eab69fc2f505697b556449a9a2a49164fa6cccfd3d26f429864886c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C3873E6EAB69FC2F505697B556449A9A2A49164FA6CCCFD3D26F429864886C4"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10230
Expires: Thu, 02 Feb 2023 15:15:49 GMT
Date: Thu, 02 Feb 2023 12:25:19 GMT
Connection: keep-alive
sartojelius.com/84280
88.208.46.22200 OK 3.2 kB IP 88.208.46.22:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (3244), with no line terminators
Hash e798965e7f8adc6bf5180cc67424876b
805cef75cb1b06650e9165d13abbf2e514bb298e
477f69b4334e8ce7041d1fbbdf62559642c5835a4c579179193586005b890f15
POST /84280 HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://50.biqund.com/
Content-Type: text/plain;charset=UTF-8
Origin: http://50.biqund.com
Content-Length: 238
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 12:25:19 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://50.biqund.com
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: userid=a82f813b-405c-4adc-b1ac-e1603a5e285f; expires=Wed, 02-Feb-2028 12:25:19 GMT; Path=/; SameSite=None; Secure
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
hdtcode.com/event?data=&id=10
185.196.197.130200 OK 0 B URL HTTP/2 hdtcode.com/event?data=&id=10
IP 185.196.197.130:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?data=&id=10 HTTP/1.1
Host: hdtcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://50.biqund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 02 Feb 2023 12:25:19 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
hdtcode.com/event?data=&id=30
185.196.197.130200 OK 0 B URL HTTP/2 hdtcode.com/event?data=&id=30
IP 185.196.197.130:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?data=&id=30 HTTP/1.1
Host: hdtcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://50.biqund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 02 Feb 2023 12:25:19 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
sartojelius.com/event/set
88.208.46.22200 OK 20 B URL HTTP/1.1 sartojelius.com/event/set
IP 88.208.46.22:0
ASN #39572 DataWeb Global Group B.V.
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /event/set HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://50.biqund.com/
Content-Type: text/plain;charset=UTF-8
Origin: http://50.biqund.com
Content-Length: 116
Connection: keep-alive
Cookie: userid=a82f813b-405c-4adc-b1ac-e1603a5e285f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 12:25:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://50.biqund.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Content-Encoding: gzip
sartojelius.com/js/cs?uuid=a82f813b-405c-4adc-b1ac-e1603a5e285f
88.208.46.22302 Found 0 B URL HTTP/1.1 sartojelius.com/js/cs?uuid=a82f813b-405c-4adc-b1ac-e1603a5e285f
IP 88.208.46.22:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/cs?uuid=a82f813b-405c-4adc-b1ac-e1603a5e285f HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://50.biqund.com/
Cookie: userid=a82f813b-405c-4adc-b1ac-e1603a5e285f
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 02 Feb 2023 12:25:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid=a82f813b-405c-4adc-b1ac-e1603a5e285f; expires=Sat, 04-Mar-2023 12:25:19 GMT; Path=/; domain=.sartojelius.com; SameSite=None; Secure
Location: https://s.uuidksinc.net/match/1165/?remote_uid=a82f813b-405c-4adc-b1ac-e1603a5e285f&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3Da82f813b-405c-4adc-b1ac-e1603a5e285f%26oid%3D%5BUID%5D
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 11:49:05 GMT
age: 2174
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d5aa03d944374e364d4fdbb8f9cbf95e
43e3c5a8a5ff027de3c9ad9a41b572e4f33e72f9
483314668ec3c34108277a26d39a4282ce255e416cb5cec43e3d30d5340b8138
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "483314668EC3C34108277A26D39A4282CE255E416CB5CEC43E3D30D5340B8138"
Last-Modified: Wed, 01 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12324
Expires: Thu, 02 Feb 2023 15:50:43 GMT
Date: Thu, 02 Feb 2023 12:25:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12711
Expires: Thu, 02 Feb 2023 15:57:10 GMT
Date: Thu, 02 Feb 2023 12:25:19 GMT
Connection: keep-alive
s.uuidksinc.net/match/1165/?remote_uid=a82f813b-405c-4adc-b1ac-e1603a5e285f&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3Da82f813b-405c-4adc-b1ac-e1603a5e285f%26oid%3D%5BUID%5D
31.220.27.134302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/1165/?remote_uid=a82f813b-405c-4adc-b1ac-e1603a5e285f&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3Da82f813b-405c-4adc-b1ac-e1603a5e285f%26oid%3D%5BUID%5D
IP 31.220.27.134:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/1165/?remote_uid=a82f813b-405c-4adc-b1ac-e1603a5e285f&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3Da82f813b-405c-4adc-b1ac-e1603a5e285f%26oid%3D%5BUID%5D HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://50.biqund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Thu, 02 Feb 2023 12:25:19 GMT
content-length: 0
location: https://sartojelius.com/js/cs?uuid=a82f813b-405c-4adc-b1ac-e1603a5e285f&oid=gZOR3EVq9GnqBtdDCELx
set-cookie: jcsuuid=gZOR3EVq9GnqBtdDCELx; expires=Fri, 02 Feb 2024 12:25:19 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
sartojelius.com/js/cs?uuid=a82f813b-405c-4adc-b1ac-e1603a5e285f&oid=gZOR3EVq9GnqBtdDCELx
88.208.46.22200 OK 43 B URL HTTP/1.1 sartojelius.com/js/cs?uuid=a82f813b-405c-4adc-b1ac-e1603a5e285f&oid=gZOR3EVq9GnqBtdDCELx
IP 88.208.46.22:0
ASN #39572 DataWeb Global Group B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /js/cs?uuid=a82f813b-405c-4adc-b1ac-e1603a5e285f&oid=gZOR3EVq9GnqBtdDCELx HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://50.biqund.com/
Connection: keep-alive
Cookie: userid=a82f813b-405c-4adc-b1ac-e1603a5e285f; uuid=a82f813b-405c-4adc-b1ac-e1603a5e285f
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 12:25:19 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: oid=gZOR3EVq9GnqBtdDCELx; expires=Sat, 04-Mar-2023 12:25:19 GMT; Path=/; domain=.sartojelius.com; SameSite=None; Secure
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
push.services.mozilla.com/
54.149.93.186101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.93.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FomT2Q/hVyZlQJL49VNbxQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iK/vVUQaMgt2KenRuE9Jz/bCSnM=
uuidksinc.net/matchx
31.220.27.134200 OK 1.2 kB IP 31.220.27.134:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2109)
Hash 77fe7fc22142c92573ac61a8f41e2b8f
37e6340ab2bdd58e67113359675957d5a8e19aa0
1c9f4cd49eda1ab241a1172c64bc746fe71e921671b00d33c1255c13bf2ac221
GET /matchx HTTP/1.1
Host: uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://50.biqund.com/
Cookie: jcsuuid=gZOR3EVq9GnqBtdDCELx
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 02 Feb 2023 12:25:20 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1d82139609e323e908fac5d93cc352a0
16464d86dbab5ffda5e66d870c5d139ee69f9422
dafce9d952b644da844563623a477eec073d696e74275b56b8329ed44b64aa57
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAFCE9D952B644DA844563623A477EEC073D696E74275B56B8329ED44B64AA57"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3464
Expires: Thu, 02 Feb 2023 13:23:04 GMT
Date: Thu, 02 Feb 2023 12:25:20 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash d0237084bb714e664f1264ed91ada03b
d1737e23291ee1362ab6706efd789ce0da24492a
ab1dd5e3ddba24d6b40d9d14794c9dc08bd3d96dc490d400c11a7bbee1d6583f
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:25:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 06 Feb 2023 09:13:26 GMT
ETag: "d1737e23291ee1362ab6706efd789ce0da24492a"
Last-Modified: Thu, 02 Feb 2023 09:13:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 101
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7932e8aedeebb4f4-OSL
dm-eu.hybrid.ai/match?id=158&vid=gZOR3EVq9GnqBtdDCELx
37.18.103.21204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=158&vid=gZOR3EVq9GnqBtdDCELx
IP 37.18.103.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=158&vid=gZOR3EVq9GnqBtdDCELx HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 12:25:20 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=9108ac33326820293345; Expires=Fri, 02 Feb 2024 12:25:19 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 510
x-xss-protection: 1; mode=block
access-control-allow-origin: https://uuidksinc.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 841decbded24a72bf9db2d73a5496128
52dc79bf8713e35e0c4ed18adf8ef7947fd16b7c
1ded9d10ed73c2515cd15bde23f64ca4b35f45d0519de634c32937bf8541cfad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DED9D10ED73C2515CD15BDE23F64CA4B35F45D0519DE634C32937BF8541CFAD"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5131
Expires: Thu, 02 Feb 2023 13:50:51 GMT
Date: Thu, 02 Feb 2023 12:25:20 GMT
Connection: keep-alive
www.acint.net/rmatch?dp=191&r=https://d.uuidksinc.net/match/383/?remote_uid=gZOR3EVq9GnqBtdDCELx
193.3.184.226302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=191&r=https://d.uuidksinc.net/match/383/?remote_uid=gZOR3EVq9GnqBtdDCELx
IP 193.3.184.226:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=191&r=https://d.uuidksinc.net/match/383/?remote_uid=gZOR3EVq9GnqBtdDCELx HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Thu, 02 Feb 2023 12:25:20 GMT
content-type: text/html
content-length: 154
location: /rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3DgZOR3EVq9GnqBtdDCELx&dp=191&tc=1
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Thu, 02-Feb-23 12:35:20 GMT
aid=CkIDFWPbq7A0WRNhrGGWAopNkBNPmQwWfDjFK0RZxVsESOoj; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
kimberlite.io/rtb/sync/kadam?u=gZOR3EVq9GnqBtdDCELx
80.78.249.201307 Temporary Redirect 0 B URL HTTP/1.1 kimberlite.io/rtb/sync/kadam?u=gZOR3EVq9GnqBtdDCELx
IP 80.78.249.201:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/sync/kadam?u=gZOR3EVq9GnqBtdDCELx HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 02 Feb 2023 12:25:20 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: u=Y9ursPfwdVc~mWlerFJCRuTytXAREyKyS4R9Jr8; path=/; max-age=7776000; samesite=none; httponly; secure
f=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F499%2F%3Fremote_uid%3DY9ursPfwdVc; max-age=30; samesite=none; httponly; secure
n=1; max-age=30; samesite=none; httponly; secure
location: https://sm.rtb.mts.ru/p?ssp=toptraffic&id=Y9ursPfwdVc
referrer-policy: no-referrer
server-timing: app;srv=3;dur=0.0003
www.acint.net/rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3DgZOR3EVq9GnqBtdDCELx&dp=191&tc=1
193.3.184.226302 Found 154 B URL HTTP/2 www.acint.net/rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3DgZOR3EVq9GnqBtdDCELx&dp=191&tc=1
IP 193.3.184.226:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3DgZOR3EVq9GnqBtdDCELx&dp=191&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPbq7A0WRNhrGGWAopNkBNPmQwWfDjFK0RZxVsESOoj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 02 Feb 2023 12:25:20 GMT
content-type: text/html
content-length: 154
location: https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253DgZOR3EVq9GnqBtdDCELx&dp=14
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
set-cookie: cSyncDp14v3=1675340720; expires=Sat, 04-Mar-23 12:25:20 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b0cfb38a660eea768ac4ce59aaecf86
9ed5da9144c35d7686fa865f0f66858666df1194
2838237a654b7645297c92b273180708e5aaa4d2ebcda3de4481d699774c6956
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2838237A654B7645297C92B273180708E5AAA4D2EBCDA3DE4481D699774C6956"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13031
Expires: Thu, 02 Feb 2023 16:02:31 GMT
Date: Thu, 02 Feb 2023 12:25:20 GMT
Connection: keep-alive
rtb.com.ru/kadam-sync?uid=gZOR3EVq9GnqBtdDCELx
83.222.114.189302 Found 89 B URL HTTP/1.1 rtb.com.ru/kadam-sync?uid=gZOR3EVq9GnqBtdDCELx
IP 83.222.114.189:0
File type HTML document, ASCII text
Hash e66e13db6e636f829b1b745a9da1866e
ec8b515aa3823c9702bf76696a8b494bc8aea553
4dfd6b744a12c9687eb29e450160e7247e5f06534788c2cf46c883408c63c766
GET /kadam-sync?uid=gZOR3EVq9GnqBtdDCELx HTTP/1.1
Host: rtb.com.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.18.0
Date: Thu, 02 Feb 2023 12:25:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 89
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Location: /sync?noRedirect=&sspKey=60&sspUserID=gZOR3EVq9GnqBtdDCELx
P3p: CP="rtb.com.ru does not have a P3P policy"
Set-Cookie: as-user=63dbabb08e88142b63b63090; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 625db98ded64d33f3649378918788897
e48be419f8559bf38d62d48bb391251f40553fcf
934f40c7f5a20e2d2f241da3087d4166bcb2481a6ee6e3970c93b8ccfeddf543
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "934F40C7F5A20E2D2F241DA3087D4166BCB2481A6EE6E3970C93B8CCFEDDF543"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1590
Expires: Thu, 02 Feb 2023 12:51:50 GMT
Date: Thu, 02 Feb 2023 12:25:20 GMT
Connection: keep-alive
dmpprof.com/matching/external/pixel.gif?sid=14&uid=gZOR3EVq9GnqBtdDCELx
85.192.12.173200 OK 43 B URL HTTP/2 dmpprof.com/matching/external/pixel.gif?sid=14&uid=gZOR3EVq9GnqBtdDCELx
IP 85.192.12.173:0
ASN #12695 LLC Digital Network
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /matching/external/pixel.gif?sid=14&uid=gZOR3EVq9GnqBtdDCELx HTTP/1.1
Host: dmpprof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 02 Feb 2023 12:25:20 GMT
content-type: image/gif
content-length: 43
last-modified: Thu, 02 Feb 2023 12:25:20 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: nmatch=14_gZOR3EVq9GnqBtdDCELx; expires=Fri, 03 Feb 2023 00:25:20 GMT; path=/; secure; SameSite=None
uid=temp-91.90.42.154-; expires=Thu, 02 Feb 2023 14:25:20 GMT; path=/; secure; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2
ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253DgZOR3EVq9GnqBtdDCELx&dp=14
193.3.184.200302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253DgZOR3EVq9GnqBtdDCELx&dp=14
IP 193.3.184.200:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253DgZOR3EVq9GnqBtdDCELx&dp=14 HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 12:25:20 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/rmatch?dp=14&euid=3203420AB0ABDB634C00859002E04043&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3DgZOR3EVq9GnqBtdDCELx
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDMmPbq7CQhQBMQ0DgAl4KRpusLMTFkFVnn1QtZMzauRXj; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
rtb.com.ru/sync?noRedirect=&sspKey=60&sspUserID=gZOR3EVq9GnqBtdDCELx
83.222.114.189302 Found 1.5 kB URL HTTP/1.1 rtb.com.ru/sync?noRedirect=&sspKey=60&sspUserID=gZOR3EVq9GnqBtdDCELx
IP 83.222.114.189:0
File type HTML document, ASCII text, with very long lines (1534)
Hash e9c6f35fa93ea95632b5502c2d06e39d
88185084ebd0c07b59b4bc8077256be257696397
5c6d447ba4650ec82532f955ce7c799fd487369b217f2ed2a62118bda351ee63
GET /sync?noRedirect=&sspKey=60&sspUserID=gZOR3EVq9GnqBtdDCELx HTTP/1.1
Host: rtb.com.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: as-user=63dbabb08e88142b63b63090
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.18.0
Date: Thu, 02 Feb 2023 12:25:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1536
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Location: https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=63dbabb08e88142b63b63090&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D63dbabb08e88142b63b63090%26duid%3DgZOR3EVq9GnqBtdDCELx%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D63dbabb08e88142b63b63090%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D63dbabb08e88142b63b63090%252526i%25253D5491247901896292591%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D63dbabb08e88142b63b63090%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D63dbabb08e88142b63b63090%2525252526nc%252525253D2188086235371847917%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D63dbabb08e88142b63b63090%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252F66BT5VW9mAupCghmcCqpA4%2525252525253Fsign%2525252525253D80112731%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D63dbabb08e88142b63b63090
P3p: CP="rtb.com.ru does not have a P3P policy"
Set-Cookie: as-user=63dbabb08e88142b63b63090; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
acint.net/rmatch?dp=14&euid=3203420AB0ABDB634C00859002E04043&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3DgZOR3EVq9GnqBtdDCELx
193.3.184.226302 Found 154 B URL HTTP/2 acint.net/rmatch?dp=14&euid=3203420AB0ABDB634C00859002E04043&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3DgZOR3EVq9GnqBtdDCELx
IP 193.3.184.226:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=14&euid=3203420AB0ABDB634C00859002E04043&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3DgZOR3EVq9GnqBtdDCELx HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPbq7A0WRNhrGGWAopNkBNPmQwWfDjFK0RZxVsESOoj; cSyncDp14v3=1675340720
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 02 Feb 2023 12:25:20 GMT
content-type: text/html
content-length: 154
location: https://d.uuidksinc.net/match/383/?remote_uid=gZOR3EVq9GnqBtdDCELx
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
d.uuidksinc.net/match/383/?remote_uid=gZOR3EVq9GnqBtdDCELx
31.220.27.134200 OK 74 B URL HTTP/2 d.uuidksinc.net/match/383/?remote_uid=gZOR3EVq9GnqBtdDCELx
IP 31.220.27.134:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /match/383/?remote_uid=gZOR3EVq9GnqBtdDCELx HTTP/1.1
Host: d.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: jcsuuid=gZOR3EVq9GnqBtdDCELx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 02 Feb 2023 12:25:20 GMT
content-type: image/png
content-length: 74
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 96c794fe0eb0984074775ba4e182ed9d
bd6f5a86011fa199bc4197a37fb84079eb487f7e
3f626fa9d03173ededfce2c39da3be2989781484ca87bed7d8a8fd0f68fb051b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F626FA9D03173EDEDFCE2C39DA3BE2989781484CA87BED7D8A8FD0F68FB051B"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5365
Expires: Thu, 02 Feb 2023 13:54:45 GMT
Date: Thu, 02 Feb 2023 12:25:20 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 12:25:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=63dbabb08e88142b63b63090&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D63dbabb08e88142b63b63090%26duid%3DgZOR3EVq9GnqBtdDCELx%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D63dbabb08e88142b63b63090%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D63dbabb08e88142b63b63090%252526i%25253D5491247901896292591%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D63dbabb08e88142b63b63090%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D63dbabb08e88142b63b63090%2525252526nc%252525253D2188086235371847917%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D63dbabb08e88142b63b63090%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252F66BT5VW9mAupCghmcCqpA4%2525252525253Fsign%2525252525253D80112731%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D63dbabb08e88142b63b63090
142.250.74.98200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=63dbabb08e88142b63b63090&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D63dbabb08e88142b63b63090%26duid%3DgZOR3EVq9GnqBtdDCELx%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D63dbabb08e88142b63b63090%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D63dbabb08e88142b63b63090%252526i%25253D5491247901896292591%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D63dbabb08e88142b63b63090%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D63dbabb08e88142b63b63090%2525252526nc%252525253D2188086235371847917%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D63dbabb08e88142b63b63090%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252F66BT5VW9mAupCghmcCqpA4%2525252525253Fsign%2525252525253D80112731%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D63dbabb08e88142b63b63090
IP 142.250.74.98:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=adspend&google_cm&google_hm=63dbabb08e88142b63b63090&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D63dbabb08e88142b63b63090%26duid%3DgZOR3EVq9GnqBtdDCELx%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D63dbabb08e88142b63b63090%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D63dbabb08e88142b63b63090%252526i%25253D5491247901896292591%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D63dbabb08e88142b63b63090%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D63dbabb08e88142b63b63090%2525252526nc%252525253D2188086235371847917%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D63dbabb08e88142b63b63090%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252F66BT5VW9mAupCghmcCqpA4%2525252525253Fsign%2525252525253D80112731%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D63dbabb08e88142b63b63090 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Thu, 02 Feb 2023 12:25:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fc797e4e4215c50a42918f78bf25dd9b
3a9d446065eb8b0d530dab59538a290125b4647b
9fe7badd15d6591176c688dafa284fdf9d8f991109e0c3a9e56a17d8c61efd2e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FE7BADD15D6591176C688DAFA284FDF9D8F991109E0C3A9E56A17D8C61EFD2E"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4015
Expires: Thu, 02 Feb 2023 13:32:15 GMT
Date: Thu, 02 Feb 2023 12:25:20 GMT
Connection: keep-alive
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash c60ca4b761622aee6dac8fcd5a7b47bb
bf27b8a42a03073eb548b79b3adfc1c4a09921ba
55e4d169563b096866bbab23531097fd09fa620a64f56261165cf190aa90aaa7
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:25:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 04:18:19 GMT
Expires: Mon, 06 Feb 2023 04:18:18 GMT
Etag: "bf27b8a42a03073eb548b79b3adfc1c4a09921ba"
Cache-Control: max-age=604094,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1041
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7932e8b20b7eb50c-OSL
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 12:25:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 7f820e533b0144698053612a199e5374
72da4a26fff0d7268d8b6e8c12ef54507dda5595
f0c5a658f84619e4fe0e820a40c27be806dbeb29292e13f687dcb18eea58024d
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 12:25:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 06 Feb 2023 09:53:08 GMT
ETag: "72da4a26fff0d7268d8b6e8c12ef54507dda5595"
Last-Modified: Thu, 02 Feb 2023 09:53:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2025
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7932e8b23bd3b518-OSL
fcgi4.gnezdo.ru/cookie_matching/kadam/gZOR3EVq9GnqBtdDCELx
93.95.102.105302 Found 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching/kadam/gZOR3EVq9GnqBtdDCELx
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching/kadam/gZOR3EVq9GnqBtdDCELx HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 12:25:20 GMT
location: https://fcgi4.gnezdo.ru/cookie_matching/kadam/gZOR3EVq9GnqBtdDCELx/?redirect=1
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-credentials: true
set-cookie: uid=XV9maWPbq7A8XyUR97gmAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
fcgi4.gnezdo.ru/cookie_matching/kadam_resell/gZOR3EVq9GnqBtdDCELx/?redirect=1
93.95.102.105204 No Content 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching/kadam_resell/gZOR3EVq9GnqBtdDCELx/?redirect=1
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching/kadam_resell/gZOR3EVq9GnqBtdDCELx/?redirect=1 HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 02 Feb 2023 12:25:21 GMT
set-cookie: uid=XV9maWPbq7E8XyUR97hpAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/1/6573/i/i?a=662&e=gZOR3EVq9GnqBtdDCELx&i=0.35052644582291814
185.15.175.174307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/6573/i/i?a=662&e=gZOR3EVq9GnqBtdDCELx&i=0.35052644582291814
IP 185.15.175.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/6573/i/i?a=662&e=gZOR3EVq9GnqBtdDCELx&i=0.35052644582291814 HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 02 Feb 2023 12:25:20 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1675340720983&a=662&e=gZOR3EVq9GnqBtdDCELx&i=0.35052644582291814
Set-Cookie: viuserid=Po6x0.3LudKFssf7BY6e; Max-Age=93312000; Expires=Sat, 17 Jan 2026 12:25:20 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
kadam-sync.rutarget.ru/sync
188.72.107.156302 Moved Temporarily 0 B URL HTTP/1.1 kadam-sync.rutarget.ru/sync
IP 188.72.107.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: kadam-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 12:25:20 GMT
Content-Length: 0
Connection: close
Location: https://d.uuidksinc.net/match/386/?remote_uid=2yeraNmqAz_l
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=2yeraNmqAz_l; Path=/; Domain=.rutarget.ru; Expires=Tue, 01 Aug 2023 12:25:20 GMT; SameSite=None; Secure
d.uuidksinc.net/match/386/?remote_uid=2yeraNmqAz_l
31.220.27.134200 OK 74 B URL HTTP/2 d.uuidksinc.net/match/386/?remote_uid=2yeraNmqAz_l
IP 31.220.27.134:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /match/386/?remote_uid=2yeraNmqAz_l HTTP/1.1
Host: d.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: jcsuuid=gZOR3EVq9GnqBtdDCELx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 02 Feb 2023 12:25:21 GMT
content-type: image/png
content-length: 74
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1675340720983&a=662&e=gZOR3EVq9GnqBtdDCELx&i=0.35052644582291814
185.15.175.174200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1675340720983&a=662&e=gZOR3EVq9GnqBtdDCELx&i=0.35052644582291814
IP 185.15.175.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/6573/i/i?call_source=awg&ts=1675340720983&a=662&e=gZOR3EVq9GnqBtdDCELx&i=0.35052644582291814 HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 12:25:21 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
sm.rtb.mts.ru/p?ssp=toptraffic&id=Y9ursPfwdVc
217.66.147.37301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=toptraffic&id=Y9ursPfwdVc
IP 217.66.147.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=toptraffic&id=Y9ursPfwdVc HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 12:25:21 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=59&exu=Y9ursPfwdVc
Set-Cookie: dspid=92932bd5-43c8-4ebf-a13c-7077744c7027; expires=Wed, 24 Jan 2024 12:25:21 GMT; domain=.mts.ru; path=/; secure; SameSite=None
sm.rtb.mts.ru/match/second?ssp=59&exu=Y9ursPfwdVc
217.66.147.37200 OK 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=59&exu=Y9ursPfwdVc
IP 217.66.147.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=59&exu=Y9ursPfwdVc HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 12:25:21 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9922
Expires: Thu, 02 Feb 2023 15:10:43 GMT
Date: Thu, 02 Feb 2023 12:25:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9922
Expires: Thu, 02 Feb 2023 15:10:43 GMT
Date: Thu, 02 Feb 2023 12:25:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9922
Expires: Thu, 02 Feb 2023 15:10:43 GMT
Date: Thu, 02 Feb 2023 12:25:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9922
Expires: Thu, 02 Feb 2023 15:10:43 GMT
Date: Thu, 02 Feb 2023 12:25:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i697kJpdT4ZPeMLWIftWf16pWCic0-v4tL4GDKfVfTZLo-E4-3FwDQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 50623
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 604c573da6f79effa2a81e711c14ad9e
322a3a510ca73e124d78e31b49d676ec891a6762
8d2b897fe4251106be9183fa2a6a3b0918cd1f4dcc5f814aa88a630a77b4045c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: 774cebdf-b2bf-4a98-9d2b-e2abd4bd1a2b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BG-hoAMFTSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-234163873ca67e934d684a1d;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uBOoIV3qLgPgjOas4bG9LnzvJyW5AmcxMm7xqxI2keBg3er2G3MldA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:01:31 GMT
etag: "322a3a510ca73e124d78e31b49d676ec891a6762"
content-type: image/jpeg
age: 51830
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f1d06527f75868ea84da730b7c8b5660
6c0cb65a477d6bc7d013529411d5735bd39e3d46
2ff4fb12b9ac4dff67bf89cc69f1bfce3ffa738696f904172044a5a537a704c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6783
x-amzn-requestid: 5ab60169-ec65-483a-828b-3312c74ee4b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BGjqoAMFV6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-73a465244f89adaa27626246;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EnMwKHnlZQbvGDjPKuFqW9G8CBaRAV6QKzJ2VFOtRPDm3EIgVUpmYQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:29 GMT
age: 52072
etag: "6c0cb65a477d6bc7d013529411d5735bd39e3d46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ybz4mmNUwsKOkpz6GFm4nLz7iGX5gJ--EiUjqrs8G92GBLn6qaF7IQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:51 GMT
age: 52050
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41c44051cc3b4c69924df66048e7566b
5c6a12595c3f6005fec4baa84b16575951e72178
72dff70bcb417c088aba013a486e1dbabe099b40fb718a283f1ba220b142b848
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: 1b3ef150-9b12-4b8b-94e6-0d6debbd24ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTDFmPoAMF-UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-0fea883b0ce1a1b933dc2be8;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qON7fRZ1XPCkl7ldiGagd0UcPynLKMzysXr8LZSRvS1ily9cN5w_wA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:22:55 GMT
age: 50546
etag: "5c6a12595c3f6005fec4baa84b16575951e72178"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fcgi4.gnezdo.ru/cookie_matching/kadam_resell/gZOR3EVq9GnqBtdDCELx
93.95.102.105302 Found 16 kB URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching/kadam_resell/gZOR3EVq9GnqBtdDCELx
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /cookie_matching/kadam_resell/gZOR3EVq9GnqBtdDCELx HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 12:25:20 GMT
location: https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/gZOR3EVq9GnqBtdDCELx/?redirect=1
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-credentials: true
set-cookie: uid=XV9maWPbq7A8XyUR97hAAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2