Report - exclusive-works.ru/index.php/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34

Report Overview

Submitted URL
exclusive-works.ru/index.php/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
IP
87.236.16.222
ASN
#198610 Beget LLC
Submitted
2024-05-04 18:40:13
Access
public
Website Title
Страница не найдена - Справочник
Final URL
exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
adx.com.ru	43296	2017-05-19	2017-06-05	2024-05-03	1.4 kB	1.6 kB	83.222.105.118
b03e53dc-0a45-11ef-86e0-002590c0647c.n6.sync.bumlam.com	unknown	unknown	No data	No data	527 B	247 B	188.120.246.182
ssp-rtb.sape.ru	31166	2006-06-19	2016-02-02	2024-04-30	3.3 kB	3.5 kB	193.3.184.25
match.qtarget.tech	unknown	2022-12-26	2023-01-28	2024-04-30	1.4 kB	639 B	95.163.92.180
dm-eu.hybrid.ai	28847	2017-12-19	2021-01-25	2024-05-03	963 B	1.0 kB	37.230.131.16
pix.bumlam.com	92002	2015-08-10	2022-03-29	2024-05-02	1.6 kB	2.1 kB	31.172.81.160
exclusive-works.ru	unknown	unknown	No data	No data	9.4 kB	142 kB	87.236.16.222
cdn.adlook.me	108334	2016-07-15	2018-11-26	2024-04-22	1.3 kB	49 kB	193.17.93.93
sync.upravel.com	28097	2017-03-25	2017-05-29	2024-04-24	1.6 kB	2.6 kB	195.201.193.230
s.ccsyncuuid.net	unknown	2023-02-28	2023-06-17	2024-04-11	463 B	0 B	0.0.0.0
s.alfasrv.com	unknown	2017-03-23	2022-10-14	2024-05-02	925 B	1.1 kB	130.193.42.23
v.alfasrv.com	179175	2017-03-23	2017-10-23	2024-04-18	467 B	394 B	84.201.179.252
ads.alfasense.net	unknown	2019-06-04	2022-05-31	2024-05-02	1.8 kB	16 kB	136.144.31.29
sync.opendsp.ru	unknown	2022-08-24	2022-09-01	2024-05-02	915 B	496 B	82.148.20.186
pxl.acint.net	unknown	2014-02-06	2024-01-31	2024-04-30	844 B	337 B	193.3.184.16
sync.bumlam.com	3243	2015-08-10	2015-08-10	2024-05-03	3.1 kB	3.8 kB	31.172.81.158
cdn-a.adlook.me	unknown	2016-07-15	2022-07-01	2022-12-20	465 B	2.6 kB	5.101.76.186
match.new-programmatic.com	33613	2020-02-18	2020-02-18	2024-04-30	967 B	478 B	217.65.2.150
ssp.hybrid.ai	60903	2017-12-19	2018-04-30	2024-04-27	2.1 kB	1.5 kB	37.230.131.17
mc.acint.net	unknown	2014-02-06	2024-01-29	2024-04-30	30 kB	21 kB	193.3.184.16
ads.adlook.me	43352	2016-07-15	2018-11-28	2024-05-03	3.3 kB	174 kB	78.140.242.106
sync.adspend.space	unknown	2022-02-11	2022-10-20	2024-05-02	2.0 kB	3.2 kB	104.21.26.195
pbs.alfasense.com	153997	2019-01-29	2019-04-04	2024-05-02	1.1 kB	918 B	23.111.115.84
ssp.otm-r.com	61076	2014-01-16	2018-12-28	2024-04-16	745 B	457 B	159.69.59.100
stat.adlook.me	76110	2016-07-15	2018-11-28	2023-11-02	4.4 kB	53 kB	5.101.76.186
sync.dsp.solta.io	unknown	2022-07-19	2022-09-21	2024-05-02	1.4 kB	744 B	217.199.220.73
match.ohmy.bid	unknown	2022-06-09	2023-05-23	2024-05-01	993 B	886 B	167.235.10.91
exchange.buzzoola.com	18389	2010-08-11	2014-10-17	2024-05-03	15 kB	55 kB	49.12.83.94
www.acint.net	29072	2014-02-06	2014-02-14	2024-05-03	29 kB	42 kB	193.3.184.16
kimberlite.io	166512	2017-03-16	2017-09-14	2024-05-04	3.6 kB	3.6 kB	217.199.220.44
rtb.segmel.io	unknown	2023-08-23	2024-01-11	2024-04-18	462 B	704 B	172.67.181.120
gw-iad-bid.ymmobi.com	unknown	2021-01-29	2023-10-14	2024-05-02	1.1 kB	1.1 kB	47.253.61.56
b03e53dc-0a45-11ef-86e0-002590c0647c.n2.sync.bumlam.com	unknown	unknown	No data	No data	526 B	247 B	94.141.105.124
cs.alfasense.com	unknown	2019-01-29	2022-04-13	2024-05-02	5.0 kB	12 kB	23.111.100.20
s.uuidksinc.net	3423	2015-05-05	2015-07-20	2024-04-30	1.5 kB	964 B	185.98.54.153
cs.agency2.ru	unknown	2008-10-06	2022-04-29	2024-04-30	1.9 kB	2.6 kB	23.111.107.44
sync.gonet-ads.com	unknown	2022-04-05	2023-02-03	2024-04-29	921 B	686 B	188.42.105.220
nr.bidderstack.com	352019	2017-04-25	2019-02-11	2024-05-04	2.7 kB	2.7 kB	116.202.32.25
tube.buzzoola.com	48899	2010-08-11	2013-05-29	2024-04-30	18 kB	500 kB	151.236.127.161
acint.net	22962	2014-02-06	2014-02-14	2024-05-03	7.8 kB	3.9 kB	193.3.184.16
const.uno	unknown	2022-06-09	2022-06-20	2024-04-15	456 B	250 B	95.163.84.7
a.adiam.tech	unknown	unknown	No data	No data	464 B	951 B	172.67.200.122
sync.dmp.otm-r.com	19534	2014-01-16	2017-02-03	2024-05-01	2.1 kB	1.9 kB	138.201.65.74
yandex.ru	671	1997-09-23	2012-05-21	2024-05-03	942 B	5.3 kB	77.88.55.60
ssp.al-adtech.com	unknown	2024-01-16	2024-01-30	2024-05-03	2.3 kB	2.7 kB	45.139.25.125
a.utraff.com	39874	2016-09-27	2019-02-27	2024-04-27	481 B	1.0 kB	172.67.74.180
vastroll.ru	172264	unknown	No data	No data	473 B	506 B	185.60.135.47
pixel.dsp.onetarget.ru	unknown	2019-04-18	2024-03-13	2024-04-27	1.5 kB	2.2 kB	130.193.53.230
cdn-rtb.sape.ru	53547	2006-06-19	2014-10-06	2024-05-02	450 B	1.4 kB	185.12.127.124
ssp.bestssp.com	90974	2016-05-05	2017-06-10	2024-05-03	541 B	456 B	83.222.96.170
dsp.tigra.dev	unknown	2022-01-29	2022-05-28	2023-12-26	448 B	904 B	5.227.125.249
utraff.com	38515	2016-09-27	2017-05-13	2024-03-19	1.4 kB	48 kB	172.67.74.180
cdn.alfasense.net	159398	2019-06-04	2019-06-30	2024-04-15	2.5 kB	110 kB	136.144.31.36
sync.programmatica.com	unknown	2016-10-12	2022-12-17	2024-04-30	1.4 kB	672 B	158.160.128.78

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	ccsyncuuid.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (40)

	URL	Size	First Seen	Last Seen
	cdn.alfasense.net/ext/weboctxrun.js	213 B	2023-07-15	2024-05-13
Pretty URL cdn.alfasense.net/ext/weboctxrun.js IP 136.144.31.36 ASN #52000 MIRhosting B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-15 20:25:18 Last Seen2024-05-13 11:05:42 Times Seen185 Hash 407d69812eba1532efe2dc4c08483986 9f8fca26fe7756d4ff1c41836943aa8468a0249a eb33793d786e59b89809736b42479b6fa0c39a503ad338b21a370b7ecc437dea Loading...

	www.acint.net/oci.js?t=1714848005807	32 kB	2023-03-12	2024-05-18
Pretty URL www.acint.net/oci.js?t=1714848005807 IP 193.3.184.16 ASN #50214 QWARTA LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:09:04 Last Seen2024-05-18 09:41:45 Times Seen2277 Hash c3fa5133b6899a2abb39fb79ed94300f dc1d5c75420b38cd7509a783ed09345d0ff78ac4 66b141eb9ae44c86efc510844a71cf208c02d02abe03af3a7d8cc26736d3e19c Loading...

	mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904	0 B	2023-03-07	2024-05-18
Pretty URL mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904 IP 193.3.184.16 ASN #50214 QWARTA LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 11:13:27 Times Seen37782964 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	exclusive-works.ru/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	88 kB	2023-11-03	2024-05-18
Pretty URL exclusive-works.ru/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 87.236.16.222 ASN #198610 Beget LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26:43 Last Seen2024-05-18 11:10:52 Times Seen48687 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	ads.alfasense.net/adserver/www/delivery/asyncjs.php	4.5 kB	2023-03-07	2024-05-13
Pretty URL ads.alfasense.net/adserver/www/delivery/asyncjs.php IP 136.144.31.29 ASN #52000 MIRhosting B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:19 Last Seen2024-05-13 10:47:53 Times Seen324 Hash 6a351e7a844e42f2970773e705eddf36 66cc3e2474cf7085d0bfd5112003b0b9f0f87dbf d3d5d8e3aaeec086ae00ad814b3adae7e41462e42a308a09dbce39aaa11572e3 Loading...

	exclusive-works.ru/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2	19 kB	2024-03-13	2024-05-18
Pretty URL exclusive-works.ru/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 IP 87.236.16.222 ASN #198610 Beget LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-13 16:02:37 Last Seen2024-05-18 08:49:48 Times Seen5072 Hash b976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Loading...

	cdn.alfasense.net/lib_test/config.js	721 B	2024-04-27	2024-05-13
Pretty URL cdn.alfasense.net/lib_test/config.js IP 136.144.31.36 ASN #52000 MIRhosting B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 19:38:20 Last Seen2024-05-13 11:05:42 Times Seen22 Hash 00a19a4a16aa2af4a6ffa693f6df6f8f 0b931b0d455bbd690b3c08316d1f309228221319 886306c9dcd88d16be34aca5b5758434bba84870af77b7e320fb1f9e0c9579ba Loading...

	www.acint.net/services/get_sspuid?callback=cid_66368105b_9069118	91 B	2024-05-04	2024-05-04
Pretty URL www.acint.net/services/get_sspuid?callback=cid_66368105b_9069118 IP 193.3.184.16 ASN #50214 QWARTA LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:40:24 Last Seen2024-05-04 20:40:26 Times Seen2 Hash 23d0cd178e44e6b7c52cda714fe92f9c ba4de6334af56983ee652a4ff785b8c7e499e745 b25c4c2faea740a4af4e7ff0e936d067662e51a62860b539ece6705d5dc1d99d Loading...

	ssp-rtb.sape.ru/ymcode?callback=sapeRTB_66368105c_59897306	36 B	2024-05-04	2024-05-04
Pretty URL ssp-rtb.sape.ru/ymcode?callback=sapeRTB_66368105c_59897306 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:40:24 Last Seen2024-05-04 20:40:24 Times Seen1 Hash c33bde893977e7d91bbf035616b7f73e b83efb5cd2ba865ce825f1b57a0dcbc5e5ed831b c4dc99efc12dace4f92d852ba672d71304ef98c522d1b757650ec24bec5e3779 Loading...

	exclusive-works.ru/wp-content/plugins/easy-fancybox/vendor/jquery.easing.min.js?ver=1.4.1	2.3 kB	2023-03-07	2024-05-17
Pretty URL exclusive-works.ru/wp-content/plugins/easy-fancybox/vendor/jquery.easing.min.js?ver=1.4.1 IP 87.236.16.222 ASN #198610 Beget LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-05-17 14:58:36 Times Seen1761 Hash adf739cca147aff5e39fd65e6e64f420 ce3bb19811c619220dd2329165eb8a8166094fec 0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d Loading...

	exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34	468 B	2024-05-04	2024-05-04
Pretty URL exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34 IP 87.236.16.222 ASN #198610 Beget LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 20:40:24 Last Seen2024-05-04 21:32:26 Times Seen2 Hash 70c9428b3fb6498b87eae074a4bee94f fdd70019f6ec7765faa55057b8951aeb47963980 deb4aaf59ee7c0932a9fa917952ab66093458c5f52b237ba3fb93bdd8c958710 Loading...

	exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34	3.2 kB	2024-05-04	2024-05-04
Pretty URL exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34 IP 87.236.16.222 ASN #198610 Beget LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 20:40:24 Last Seen2024-05-04 21:32:26 Times Seen2 Hash 3cd497e0345a64eadfa7c15a74f848cb d66a692f4917a91dcbf349099923b3f439e0ad67 4fd8cb22ab68b4e13b20766328b170d521b4d0e52274fbf2f1c2c572c88b06a8 Loading...

	exclusive-works.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	14 kB	2023-05-09	2024-05-18
Pretty URL exclusive-works.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 87.236.16.222 ASN #198610 Beget LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21:05 Last Seen2024-05-18 11:10:52 Times Seen87218 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	exclusive-works.ru/wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=3.8.5	7.2 kB	2024-02-04	2024-05-10
Pretty URL exclusive-works.ru/wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=3.8.5 IP 87.236.16.222 ASN #198610 Beget LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-04 06:57:04 Last Seen2024-05-10 21:28:13 Times Seen35 Hash b29ca928ecdf47555b578269b5fd475c 6a3c3aef4ff68d3ad76fe492f44cc398322e56c7 e5f2f1d44935c847ea9a087bb6fea132e1e5b6ab5388fec2363ae03e60e1c655 Loading...

	cdn.alfasense.net/lib/ad_builder.min.js	10 kB	2023-03-07	2024-05-04
Pretty URL cdn.alfasense.net/lib/ad_builder.min.js IP 136.144.31.36 ASN #52000 MIRhosting B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:46:40 Last Seen2024-05-04 21:32:26 Times Seen34 Hash d2f9c760d9a111da4100b7739adc7af3 f2a4655e58ac29de85dbd145e60e992722988284 cab180c4309ff825f7a5db2db97cf59ba2e33d849360e235b930c497c2cc087c Loading...

	unknown	1.3 kB	2024-05-04	2024-05-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:40:24 Last Seen2024-05-04 21:32:26 Times Seen2 Hash beabef55433a62d759ba344f8b5c4d4d 12e8e6f84b97935676f1b99d6fa3bbb9ced9bdc8 21c1b6a6482650f3aaa39fa2486e969e2d2a45213db462c3083a4a96f6ef65d1 Loading...

	exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34	756 B	2024-05-04	2024-05-04
Pretty URL exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34 IP 87.236.16.222 ASN #198610 Beget LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 20:40:24 Last Seen2024-05-04 21:32:26 Times Seen2 Hash d7cf590b6106f9ab87a21a2c7dc4e648 ffb428659cdb393f2b2a5d57e9cd5edcdd2c5017 35afc1fbf73703c8cf031d4217938e4d42edd7372edf59b120b434eb4c87d4b8 Loading...

	cdn.adlook.me/u/cds.html	0 B	2023-03-07	2024-05-18
Pretty URL cdn.adlook.me/u/cds.html IP 193.17.93.93 ASN #210756 EdgeCenter LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 11:13:27 Times Seen37782964 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdnrtbsape.ru/js/vast/vpaid-ssp.min.js	156 kB	2024-04-15	2024-05-04
Pretty URL cdnrtbsape.ru/js/vast/vpaid-ssp.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-15 17:54:40 Last Seen2024-05-04 21:32:27 Times Seen4 Hash 40669df1843708467cd18dc6f640a7f3 686f4e9a0a1a4a6f004bcf83623c626e52719a9c 5e911ca59c3b8aff3868f81f5c5fc43ce7c7827b77db0bb16076e9192b82940b Loading...

	www.acint.net/aci.js	31 kB	2024-01-12	2024-05-18
Pretty URL www.acint.net/aci.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-12 02:40:42 Last Seen2024-05-18 09:41:51 Times Seen931 Hash e81f962d48edbcbedc89edfdb08d0b3c 324f1ffc62d43e229b192083b118b1ac4a5643c6 d9453129c16b0215069d80e4b526c0546b259fae8d615e1b3aa775a8d76bac57 Loading...

	cdn.alfasense.net/js/layout_2879.js	76 kB	2024-05-04	2024-05-04
Pretty URL cdn.alfasense.net/js/layout_2879.js IP 136.144.31.36 ASN #52000 MIRhosting B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:40:24 Last Seen2024-05-04 21:32:26 Times Seen2 Hash 5d4c2204cdd64a90893063629c7c21e8 bfcc438126138177266abff59383ee837934ceb2 954026f4d545e23dcbc1e43e85d5e2a59e15e980d563b5a42c5f65702cb71c49 Loading...

	exclusive-works.ru/wp-content/plugins/easy-fancybox/vendor/jquery.mousewheel.min.js?ver=3.1.13	2.6 kB	2023-03-07	2024-05-17
Pretty URL exclusive-works.ru/wp-content/plugins/easy-fancybox/vendor/jquery.mousewheel.min.js?ver=3.1.13 IP 87.236.16.222 ASN #198610 Beget LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-05-17 14:58:36 Times Seen1079 Hash 963b3f6599b02889ea79808c5c8189d0 c2b5156772ddbaf09d18f00c31cddfb86bc1f1f1 dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64 Loading...

	exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34	141 B	2024-05-04	2024-05-04
Pretty URL exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34 IP 87.236.16.222 ASN #198610 Beget LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 20:40:24 Last Seen2024-05-04 21:32:26 Times Seen2 Hash 33b7b216e2aa52a21138dc52a3ef691b b430de447121065f90629d108356f0bc6927f2e5 8dc80cf487af9d15cc084a9318b3cfe9e22bf3c2ea1a3b9acb2223e1545259ed Loading...

	exclusive-works.ru/wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.js?ver=6.5.2	18 kB	2023-03-09	2024-05-18
Pretty URL exclusive-works.ru/wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.js?ver=6.5.2 IP 87.236.16.222 ASN #198610 Beget LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 06:09:25 Last Seen2024-05-18 04:50:59 Times Seen1050 Hash b6b9fef2f7eb26c8b7553c5b0e46453b 77d77933496b2b389a8b1aca1989ab68498d8dc8 e0a709b63261993d42234f053ee43b75d43af3d7b0f147eced60c97c3e6c8f95 Loading...

	cs.alfasense.com/pixeljs	6.0 kB	2024-05-04	2024-05-04
Pretty URL cs.alfasense.com/pixeljs IP 23.111.100.20 ASN #39134 Edinaya Set Limited Liability Company Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:40:24 Last Seen2024-05-04 20:40:25 Times Seen2 Hash d0ae8545c5996edb756e2ba63ef50c5c f99edeea294446e9ac7408a6e82c85e2c0d64fc8 11cfa63ac7d85a444bff7310191c60c764a885fe2574a4b24d6618ed8ed54f56 Loading...

	unknown	543 B	2024-05-04	2024-05-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:40:24 Last Seen2024-05-04 21:32:26 Times Seen2 Hash a45239fadbaa842c2ef6708f95021ee3 d7fccd93514519f855ffc10cab9162716de5eb28 f27fdd063edf2af49d0c9aef076415ccbbe8b1ca184528ba41d5c8509a66a1ed Loading...

	unknown	541 B	2024-05-04	2024-05-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:40:24 Last Seen2024-05-04 20:40:24 Times Seen1 Hash ce6782b15ae45d573c210b4fa04c0c86 0bf011722757693ef1d6b21e4c3508bbce70d630 833487e232b63ee29a191d3a81a2f654ff1ae292360c5481c17e3d3d5bade2ad Loading...

	exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34	2.4 kB	2024-05-04	2024-05-04
Pretty URL exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34 IP 87.236.16.222 ASN #198610 Beget LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 20:40:24 Last Seen2024-05-04 21:32:26 Times Seen2 Hash 8b27b34fdc90540e4d6a3a858068069c 079b5f2c84187c13a88bd3ea15ccbee3790b0601 35378c328c6d7535eb6110210f9f082e5b6a981b5399f20ce8b73ad36cecd97c Loading...

	cdn.adlook.me/js/vbf.js	86 kB	2024-05-04	2024-05-04
Pretty URL cdn.adlook.me/js/vbf.js IP 193.17.93.93 ASN #210756 EdgeCenter LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:40:24 Last Seen2024-05-04 21:32:26 Times Seen4 Hash 316adf3dd428df877546530f237016bb 7246ed59b8c7b6d0cc21e6649d806972cb1f962a 2283f3784ed6d84741707167eed0eafc77899ce5e06d1c843e0fed14daa73ab2 Loading...

	cdn.alfasense.net/lib/alfadart.lib.min.js	36 kB	2024-04-27	2024-05-13
Pretty URL cdn.alfasense.net/lib/alfadart.lib.min.js IP 136.144.31.36 ASN #52000 MIRhosting B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 19:38:22 Last Seen2024-05-13 11:05:43 Times Seen21 Hash 00eadf2ddd5aa2146dc2aeda15707ecb bbc111f566c4bd443ef7abc994eb5d2332c219ab 7db1573968df00302c4f8cb84510fcd0da618b9a1d528fdc297741a6b904d9b9 Loading...

	exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34	2.0 kB	2024-05-04	2024-05-04
Pretty URL exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34 IP 87.236.16.222 ASN #198610 Beget LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 20:40:24 Last Seen2024-05-04 21:32:26 Times Seen2 Hash bc4babcb3f057f97de313ec12e64ea99 bb02e580ab0dd82eefba22c51a667e8dc5ac643c 6008fc6e31efb75bb2d909c85e66021ba8b2ecf3655dd148865f5714a68d4d2a Loading...

	exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34	83 kB	2024-05-04	2024-05-07
Pretty URL exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34 IP 87.236.16.222 ASN #198610 Beget LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 20:40:24 Last Seen2024-05-07 04:32:10 Times Seen3 Hash 72c41a21a443f968d83420073162a179 5ca39b99f0138a39c045e6c7fd682d303ef5a6a7 c20e79d8e509d074ba9a0b7924367e1d993df6be80876f99280e2cbe199197a4 Loading...

	exclusive-works.ru/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.91.1	3.3 kB	2023-03-07	2024-05-16
Pretty URL exclusive-works.ru/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.91.1 IP 87.236.16.222 ASN #198610 Beget LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:47 Last Seen2024-05-16 18:59:06 Times Seen1279 Hash 830dae7fb9dfd5ac1879a83dd028083d 6be6afca684e3305000879ad71f264f0c6549bd1 c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc Loading...

	cdn.adlook.me/js/rlf.js	81 kB	2024-04-15	2024-05-17
Pretty URL cdn.adlook.me/js/rlf.js IP 193.17.93.93 ASN #210756 EdgeCenter LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-15 17:54:39 Last Seen2024-05-17 17:37:20 Times Seen67 Hash ae89afef8020880f8f33570fc361915e 3a3dac359793f3b26edd7f314546c47dd05f6ab7 a05cc0f77829a2d1cd3c695b37f622fd3290b7176190d02d1ade0aab29618a4d Loading...

	cdn.alfasense.net/lib/prebid.js	226 kB	2024-03-20	2024-05-13
Pretty URL cdn.alfasense.net/lib/prebid.js IP 136.144.31.36 ASN #52000 MIRhosting B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-20 21:49:09 Last Seen2024-05-13 11:05:42 Times Seen97 Hash b3469b924d799a0c0050ebf829d9e826 2ae44417e48d5a925693cf9876e3653ae86dbeb4 7f408604ae1d507f1d29efd9f57e54d6485d03bf5443b56b20a4d8b55a6c2868 Loading...

		Size	First Seen	Last Seen
	#1 Eval - fe8042def806a0b50a21bfb0fde858fa	95 B	2024-04-15	2024-05-04
Pretty Observations First Seen2024-04-15 17:54:40 Last Seen2024-05-04 21:32:26 Times Seen5 Hash fe8042def806a0b50a21bfb0fde858fa 371e9a3baebdc979eb12e78f17953eef4585bccc 2c651175677450e5374bd3a97b7c2907e96955276169e49db4daeaf79496280e Loading...

		Size	First Seen	Last Seen
	#1 Write - ce31f8aeb1a0cf5254b74fd2da4a3d00	101 B	2024-04-18	2024-05-04
Pretty Observations First Seen2024-04-18 08:05:50 Last Seen2024-05-04 21:32:26 Times Seen4 Hash ce31f8aeb1a0cf5254b74fd2da4a3d00 06213795a33813a136fd396c9d190c265cd9af26 9679eac2d863a6cff16a5436df874467e16af8ca1e7babb0cdd12e4224ee4690 Loading...

	#2 Write - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-05-18
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 11:13:27 Times Seen37782964 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	#3 Write - 11f9d0efe008a65958c38aca7194efc9	123 B	2024-04-18	2024-05-04
Pretty Observations First Seen2024-04-18 08:05:50 Last Seen2024-05-04 21:32:26 Times Seen3 Hash 11f9d0efe008a65958c38aca7194efc9 e9241ecccc7ecd337ef243cfad6d5853432ad002 4043483a55ec542e950527aef6cd4015057b2772d836146d0ffdcc4e314f00e0 Loading...

	#4 Write - eed70e52a5cd9d07469daad30f29ca8f	109 B	2024-04-18	2024-05-04
Pretty Observations First Seen2024-04-18 08:05:50 Last Seen2024-05-04 21:32:26 Times Seen4 Hash eed70e52a5cd9d07469daad30f29ca8f 112c8ed9b7aa41b5ccf736f7a37514cb6ecdb3f3 d24b2d19c6211d0e4e62a448967d243eb041ce9de2e10c34e0e35cc6c39242b3 Loading...

HTTP Transactions (225)

URL IP Response Size

exclusive-works.ru/index.php/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34

87.236.16.222

301 Moved Permanently

0 B

URL User Request GET HTTP/2
exclusive-works.ru/index.php/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
IP
87.236.16.222:443
ASN
#198610 Beget LLC

Certificate
IssuerLet's Encrypt
Subjectexclusive-works.ru
FingerprintC6:F1:85:00:31:02:65:80:DF:66:0D:9C:20:FE:78:0D:DF:F7:6F:1B
ValidityWed, 01 May 2024 06:34:48 GMT - Tue, 30 Jul 2024 06:34:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /index.php/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34 HTTP/1.1
Host: exclusive-works.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: nginx-reuseport/1.21.1
date: Sat, 04 May 2024 18:39:46 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.0.30
vary: Accept-Encoding,Cookie
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
X-Firefox-Spdy: h2

exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34

87.236.16.222

404 Not Found

41 kB

URL User Request GET HTTP/2
exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
IP
87.236.16.222:443
ASN
#198610 Beget LLC

Certificate
IssuerLet's Encrypt
Subjectexclusive-works.ru
FingerprintC6:F1:85:00:31:02:65:80:DF:66:0D:9C:20:FE:78:0D:DF:F7:6F:1B
ValidityWed, 01 May 2024 06:34:48 GMT - Tue, 30 Jul 2024 06:34:47 GMT

File type
gzip compressed data, from Unix
Size
41 kB (41009 bytes)
Hash
4ce5e8899fdd5711f7701fee9d1515bc
39abe0827a53f78d3a12f07a913bb5f36073e2b8
ec4327e7c6a42013937397835ead424852628a6ba34dd5a163bfaf578bad8168

HTTP Headers

GET /en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34 HTTP/1.1
Host: exclusive-works.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx-reuseport/1.21.1
date: Sat, 04 May 2024 18:39:46 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.30
vary: Accept-Encoding, Accept-Encoding,Cookie
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://exclusive-works.ru/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
X-Firefox-Spdy: h2

exclusive-works.ru/wp-content/uploads/2024/04/cropped-remont.jpg

87.236.16.222

200 OK

2.6 kB

URL GET HTTP/2
exclusive-works.ru/wp-content/uploads/2024/04/cropped-remont.jpg
IP
87.236.16.222:443
ASN
#198610 Beget LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subjectexclusive-works.ru
FingerprintC6:F1:85:00:31:02:65:80:DF:66:0D:9C:20:FE:78:0D:DF:F7:6F:1B
ValidityWed, 01 May 2024 06:34:48 GMT - Tue, 30 Jul 2024 06:34:47 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 200x27, components 3
Size
2.6 kB (2631 bytes)
Hash
e8e1dbc28356a2c3191470d9ef52d8db
162fa30c3efdbf60e9ba454128d980749bb1f36c
f1f6853b33f840730435e389c86996b270477d35815fa451f4b453f20579ffb3

HTTP Headers

GET /wp-content/uploads/2024/04/cropped-remont.jpg HTTP/1.1
Host: exclusive-works.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Sat, 04 May 2024 18:39:47 GMT
content-type: image/jpeg
content-length: 2631
last-modified: Wed, 24 Apr 2024 05:53:05 GMT
etag: "66289e41-a47"
expires: Mon, 03 Jun 2024 18:39:47 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2

exclusive-works.ru/wp-content/plugins/wp-postratings/images/stars/rating_over.gif

87.236.16.222

200 OK

523 B

URL GET HTTP/2
exclusive-works.ru/wp-content/plugins/wp-postratings/images/stars/rating_over.gif
IP
87.236.16.222:443
ASN
#198610 Beget LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subjectexclusive-works.ru
FingerprintC6:F1:85:00:31:02:65:80:DF:66:0D:9C:20:FE:78:0D:DF:F7:6F:1B
ValidityWed, 01 May 2024 06:34:48 GMT - Tue, 30 Jul 2024 06:34:47 GMT

File type
GIF image data, version 89a, 12 x 12
Size
523 B (523 bytes)
Hash
00988ec60c7a0ed0e036851c9ec00dd6
8ffff7b5e7a8fa4827cab5f846d71fa1f62ea65b
71348f4f38512af6e6ba8062fe5545a783f91d1a07bcb300c246f1bad9b0d4b6

HTTP Headers

GET /wp-content/plugins/wp-postratings/images/stars/rating_over.gif HTTP/1.1
Host: exclusive-works.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Sat, 04 May 2024 18:39:47 GMT
content-type: image/gif
content-length: 523
last-modified: Wed, 24 Apr 2024 05:44:35 GMT
etag: "66289c43-20b"
expires: Mon, 03 Jun 2024 18:39:47 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2

exclusive-works.ru/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.91.1

87.236.16.222

200 OK

2.2 kB

URL GET HTTP/2
exclusive-works.ru/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.91.1
IP
87.236.16.222:443
ASN
#198610 Beget LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subjectexclusive-works.ru
FingerprintC6:F1:85:00:31:02:65:80:DF:66:0D:9C:20:FE:78:0D:DF:F7:6F:1B
ValidityWed, 01 May 2024 06:34:48 GMT - Tue, 30 Jul 2024 06:34:47 GMT

File type
gzip compressed data, from Unix
Size
2.2 kB (2189 bytes)
Hash
4094aaebff09b799f2f717258719dc51
0c460db2e9bb8baa68f521653d948c117d537bb3
5dedb37da266bc944b08680989ebc369198a065edc0697b61fffd5eca8a60254

HTTP Headers

GET /wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.91.1 HTTP/1.1
Host: exclusive-works.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Sat, 04 May 2024 18:39:47 GMT
content-type: application/x-javascript
last-modified: Wed, 24 Apr 2024 05:44:35 GMT
vary: Accept-Encoding
etag: W/"66289c43-d01"
expires: Sat, 11 May 2024 18:39:47 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

exclusive-works.ru/wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.js?ver=6.5.2

87.236.16.222

14 kB

URL
exclusive-works.ru/wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.js?ver=6.5.2
IP
87.236.16.222:0
ASN
#198610 Beget LLC

Certificate
IssuerLet's Encrypt
Subjectexclusive-works.ru
FingerprintC6:F1:85:00:31:02:65:80:DF:66:0D:9C:20:FE:78:0D:DF:F7:6F:1B
ValidityWed, 01 May 2024 06:34:48 GMT - Tue, 30 Jul 2024 06:34:47 GMT

File type
gzip compressed data, from Unix
Size
14 kB (13555 bytes)
Hash
0252eb71005a3d29a2b8b3a7e00b935b
716952d360f0aaa88a23fcc8c93002726d1f0fad
273917b96777fd891b4a4269e712a02a683a7e53a30b2a1f4d3501ea039df2c7

HTTP Headers

GET /wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.js?ver=6.5.2 HTTP/1.1
Host: exclusive-works.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Sat, 04 May 2024 18:39:47 GMT
content-type: application/x-javascript
last-modified: Wed, 24 Apr 2024 05:44:35 GMT
vary: Accept-Encoding
etag: W/"66289c43-454a"
expires: Sat, 11 May 2024 18:39:47 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.adlook.me/js/vbf.js

193.17.93.93

23 kB

URL
cdn.adlook.me/js/vbf.js
IP
193.17.93.93:0
ASN
#210756 EdgeCenter LLC

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65499), with no line terminators
Size
23 kB (23063 bytes)
Hash
316adf3dd428df877546530f237016bb
7246ed59b8c7b6d0cc21e6649d806972cb1f962a
2283f3784ed6d84741707167eed0eafc77899ce5e06d1c843e0fed14daa73ab2

HTTP Headers

GET /js/vbf.js HTTP/1.1
Host: cdn.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:39:47 GMT
content-type: application/javascript,application/javascript;charset=utf-8
content-length: 23063
content-encoding: gzip
last-modified: Thu, 25 Apr 2024 10:01:40 GMT
etag: "0da5191f796da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache: HIT
x-cached-since: 2024-05-04T18:38:30+00:00
x-node: blm-up-gc142
accept-ranges: bytes
X-Firefox-Spdy: h2

exclusive-works.ru/wp-content/plugins/easy-fancybox/vendor/jquery.easing.min.js?ver=1.4.1

87.236.16.222

200 OK

5.5 kB

URL GET HTTP/2
exclusive-works.ru/wp-content/plugins/easy-fancybox/vendor/jquery.easing.min.js?ver=1.4.1
IP
87.236.16.222:443
ASN
#198610 Beget LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subjectexclusive-works.ru
FingerprintC6:F1:85:00:31:02:65:80:DF:66:0D:9C:20:FE:78:0D:DF:F7:6F:1B
ValidityWed, 01 May 2024 06:34:48 GMT - Tue, 30 Jul 2024 06:34:47 GMT

File type
gzip compressed data, from Unix
Size
5.5 kB (5479 bytes)
Hash
4d47a74da4737c18d69fb7e18fc5817f
c8560ec5d47504eb07e288ca3fb3f74afa8475c2
3aae53d3bee5b567847c4748bf8d43a9a357a323d2e20d8251ebb9eb9ce24403

HTTP Headers

GET /wp-content/plugins/easy-fancybox/vendor/jquery.easing.min.js?ver=1.4.1 HTTP/1.1
Host: exclusive-works.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Sat, 04 May 2024 18:39:47 GMT
content-type: application/x-javascript
last-modified: Wed, 24 Apr 2024 05:44:35 GMT
vary: Accept-Encoding
etag: W/"66289c43-8fe"
expires: Sat, 11 May 2024 18:39:47 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

exclusive-works.ru/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

87.236.16.222

200 OK

35 kB

URL GET HTTP/2
exclusive-works.ru/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
87.236.16.222:443
ASN
#198610 Beget LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subjectexclusive-works.ru
FingerprintC6:F1:85:00:31:02:65:80:DF:66:0D:9C:20:FE:78:0D:DF:F7:6F:1B
ValidityWed, 01 May 2024 06:34:48 GMT - Tue, 30 Jul 2024 06:34:47 GMT

File type
gzip compressed data, from Unix
Size
35 kB (34647 bytes)
Hash
44bf3fa60098592ddb66706511ef99da
a812c7195b7236858e9c4862bc99298dc1a75232
bc6c10ca5f4079ab8c6cc0927c738f18632cb190faba07a1b326b02bf64ef1d4

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: exclusive-works.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Sat, 04 May 2024 18:39:47 GMT
content-type: application/x-javascript
last-modified: Wed, 24 Apr 2024 05:44:38 GMT
vary: Accept-Encoding
etag: W/"66289c46-15601"
expires: Sat, 11 May 2024 18:39:47 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.adlook.me/js/rlf.js

193.17.93.93

200 OK

23 kB

URL GET HTTP/2
cdn.adlook.me/js/rlf.js
IP
193.17.93.93:443
ASN
#210756 EdgeCenter LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65499), with no line terminators
Size
23 kB (22984 bytes)
Hash
ae89afef8020880f8f33570fc361915e
3a3dac359793f3b26edd7f314546c47dd05f6ab7
a05cc0f77829a2d1cd3c695b37f622fd3290b7176190d02d1ade0aab29618a4d

HTTP Headers

GET /js/rlf.js HTTP/1.1
Host: cdn.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:39:47 GMT
content-type: application/javascript,application/javascript;charset=utf-8
content-length: 22984
content-encoding: gzip
last-modified: Wed, 10 Apr 2024 12:24:32 GMT
etag: "006fa428bda1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache: HIT
x-cached-since: 2024-05-04T18:38:18+00:00
x-node: blm-up-gc142
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.adlook.me/u/cds.html

193.17.93.93

200 OK

1.4 kB

URL GET HTTP/2
cdn.adlook.me/u/cds.html
IP
193.17.93.93:443
ASN
#210756 EdgeCenter LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
1.4 kB (1439 bytes)
Hash
092b935eec2ba1199c03c1c856472e77
90d533fb895dda57fd0645cf484a4ecb7a64c344
8719a7a7e474f30d7a1d5dbf2ab97bbd73437c28ef567b410361540ad38c985e

HTTP Headers

GET /u/cds.html HTTP/1.1
Host: cdn.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:39:47 GMT
content-type: text/html
content-length: 1439
last-modified: Thu, 06 Aug 2020 17:06:57 GMT
etag: "207a2dfe136cd61:0"
x-powered-by: ASP.NET
cache: HIT
x-cached-since: 2024-05-04T18:36:59+00:00
x-node: blm-up-gc142
accept-ranges: bytes
X-Firefox-Spdy: h2

exclusive-works.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

87.236.16.222

6.0 kB

URL
exclusive-works.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
87.236.16.222:0
ASN
#198610 Beget LLC

Certificate
IssuerLet's Encrypt
Subjectexclusive-works.ru
FingerprintC6:F1:85:00:31:02:65:80:DF:66:0D:9C:20:FE:78:0D:DF:F7:6F:1B
ValidityWed, 01 May 2024 06:34:48 GMT - Tue, 30 Jul 2024 06:34:47 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
6.0 kB (5952 bytes)
Hash
393f59dd37dea652195103e3e83791d3
c6bcfbf4411242bffa5052f810f2c48b7b3444ea
b05a1107750ea63a4f7ff0747b23ddfea62d2a83c67e7e82fc2400b1e61cd6de

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: exclusive-works.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Sat, 04 May 2024 18:39:47 GMT
content-type: application/x-javascript
last-modified: Wed, 24 Apr 2024 05:44:38 GMT
vary: Accept-Encoding
etag: W/"66289c46-3509"
expires: Sat, 11 May 2024 18:39:47 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

exclusive-works.ru/wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=3.8.5

87.236.16.222

200 OK

3.8 kB

URL GET HTTP/2
exclusive-works.ru/wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=3.8.5
IP
87.236.16.222:443
ASN
#198610 Beget LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subjectexclusive-works.ru
FingerprintC6:F1:85:00:31:02:65:80:DF:66:0D:9C:20:FE:78:0D:DF:F7:6F:1B
ValidityWed, 01 May 2024 06:34:48 GMT - Tue, 30 Jul 2024 06:34:47 GMT

File type
JavaScript source, ASCII text, with very long lines (7188)
Size
3.8 kB (3774 bytes)
Hash
5095664d766fb57cb6711025f21c0bfd
71f5d31574694e7a5e499212b44ad8569efb77a6
eb5a0a3fb80dc93ba9e96ff7b144de641fb0899dd9bff118a08c2ea68fc0d89f

HTTP Headers

GET /wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=3.8.5 HTTP/1.1
Host: exclusive-works.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Sat, 04 May 2024 18:39:47 GMT
content-type: application/x-javascript
last-modified: Wed, 24 Apr 2024 05:44:36 GMT
vary: Accept-Encoding
etag: W/"66289c44-1c15"
expires: Sat, 11 May 2024 18:39:47 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

exclusive-works.ru/wp-content/uploads/2024/04/cropped-repair-192x192.jpg

87.236.16.222

7.0 kB

URL
exclusive-works.ru/wp-content/uploads/2024/04/cropped-repair-192x192.jpg
IP
87.236.16.222:0
ASN
#198610 Beget LLC

Certificate
IssuerLet's Encrypt
Subjectexclusive-works.ru
FingerprintC6:F1:85:00:31:02:65:80:DF:66:0D:9C:20:FE:78:0D:DF:F7:6F:1B
ValidityWed, 01 May 2024 06:34:48 GMT - Tue, 30 Jul 2024 06:34:47 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 192x192, components 3
Size
7.0 kB (7039 bytes)
Hash
d210f2c1627652f585c23c627c89a8ac
8820e40a3685eb428601df249e9661a6285de186
244a1a3fc5f2e578638e759fe53caedd8c5cd33c6cd905ae2a2b58183954f2ea

HTTP Headers

GET /wp-content/uploads/2024/04/cropped-repair-192x192.jpg HTTP/1.1
Host: exclusive-works.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Sat, 04 May 2024 18:39:47 GMT
content-type: image/jpeg
content-length: 7039
last-modified: Wed, 24 Apr 2024 05:50:44 GMT
etag: "66289db4-1b7f"
expires: Mon, 03 Jun 2024 18:39:47 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2

exclusive-works.ru/wp-content/uploads/2024/04/cropped-repair-32x32.jpg

87.236.16.222

200 OK

827 B

URL GET HTTP/2
exclusive-works.ru/wp-content/uploads/2024/04/cropped-repair-32x32.jpg
IP
87.236.16.222:443
ASN
#198610 Beget LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subjectexclusive-works.ru
FingerprintC6:F1:85:00:31:02:65:80:DF:66:0D:9C:20:FE:78:0D:DF:F7:6F:1B
ValidityWed, 01 May 2024 06:34:48 GMT - Tue, 30 Jul 2024 06:34:47 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 32x32, components 3
Size
827 B (827 bytes)
Hash
5ed1e3c293dd309e2239df1c6cd30922
90efac6e03e7ba15ff9161769f57ee5b56d29c04
c5f9781bff6479e1ae3fd57e9a6ce0ea35303b2f44a85b59dc4dd7489c708f34

HTTP Headers

GET /wp-content/uploads/2024/04/cropped-repair-32x32.jpg HTTP/1.1
Host: exclusive-works.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Sat, 04 May 2024 18:39:47 GMT
content-type: image/jpeg
content-length: 827
last-modified: Wed, 24 Apr 2024 05:50:44 GMT
etag: "66289db4-33b"
expires: Mon, 03 Jun 2024 18:39:47 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2

ads.adlook.me/vast?id=22583&w=1280&h=720&mult=1&rw=0&ref=&loc=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&top=&_ts=1714847987730

78.140.242.106

172 kB

URL
ads.adlook.me/vast?id=22583&w=1280&h=720&mult=1&rw=0&ref=&loc=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&top=&_ts=1714847987730
IP
78.140.242.106:0
ASN
#209974 Itglobalcom Rus LLC

File type
JSON text data
Size
172 kB (171674 bytes)
Hash
2decc39dc9861efdc00dfae6168c68ec
8802ccfeebb54013852fa9ae6aa9448dc613dfb8
f74e33984b9e87b84c624d72f2e0a962210c747a0eb2622c860f26db32dc16e8

HTTP Headers

GET /vast?id=22583&w=1280&h=720&mult=1&rw=0&ref=&loc=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&top=&_ts=1714847987730 HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 171674
content-type: application/json
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=409d949b9b9c4c14951ec8dd1ad27f27; expires=Sat, 03 May 2025 21:00:00 GMT; path=/; SameSite=None; secure; samesite=none
access-control-allow-origin: https://exclusive-works.ru
access-control-allow-credentials: true
date: Sat, 04 May 2024 18:39:47 GMT
X-Firefox-Spdy: h2

cs.alfasense.com/pixeljs

23.111.100.20

6.0 kB

URL
cs.alfasense.com/pixeljs
IP
23.111.100.20:0
ASN
#39134 Edinaya Set Limited Liability Company

File type
JavaScript source, ASCII text, with very long lines (5963), with no line terminators
Size
6.0 kB (5963 bytes)
Hash
d0ae8545c5996edb756e2ba63ef50c5c
f99edeea294446e9ac7408a6e82c85e2c0d64fc8
11cfa63ac7d85a444bff7310191c60c764a885fe2574a4b24d6618ed8ed54f56

HTTP Headers

GET /pixeljs HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 18:39:48 GMT
Content-Type: application/javascript
Content-Length: 5963
Connection: keep-alive
Server: fasthttp
Set-Cookie: uuid=d6151ccc-3fbe-44d4-9e13-22bc107eb806; expires=Fri, 25 Apr 2025 18:39:48 GMT; domain=alfasense.com; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes

cdn.alfasense.net/lib/ad_builder.min.js

136.144.31.36

3.0 kB

URL
cdn.alfasense.net/lib/ad_builder.min.js
IP
136.144.31.36:0
ASN
#52000 MIRhosting B.V.

File type
gzip compressed data, max speed, from Unix
Size
3.0 kB (3037 bytes)
Hash
dcbacd880173dbfaed581c9112ce9386
ca65e05bdf63e0cddcedbcf9ff6351dc072e6ff3
94fa8fd1e824366dc930900e9f942de9d3296d597e11b39b3be1fd04bf045477

HTTP Headers

GET /lib/ad_builder.min.js HTTP/1.1
Host: cdn.alfasense.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:39:47 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 06:34:34 GMT
etag: W/"631ade7a-28b4"
content-security-policy: frame-ancestors 'none';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
cache-control: public, max-age=60
content-encoding: gzip
set-cookie: route=e7a39e6e3385558e2f6a6a18cac7185b; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByH1UD5_XFVca8/jsvpaid

49.12.83.94

114 B

URL
exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByH1UD5_XFVca8/jsvpaid
IP
49.12.83.94:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text
Size
114 B (114 bytes)
Hash
b6f1cd46de3ae2cb86ac79f92ccdf255
edee9a1c75ea97b15626c66d76c176ccdaa0cc22
aa078d05ee2aa221faae0bbfafe453e1b59c764ff2dbe711042593d313568d3c

HTTP Headers

GET /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByH1UD5_XFVca8/jsvpaid HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
server: nginx
date: Sat, 04 May 2024 18:39:46 GMT
content-type: text/html; charset=utf-8
content-length: 114
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
access-control-allow-origin: https://exclusive-works.ru
access-control-expose-headers: Set-Cookie, Etag
location: /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByH1UD5_XFVca8/jsvpaid?set_buzzoola_cookie=t
set-cookie: uuid=91dc9a49-8acc-4dc6-4e9a-11419fe1cf25; Path=/; Domain=buzzoola.com; Expires=Mon, 03 Jun 2024 18:39:46 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2

exchange.buzzoola.com/cookiesync/redirect?skip2=d6151ccc-3fbe-44d4-9e13-22bc107eb806&redirect_url=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dbz%26uid%3D%24%7BUUID%7D

49.12.83.94

101 B

URL
exchange.buzzoola.com/cookiesync/redirect?skip2=d6151ccc-3fbe-44d4-9e13-22bc107eb806&redirect_url=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dbz%26uid%3D%24%7BUUID%7D
IP
49.12.83.94:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text
Size
101 B (101 bytes)
Hash
ade66a8d0bb73199900e39606af3efb2
c47366f22c7ad78f8a273a441bfc4e9480afc4e6
0547d13e05d2c66f3ee51798f93e12100bbbd742a6589f1e83424a7efd1a012b

HTTP Headers

GET /cookiesync/redirect?skip2=d6151ccc-3fbe-44d4-9e13-22bc107eb806&redirect_url=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dbz%26uid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 18:39:48 GMT
content-type: text/html; charset=utf-8
content-length: 101
location: https://cs.alfasense.com/p?ssp=bz&uid=e532a76d-397b-4a50-5ea8-40e4b7403273
serverid: TODO
X-Firefox-Spdy: h2

cdn.alfasense.net/lib/prebid.js

136.144.31.36

200 OK

85 kB

URL GET HTTP/2
cdn.alfasense.net/lib/prebid.js
IP
136.144.31.36:443
ASN
#52000 MIRhosting B.V.

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.alfasense.net
Fingerprint15:61:D7:BD:E9:E1:37:36:5F:FD:47:F7:69:F7:5E:53:CD:95:A9:59
ValidityWed, 22 Nov 2023 16:23:03 GMT - Mon, 23 Dec 2024 16:23:02 GMT

File type
gzip compressed data, max speed, from Unix
Size
85 kB (85413 bytes)
Hash
396a65d80d160fdc1e0a8401bac91603
ef9f50034b2d0b6eb9635e64d87671e7c68ba8a5
09d4fb7486009db01bc766c960acfb664d135f2439791b363255ca23169aab8a

HTTP Headers

GET /lib/prebid.js HTTP/1.1
Host: cdn.alfasense.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:39:48 GMT
content-type: application/javascript
last-modified: Thu, 14 Mar 2024 10:57:02 GMT
etag: W/"65f2d7fe-37314"
content-security-policy: frame-ancestors 'none';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
cache-control: public, max-age=60
content-encoding: gzip
set-cookie: route=e7a39e6e3385558e2f6a6a18cac7185b; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

cdn.alfasense.net/lib/alfadart.lib.min.js

136.144.31.36

10 kB

URL
cdn.alfasense.net/lib/alfadart.lib.min.js
IP
136.144.31.36:0
ASN
#52000 MIRhosting B.V.

File type
gzip compressed data, max speed, from Unix
Size
10 kB (10521 bytes)
Hash
9c4d8dd5273c67e00897ed3af281ed31
b4ecf69dd3bff3eb9ffd03e608fb9107ec820a49
cf55cb64d617c6250d64a907b5962521fce29975d70f92152b572cc882eb218e

HTTP Headers

GET /lib/alfadart.lib.min.js HTTP/1.1
Host: cdn.alfasense.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:39:47 GMT
content-type: application/javascript
last-modified: Thu, 18 Apr 2024 10:46:13 GMT
etag: W/"6620f9f5-8dfa"
content-security-policy: frame-ancestors 'none';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
cache-control: public, max-age=60
content-encoding: gzip
set-cookie: route=dd92c318b574e2af8018c0207c5098f9; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHYBaHVOHr2Dk/jsvpaid

49.12.83.94

114 B

URL
exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHYBaHVOHr2Dk/jsvpaid
IP
49.12.83.94:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text
Size
114 B (114 bytes)
Hash
0aee7f2b279ee74c9885e2c274475618
a2c46589fc5407aa5db06b7e889ac7a4ccba0bbd
191377512aa0855ce2e54f0c351911d3426a2d4d4cb258ba9e252cd2f5c901da

HTTP Headers

GET /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHYBaHVOHr2Dk/jsvpaid HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
server: nginx
date: Sat, 04 May 2024 18:39:48 GMT
content-type: text/html; charset=utf-8
content-length: 114
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
access-control-allow-origin: https://exclusive-works.ru
access-control-expose-headers: Set-Cookie, Etag
location: /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHYBaHVOHr2Dk/jsvpaid?set_buzzoola_cookie=t
set-cookie: uuid=13df691e-c896-4704-419c-507ed4a2c070; Path=/; Domain=buzzoola.com; Expires=Mon, 03 Jun 2024 18:39:48 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2

a.utraff.com/sync?ssp=716&skipme=d6151ccc-3fbe-44d4-9e13-22bc107eb806

172.67.74.180

0 B

URL
a.utraff.com/sync?ssp=716&skipme=d6151ccc-3fbe-44d4-9e13-22bc107eb806
IP
172.67.74.180:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync?ssp=716&skipme=d6151ccc-3fbe-44d4-9e13-22bc107eb806 HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 04 May 2024 18:39:48 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Mon, 03 Jun 2024 21:39:48 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Mon, 03 Jun 2024 21:39:48 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hXAwx%2FNz%2BPmxmncP6Hrt8bWiCkCr6EugOD%2BIn7xXveL%2Fedy0Xr5TVyVV2pbbrl6MEg0Wa7vZSHpwRDkM70kKu6cN5kQpDMuZsuu9QCrnnkkVu6cgdR1sXYrDQJo1Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea9d9aad7e5696-OSL
X-Firefox-Spdy: h2

yandex.ru/ads/adfox/270465/getCode?pp=g&ps=gyzl&p2=gcuq&puid1=&puid2=

77.88.55.60

200 OK

1.5 kB

URL GET HTTP/2
yandex.ru/ads/adfox/270465/getCode?pp=g&ps=gyzl&p2=gcuq&puid1=&puid2=
IP
77.88.55.60:443
ASN
#13238 YANDEX LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.xn--d1acpjx3f.xn--p1ai
Fingerprint17:FB:0C:B6:3F:7F:A5:4C:41:AD:D0:5C:6B:9A:96:47:FE:AF:C8:5C
ValidityMon, 04 Mar 2024 10:29:07 GMT - Sun, 01 Sep 2024 20:59:59 GMT

File type
gzip compressed data, from Unix
Size
1.5 kB (1509 bytes)
Hash
6d79770a9c85386f0ea38a4fb3d82a6c
9539f78de01650cba58b111e500ab677c14fcb1e
73ca546bf4f7991efc16da123d48025717841bc9af147aafbdd561ebd8f92d6a

HTTP Headers

GET /ads/adfox/270465/getCode?pp=g&ps=gyzl&p2=gcuq&puid1=&puid2= HTTP/1.1
Host: yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin: https://exclusive-works.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
x-yandex-req-id: 1714847988841348-12247546207353552418-balancer-l7leveler-kubr-yp-sas-209-BAL
last-modified: Sat, 04 May 2024 18:39:48 GMT
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
date: Sat, 04 May 2024 18:39:48 GMT
set-cookie: i=jgb3+BROSwFEc4Rm/H6NEeqJD5ivwO6wllgCNu4uw1k3+flDs6YAOHuHGHKb1CIIy2yvfO8rU8SFd+VANk4+qwyH5EM=; Expires=Mon, 04-May-2026 18:39:48 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=8535524181714847988; Expires=Mon, 04-May-2026 18:39:48 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None
yashr=5124951411714847988; Path=/; Domain=.yandex.ru; Expires=Sun, 04 May 2025 18:39:48 GMT; SameSite=None; Secure; HttpOnly
receive-cookie-deprecation=1; Path=/; Domain=.yandex.ru; Expires=Sun, 04 May 2025 18:39:48 GMT; SameSite=None; Secure; HttpOnly; Partitioned
content-type: text/xml; charset=utf-8
content-disposition: attachment; filename="null"
pragma: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
expires: Sat, 04 May 2024 18:39:48 GMT
x-adfox: {"default":true, "place_id":1369254, "code_type":"regular"}
X-Firefox-Spdy: h2

sync.bumlam.com/?src=adlook&uid=409d949b9b9c4c14951ec8dd1ad27f27

31.172.81.158

302 Moved Temporarily

0 B

URL GET HTTP/1.1
sync.bumlam.com/?src=adlook&uid=409d949b9b9c4c14951ec8dd1ad27f27
IP
31.172.81.158:443
ASN
#44066 firstcolo GmbH

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint9F:E0:4A:B3:57:B0:3C:3E:13:7F:9F:FF:82:A2:91:87:45:9F:A4:7F
ValidityThu, 28 Mar 2024 09:09:43 GMT - Wed, 26 Jun 2024 09:09:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=adlook&uid=409d949b9b9c4c14951ec8dd1ad27f27 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 May 2024 18:39:49 GMT
Content-Length: 0
Connection: close
Set-Cookie: suuid3=IiRhZmYwMjk5Ni0wYTQ1LTExZWYtOWI3Yi0wMDI1OTBjODI0MzY*; Path=/; Expires=Fri, 29 Apr 2044 18:39:49 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=adlook&s_data=CAIQARj1gdqxBmIgNDA5ZDk0OWI5YjljNGMxNDk1MWVjOGRkMWFkMjdmMjeiARCv8CmWCkUR75t7ACWQyCQ2
ETag: aff02996-0a45-11ef-9b7b-002590c82436
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://exclusive-works.ru
Access-Control-Allow-Credentials: true

vastroll.ru/vast/vpaid.php?pl=3149&domain_ref=exclusive-works.ru

185.60.135.47

200 OK

33 B

URL GET HTTP/1.1
vastroll.ru/vast/vpaid.php?pl=3149&domain_ref=exclusive-works.ru
IP
185.60.135.47:443
ASN
#29182 JSC IOT

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subjectvastroll.ru
Fingerprint6A:EB:97:F8:29:CB:16:AB:A7:30:7D:CA:44:4C:11:12:E1:F5:C6:4F
ValidityTue, 12 Mar 2024 23:19:22 GMT - Mon, 10 Jun 2024 23:19:21 GMT

File type
ASCII text, with no line terminators
Size
33 B (33 bytes)
Hash
e4eecab14a9bc3181a77d27cc49f4db2
a5dc73937259e1c4d9122789394b7bb8497b09f3
cc9c13341678b544fc3f130671b4c481c56cf6207767bfebc065e24036192fb8

HTTP Headers

GET /vast/vpaid.php?pl=3149&domain_ref=exclusive-works.ru HTTP/1.1
Host: vastroll.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 04 May 2024 18:39:49 GMT
Content-Type: text/xml; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI ADM DEV COM NAV OUR STP"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 04 May 2024 18:39:49 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: https://exclusive-works.ru
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

www.acint.net/rmatch?dp=110&r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D%24%7BUSER_ID%7D

193.3.184.16

154 B

URL
www.acint.net/rmatch?dp=110&r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D%24%7BUSER_ID%7D
IP
193.3.184.16:0
ASN
#50214 QWARTA LLC

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=110&r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:39:49 GMT
content-type: text/html
content-length: 154
location: /rmatch?r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D$%7BUSER_ID%7D&dp=110&tc=1
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Sat, 04-May-24 18:49:49 GMT
aid=fwAAAWY2gPVFSzUY8vbqAmQJ+aj8xRw1Mo2nILlmoiyJJ8tB; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

exchange.buzzoola.com/cookiesync/ssp/adlook/?uid=409d949b9b9c4c14951ec8dd1ad27f27

49.12.83.94

122 B

URL
exchange.buzzoola.com/cookiesync/ssp/adlook/?uid=409d949b9b9c4c14951ec8dd1ad27f27
IP
49.12.83.94:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text
Size
122 B (122 bytes)
Hash
9558e995a7cf01b5004bcdd15a547c03
ea572be8a4f0f0b8a438b45ac09cd76c890faee0
4132b6ecdda9e9a5dbb3f8e832e21eaf3f50c83c998ac3a40fc19ad0569e60cc

HTTP Headers

GET /cookiesync/ssp/adlook/?uid=409d949b9b9c4c14951ec8dd1ad27f27 HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
server: nginx
date: Sat, 04 May 2024 18:39:51 GMT
content-type: text/html; charset=utf-8
content-length: 122
location: /cookiesync/ssp/adlook/?set_buzzoola_cookie=t&uid=409d949b9b9c4c14951ec8dd1ad27f27
set-cookie: uuid=8ad0d2c9-58c4-4866-67a2-429b982be014; Path=/; Domain=buzzoola.com; Expires=Mon, 03 Jun 2024 18:39:51 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2

exclusive-works.ru/wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.css?ver=6.5.2

87.236.16.222

200 OK

1.9 kB

URL GET HTTP/2
exclusive-works.ru/wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.css?ver=6.5.2
IP
87.236.16.222:443
ASN
#198610 Beget LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subjectexclusive-works.ru
FingerprintC6:F1:85:00:31:02:65:80:DF:66:0D:9C:20:FE:78:0D:DF:F7:6F:1B
ValidityWed, 01 May 2024 06:34:48 GMT - Tue, 30 Jul 2024 06:34:47 GMT

File type
gzip compressed data, from Unix
Size
1.9 kB (1875 bytes)
Hash
47aca4040557ffb3e8e5c891f7490333
9d2dae75df5f150e65b9f7b55abddafa0f1764fd
a72e824cd7248a39b6544ad2c06326dec01b2733039cd9730246063b05f507f2

HTTP Headers

GET /wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.css?ver=6.5.2 HTTP/1.1
Host: exclusive-works.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Sat, 04 May 2024 18:39:47 GMT
content-type: text/css
last-modified: Wed, 24 Apr 2024 05:44:35 GMT
vary: Accept-Encoding
etag: W/"66289c43-1514"
expires: Sat, 11 May 2024 18:39:47 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-a.adlook.me/vast/vk-vdisp/videodirect-vk-vdisp-1.xml

5.101.76.186

2.3 kB

URL
cdn-a.adlook.me/vast/vk-vdisp/videodirect-vk-vdisp-1.xml
IP
5.101.76.186:0
ASN
#48096 Enterprise Cloud Ltd.

File type
XML 1.0 document, ASCII text, with very long lines (1443), with CRLF line terminators
Size
2.3 kB (2290 bytes)
Hash
9ea0c7bff85631693b5beb15308d2ffd
5f70b622cb50fd8d325ef88e19b5be7e54708188
4a2f1afcdc7d327bd09679444cffe344cb81edd2a70c6faef192444ee1a3abb6

HTTP Headers

GET /vast/vk-vdisp/videodirect-vk-vdisp-1.xml HTTP/1.1
Host: cdn-a.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 2290
content-type: text/xml
last-modified: Wed, 06 Mar 2024 16:35:00 GMT
accept-ranges: bytes
etag: "1da6fe43b5c9af2"
server: Microsoft-IIS/10.0
access-control-allow-origin: https://exclusive-works.ru
access-control-allow-credentials: true
date: Sat, 04 May 2024 18:39:48 GMT
X-Firefox-Spdy: h2

kimberlite.io/rtb/sync/adlook?u=409d949b9b9c4c14951ec8dd1ad27f27

217.199.220.44

0 B

URL
kimberlite.io/rtb/sync/adlook?u=409d949b9b9c4c14951ec8dd1ad27f27
IP
217.199.220.44:0
ASN
#61400 Start LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rtb/sync/adlook?u=409d949b9b9c4c14951ec8dd1ad27f27 HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Sat, 04 May 2024 18:39:49 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: u=ZjaA9CMIf94~RxqZADpGXlBcYr5ZSa4fZomxdzI; path=/; max-age=7776000; samesite=none; httponly; secure
as=hPJ_CGY2gPQ; max-age=604800; samesite=none; httponly; secure
f=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsolta%26uid%3DZjaA9CMIf94; max-age=30; samesite=none; httponly; secure
n=1; max-age=30; samesite=none; httponly; secure
location: https://sync.dsp.solta.io/match/kimberlite?id=ZjaA9CMIf94
referrer-policy: no-referrer
server-timing: app;srv=0;dur=0.0002

rtb.segmel.io/als/sync/?uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806

172.67.181.120

204 No Content

0 B

URL GET HTTP/2
rtb.segmel.io/als/sync/?uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806
IP
172.67.181.120:443
ASN
#13335 CLOUDFLARENET

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGoogle Trust Services LLC
Subjectsegmel.io
FingerprintC5:9F:43:6B:5E:EF:D7:64:3C:5D:60:ED:50:F6:0B:8A:E3:E5:F5:E9
ValidityFri, 22 Mar 2024 15:49:08 GMT - Thu, 20 Jun 2024 15:49:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /als/sync/?uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806 HTTP/1.1
Host: rtb.segmel.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 04 May 2024 18:39:49 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=0; includeSubDomains; preload;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8AweH1PyVkFl21jytTLSGojTF7aPLkProjWadsv%2Fm%2BvjsbkisM%2FHDMvk7ZTjqB%2FpT5B9uJq%2FQdiNDeASksU8Y8HBnNdriWFX%2BhfkGRrVIGWnB2Proij0eSijYyY%2FU%2BB2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea9d9cfb2256c1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

match.new-programmatic.com/userbind?src=adlook&id=409d949b9b9c4c14951ec8dd1ad27f27

217.65.2.150

0 B

URL
match.new-programmatic.com/userbind?src=adlook&id=409d949b9b9c4c14951ec8dd1ad27f27
IP
217.65.2.150:0
ASN
#3175 Citytelecom LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userbind?src=adlook&id=409d949b9b9c4c14951ec8dd1ad27f27 HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Sat, 04 May 2024 18:39:49 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

cs.alfasense.com/p?ssp=bz&uid=e532a76d-397b-4a50-5ea8-40e4b7403273

23.111.100.20

200 OK

35 B

URL GET HTTP/1.1
cs.alfasense.com/p?ssp=bz&uid=e532a76d-397b-4a50-5ea8-40e4b7403273
IP
23.111.100.20:443
ASN
#39134 Edinaya Set Limited Liability Company

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.alfasense.com
FingerprintCB:9E:EC:1E:29:96:7E:71:55:EA:3F:33:4D:45:A2:7D:8D:4B:D9:DE
ValidityWed, 27 Dec 2023 23:14:58 GMT - Mon, 27 Jan 2025 23:14:57 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /p?ssp=bz&uid=e532a76d-397b-4a50-5ea8-40e4b7403273 HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: uuid=d6151ccc-3fbe-44d4-9e13-22bc107eb806
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 18:39:49 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes

s.uuidksinc.net/match/1215/?remote_uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806

185.98.54.153

0 B

URL
s.uuidksinc.net/match/1215/?remote_uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806
IP
185.98.54.153:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/1215/?remote_uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.23.2
date: Sat, 04 May 2024 18:39:49 GMT
content-length: 0
location: https://cs.alfasense.com/p?ssp=kd&uid=RzPsfyQLpYD9OjJLTPfE
set-cookie: jcsuuid=RzPsfyQLpYD9OjJLTPfE; expires=Sun, 04 May 2025 18:39:49 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

kimberlite.io/rtb/bid/pbjs

217.199.220.44

204 No Content

0 B

URL POST HTTP/1.1
kimberlite.io/rtb/bid/pbjs
IP
217.199.220.44:443
ASN
#61400 Start LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.kimberlite.io
Fingerprint27:9B:57:5F:3C:19:A5:31:A3:1B:E6:A4:8E:CF:2F:73:78:4E:46:C1
ValidityThu, 29 Feb 2024 12:20:14 GMT - Tue, 01 Apr 2025 12:20:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /rtb/bid/pbjs HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
content-type: text/plain
Content-Length: 692
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 04 May 2024 18:39:49 GMT
Content-Length: 0
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://exclusive-works.ru
set-cookie: u=ZjaA9SBY41E~LcxcO9IXkslml1kExVS4ct5g3Ys; path=/; max-age=7776000; samesite=none; httponly; secure
server-timing: app;srv=7;dur=0.0616

pixel.dsp.onetarget.ru/adlook/pixel?id=409d949b9b9c4c14951ec8dd1ad27f27

130.193.53.230

0 B

URL
pixel.dsp.onetarget.ru/adlook/pixel?id=409d949b9b9c4c14951ec8dd1ad27f27
IP
130.193.53.230:0
ASN
#200350 Yandex.Cloud LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /adlook/pixel?id=409d949b9b9c4c14951ec8dd1ad27f27 HTTP/1.1
Host: pixel.dsp.onetarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 04 May 2024 18:39:49 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=5813217&id=6463d8b5-1304-4338-b1a3-ab13d4174b19
set-cookie: USER_ID=6463d8b5-1304-4338-b1a3-ab13d4174b19;max-age=2147483647;Secure;HttpOnly;SameSite=None
ADLOOK_USER_ID=409d949b9b9c4c14951ec8dd1ad27f27;max-age=30758400;Secure;HttpOnly;SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
X-Firefox-Spdy: h2

kimberlite.io/rtb/bid/vast/al_all?domain=exclusive-works.ru&h=720&w=1280

217.199.220.44

133 B

URL
kimberlite.io/rtb/bid/vast/al_all?domain=exclusive-works.ru&h=720&w=1280
IP
217.199.220.44:0
ASN
#61400 Start LLC

File type
XML 1.0 document, ASCII text, with no line terminators
Size
133 B (133 bytes)
Hash
3ed89f7fb59e6250fcf88c5fc5b4c990
2fea6c4cd489548d0873a5012763caf5eb4de49c
bd48ba544b1801753b640ad08ac40b9a6158874aab143497bc42624ae66a9f96

HTTP Headers

GET /rtb/bid/vast/al_all?domain=exclusive-works.ru&h=720&w=1280 HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 18:39:49 GMT
Content-Type: text/xml
Content-Length: 133
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://exclusive-works.ru
set-cookie: u=ZjaA9SQHbTM~-yrMrSpd5aU1046L-KX0eIvRIOg; path=/; max-age=7776000; samesite=none; httponly; secure
server-timing: app;srv=0;dur=0.1388

exclusive-works.ru/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.91.1

87.236.16.222

200 OK

508 B

URL GET HTTP/2
exclusive-works.ru/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.91.1
IP
87.236.16.222:443
ASN
#198610 Beget LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subjectexclusive-works.ru
FingerprintC6:F1:85:00:31:02:65:80:DF:66:0D:9C:20:FE:78:0D:DF:F7:6F:1B
ValidityWed, 01 May 2024 06:34:48 GMT - Tue, 30 Jul 2024 06:34:47 GMT

File type
gzip compressed data, from Unix
Size
508 B (508 bytes)
Hash
943be2ca7e4e944db0f00d12ccfc6355
25adeccd6dca71e7d8f839eef1b59a2bb945f5ae
83b27fc14d569a328f734c7f4faa49462ad1749a418d76d976460c0c07b0ddc9

HTTP Headers

GET /wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.91.1 HTTP/1.1
Host: exclusive-works.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Sat, 04 May 2024 18:39:47 GMT
content-type: text/css
last-modified: Wed, 24 Apr 2024 05:44:35 GMT
vary: Accept-Encoding
etag: W/"66289c43-549"
expires: Sat, 11 May 2024 18:39:47 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

ssp.al-adtech.com/api/sync/adlook

45.139.25.125

0 B

URL
ssp.al-adtech.com/api/sync/adlook
IP
45.139.25.125:0
ASN
#34959 Kviktel LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/sync/adlook HTTP/1.1
Host: ssp.al-adtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Sat, 04 May 2024 18:39:49 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Allow-Origin: 
Access-Control-Allow-Credentials: true
Location: https://ads.adlook.me/csync?pid=alab&uid=e60082d7-f712-4990-85a0-4cadfb917038
Set-Cookie: afp_cookie=gAAAAABmNoD1pr7LZk_80fkfYS3yu3SU08hq1uVCcjslDsj_TiASH6LgiaCGKG8IpFSOCe781_VzzYIAGOh4KCqdjfqyPAaWYBjS9lqgmd25b39LttoPXeh-Z-BG69RZehHt6WCihju23fJC5l02xiooIJ38DZhhmuTpSID8UUG67O0LJaGQ3h3UjZ0HpjsWjjHZ740qzCuXkcE0k4berv77Ri6wgMqv5gO98bl6h_SfehzeuWxe9qM=$; expires=Tue, 04 Jun 2024 18:39:49 GMT; path=/; secure; SameSite=None

acint.net/cmatch/?dp=14&pi=1647232&skip_it=d6151ccc-3fbe-44d4-9e13-22bc107eb806

193.3.184.16

302 Found

154 B

URL GET HTTP/2
acint.net/cmatch/?dp=14&pi=1647232&skip_it=d6151ccc-3fbe-44d4-9e13-22bc107eb806
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /cmatch/?dp=14&pi=1647232&skip_it=d6151ccc-3fbe-44d4-9e13-22bc107eb806 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:39:49 GMT
content-type: text/html
content-length: 154
location: https://px.adhigh.net/p/cm/sape?u=0800007FF5803666EB340D3F02C8ED05
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: cSyncDp17v2=1714847989; expires=Mon, 03-Jun-24 18:39:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
aid=fwAACGY2gPU/DTTrBe3IAs+mD+DCp8qcuobjd/tpk82xxBhB; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByH1UD5_XFVca8/jsvpaid?set_buzzoola_cookie=t

49.12.83.94

200 OK

1.4 kB

URL GET HTTP/2
exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByH1UD5_XFVca8/jsvpaid?set_buzzoola_cookie=t
IP
49.12.83.94:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
1.4 kB (1429 bytes)
Hash
4461fa26b1842aee0b7a50022c053d01
712174ab67cecafe18c5057d0163f57fc1982430
dde7d9cc810eda429b3a527e447f6b0faa0051d1a7fb9b3bf12c0dc17a2a49e5

HTTP Headers

GET /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByH1UD5_XFVca8/jsvpaid?set_buzzoola_cookie=t HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exclusive-works.ru
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: uuid=13df691e-c896-4704-419c-507ed4a2c070
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:39:47 GMT
content-type: application/xml
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
access-control-allow-origin: https://exclusive-works.ru
access-control-expose-headers: Set-Cookie, Etag
serverid: TODO
content-encoding: gzip
X-Firefox-Spdy: h2

s.alfasrv.com/events/1x1.png?s=121917&e=r&t=p

130.193.42.23

200 OK

95 B

URL GET HTTP/2
s.alfasrv.com/events/1x1.png?s=121917&e=r&t=p
IP
130.193.42.23:443
ASN
#200350 Yandex.Cloud LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.alfasrv.com
Fingerprint4B:8A:22:65:23:10:74:25:5D:40:3B:78:20:8D:F8:82:A4:50:44:90
ValidityTue, 10 Oct 2023 09:20:49 GMT - Sun, 10 Nov 2024 09:20:48 GMT

File type
PNG image data, 1 x 1, 1-bit colormap, non-interlaced
Size
95 B (95 bytes)
Hash
9591c410148e6883727c5339fd1c02cd
3442a95fe890ce4769b36b2ecc611b801a54cfb5
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

HTTP Headers

GET /events/1x1.png?s=121917&e=r&t=p HTTP/1.1
Host: s.alfasrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 04 May 2024 18:39:49 GMT
content-type: image/png
content-length: 95
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Original-Referer
access-control-allow-credentials: true
cache-control: no-cache,no-store
expires: Tue, 01 Jan 1980 1:00:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

sync.adspend.space/alfasense?uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806

104.21.26.195

204 No Content

0 B

URL GET HTTP/2
sync.adspend.space/alfasense?uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806
IP
104.21.26.195:443
ASN
#13335 CLOUDFLARENET

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGoogle Trust Services LLC
Subjectadspend.space
Fingerprint86:42:73:83:B4:96:F1:E2:8E:8F:5F:67:2B:A5:20:3C:AE:F0:FE:57
ValiditySat, 16 Mar 2024 00:50:56 GMT - Fri, 14 Jun 2024 00:50:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /alfasense?uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806 HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 04 May 2024 18:39:49 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z8gVLSfaeu7uT8zo4b6peqJnDFf0gc%2FqclGZfSdB2zQQgvZK%2BE86IFhvRtkPEHrBrbpOome9XgH2oF9Fzpd2StFd2GGpRXi0WRv9XVuaHaudrhf1A2Kbfm%2FkhyjuSqP7G%2BGExUU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea9d9f48885693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

sync.programmatica.com/match/Alfasense?id=d6151ccc-3fbe-44d4-9e13-22bc107eb806

158.160.128.78

43 B

URL
sync.programmatica.com/match/Alfasense?id=d6151ccc-3fbe-44d4-9e13-22bc107eb806
IP
158.160.128.78:0
ASN
#200350 Yandex.Cloud LLC

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /match/Alfasense?id=d6151ccc-3fbe-44d4-9e13-22bc107eb806 HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:39:49 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

sync.bumlam.com/?src=asense&uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806

31.172.81.158

302 Moved Temporarily

0 B

URL GET HTTP/1.1
sync.bumlam.com/?src=asense&uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806
IP
31.172.81.158:443
ASN
#44066 firstcolo GmbH

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint9F:E0:4A:B3:57:B0:3C:3E:13:7F:9F:FF:82:A2:91:87:45:9F:A4:7F
ValidityThu, 28 Mar 2024 09:09:43 GMT - Wed, 26 Jun 2024 09:09:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=asense&uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 May 2024 18:39:49 GMT
Content-Length: 0
Connection: close
Set-Cookie: suuid3=IiRiMDNlNTNkYy0wYTQ1LTExZWYtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Fri, 29 Apr 2044 18:39:49 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=asense&s_data=CAIQARj1gdqxBmIkZDYxNTFjY2MtM2ZiZS00NGQ0LTllMTMtMjJiYzEwN2ViODA2ogEQsD5T3ApFEe-G4AAlkMBkfA**
ETag: b03e53dc-0a45-11ef-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

www.acint.net/rmatch?dp=185&euid=d6151ccc-3fbe-44d4-9e13-22bc107eb806&r=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dsp%26uid%3D%24%7BUSER_ID%7D

193.3.184.16

154 B

URL
www.acint.net/rmatch?dp=185&euid=d6151ccc-3fbe-44d4-9e13-22bc107eb806&r=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dsp%26uid%3D%24%7BUSER_ID%7D
IP
193.3.184.16:0
ASN
#50214 QWARTA LLC

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=185&euid=d6151ccc-3fbe-44d4-9e13-22bc107eb806&r=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dsp%26uid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:39:49 GMT
content-type: text/html
content-length: 154
location: /rmatch?r=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dsp%26uid%3D$%7BUSER_ID%7D&dp=185&tc=1&euid=d6151ccc-3fbe-44d4-9e13-22bc107eb806
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Sat, 04-May-24 18:49:49 GMT
aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

cdn.alfasense.net/js/layout_2879.js

136.144.31.36

200 OK

4.8 kB

URL GET HTTP/2
cdn.alfasense.net/js/layout_2879.js
IP
136.144.31.36:443
ASN
#52000 MIRhosting B.V.

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.alfasense.net
Fingerprint15:61:D7:BD:E9:E1:37:36:5F:FD:47:F7:69:F7:5E:53:CD:95:A9:59
ValidityWed, 22 Nov 2023 16:23:03 GMT - Mon, 23 Dec 2024 16:23:02 GMT

File type
gzip compressed data, max speed, from Unix
Size
4.8 kB (4826 bytes)
Hash
ca7e5e048b7d9b6bc2e2fc08c20a202c
44594cf5c8646aedf11bd962e73eb2d42dd4db6f
f6ecdddddaf2dc10c849be85145189ae985b9ef4b35de9871e985db09eb89ebb

HTTP Headers

GET /js/layout_2879.js HTTP/1.1
Host: cdn.alfasense.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:39:47 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:44:13 GMT
etag: W/"662b776d-12a61"
content-security-policy: frame-ancestors 'none';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
cache-control: public, max-age=60
content-encoding: gzip
set-cookie: route=dd92c318b574e2af8018c0207c5098f9; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

const.uno/id.json?p=5

95.163.84.7

9 B

URL
const.uno/id.json?p=5
IP
95.163.84.7:0
ASN
#12695 LLC Digital Network

File type
JSON text data
Size
9 B (9 bytes)
Hash
7142df90fded5d00df2c0ba662f9b662
a6847802842e7c15d61b44aae555380a7e2f891e
72d427b7264997760074a94dcc1c9e54ae2c33b05276bfb3cfcd0f5d2d8bba3a

HTTP Headers

GET /id.json?p=5 HTTP/1.1
Host: const.uno
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
content-type: text/plain
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 18:39:49 GMT
Content-Type: application/json
Content-Length: 9
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://exclusive-works.ru

sync.upravel.com/alfadart/sync?uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806

195.201.193.230

0 B

URL
sync.upravel.com/alfadart/sync?uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806
IP
195.201.193.230:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /alfadart/sync?uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 18:39:49 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/alfadart/sync?uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806&session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9leGNsdXNpdmUtd29ya3MucnUvIl19fQ
set-cookie: session_tptc=1714847989788;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1714847989788;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

a.adiam.tech/sync?ssp=12&skip=d6151ccc-3fbe-44d4-9e13-22bc107eb806

172.67.200.122

0 B

URL
a.adiam.tech/sync?ssp=12&skip=d6151ccc-3fbe-44d4-9e13-22bc107eb806
IP
172.67.200.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync?ssp=12&skip=d6151ccc-3fbe-44d4-9e13-22bc107eb806 HTTP/1.1
Host: a.adiam.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 04 May 2024 18:39:49 GMT
content-type: text/plain
set-cookie: adiamutid=1; Expires=Mon, 03 Jun 2024 20:39:49 GMT; Domain=.adiam.tech; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iNe%2BAw49hZ8IFkVWDl0G9McE7SuNHQwoDegP3MPxs6HceGpN4SaMkmHKT8Eb%2B5sNU7cVx1JGDZO22N5LjbIuDL8CMIwQi9CfXlqKRi8U2ii%2BkvfFqTJ%2B%2FMpu%2F3%2B7%2Fmw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea9da00dd4712a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

match.new-programmatic.com/userbind?src=alfasense&id=d6151ccc-3fbe-44d4-9e13-22bc107eb806

217.65.2.150

0 B

URL
match.new-programmatic.com/userbind?src=alfasense&id=d6151ccc-3fbe-44d4-9e13-22bc107eb806
IP
217.65.2.150:0
ASN
#3175 Citytelecom LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userbind?src=alfasense&id=d6151ccc-3fbe-44d4-9e13-22bc107eb806 HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Sat, 04 May 2024 18:39:49 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
Location: https://cs.alfasense.com/p?ssp=tg&redir=0&id=

ssp.al-adtech.com/api/sync/alfadart?skipme=d6151ccc-3fbe-44d4-9e13-22bc107eb806

45.139.25.125

302 Found

0 B

URL GET HTTP/1.1
ssp.al-adtech.com/api/sync/alfadart?skipme=d6151ccc-3fbe-44d4-9e13-22bc107eb806
IP
45.139.25.125:443
ASN
#34959 Kviktel LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subject*.al-adtech.com
Fingerprint09:19:46:AF:0C:12:1A:6D:06:41:56:6B:AF:2F:C2:69:A3:3F:1A:37
ValidityMon, 15 Apr 2024 04:45:07 GMT - Sun, 14 Jul 2024 04:45:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/sync/alfadart?skipme=d6151ccc-3fbe-44d4-9e13-22bc107eb806 HTTP/1.1
Host: ssp.al-adtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Sat, 04 May 2024 18:39:49 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Allow-Origin: 
Access-Control-Allow-Credentials: true
Location: https://cs.alfasense.com/p?ssp=al&id=cf196db8-fb09-484b-9e19-189f88f6970f
Set-Cookie: afp_cookie=gAAAAABmNoD1v9oreKkXJ3p1n5Cs6b3_-DeWplFtaOB-Y2T2_Vh_qX_v0M8iXugMDDmBGMQM9Q0Evzg0MWshpUDMad6x9a1h3BcGqBY72CHllvBdIia2Yu7CcdEJEeLgJ8IVLIm_cijwf4dcukjJ_UxkPtzR8gSnDD_S4e54QlFPUKpTQWtAVHGxfcU6_CiSYolplLN72R5f53E9-Qk5WMGeNRCrZLGrQCOst5uYhgYOZzAtKGytMYM=$; expires=Tue, 04 Jun 2024 18:39:49 GMT; path=/; secure; SameSite=None

ssp-rtb.sape.ru/prebid

193.3.184.25

204 No Content

0 B

URL POST HTTP/1.1
ssp-rtb.sape.ru/prebid
IP
193.3.184.25:443
ASN
#50214 QWARTA LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subject*.sape.ru
Fingerprint73:95:22:E3:B6:12:3E:90:3A:10:10:DC:38:ED:28:2D:82:7B:EB:E2
ValidityWed, 10 Apr 2024 03:20:28 GMT - Tue, 09 Jul 2024 03:20:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /prebid HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
content-type: text/plain
Content-Length: 1926
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: openresty
Date: Sat, 04 May 2024 18:39:49 GMT
Content-Type: text/html
Connection: keep-alive
Access-Control-Allow-Origin: https://exclusive-works.ru
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST
X-YaRequestId: 7fb7e0fe504f41c4b0094ea726a239bd
X-YaSpanId: 84695545ed6f4c9b
X-YaTraceId: dedac53f0c624b419801a1a972f02b9a
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDPWY2gPUQpwAkIZCSAtwObK2VDTfOUuJ95155S8M/WBWo; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None

kimberlite.io/rtb/sync/alfasense?u=d6151ccc-3fbe-44d4-9e13-22bc107eb806

217.199.220.44

0 B

URL
kimberlite.io/rtb/sync/alfasense?u=d6151ccc-3fbe-44d4-9e13-22bc107eb806
IP
217.199.220.44:0
ASN
#61400 Start LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rtb/sync/alfasense?u=d6151ccc-3fbe-44d4-9e13-22bc107eb806 HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Sat, 04 May 2024 18:39:49 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: u=ZjaA9SFsm2w~S8xangkHdK_S8Q_uE4IWnuqaxA8; path=/; max-age=7776000; samesite=none; httponly; secure
as=-WrUeGY2gPU; max-age=604800; samesite=none; httponly; secure
f=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dst%26id%3DZjaA9SFsm2w; max-age=30; samesite=none; httponly; secure
n=1; max-age=30; samesite=none; httponly; secure
location: https://solta-sync.rutarget.ru/sync
referrer-policy: no-referrer
server-timing: app;srv=8;dur=0.0002

ssp.hybrid.ai/auction/prebid

37.230.131.17

204 No Content

0 B

URL OPTIONS HTTP/2
ssp.hybrid.ai/auction/prebid
IP
37.230.131.17:443
ASN
#200197 Hybrid Adtech Sp.z.o.o.

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerSectigo Limited
Subject*.hybrid.ai
Fingerprint40:F9:88:C5:EF:2B:26:9C:61:DC:CC:ED:B1:67:03:F4:E2:CC:B7:C8
ValidityThu, 14 Sep 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /auction/prebid HTTP/1.1
Host: ssp.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://exclusive-works.ru/
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 04 May 2024 18:39:49 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://exclusive-works.ru
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server: Hybrid Web Server
X-Firefox-Spdy: h2

sync.dmp.otm-r.com/match/alfasensor?id=d6151ccc-3fbe-44d4-9e13-22bc107eb806

138.201.65.74

302 Found

106 B

URL GET HTTP/2
sync.dmp.otm-r.com/match/alfasensor?id=d6151ccc-3fbe-44d4-9e13-22bc107eb806
IP
138.201.65.74:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.dmp.otm-r.com
FingerprintC6:A2:9D:82:0D:D1:C1:2D:A4:ED:7F:05:13:52:5B:94:6B:10:58:D6
ValidityMon, 19 Jun 2023 10:50:51 GMT - Sat, 20 Jul 2024 10:50:50 GMT

File type
HTML document, ASCII text
Size
106 B (106 bytes)
Hash
1720923412193493d26ad50cd3860d45
f43f7eccd6ddca70004f4924e12e0c4fbaa34629
a722ac776babf5ce51e9a07ab3e91f4cfe3c9e985d7370b65edd7c6b4ce2e64e

HTTP Headers

GET /match/alfasensor?id=d6151ccc-3fbe-44d4-9e13-22bc107eb806 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.17.4
date: Sat, 04 May 2024 18:39:49 GMT
content-type: text/html; charset=utf-8
content-length: 106
access-control-allow-origin: *
location: /match/alfasensor?id=d6151ccc-3fbe-44d4-9e13-22bc107eb806&otcm_check=1714847989
set-cookie: mpid=NjYzNjgwZjUwNzI0NGY3Yw==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2

nr.bidderstack.com/adlook/cm?user_id=409d949b9b9c4c14951ec8dd1ad27f27

116.202.32.25

302 Found

0 B

URL GET HTTP/1.1
nr.bidderstack.com/adlook/cm?user_id=409d949b9b9c4c14951ec8dd1ad27f27
IP
116.202.32.25:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGoDaddy.com, Inc.
Subject*.bidderstack.com
Fingerprint7A:83:29:BF:37:01:78:02:DF:C1:07:D8:A2:10:AB:0A:DD:11:66:B0
ValidityTue, 21 Nov 2023 08:57:57 GMT - Sun, 22 Dec 2024 08:57:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /adlook/cm?user_id=409d949b9b9c4c14951ec8dd1ad27f27 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:39:49 GMT
Content-Length: 0
Connection: keep-alive
Location: /adlook/cm?user_id=409d949b9b9c4c14951ec8dd1ad27f27&pupa=1
Set-Cookie: pupa=548d2ba2-418d-ad83-7f12-edb7429bd191; domain=.bidderstack.com; path=/; expires=Sun, 04-May-2025 18:39:49 GMT;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

pbs.alfasense.com/yandex/auction

23.111.115.84

0 B

URL POST
pbs.alfasense.com/yandex/auction
IP
23.111.115.84:0
ASN
#39134 Edinaya Set Limited Liability Company

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /yandex/auction HTTP/1.1
Host: pbs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
content-type: text/plain
Content-Length: 270
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Cookie: uuid=d6151ccc-3fbe-44d4-9e13-22bc107eb806
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Date: Sat, 04 May 2024 18:39:49 GMT
Connection: keep-alive
server: adx
x-error: empty candidates
Access-Control-Allow-Origin: https://exclusive-works.ru
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.115.84
Content-type: text/xml

dsp.tigra.dev/bid/vast-container?ssp=57

5.227.125.249

619 B

URL
dsp.tigra.dev/bid/vast-container?ssp=57
IP
5.227.125.249:0
ASN
#39001 MTS PJSC

File type
XML 1.0 document, ASCII text
Size
619 B (619 bytes)
Hash
1f17b17f803927e610e73364cd5e5996
483afe5c543a070d7cf634f286b585a9967f1040
0cc39c60f2dd185ff1e403e43a4cb5639325838244921688e18a7e07a262a10b

HTTP Headers

GET /bid/vast-container?ssp=57 HTTP/1.1
Host: dsp.tigra.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:39:49 GMT
content-type: application/xml
content-length: 619
access-control-allow-credentials: true
access-control-allow-origin: https://exclusive-works.ru
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

utraff.com/vpaid/seJ3zN0PF6IRqC7-T5B3ZYAWkO1_y_w6KQT6t_Q9OHY.xml

172.67.74.180

579 B

URL
utraff.com/vpaid/seJ3zN0PF6IRqC7-T5B3ZYAWkO1_y_w6KQT6t_Q9OHY.xml
IP
172.67.74.180:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
579 B (579 bytes)
Hash
b3b59556415079f2ad5c46f1718d8672
db4514f00b27a6b5f2055718526a1e57f3b5c69f
249dee3a72be8eea03c6e14457a04e04be91cdc887db1a766a1a8bbd3514a5d0

HTTP Headers

GET /vpaid/seJ3zN0PF6IRqC7-T5B3ZYAWkO1_y_w6KQT6t_Q9OHY.xml HTTP/1.1
Host: utraff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:39:48 GMT
content-type: text/xml
last-modified: Fri, 03 May 2024 19:56:08 GMT
etag: W/"66354158-3ff"
access-control-allow-origin: https://exclusive-works.ru
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Srz795AyyBn61elDlgr%2Bblr7JWPIqry0oKanYLdrCwHuE7gEW2%2FgU8kWysmLXq6WpyT1WzcYtU314Do50XrJgFTMj0kThQzS%2BkiSb%2Bw4aFnjZ35PixTy%2FE1tv4s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea9d9849be5696-OSL
content-encoding: br
X-Firefox-Spdy: h2

ssp.hybrid.ai/auction/prebid

37.230.131.17

204 No Content

0 B

URL OPTIONS HTTP/2
ssp.hybrid.ai/auction/prebid
IP
37.230.131.17:443
ASN
#200197 Hybrid Adtech Sp.z.o.o.

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerSectigo Limited
Subject*.hybrid.ai
Fingerprint40:F9:88:C5:EF:2B:26:9C:61:DC:CC:ED:B1:67:03:F4:E2:CC:B7:C8
ValidityThu, 14 Sep 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /auction/prebid HTTP/1.1
Host: ssp.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
content-type: application/json
Content-Length: 353
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 04 May 2024 18:39:50 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://exclusive-works.ru
set-cookie: vid=ab50f70f2972c179694d; expires=Sun, 04 May 2025 18:39:51 GMT; domain=hybrid.ai; secure; samesite=none
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server: Hybrid Web Server
X-Firefox-Spdy: h2

cs.agency2.ru/p?ssp=ai&skipme=d6151ccc-3fbe-44d4-9e13-22bc107eb806

23.111.107.44

0 B

URL
cs.agency2.ru/p?ssp=ai&skipme=d6151ccc-3fbe-44d4-9e13-22bc107eb806
IP
23.111.107.44:0
ASN
#39134 Edinaya Set Limited Liability Company

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=ai&skipme=d6151ccc-3fbe-44d4-9e13-22bc107eb806 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Sat, 04 May 2024 18:39:50 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://x01.aidata.io/0.gif?pid=7140034&id=0b5c3f0f-0c02-4b46-b8fc-71c0bd1849bb
Set-Cookie: uuid=0b5c3f0f-0c02-4b46-b8fc-71c0bd1849bb; expires=Fri, 25 Apr 2025 18:39:50 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44

yandex.ru/ads/adfox/390632/getCode?pp=g&ps=hmtc&p2=iiqv

77.88.55.60

200 OK

54 B

URL GET HTTP/2
yandex.ru/ads/adfox/390632/getCode?pp=g&ps=hmtc&p2=iiqv
IP
77.88.55.60:443
ASN
#13238 YANDEX LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.xn--d1acpjx3f.xn--p1ai
Fingerprint17:FB:0C:B6:3F:7F:A5:4C:41:AD:D0:5C:6B:9A:96:47:FE:AF:C8:5C
ValidityMon, 04 Mar 2024 10:29:07 GMT - Sun, 01 Sep 2024 20:59:59 GMT

File type
XML 1.0 document, ASCII text, with no line terminators
Size
54 B (54 bytes)
Hash
c8612434cadc3a081012e2144c026cea
22eb3b498ebd4cca9ab9f3fffe761d9b8392d68a
d75a5ae8cfa906a56ed852cb303f01968978daf562ad14da806f483cc35c6b6f

HTTP Headers

GET /ads/adfox/390632/getCode?pp=g&ps=hmtc&p2=iiqv HTTP/1.1
Host: yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin: https://exclusive-works.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
x-yandex-req-id: 1714847988788966-13856761930666295697-balancer-l7leveler-kubr-yp-sas-209-BAL
last-modified: Sat, 04 May 2024 18:39:48 GMT
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
date: Sat, 04 May 2024 18:39:48 GMT
set-cookie: i=K+0SoSoME5hFF2BhbZuvo2ELGd1USWx4mD7RvcH0SjCJhDi2z37UY5J+1g06wAg/OLtDKZbMA0TzApfNTeJtChVHouM=; Expires=Mon, 04-May-2026 18:39:48 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=2662956971714847988; Expires=Mon, 04-May-2026 18:39:48 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None
yashr=4370123671714847988; Path=/; Domain=.yandex.ru; Expires=Sun, 04 May 2025 18:39:48 GMT; SameSite=None; Secure; HttpOnly
receive-cookie-deprecation=1; Path=/; Domain=.yandex.ru; Expires=Sun, 04 May 2025 18:39:48 GMT; SameSite=None; Secure; HttpOnly; Partitioned
content-type: text/xml; charset=utf-8
content-disposition: attachment; filename="null"
pragma: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
expires: Sat, 04 May 2024 18:39:48 GMT
x-adfox: {"default":true, "place_id":1402350, "code_type":"regular"}
X-Firefox-Spdy: h2

cs.agency2.ru/p?ssp=al&uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806

23.111.107.44

0 B

URL
cs.agency2.ru/p?ssp=al&uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806
IP
23.111.107.44:0
ASN
#39134 Edinaya Set Limited Liability Company

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=al&uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Sat, 04 May 2024 18:39:50 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://cs.alfasense.com/p?ssp=a2&uid=19ef23e0-aea9-4b87-93a0-6cf95980ef9a
Set-Cookie: uuid=19ef23e0-aea9-4b87-93a0-6cf95980ef9a; expires=Fri, 25 Apr 2025 18:39:50 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44

match.qtarget.tech/userbind?src=alfasense&id=d6151ccc-3fbe-44d4-9e13-22bc107eb806

95.163.92.180

0 B

URL
match.qtarget.tech/userbind?src=alfasense&id=d6151ccc-3fbe-44d4-9e13-22bc107eb806
IP
95.163.92.180:0
ASN
#12695 LLC Digital Network

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userbind?src=alfasense&id=d6151ccc-3fbe-44d4-9e13-22bc107eb806 HTTP/1.1
Host: match.qtarget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Sat, 04 May 2024 18:39:50 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

exchange.buzzoola.com/cookiesync/ssp/adlook/?set_buzzoola_cookie=t&uid=409d949b9b9c4c14951ec8dd1ad27f27

49.12.83.94

200 OK

43 B

URL GET HTTP/2
exchange.buzzoola.com/cookiesync/ssp/adlook/?set_buzzoola_cookie=t&uid=409d949b9b9c4c14951ec8dd1ad27f27
IP
49.12.83.94:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /cookiesync/ssp/adlook/?set_buzzoola_cookie=t&uid=409d949b9b9c4c14951ec8dd1ad27f27 HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: uuid=8ad0d2c9-58c4-4866-67a2-429b982be014
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:39:50 GMT
content-type: image/gif
content-length: 43
serverid: TODO
X-Firefox-Spdy: h2

stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=EBpDCKE8yAn6%2F5UxaRr5f89K5jLFA3xi9SP8RwoDyDm5dlWcv1WbmTfcyhE2n96LzwmvjEagGp%2BXJir2lypSV%2FVz%2BSyDRc0mqs388jY9CGOmdq%2F1%2FbHtpoxvGBGCSDFIUz8a5gkIilpQ1ROmohK5xkZ5JUocl6jXOMjPK98ZUGoupBOouXp0Y8bPGwI4j1tNjrcZ4g%3D%3D&r=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&eo=&cb=171484798941175723&_adlk_ts=171484798941175723

5.101.76.186

200 OK

1.4 kB

URL GET HTTP/2
stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=EBpDCKE8yAn6%2F5UxaRr5f89K5jLFA3xi9SP8RwoDyDm5dlWcv1WbmTfcyhE2n96LzwmvjEagGp%2BXJir2lypSV%2FVz%2BSyDRc0mqs388jY9CGOmdq%2F1%2FbHtpoxvGBGCSDFIUz8a5gkIilpQ1ROmohK5xkZ5JUocl6jXOMjPK98ZUGoupBOouXp0Y8bPGwI4j1tNjrcZ4g%3D%3D&r=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&eo=&cb=171484798941175723&_adlk_ts=171484798941175723
IP
5.101.76.186:443
ASN
#48096 Enterprise Cloud Ltd.

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT

File type
data
Size
1.4 kB (1437 bytes)
Hash
f3e8712df0aabdb39d85d9e5514181f1
be0d47863b751b5bd95861174a09fcc6f307b6f4
ca70bd6ba3f8c2625ec1a529eb9cb2498484e1eb0d92867f4a270790e46acce7

HTTP Headers

GET /reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=EBpDCKE8yAn6%2F5UxaRr5f89K5jLFA3xi9SP8RwoDyDm5dlWcv1WbmTfcyhE2n96LzwmvjEagGp%2BXJir2lypSV%2FVz%2BSyDRc0mqs388jY9CGOmdq%2F1%2FbHtpoxvGBGCSDFIUz8a5gkIilpQ1ROmohK5xkZ5JUocl6jXOMjPK98ZUGoupBOouXp0Y8bPGwI4j1tNjrcZ4g%3D%3D&r=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&eo=&cb=171484798941175723&_adlk_ts=171484798941175723 HTTP/1.1
Host: stat.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/10.0
date: Sat, 04 May 2024 18:39:49 GMT
X-Firefox-Spdy: h2

cs.alfasense.com/p?ssp=kd&uid=RzPsfyQLpYD9OjJLTPfE

23.111.100.20

35 B

URL
cs.alfasense.com/p?ssp=kd&uid=RzPsfyQLpYD9OjJLTPfE
IP
23.111.100.20:0
ASN
#39134 Edinaya Set Limited Liability Company

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /p?ssp=kd&uid=RzPsfyQLpYD9OjJLTPfE HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: uuid=d6151ccc-3fbe-44d4-9e13-22bc107eb806
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 18:39:50 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes

ads.adlook.me/csync?pid=alab&uid=e60082d7-f712-4990-85a0-4cadfb917038

78.140.242.106

43 B

URL
ads.adlook.me/csync?pid=alab&uid=e60082d7-f712-4990-85a0-4cadfb917038
IP
78.140.242.106:0
ASN
#209974 Itglobalcom Rus LLC

File type
ASCII text, with no line terminators
Size
43 B (43 bytes)
Hash
8a8302202b6d374f311f278f7144ff34
d9708fef0fe09af5a3ee20b51e4aa991499b3dc4
ae2c4104f94e047e99c2b512b850a657e6be9f9ef8513595738ee0cae825c92b

HTTP Headers

GET /csync?pid=alab&uid=e60082d7-f712-4990-85a0-4cadfb917038 HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: adlm_userId=409d949b9b9c4c14951ec8dd1ad27f27
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=409d949b9b9c4c14951ec8dd1ad27f27; expires=Sat, 03 May 2025 21:00:00 GMT; path=/; SameSite=None; secure; samesite=none
adlk_cmatch=alab%3Ae60082d7-f712-4990-85a0-4cadfb917038; expires=Fri, 31 Dec 9999 20:59:59 GMT; path=/; SameSite=None; secure; samesite=none
date: Sat, 04 May 2024 18:39:49 GMT
content-length: 43
X-Firefox-Spdy: h2

www.acint.net/rmatch?r=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dsp%26uid%3D$%7BUSER_ID%7D&dp=185&tc=1&euid=d6151ccc-3fbe-44d4-9e13-22bc107eb806

193.3.184.16

302 Found

154 B

URL GET HTTP/2
www.acint.net/rmatch?r=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dsp%26uid%3D$%7BUSER_ID%7D&dp=185&tc=1&euid=d6151ccc-3fbe-44d4-9e13-22bc107eb806
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?r=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dsp%26uid%3D$%7BUSER_ID%7D&dp=185&tc=1&euid=d6151ccc-3fbe-44d4-9e13-22bc107eb806 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:39:50 GMT
content-type: text/html
content-length: 154
location: https://cs.alfasense.com/p?ssp=sp&uid=0800007FF5803666CC346C3B023A0904
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sync.upravel.com/alfadart/sync?uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806&session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9leGNsdXNpdmUtd29ya3MucnUvIl19fQ

195.201.193.230

0 B

URL
sync.upravel.com/alfadart/sync?uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806&session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9leGNsdXNpdmUtd29ya3MucnUvIl19fQ
IP
195.201.193.230:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /alfadart/sync?uid=d6151ccc-3fbe-44d4-9e13-22bc107eb806&session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9leGNsdXNpdmUtd29ya3MucnUvIl19fQ HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: session_tptc=1714847989788
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 18:39:50 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=6ba44ca9-6f74-425b-94c4-ebe04fdbf3b2;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=6ba44ca9-6f74-425b-94c4-ebe04fdbf3b2;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://cs.alfasense.com/p?ssp=up&id=6ba44ca9-6f74-425b-94c4-ebe04fdbf3b2
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

sync.dmp.otm-r.com/match/adlook?id=409d949b9b9c4c14951ec8dd1ad27f27&otcm_check=1714847989

138.201.65.74

95 B

URL
sync.dmp.otm-r.com/match/adlook?id=409d949b9b9c4c14951ec8dd1ad27f27&otcm_check=1714847989
IP
138.201.65.74:0
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerGlobalSign nv-sa
Subject*.dmp.otm-r.com
FingerprintC6:A2:9D:82:0D:D1:C1:2D:A4:ED:7F:05:13:52:5B:94:6B:10:58:D6
ValidityMon, 19 Jun 2023 10:50:51 GMT - Sat, 20 Jul 2024 10:50:50 GMT

File type
HTML document, ASCII text
Size
95 B (95 bytes)
Hash
68b94bc819ebef268d0e0a5a23403c0d
c86417624737dc61cae3f6ea75459804c3c2faaf
99cfd14874d415248aa1227534e27a50b7e7c1d83161bf32972416c3ba4f325b

HTTP Headers

GET /match/adlook?id=409d949b9b9c4c14951ec8dd1ad27f27&otcm_check=1714847989 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: mpid=NjYzNjgwZjUwNzI0NGY3Yw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx/1.17.4
date: Sat, 04 May 2024 18:39:50 GMT
content-type: text/html; charset=utf-8
content-length: 95
access-control-allow-origin: *
location: https://ads.adlook.me/csync?pid=otm&uid=NjYzNjgwZjUwNzI0NGY3Yw%3D%3D
set-cookie: mpid=NjYzNjgwZjUwNzI0NGY3Yw==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2

cs.alfasense.com/p?ssp=tg&redir=0&id=

23.111.100.20

301 Moved Permanently

0 B

URL GET HTTP/1.1
cs.alfasense.com/p?ssp=tg&redir=0&id=
IP
23.111.100.20:443
ASN
#39134 Edinaya Set Limited Liability Company

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.alfasense.com
FingerprintCB:9E:EC:1E:29:96:7E:71:55:EA:3F:33:4D:45:A2:7D:8D:4B:D9:DE
ValidityWed, 27 Dec 2023 23:14:58 GMT - Mon, 27 Jan 2025 23:14:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=tg&redir=0&id= HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: uuid=d6151ccc-3fbe-44d4-9e13-22bc107eb806
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Sat, 04 May 2024 18:39:50 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://acint.net/cmatch/?dp=14&pi=1647232&skip_it=d6151ccc-3fbe-44d4-9e13-22bc107eb806
Set-Cookie: wist_ps=; expires=Fri, 25 Apr 2025 18:39:50 GMT; domain=alfasense.com; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20

utraff.com/vpaidp/bundle.a6561a4c.js

172.67.74.180

44 kB

URL
utraff.com/vpaidp/bundle.a6561a4c.js
IP
172.67.74.180:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (33536), with NEL line terminators
Size
44 kB (43755 bytes)
Hash
e6c94513cbc784798fd9cad7884d5aff
ae161b767c4fe6d9cefdacd5f187d9c09ea5a8ee
672dd32300b495e953e995816ff29c33a975c0cb2ca675ad221a682228300ac6

HTTP Headers

GET /vpaidp/bundle.a6561a4c.js HTTP/1.1
Host: utraff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Cookie: preutid=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:39:49 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 16:33:04 GMT
etag: W/"662bd740-223c9"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-cache-status: HIT
age: 5507
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eQfga3vwFv2uXUs0KY9EL6BjyPgP1YTQicfdZw%2BRA375Un%2F%2BdyC%2Fl5nVNBOjNFV8SYsmgAOBpsO%2FGFzS5chKDNHhynyFqGDa0ptCFvz%2BvtU3gZOoCyudkXfRAT0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea9da148a25696-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn-rtb.sape.ru/rtb-b/vast/532/863532.xml

185.12.127.124

200 OK

634 B

URL GET HTTP/2
cdn-rtb.sape.ru/rtb-b/vast/532/863532.xml
IP
185.12.127.124:443
ASN
#50214 QWARTA LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subject*.sape.ru
Fingerprint73:95:22:E3:B6:12:3E:90:3A:10:10:DC:38:ED:28:2D:82:7B:EB:E2
ValidityWed, 10 Apr 2024 03:20:28 GMT - Tue, 09 Jul 2024 03:20:27 GMT

File type
gzip compressed data, max speed, from Unix
Size
634 B (634 bytes)
Hash
6e0a453f874be24da7c7954297bb7ab2
0fe93cebd06cf2b76e310f20fa8afcdc6b288f56
6780505e022bde3702b6be9476c1a450722303215a28609bcbdadd2f4123a929

HTTP Headers

GET /rtb-b/vast/532/863532.xml HTTP/1.1
Host: cdn-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:39:49 GMT
content-type: text/xml; charset=UTF-8
content-security-policy: block-all-mixed-content
etag: W/"9b12512f6a5956d8cffa4d5aaf5a7feb"
last-modified: Tue, 30 Apr 2024 02:07:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 17CAECDD55B3C676
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
expires: Sat, 04 May 2024 19:39:49 GMT
cache-control: max-age=3600
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://exclusive-works.ru
x-cache-status: HIT
X-Firefox-Spdy: h2

sync.dsp.solta.io/match/kimberlite?id=ZjaA9CMIf94

217.199.220.73

43 B

URL
sync.dsp.solta.io/match/kimberlite?id=ZjaA9CMIf94
IP
217.199.220.73:0
ASN
#61400 Start LLC

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /match/kimberlite?id=ZjaA9CMIf94 HTTP/1.1
Host: sync.dsp.solta.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:39:50 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

cs.alfasense.com/p?ssp=al&id=cf196db8-fb09-484b-9e19-189f88f6970f

23.111.100.20

200 OK

35 B

URL GET HTTP/1.1
cs.alfasense.com/p?ssp=al&id=cf196db8-fb09-484b-9e19-189f88f6970f
IP
23.111.100.20:443
ASN
#39134 Edinaya Set Limited Liability Company

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.alfasense.com
FingerprintCB:9E:EC:1E:29:96:7E:71:55:EA:3F:33:4D:45:A2:7D:8D:4B:D9:DE
ValidityWed, 27 Dec 2023 23:14:58 GMT - Mon, 27 Jan 2025 23:14:57 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /p?ssp=al&id=cf196db8-fb09-484b-9e19-189f88f6970f HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: uuid=d6151ccc-3fbe-44d4-9e13-22bc107eb806
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 18:39:50 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes

s.alfasrv.com/events/1x1.png?s=121917&a=fallback&k1=1&k2=1&e=i&t=p&c=0

130.193.42.23

200 OK

95 B

URL GET HTTP/2
s.alfasrv.com/events/1x1.png?s=121917&a=fallback&k1=1&k2=1&e=i&t=p&c=0
IP
130.193.42.23:443
ASN
#200350 Yandex.Cloud LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.alfasrv.com
Fingerprint4B:8A:22:65:23:10:74:25:5D:40:3B:78:20:8D:F8:82:A4:50:44:90
ValidityTue, 10 Oct 2023 09:20:49 GMT - Sun, 10 Nov 2024 09:20:48 GMT

File type
PNG image data, 1 x 1, 1-bit colormap, non-interlaced
Size
95 B (95 bytes)
Hash
9591c410148e6883727c5339fd1c02cd
3442a95fe890ce4769b36b2ecc611b801a54cfb5
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

HTTP Headers

GET /events/1x1.png?s=121917&a=fallback&k1=1&k2=1&e=i&t=p&c=0 HTTP/1.1
Host: s.alfasrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 04 May 2024 18:39:50 GMT
content-type: image/png
content-length: 95
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Original-Referer
access-control-allow-credentials: true
cache-control: no-cache,no-store
expires: Tue, 01 Jan 1980 1:00:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

v.alfasrv.com/stats/2x2.png?s=121917&a=fallback&k1=1&k2=1&e=i&t=p&c=0

84.201.179.252

95 B

URL
v.alfasrv.com/stats/2x2.png?s=121917&a=fallback&k1=1&k2=1&e=i&t=p&c=0
IP
84.201.179.252:0
ASN
#200350 Yandex.Cloud LLC

File type
PNG image data, 1 x 1, 1-bit colormap, non-interlaced
Size
95 B (95 bytes)
Hash
9591c410148e6883727c5339fd1c02cd
3442a95fe890ce4769b36b2ecc611b801a54cfb5
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

HTTP Headers

GET /stats/2x2.png?s=121917&a=fallback&k1=1&k2=1&e=i&t=p&c=0 HTTP/1.1
Host: v.alfasrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 04 May 2024 18:39:50 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
Last-Modified: Saturday, 04-May-2024 18:39:50 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Accept-Ranges: bytes

ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fads.adlook.me%252Fcsync%253Fpid%253Dsape%2526uid%253D$%257BUSER_ID%257D&dp=14

193.3.184.25

302 Moved Temporarily

142 B

URL GET HTTP/1.1
ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fads.adlook.me%252Fcsync%253Fpid%253Dsape%2526uid%253D$%257BUSER_ID%257D&dp=14
IP
193.3.184.25:443
ASN
#50214 QWARTA LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subject*.sape.ru
Fingerprint73:95:22:E3:B6:12:3E:90:3A:10:10:DC:38:ED:28:2D:82:7B:EB:E2
ValidityWed, 10 Apr 2024 03:20:28 GMT - Tue, 09 Jul 2024 03:20:27 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fads.adlook.me%252Fcsync%253Fpid%253Dsape%2526uid%253D$%257BUSER_ID%257D&dp=14 HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: sspuid=CkIDPWY2gPUQpwAkIZCSAtwObK2VDTfOUuJ95155S8M/WBWo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sat, 04 May 2024 18:39:50 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/rmatch?dp=14&euid=3D03420AF58036662400A71002929021&r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D$%7BUSER_ID%7D
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0

cs.alfasense.com/p?ssp=a2&uid=19ef23e0-aea9-4b87-93a0-6cf95980ef9a

23.111.100.20

200 OK

35 B

URL GET HTTP/1.1
cs.alfasense.com/p?ssp=a2&uid=19ef23e0-aea9-4b87-93a0-6cf95980ef9a
IP
23.111.100.20:443
ASN
#39134 Edinaya Set Limited Liability Company

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.alfasense.com
FingerprintCB:9E:EC:1E:29:96:7E:71:55:EA:3F:33:4D:45:A2:7D:8D:4B:D9:DE
ValidityWed, 27 Dec 2023 23:14:58 GMT - Mon, 27 Jan 2025 23:14:57 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /p?ssp=a2&uid=19ef23e0-aea9-4b87-93a0-6cf95980ef9a HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: uuid=d6151ccc-3fbe-44d4-9e13-22bc107eb806; wist_ps=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 18:39:50 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes

sync.bumlam.com/?src=adlook&s_data=CAIQAhj1gdqxBmIgNDA5ZDk0OWI5YjljNGMxNDk1MWVjOGRkMWFkMjdmMjeiARCwPlPcCkUR74bgACWQwGR8

31.172.81.158

43 B

URL
sync.bumlam.com/?src=adlook&s_data=CAIQAhj1gdqxBmIgNDA5ZDk0OWI5YjljNGMxNDk1MWVjOGRkMWFkMjdmMjeiARCwPlPcCkUR74bgACWQwGR8
IP
31.172.81.158:0
ASN
#44066 firstcolo GmbH

Certificate
IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint9F:E0:4A:B3:57:B0:3C:3E:13:7F:9F:FF:82:A2:91:87:45:9F:A4:7F
ValidityThu, 28 Mar 2024 09:09:43 GMT - Wed, 26 Jun 2024 09:09:42 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /?src=adlook&s_data=CAIQAhj1gdqxBmIgNDA5ZDk0OWI5YjljNGMxNDk1MWVjOGRkMWFkMjdmMjeiARCwPlPcCkUR74bgACWQwGR8 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiRiMDNlNTNkYy0wYTQ1LTExZWYtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 18:39:50 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
Set-Cookie: suuid3=IiRiMDNlNTNkYy0wYTQ1LTExZWYtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Fri, 29 Apr 2044 18:39:50 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://exclusive-works.ru
Access-Control-Allow-Credentials: true

acint.net/cmatch/?dp=14&pi=1647232&skip_it=d6151ccc-3fbe-44d4-9e13-22bc107eb806

193.3.184.16

302 Found

154 B

URL GET HTTP/2
acint.net/cmatch/?dp=14&pi=1647232&skip_it=d6151ccc-3fbe-44d4-9e13-22bc107eb806
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /cmatch/?dp=14&pi=1647232&skip_it=d6151ccc-3fbe-44d4-9e13-22bc107eb806 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:39:50 GMT
content-type: text/html
content-length: 154
location: https://sape-sync.rutarget.ru/sync
set-cookie: cSyncDp104v2=1714847990; expires=Sat, 18-May-24 18:39:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

cs.alfasense.com/p?ssp=up&id=6ba44ca9-6f74-425b-94c4-ebe04fdbf3b2

23.111.100.20

200 OK

35 B

URL GET HTTP/1.1
cs.alfasense.com/p?ssp=up&id=6ba44ca9-6f74-425b-94c4-ebe04fdbf3b2
IP
23.111.100.20:443
ASN
#39134 Edinaya Set Limited Liability Company

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.alfasense.com
FingerprintCB:9E:EC:1E:29:96:7E:71:55:EA:3F:33:4D:45:A2:7D:8D:4B:D9:DE
ValidityWed, 27 Dec 2023 23:14:58 GMT - Mon, 27 Jan 2025 23:14:57 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /p?ssp=up&id=6ba44ca9-6f74-425b-94c4-ebe04fdbf3b2 HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: uuid=d6151ccc-3fbe-44d4-9e13-22bc107eb806; wist_ps=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 18:39:50 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes

ads.alfasense.net/adserver/www/delivery/asyncjs.php

136.144.31.29

4.5 kB

URL
ads.alfasense.net/adserver/www/delivery/asyncjs.php
IP
136.144.31.29:0
ASN
#52000 MIRhosting B.V.

File type
JavaScript source, ASCII text, with very long lines (4494), with no line terminators
Size
4.5 kB (4494 bytes)
Hash
dd873c13c2da605d977bd366f44b5c12
a80b609b3428a420098708583276de8a3638bfb2
10d8b3e7122cc9166f8c6b8c192e2564a579e0ced37c67cb26fa069a4ad0c315

HTTP Headers

GET /adserver/www/delivery/asyncjs.php HTTP/1.1
Host: ads.alfasense.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:39:50 GMT
content-type: text/javascript;charset=UTF-8
etag: 1079f85a6f7f7d83640b17a26d3394d5
expire: Sat, 04 May 2024 19:39:50 GMT
cache-control: private, max-age=3600
p3p: CP="CUR ADM OUR NOR STA NID"
content-security-policy: frame-ancestors 'self';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
set-cookie: SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

acint.net/rmatch?dp=14&euid=3D03420AF58036662400A71002929021&r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D$%7BUSER_ID%7D

193.3.184.16

154 B

URL
acint.net/rmatch?dp=14&euid=3D03420AF58036662400A71002929021&r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D$%7BUSER_ID%7D
IP
193.3.184.16:0
ASN
#50214 QWARTA LLC

Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=14&euid=3D03420AF58036662400A71002929021&r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D$%7BUSER_ID%7D HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:39:50 GMT
content-type: text/html
content-length: 154
location: https://ads.adlook.me/csync?pid=sape&uid=0800007FF5803666CC346C3B023A0904
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

cs.alfasense.com/p?ssp=sp&uid=0800007FF5803666CC346C3B023A0904

23.111.100.20

200 OK

35 B

URL GET HTTP/1.1
cs.alfasense.com/p?ssp=sp&uid=0800007FF5803666CC346C3B023A0904
IP
23.111.100.20:443
ASN
#39134 Edinaya Set Limited Liability Company

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.alfasense.com
FingerprintCB:9E:EC:1E:29:96:7E:71:55:EA:3F:33:4D:45:A2:7D:8D:4B:D9:DE
ValidityWed, 27 Dec 2023 23:14:58 GMT - Mon, 27 Jan 2025 23:14:57 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /p?ssp=sp&uid=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: uuid=d6151ccc-3fbe-44d4-9e13-22bc107eb806; wist_ps=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 18:39:50 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes

cs.alfasense.com/p?ssp=ot&id=NjYzNjgwZjUwNzI0NGY3Yw%3D%3D

23.111.100.20

200 OK

35 B

URL GET HTTP/1.1
cs.alfasense.com/p?ssp=ot&id=NjYzNjgwZjUwNzI0NGY3Yw%3D%3D
IP
23.111.100.20:443
ASN
#39134 Edinaya Set Limited Liability Company

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.alfasense.com
FingerprintCB:9E:EC:1E:29:96:7E:71:55:EA:3F:33:4D:45:A2:7D:8D:4B:D9:DE
ValidityWed, 27 Dec 2023 23:14:58 GMT - Mon, 27 Jan 2025 23:14:57 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /p?ssp=ot&id=NjYzNjgwZjUwNzI0NGY3Yw%3D%3D HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: uuid=d6151ccc-3fbe-44d4-9e13-22bc107eb806; wist_ps=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 18:39:50 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes

ads.alfasense.net/adserver/www/images/93e6032137695635299ea12513020a22.jpg

136.144.31.29

7.7 kB

URL
ads.alfasense.net/adserver/www/images/93e6032137695635299ea12513020a22.jpg
IP
136.144.31.29:0
ASN
#52000 MIRhosting B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 970x90, components 3
Size
7.7 kB (7670 bytes)
Hash
93e6032137695635299ea12513020a22
e43e9222c40653b13cdb132307004cb6305a28ca
c6ce19626b346128489e909bc7104e3bb42a2b6f3f8fa84c7f1d727301aceb33

HTTP Headers

GET /adserver/www/images/93e6032137695635299ea12513020a22.jpg HTTP/1.1
Host: ads.alfasense.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Cookie: OAID=01000111010001000101000001010010
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:39:50 GMT
content-type: image/jpeg
content-length: 7670
last-modified: Tue, 18 Jul 2023 14:37:17 GMT
etag: "64b6a39d-1df6"
content-security-policy: frame-ancestors 'self';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
accept-ranges: bytes
set-cookie: SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

ads.adlook.me/csync?pid=sape&uid=0800007FF5803666CC346C3B023A0904

78.140.242.106

43 B

URL
ads.adlook.me/csync?pid=sape&uid=0800007FF5803666CC346C3B023A0904
IP
78.140.242.106:0
ASN
#209974 Itglobalcom Rus LLC

File type
ASCII text, with no line terminators
Size
43 B (43 bytes)
Hash
8a8302202b6d374f311f278f7144ff34
d9708fef0fe09af5a3ee20b51e4aa991499b3dc4
ae2c4104f94e047e99c2b512b850a657e6be9f9ef8513595738ee0cae825c92b

HTTP Headers

GET /csync?pid=sape&uid=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: adlm_userId=409d949b9b9c4c14951ec8dd1ad27f27; adlk_cmatch=alab%3Ae60082d7-f712-4990-85a0-4cadfb917038%2Cotm%3ANjYzNjgwZjUwNzI0NGY3Yw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=409d949b9b9c4c14951ec8dd1ad27f27; expires=Sat, 03 May 2025 21:00:00 GMT; path=/; SameSite=None; secure; samesite=none
adlk_cmatch=alab%3Ae60082d7-f712-4990-85a0-4cadfb917038%2Cotm%3ANjYzNjgwZjUwNzI0NGY3Yw%3D%3D%2Csape%3A0800007FF5803666CC346C3B023A0904; expires=Fri, 31 Dec 9999 20:59:59 GMT; path=/; SameSite=None; secure; samesite=none
date: Sat, 04 May 2024 18:39:50 GMT
content-length: 43
X-Firefox-Spdy: h2

cs.alfasense.com/p?ssp=bv&uid=jbp52za189

23.111.100.20

200 OK

35 B

URL GET HTTP/1.1
cs.alfasense.com/p?ssp=bv&uid=jbp52za189
IP
23.111.100.20:443
ASN
#39134 Edinaya Set Limited Liability Company

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.alfasense.com
FingerprintCB:9E:EC:1E:29:96:7E:71:55:EA:3F:33:4D:45:A2:7D:8D:4B:D9:DE
ValidityWed, 27 Dec 2023 23:14:58 GMT - Mon, 27 Jan 2025 23:14:57 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /p?ssp=bv&uid=jbp52za189 HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: uuid=d6151ccc-3fbe-44d4-9e13-22bc107eb806; wist_ps=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 18:39:50 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes

nr.bidderstack.com/adlook/cm?user_id=409d949b9b9c4c14951ec8dd1ad27f27&pupa=1

116.202.32.25

0 B

URL
nr.bidderstack.com/adlook/cm?user_id=409d949b9b9c4c14951ec8dd1ad27f27&pupa=1
IP
116.202.32.25:0
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerGoDaddy.com, Inc.
Subject*.bidderstack.com
Fingerprint7A:83:29:BF:37:01:78:02:DF:C1:07:D8:A2:10:AB:0A:DD:11:66:B0
ValidityTue, 21 Nov 2023 08:57:57 GMT - Sun, 22 Dec 2024 08:57:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /adlook/cm?user_id=409d949b9b9c4c14951ec8dd1ad27f27&pupa=1 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:39:55 GMT
Content-Length: 0
Connection: keep-alive
Location: https://exchange.buzzoola.com/cookiesync/dsp/hyperadx-video?uid=506c5f18-d671-3bfa-5009-4241bf0e8a4c
Set-Cookie: pupa=506c5f18-d671-3bfa-5009-4241bf0e8a4c; domain=.bidderstack.com; path=/; expires=Sun, 04-May-2025 18:39:55 GMT;
csorigin2=3; domain=.bidderstack.com; path=/; expires=Sat, 04-May-2024 18:44:55 GMT;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

exchange.buzzoola.com/cookiesync/dsp/hyperadx-video?uid=506c5f18-d671-3bfa-5009-4241bf0e8a4c

49.12.83.94

43 B

URL
exchange.buzzoola.com/cookiesync/dsp/hyperadx-video?uid=506c5f18-d671-3bfa-5009-4241bf0e8a4c
IP
49.12.83.94:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /cookiesync/dsp/hyperadx-video?uid=506c5f18-d671-3bfa-5009-4241bf0e8a4c HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: uuid=8ad0d2c9-58c4-4866-67a2-429b982be014
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:39:55 GMT
content-type: image/gif
content-length: 43
set-cookie: uuid=; Path=/; Domain=exchange.buzzoola.com; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; Secure; SameSite=None
uuid=8ad0d2c9-58c4-4866-67a2-429b982be014; Path=/; Domain=buzzoola.com; Expires=Mon, 03 Jun 2024 18:39:55 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2

tube.buzzoola.com/build/buzzlibrary.js

151.236.127.161

87 kB

URL
tube.buzzoola.com/build/buzzlibrary.js
IP
151.236.127.161:0
ASN
#204720 Global Cloud Network LLC

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
87 kB (86974 bytes)
Hash
b1ea8e9ab1196af7c0ac520619a770f7
8eca3a3da819940a51bfbdf906d0b9e57b74e627
2e4c934c77103525ecf5d20c8d714aa6e3b4b947525b3d6731c076cc9fa665b4

HTTP Headers

GET /build/buzzlibrary.js HTTP/1.1
Host: tube.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Cookie: uuid=8ad0d2c9-58c4-4866-67a2-429b982be014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:40:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 05 Apr 2024 09:35:03 GMT
expires: Sat, 04 May 2024 19:00:00 GMT
content-encoding: gzip
x-cdn-edge-cache: HIT
x-cdn-edge-id: 119
x-cdn-request-id: 4192d6611f06c3e8c4e1d839d6d0e56b
X-Firefox-Spdy: h2

tube.buzzoola.com/build/buzzlibrary_extra.buzzplayer_placement_submodules.js

151.236.127.161

101 kB

URL
tube.buzzoola.com/build/buzzlibrary_extra.buzzplayer_placement_submodules.js
IP
151.236.127.161:0
ASN
#204720 Global Cloud Network LLC

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65491), with no line terminators
Size
101 kB (101185 bytes)
Hash
8c8818e04c17321d998bae602db7ee6d
4d631e02c8c35cda934efa064dddbc4c7b24cde3
77b971bd39779a98d52edd89ac6ba4b39f5826090231dcb355d8d8723819b918

HTTP Headers

GET /build/buzzlibrary_extra.buzzplayer_placement_submodules.js HTTP/1.1
Host: tube.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Cookie: uuid=8ad0d2c9-58c4-4866-67a2-429b982be014; cookiesyncs=000000000000000000000000d11342a1e431177db6c2feeab8f233b4079c93d329917ce72ea5101fed78ea67548f2afc8bb768b6ca3d97c926e10eff37583f715c0b540845d503ef69a4b826b04829ed495157dc8bd54c6a81a4bd41d41605f4f09eb5270342d3df5fa8acf6e4d0942bb5b5974a69a750de79c6724a6915fe45a02e84b855744d49cd2075949060f4245b96fa2e328d932f5eb10feb7bed072fc7218bbaa6bd4c73e9b6690c45f560b43e6ebf4505a87600ab49b2d206bb428c556454bf4314bac4a70e6ff37c54e0e11587f42e9d5ecf196678a24635b8993fa7a82aba1b7d670e4c298fed5fe0cc805e92a30c93f6030674272fa30d0c6515a9be4bf1677bb4ea24f6e9fa08e5a83374d3337ca508c0926a4cd775e42dbb98a81ff0f6823ae420ceb65f9721edbc3a74b23396406ff5a91bfb4b58f9d897670486fecef2040b204d39c17939e9ec6c047803c015c0591e9e9c471c6ab86c57dff438ead293e560a9e0c0dd24ef1d9abd7d18300833fd0ded04aa563cded66da7776e10a30260ff643552b57c3b7a47f44677acf4cad2f60bc0dbe71b38a86a8cf4be43e0418e4623be81c62df36cbcf30856372cf84728b2d60c395c41397312868c91aa58f3f5084d4dc4ebdf8a0b1231ab44f36bb73dcb6a6ce8cdb548e1c7f3394776c2a0aa0fc4e0e9be7a49c1a7096c9590b18f9e1306e929bc1caf4eaf10c7a874a6ed1df624a2f3c1e82e5ec480ed27207ccb12e6636f0cb8b1c3439401dbaadd7e56eb5b957eb445fbafc9a913ff1cb9cd8d04f8c793e2c7ef28b34cebe4f2395ba27cad06b216a005acc5657ab7a2ad90e13f983d636ffe519fe3a0d37d572b92fe4b2a1dbf37d331ecb8d6c1188a81983ae0d94050733d805cd8e60dafe4c00dfa3df38a2cbc1cae15e1389d91fbf534b786e500c0a2f2c93ca9dd906656c389eeb730dbb6b003b36fda3269ccb69d44f6c0cf3a512f0a345f67ce75d6149f892ab76e2e8a845e4a52aca22f3f92c0617b6f3d50ba12313be8c3239649f8e19e25200e5ec4c34536ee1f4461ae12378f6c17b3a924d28c6a6d6344989f57af99deb9ee702a86c4b27fad85c6917ddf9a2a565fe95131c4b20608a3122d7760340a34e9af222587fe371061cb8cb7e44d02c52a6dc969b6506912d7d7ad20d8ddf4c0f7e7b815b7da825a827b8dfa9b1a68298064904d902ca30bbc77f9a428e5a993dc059278e8d2fb9990eaa242c2858b3806aec52420638e1344667cb594e64be7a1b43d08fddaecd87772eee0bf6e2ac17a76c9d78d88c42f8203abf71e23548d8f21624c800c706cd60148e09bc40b875ca393dd67867fa3b8e4f10e9bf2a2cc8c2830dba23b768fa31e5aca6a5bae5cc22a515123f7fd6ff0dac00e59f1809ef8907043c8b98fdbba2b88049696242177bfbc88d2a978a4d5ac5590ef0aa568c63abcf10a7ce164ef7f5a023f78098576fc32e0e2bfda61468c23794b4e6c36762c518453ad4058179c2f56a3ff5e03094801a62234b63175351e481610357c7fa327cfaa9e3f60792b7b033f9020acce25c26de6adee23f07c950d4fadad5ad170ad12064f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:40:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 05 Apr 2024 09:35:04 GMT
expires: Sat, 04 May 2024 19:00:00 GMT
content-encoding: gzip
x-cdn-edge-cache: HIT
x-cdn-edge-id: 119
x-cdn-request-id: 1208731d0f5bce4229638f158548096a
X-Firefox-Spdy: h2

tube.buzzoola.com/build/buzzlibrary_extra.buzzplayer_submodules.js

151.236.127.161

114 kB

URL
tube.buzzoola.com/build/buzzlibrary_extra.buzzplayer_submodules.js
IP
151.236.127.161:0
ASN
#204720 Global Cloud Network LLC

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65451), with no line terminators
Size
114 kB (114422 bytes)
Hash
eed0ad617be0914f005175a4cad7e7b0
d3c1079c8c543de81aac01a51bc39edb7f5a4238
15a4e70214ba72644e2d88f67ed742c07b33e80f89756367608f1e3ce8e2f51f

HTTP Headers

GET /build/buzzlibrary_extra.buzzplayer_submodules.js HTTP/1.1
Host: tube.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Cookie: uuid=8ad0d2c9-58c4-4866-67a2-429b982be014; cookiesyncs=000000000000000000000000fe1b41a9fd06491fc59ea0b7f4ac65fc619a8ed021997bf324a50453ae3db9301cdd7ea7e8bc29e5897bd1857ab5419931453c79540c400245c14f882bf0f25de70245ea4d1f058bcb8f193ac2c2bb5cd71e0df3e494b5334f0098b855afadffecd18067f4f9d5192ce23ed677cd784d6444bb1ee471dece5671454ac62e6d9dd922b47515c3b1645786942857ff4ca329b7587e9e60e5b0acbc461feeb227540eb128f66a27f72717a47c0aaa44a5d70aea13d1113418e4261fbdc3ae402cbb2e0ebfb04cc693249a5fc611676cee0779faca7ae2f968df107a60070268ccb405a3aa864391ab0494e20906606b7cec52512b70a2b94cf8293bf8a876beada75082a23475da3b7db144b1d63d118325b048c9cdfe43a8e4942fc07385e103f327fdbe3f6bb62a86447affae02f0465bb693c8224898c1c9e52078790c5fc17026e9eb75197c16dc1dce4a169c934d5925fd274ac4e527ead293e560a9e0c0dd24ef1d9abd7d18300833fd0ded04bf562ac6c169a4400340f05b3e9d7b3855a87e3b7746f95174a1eeced3b0599d8fb7562dba48d3ace81ab358c11778fdd4805bf069b4f003582f25b1076cf5a00f3c5442327d0a8fc5dff609a5a142281a9ca58be5454e70ef04a62ae66ab06865faccbf46ffcefc214e3e91fefe4196f4b7f833639cee560a9599ae8f990a1bed3ca014a15da712c8a231fbb74aef2380b399bb73339ec8aa443f71cd02e56f780fb4a6c64ec84286e09b2500bb10bf3dfd1aaef994e50ea850e797c84796cf9de9cde825e21dbaa7a77912f012a508b91ca708fd823535e8e4ecccb85ac6653036911fd1a5e284281744c9b60c480fb33dd930e1afd3cd49dbd1d464b788255b743a89128ea259eca682528c3ef6822fb712b61ca872c8d1b2aa78e8dba86cc7a6bc8f65cbc29d614bc189e3b63dccb5bd19b76e9c603d94e6d65cf8c0c33a512f0a345f67ce75d6149f892ab76e2e8a845e4a52acac2a308ed06c7e4d6e3bba1f313ff7c73b8b4ce1f19b3d2b055dcdcf467fb40f4c72af090998630aa29a64b98c676d675b9c874aaa80cebcf67b2185cdbe7ce4cfdb8a7996ca113250e65333c2ab1b0dbb0f2963713d083de3ac2d29c2f1370468f2d1e1804f0dc3376fc869b6516413dbcdaf21d8dbf486b1bba30bb3c49363e67482f8991c7134857c8d49843daa09b57dfaab24a0b492df00887cf5cff7bfc7a5c640cd83963a07aec5252d62820946677cb394a01fb7b9b7200ddd87a3811172e7ffbf6933dc7e63d5df839bcc2d8d09eeaa4e6e41909428634fb7471b6cdb014cff9fdc168245b396c56c8d7caab4e7b84482e6a0c5963d72e9e376128dac1847c86b5bae5dcf2b5d4b21f6fd69f09c865849ea968de6a33628c8b48fdfa52f9019938f34246fb4b78bdba57bed9bb5588ff805ac7ae95ebefe0b1ae16df07f5d1b227c1c997ef221e8e0b0d02414c06a6056476537427708e051a24645159d2f56a2f25f0f134a00a62434f065202f0c5a031b6b287fa327cfaa9e3f60792b7b033f9020acce25c26de6ad999419853d83b35d67745e14518baf02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:40:02 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 05 Apr 2024 09:35:03 GMT
expires: Sat, 04 May 2024 19:00:00 GMT
content-encoding: gzip
x-cdn-edge-cache: HIT
x-cdn-edge-id: 119
x-cdn-request-id: 5c0fd3f2f4608a0076ed8fa4986d1207
X-Firefox-Spdy: h2

tube.buzzoola.com/build/style.css

151.236.127.161

34 kB

URL
tube.buzzoola.com/build/style.css
IP
151.236.127.161:0
ASN
#204720 Global Cloud Network LLC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (34117 bytes)
Hash
7047e28492e7bfbbab18714d900fd13c
1f89b952d30574a95bd766486a1a2c18298ad763
4ecb28346ec8514cfa03feb48bebe196e691228de3237602e1c53bad030bdb57

HTTP Headers

GET /build/style.css HTTP/1.1
Host: tube.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Cookie: uuid=8ad0d2c9-58c4-4866-67a2-429b982be014; cookiesyncs=000000000000000000000000d11342a1e431177db6c2feeab8f233b4079c93d329917ce72ea5101fed78ea67548f2afc8bb768b6ca3d97c926e10eff37583f715c0b540845d503ef69a4b826b04829ed495157dc8bd54c6a81a4bd41d41605f4f09eb5270342d3df5fa8acf6e4d0942bb5b5974a69a750de79c6724a6915fe45a02e84b855744d49cd2075949060f4245b96fa2e328d932f5eb10feb7bed072fc7218bbaa6bd4c73e9b6690c45f560b43e6ebf4505a87600ab49b2d206bb428c556454bf4314bac4a70e6ff37c54e0e11587f42e9d5ecf196678a24635b8993fa7a82aba1b7d670e4c298fed5fe0cc805e92a30c93f6030674272fa30d0c6515a9be4bf1677bb4ea24f6e9fa08e5a83374d3337ca508c0926a4cd775e42dbb98a81ff0f6823ae420ceb65f9721edbc3a74b23396406ff5a91bfb4b58f9d897670486fecef2040b204d39c17939e9ec6c047803c015c0591e9e9c471c6ab86c57dff438ead293e560a9e0c0dd24ef1d9abd7d18300833fd0ded04aa563cded66da7776e10a30260ff643552b57c3b7a47f44677acf4cad2f60bc0dbe71b38a86a8cf4be43e0418e4623be81c62df36cbcf30856372cf84728b2d60c395c41397312868c91aa58f3f5084d4dc4ebdf8a0b1231ab44f36bb73dcb6a6ce8cdb548e1c7f3394776c2a0aa0fc4e0e9be7a49c1a7096c9590b18f9e1306e929bc1caf4eaf10c7a874a6ed1df624a2f3c1e82e5ec480ed27207ccb12e6636f0cb8b1c3439401dbaadd7e56eb5b957eb445fbafc9a913ff1cb9cd8d04f8c793e2c7ef28b34cebe4f2395ba27cad06b216a005acc5657ab7a2ad90e13f983d636ffe519fe3a0d37d572b92fe4b2a1dbf37d331ecb8d6c1188a81983ae0d94050733d805cd8e60dafe4c00dfa3df38a2cbc1cae15e1389d91fbf534b786e500c0a2f2c93ca9dd906656c389eeb730dbb6b003b36fda3269ccb69d44f6c0cf3a512f0a345f67ce75d6149f892ab76e2e8a845e4a52aca22f3f92c0617b6f3d50ba12313be8c3239649f8e19e25200e5ec4c34536ee1f4461ae12378f6c17b3a924d28c6a6d6344989f57af99deb9ee702a86c4b27fad85c6917ddf9a2a565fe95131c4b20608a3122d7760340a34e9af222587fe371061cb8cb7e44d02c52a6dc969b6506912d7d7ad20d8ddf4c0f7e7b815b7da825a827b8dfa9b1a68298064904d902ca30bbc77f9a428e5a993dc059278e8d2fb9990eaa242c2858b3806aec52420638e1344667cb594e64be7a1b43d08fddaecd87772eee0bf6e2ac17a76c9d78d88c42f8203abf71e23548d8f21624c800c706cd60148e09bc40b875ca393dd67867fa3b8e4f10e9bf2a2cc8c2830dba23b768fa31e5aca6a5bae5cc22a515123f7fd6ff0dac00e59f1809ef8907043c8b98fdbba2b88049696242177bfbc88d2a978a4d5ac5590ef0aa568c63abcf10a7ce164ef7f5a023f78098576fc32e0e2bfda61468c23794b4e6c36762c518453ad4058179c2f56a3ff5e03094801a62234b63175351e481610357c7fa327cfaa9e3f60792b7b033f9020acce25c26de6adee23f07c950d4fadad5ad170ad12064f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:40:01 GMT
content-type: text/css
last-modified: Fri, 05 Apr 2024 09:35:03 GMT
expires: Sat, 04 May 2024 19:00:00 GMT
content-encoding: gzip
x-cdn-edge-cache: HIT
x-cdn-edge-id: 119
x-cdn-request-id: 24f79ab7ec126ae6f1d07f39c9783035
X-Firefox-Spdy: h2

www.acint.net/services/get_sspuid?callback=cid_66368105b_9069118

193.3.184.16

91 B

URL
www.acint.net/services/get_sspuid?callback=cid_66368105b_9069118
IP
193.3.184.16:0
ASN
#50214 QWARTA LLC

File type
ASCII text, with no line terminators
Size
91 B (91 bytes)
Hash
23d0cd178e44e6b7c52cda714fe92f9c
ba4de6334af56983ee652a4ff785b8c7e499e745
b25c4c2faea740a4af4e7ff0e936d067662e51a62860b539ece6705d5dc1d99d

HTTP Headers

GET /services/get_sspuid?callback=cid_66368105b_9069118 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:05 GMT
content-type: application/javascript
content-length: 91
X-Firefox-Spdy: h2

tube.buzzoola.com/build/buzzlibrary_extra.buzzplayer_submodules.js

151.236.127.161

47 kB

URL
tube.buzzoola.com/build/buzzlibrary_extra.buzzplayer_submodules.js
IP
151.236.127.161:0
ASN
#204720 Global Cloud Network LLC

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65451), with no line terminators
Size
47 kB (47418 bytes)
Hash
0a98fd74f92c716058b6d42646b32b87
551608328bd19fd80f007ebcd5fdfa401c52e273
7384e22d40b61b782303855a876fcd64251738b36cdbc6c4dcf8bcf9c9d50e6e

HTTP Headers

GET /build/buzzlibrary_extra.buzzplayer_submodules.js HTTP/1.1
Host: tube.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Cookie: uuid=8ad0d2c9-58c4-4866-67a2-429b982be014; cookiesyncs=000000000000000000000000c81756b5eb0b4032d2c0f1eca5f032b4079d9ed2258b7ee62ea31059af24f469428022e9b4e603b6c73d93d622f913fa2e483a695700570149d64a8577b2be15b15a12801a0610b88dc54e6f9ea0a451d0030ff3e995b8244c0d82bc54e9ebb6a485cf7eecce95437ba65ad067cf7d52605dab1af17bd9d75d7c46058e6035c1c124a53d19c6ac7a64c6ff285aff48bc2daf457b8770e0a8a7b74516e2b16e050ba622ea6e37d94318ab7e08ac5db8d212f717c5003d1aed2c1cb2cfeb7832b92515acbd7ee6a97ace0c98403617ec0f66facc6efef167c11974750f462791e450f8c5c809c6f959d2ae54521b6975fe535b256eabb654f1616fa8e22be8e0f41dedec6633875f7ba146b4c939089321a542ced4f54eababd865872b8fe50bc97aafe7596bbf35864363e2aa17ec4e55a59bca2d42dda89eb92e5871196880287aaabc17067111c11fce471791844e543ff9260c9aa86e89d9d2b623efa68c8170a07b9ca07e10380f27f70df948fc137991893bf01b6914ed5a2bbb2c7706fc3459684bfe4c76a1e3cfdea75a9095b3576bf80584fcb50fa510c11964f2dc9352af35efac675e3f27b41868ecb00b295e452b76078c8a85a059eab843181289b0c7d7040314ed0ba037e46bb06864f7cdb35cfdcffc274e78d7a8ee4696a9b6dd71089ce3560e8a9db6929c130be824ab1fa254ab1181fc28e8b14afe32b8f5f2bb7e339ad7ae5c2274d412e0777304b7afca4d81099fe78b2503ac03846e9f1aaef9939e0ca04fe791dc5b9ec083e0c3fd2da646edf0f83842ef37f645ee01a46ae28f3228eae4e1cdb54dc5682a32905991e8aad470066ec9ba14706bbc32db32e7b6cec851c6d5c075be8a2c517735855790bf5ce8ae954db3749d8222b716a918b06fcdc8a2af60e3d0ab65cba5f5c072ce92c5213a97ce98b435d3b5bb0dab66937e349af3de18ad879756562b4465003186378758dbdc5cb46b26898f50525be5e07766cb9330250a3657bd1b7f62a0977fda0aa2a8df78686b55c3c44c78b95e1122e6505ccb3c5be8cc2fd58b6323240ccfc71ff1d991dee4772b8fccb36be1c38ad12cd29a445e51e25b36c9e3594deb4c7d24215a023ae2a52528d6bd634d34a99ebbee4703c83d68c538e5082c558a9fc17d839caceab6bfed48e080db05e16480fc8b19643e836887489d70f05ae232afec768ae7c38b51c92db68ca7c4c5acd441c78d883308b6cc6d6632de52180874bb9fec4ceaf0e66141bb81be82197ae0ebb5692790392c8888cec98c418a0da0fd192e05ced5603d0fc1441e64d80a42e7969559d705e4c29838e877adb3eef603cab1f88dc87d3d8ee9711384a41953843302ed3fdd27574120fbea6cfccdc50305b4d9d6accc3e20c3f8cb80de2d98069389203867bba982d5b073a9d6e303dabf5dbd6fd71ee9a94c1ae16df07f5d1b227c1c997ef221e8e0b0d02414c06a6058466c2f547f3a845ead444713843253baef5b1b024302af2e37ff69653c17560a1c2f7d7fa327cfaa9e3f60792b7b033f9020acce25c26de6ad83497d5cc6855ac0be57d7cefbbbe6f0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:40:04 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 05 Apr 2024 09:35:03 GMT
expires: Sat, 04 May 2024 19:00:00 GMT
content-encoding: gzip
x-cdn-edge-cache: HIT
x-cdn-edge-id: 119
x-cdn-request-id: 7eee63cee0bdf80f4b06534b61da564a
X-Firefox-Spdy: h2

pxl.acint.net/pxl/1?dp=16&id=119659.863532.165100553&sid=66368105-accc-ccb7-bths-rlhxpq7wx0ss&aid=0800007FF5803666CC346C3B023A0904&ref=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&r=1714848006

193.3.184.16

200 OK

43 B

URL GET HTTP/2
pxl.acint.net/pxl/1?dp=16&id=119659.863532.165100553&sid=66368105-accc-ccb7-bths-rlhxpq7wx0ss&aid=0800007FF5803666CC346C3B023A0904&ref=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&r=1714848006
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /pxl/1?dp=16&id=119659.863532.165100553&sid=66368105-accc-ccb7-bths-rlhxpq7wx0ss&aid=0800007FF5803666CC346C3B023A0904&ref=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&r=1714848006 HTTP/1.1
Host: pxl.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:05 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

tube.buzzoola.com/js/lib/vpaid_js_proxy_hash_only.js

151.236.127.161

54 kB

URL
tube.buzzoola.com/js/lib/vpaid_js_proxy_hash_only.js
IP
151.236.127.161:0
ASN
#204720 Global Cloud Network LLC

File type
gzip compressed data, from Unix
Size
54 kB (53955 bytes)
Hash
8f5dfc461c0067e9d3f7e173e7d783c1
cea0b72c62690c5f832898a823bba4654be34555
df47802149ba65b21c41d7dd841b6ae3443051bf47d0c3ca764679023485af31

HTTP Headers

GET /js/lib/vpaid_js_proxy_hash_only.js HTTP/1.1
Host: tube.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Cookie: uuid=8ad0d2c9-58c4-4866-67a2-429b982be014; cookiesyncs=000000000000000000000000fe1b41a9fd06491fc59ea0b7f4ac65fc619a8ed021997bf324a50453ae3db9301cdd7ea7e8bc29e5897bd1857ab5419931453c79540c400245c14f882bf0f25de70245ea4d1f058bcb8f193ac2c2bb5cd71e0df3e494b5334f0098b855afadffecd18067f4f9d5192ce23ed677cd784d6444bb1ee471dece5671454ac62e6d9dd922b47515c3b1645786942857ff4ca329b7587e9e60e5b0acbc461feeb227540eb128f66a27f72717a47c0aaa44a5d70aea13d1113418e4261fbdc3ae402cbb2e0ebfb04cc693249a5fc611676cee0779faca7ae2f968df107a60070268ccb405a3aa864391ab0494e20906606b7cec52512b70a2b94cf8293bf8a876beada75082a23475da3b7db144b1d63d118325b048c9cdfe43a8e4942fc07385e103f327fdbe3f6bb62a86447affae02f0465bb693c8224898c1c9e52078790c5fc17026e9eb75197c16dc1dce4a169c934d5925fd274ac4e527ead293e560a9e0c0dd24ef1d9abd7d18300833fd0ded04bf562ac6c169a4400340f05b3e9d7b3855a87e3b7746f95174a1eeced3b0599d8fb7562dba48d3ace81ab358c11778fdd4805bf069b4f003582f25b1076cf5a00f3c5442327d0a8fc5dff609a5a142281a9ca58be5454e70ef04a62ae66ab06865faccbf46ffcefc214e3e91fefe4196f4b7f833639cee560a9599ae8f990a1bed3ca014a15da712c8a231fbb74aef2380b399bb73339ec8aa443f71cd02e56f780fb4a6c64ec84286e09b2500bb10bf3dfd1aaef994e50ea850e797c84796cf9de9cde825e21dbaa7a77912f012a508b91ca708fd823535e8e4ecccb85ac6653036911fd1a5e284281744c9b60c480fb33dd930e1afd3cd49dbd1d464b788255b743a89128ea259eca682528c3ef6822fb712b61ca872c8d1b2aa78e8dba86cc7a6bc8f65cbc29d614bc189e3b63dccb5bd19b76e9c603d94e6d65cf8c0c33a512f0a345f67ce75d6149f892ab76e2e8a845e4a52acac2a308ed06c7e4d6e3bba1f313ff7c73b8b4ce1f19b3d2b055dcdcf467fb40f4c72af090998630aa29a64b98c676d675b9c874aaa80cebcf67b2185cdbe7ce4cfdb8a7996ca113250e65333c2ab1b0dbb0f2963713d083de3ac2d29c2f1370468f2d1e1804f0dc3376fc869b6516413dbcdaf21d8dbf486b1bba30bb3c49363e67482f8991c7134857c8d49843daa09b57dfaab24a0b492df00887cf5cff7bfc7a5c640cd83963a07aec5252d62820946677cb394a01fb7b9b7200ddd87a3811172e7ffbf6933dc7e63d5df839bcc2d8d09eeaa4e6e41909428634fb7471b6cdb014cff9fdc168245b396c56c8d7caab4e7b84482e6a0c5963d72e9e376128dac1847c86b5bae5dcf2b5d4b21f6fd69f09c865849ea968de6a33628c8b48fdfa52f9019938f34246fb4b78bdba57bed9bb5588ff805ac7ae95ebefe0b1ae16df07f5d1b227c1c997ef221e8e0b0d02414c06a6056476537427708e051a24645159d2f56a2f25f0f134a00a62434f065202f0c5a031b6b287fa327cfaa9e3f60792b7b033f9020acce25c26de6ad999419853d83b35d67745e14518baf02
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:40:03 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 05 Apr 2024 09:35:03 GMT
expires: Sat, 04 May 2024 19:00:00 GMT
content-encoding: gzip
x-cdn-edge-cache: HIT
x-cdn-edge-id: 119
x-cdn-request-id: 03cdf1bee6083098d6d61b32169540cc
X-Firefox-Spdy: h2

ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D

193.3.184.25

302 Moved Temporarily

142 B

URL GET HTTP/1.1
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP
193.3.184.25:443
ASN
#50214 QWARTA LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.sape.ru
Fingerprint73:95:22:E3:B6:12:3E:90:3A:10:10:DC:38:ED:28:2D:82:7B:EB:E2
ValidityWed, 10 Apr 2024 03:20:28 GMT - Tue, 09 Jul 2024 03:20:27 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: sspuid=CkIDPWY2gPUQpwAkIZCSAtwObK2VDTfOUuJ95155S8M/WBWo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sat, 04 May 2024 18:40:05 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=3D03420AF58036662400A71002929021
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0

exchange.buzzoola.com/adn/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng

49.12.83.94

1.1 kB

URL
exchange.buzzoola.com/adn/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng
IP
49.12.83.94:0
ASN
#24940 Hetzner Online GmbH

File type
JSON text data
Size
1.1 kB (1098 bytes)
Hash
ac41d313fe7aa18cb3c6e6b7c7239075
575478637ad3e64b52066ca9194b99928a1d94fe
c7b874308b3597f2e095e0b8282cdd172a64fa3f904557a36f82f7725906b8b1

HTTP Headers

POST /adn/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Alt-Referer: 
Content-Type: application/x-www-form-urlencoded
X-First-Party-Cookie: 5db3a4e34790624df926db520a13f79f
Content-Length: 264
Origin: https://tube.buzzoola.com
DNT: 1
Connection: keep-alive
Referer: https://tube.buzzoola.com/
Cookie: uuid=8ad0d2c9-58c4-4866-67a2-429b982be014; cookiesyncs=000000000000000000000000fe1b41a9fd06491fc59ea0b7f4ac65fc619a8ed021997bf324a50453ae3db9301cdd7ea7e8bc29e5897bd1857ab5419931453c79540c400245c14f882bf0f25de70245ea4d1f058bcb8f193ac2c2bb5cd71e0df3e494b5334f0098b855afadffecd18067f4f9d5192ce23ed677cd784d6444bb1ee471dece5671454ac62e6d9dd922b47515c3b1645786942857ff4ca329b7587e9e60e5b0acbc461feeb227540eb128f66a27f72717a47c0aaa44a5d70aea13d1113418e4261fbdc3ae402cbb2e0ebfb04cc693249a5fc611676cee0779faca7ae2f968df107a60070268ccb405a3aa864391ab0494e20906606b7cec52512b70a2b94cf8293bf8a876beada75082a23475da3b7db144b1d63d118325b048c9cdfe43a8e4942fc07385e103f327fdbe3f6bb62a86447affae02f0465bb693c8224898c1c9e52078790c5fc17026e9eb75197c16dc1dce4a169c934d5925fd274ac4e527ead293e560a9e0c0dd24ef1d9abd7d18300833fd0ded04bf562ac6c169a4400340f05b3e9d7b3855a87e3b7746f95174a1eeced3b0599d8fb7562dba48d3ace81ab358c11778fdd4805bf069b4f003582f25b1076cf5a00f3c5442327d0a8fc5dff609a5a142281a9ca58be5454e70ef04a62ae66ab06865faccbf46ffcefc214e3e91fefe4196f4b7f833639cee560a9599ae8f990a1bed3ca014a15da712c8a231fbb74aef2380b399bb73339ec8aa443f71cd02e56f780fb4a6c64ec84286e09b2500bb10bf3dfd1aaef994e50ea850e797c84796cf9de9cde825e21dbaa7a77912f012a508b91ca708fd823535e8e4ecccb85ac6653036911fd1a5e284281744c9b60c480fb33dd930e1afd3cd49dbd1d464b788255b743a89128ea259eca682528c3ef6822fb712b61ca872c8d1b2aa78e8dba86cc7a6bc8f65cbc29d614bc189e3b63dccb5bd19b76e9c603d94e6d65cf8c0c33a512f0a345f67ce75d6149f892ab76e2e8a845e4a52acac2a308ed06c7e4d6e3bba1f313ff7c73b8b4ce1f19b3d2b055dcdcf467fb40f4c72af090998630aa29a64b98c676d675b9c874aaa80cebcf67b2185cdbe7ce4cfdb8a7996ca113250e65333c2ab1b0dbb0f2963713d083de3ac2d29c2f1370468f2d1e1804f0dc3376fc869b6516413dbcdaf21d8dbf486b1bba30bb3c49363e67482f8991c7134857c8d49843daa09b57dfaab24a0b492df00887cf5cff7bfc7a5c640cd83963a07aec5252d62820946677cb394a01fb7b9b7200ddd87a3811172e7ffbf6933dc7e63d5df839bcc2d8d09eeaa4e6e41909428634fb7471b6cdb014cff9fdc168245b396c56c8d7caab4e7b84482e6a0c5963d72e9e376128dac1847c86b5bae5dcf2b5d4b21f6fd69f09c865849ea968de6a33628c8b48fdfa52f9019938f34246fb4b78bdba57bed9bb5588ff805ac7ae95ebefe0b1ae16df07f5d1b227c1c997ef221e8e0b0d02414c06a6056476537427708e051a24645159d2f56a2f25f0f134a00a62434f065202f0c5a031b6b287fa327cfaa9e3f60792b7b033f9020acce25c26de6ad999419853d83b35d67745e14518baf02
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:40:04 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
access-control-allow-origin: https://tube.buzzoola.com
access-control-expose-headers: Set-Cookie, Etag
set-cookie: uuid=; Path=/; Domain=exchange.buzzoola.com; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; Secure; SameSite=None
uuid=8ad0d2c9-58c4-4866-67a2-429b982be014; Path=/; Domain=buzzoola.com; Expires=Mon, 03 Jun 2024 18:40:04 GMT; Max-Age=2592000; Secure; SameSite=None
cookiesyncs=; Path=/; Domain=exchange.buzzoola.com; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; Secure; SameSite=None
cookiesyncs=000000000000000000000000c81756b5eb0b4032d2c0f1eca5f032b4079d9ed2258b7ee62ea31059af24f469428022e9b4e603b6c73d93d622f913fa2e483a695700570149d64a8577b2be15b15a12801a0610b88dc54e6f9ea0a451d0030ff3e995b8244c0d82bc54e9ebb6a485cf7eecce95437ba65ad067cf7d52605dab1af17bd9d75d7c46058e6035c1c124a53d19c6ac7a64c6ff285aff48bc2daf457b8770e0a8a7b74516e2b16e050ba622ea6e37d94318ab7e08ac5db8d212f717c5003d1aed2c1cb2cfeb7832b92515acbd7ee6a97ace0c98403617ec0f66facc6efef167c11974750f462791e450f8c5c809c6f959d2ae54521b6975fe535b256eabb654f1616fa8e22be8e0f41dedec6633875f7ba146b4c939089321a542ced4f54eababd865872b8fe50bc97aafe7596bbf35864363e2aa17ec4e55a59bca2d42dda89eb92e5871196880287aaabc17067111c11fce471791844e543ff9260c9aa86e89d9d2b623efa68c8170a07b9ca07e10380f27f70df948fc137991893bf01b6914ed5a2bbb2c7706fc3459684bfe4c76a1e3cfdea75a9095b3576bf80584fcb50fa510c11964f2dc9352af35efac675e3f27b41868ecb00b295e452b76078c8a85a059eab843181289b0c7d7040314ed0ba037e46bb06864f7cdb35cfdcffc274e78d7a8ee4696a9b6dd71089ce3560e8a9db6929c130be824ab1fa254ab1181fc28e8b14afe32b8f5f2bb7e339ad7ae5c2274d412e0777304b7afca4d81099fe78b2503ac03846e9f1aaef9939e0ca04fe791dc5b9ec083e0c3fd2da646edf0f83842ef37f645ee01a46ae28f3228eae4e1cdb54dc5682a32905991e8aad470066ec9ba14706bbc32db32e7b6cec851c6d5c075be8a2c517735855790bf5ce8ae954db3749d8222b716a918b06fcdc8a2af60e3d0ab65cba5f5c072ce92c5213a97ce98b435d3b5bb0dab66937e349af3de18ad879756562b4465003186378758dbdc5cb46b26898f50525be5e07766cb9330250a3657bd1b7f62a0977fda0aa2a8df78686b55c3c44c78b95e1122e6505ccb3c5be8cc2fd58b6323240ccfc71ff1d991dee4772b8fccb36be1c38ad12cd29a445e51e25b36c9e3594deb4c7d24215a023ae2a52528d6bd634d34a99ebbee4703c83d68c538e5082c558a9fc17d839caceab6bfed48e080db05e16480fc8b19643e836887489d70f05ae232afec768ae7c38b51c92db68ca7c4c5acd441c78d883308b6cc6d6632de52180874bb9fec4ceaf0e66141bb81be82197ae0ebb5692790392c8888cec98c418a0da0fd192e05ced5603d0fc1441e64d80a42e7969559d705e4c29838e877adb3eef603cab1f88dc87d3d8ee9711384a41953843302ed3fdd27574120fbea6cfccdc50305b4d9d6accc3e20c3f8cb80de2d98069389203867bba982d5b073a9d6e303dabf5dbd6fd71ee9a94c1ae16df07f5d1b227c1c997ef221e8e0b0d02414c06a6058466c2f547f3a845ead444713843253baef5b1b024302af2e37ff69653c17560a1c2f7d7fa327cfaa9e3f60792b7b033f9020acce25c26de6ad83497d5cc6855ac0be57d7cefbbbe6f0; Path=/; Domain=buzzoola.com; Expires=Sun, 05 May 2024 06:40:04 GMT; Max-Age=43200; Secure; SameSite=None
x-reason: {"status":"ad","description":"ad found"}
serverid: TODO
content-encoding: gzip
X-Firefox-Spdy: h2

ads.alfasense.net/adserver/www/delivery/asyncspc.php?zones=8&prefix=revive-0-&xcampaigns=%3A%3Abetween%3A%3Agetintent%3A%3Avox%3A%3Aotm%3A%3Aalfasense%3A%3Artbsape%3A%3Adefault-stub%3A%3Akimberlite%3A%3A&xsite=12487&xsitename=exclusive-works.ru&loc=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34

136.144.31.29

1.4 kB

URL
ads.alfasense.net/adserver/www/delivery/asyncspc.php?zones=8&prefix=revive-0-&xcampaigns=%3A%3Abetween%3A%3Agetintent%3A%3Avox%3A%3Aotm%3A%3Aalfasense%3A%3Artbsape%3A%3Adefault-stub%3A%3Akimberlite%3A%3A&xsite=12487&xsitename=exclusive-works.ru&loc=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34
IP
136.144.31.29:0
ASN
#52000 MIRhosting B.V.

File type
HTML document, ASCII text, with very long lines (1375)
Size
1.4 kB (1377 bytes)
Hash
e68f7b78f55e150eacaaf976657cc06d
2c53f29a3f319dc8ede47278f4bee51295a68e35
596bded86bd5a24a54b3c9d49a446447770fb3a0dd34d8dda41ddb3013d39d41

HTTP Headers

GET /adserver/www/delivery/asyncspc.php?zones=8&prefix=revive-0-&xcampaigns=%3A%3Abetween%3A%3Agetintent%3A%3Avox%3A%3Aotm%3A%3Aalfasense%3A%3Artbsape%3A%3Adefault-stub%3A%3Akimberlite%3A%3A&xsite=12487&xsitename=exclusive-works.ru&loc=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34 HTTP/1.1
Host: ads.alfasense.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:39:50 GMT
content-type: application/json
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://exclusive-works.ru
access-control-allow-credentials: true
content-security-policy: frame-ancestors 'self';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
set-cookie: OAID=01000111010001000101000001010010; expires=Sun, 04-May-2025 18:39:50 GMT; Max-Age=31536000; path=/; secure; SameSite=none
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

dm-eu.hybrid.ai/match?id=106&vid=0800007FF5803666CC346C3B023A0904

37.230.131.16

302 Found

0 B

URL GET HTTP/2
dm-eu.hybrid.ai/match?id=106&vid=0800007FF5803666CC346C3B023A0904
IP
37.230.131.16:443
ASN
#200197 Hybrid Adtech Sp.z.o.o.

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerSectigo Limited
Subject*.hybrid.ai
Fingerprint40:F9:88:C5:EF:2B:26:9C:61:DC:CC:ED:B1:67:03:F4:E2:CC:B7:C8
ValidityThu, 14 Sep 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?id=106&vid=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 04 May 2024 18:40:06 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=1a0153a4378b62073146; Expires=Sun, 04 May 2025 18:40:04 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 576
x-xss-protection: 1; mode=block
access-control-allow-origin: https://mc.acint.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2

utraff.com/vpaid/3MzFq-V98d5K9xytG-0qjmla4J1Bn1LlPOMlI0MK0A8.xml

172.67.74.180

200 OK

580 B

URL GET HTTP/2
utraff.com/vpaid/3MzFq-V98d5K9xytG-0qjmla4J1Bn1LlPOMlI0MK0A8.xml
IP
172.67.74.180:443
ASN
#13335 CLOUDFLARENET

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGoogle Trust Services LLC
Subjectutraff.com
Fingerprint33:5E:E6:D1:25:D0:06:4F:AC:56:7F:BD:6C:A7:DD:31:72:25:35:57
ValiditySat, 06 Apr 2024 06:57:44 GMT - Fri, 05 Jul 2024 06:57:43 GMT

File type
ASCII text
Size
580 B (580 bytes)
Hash
779a05adba506b1bb11c9f0fdac37550
9723a2d62b4c53ed4ae54aa042a931666714390b
01c8c0aaefbf533ea2ec050881b2bf87e882242fae239a3df08fc901336895ab

HTTP Headers

GET /vpaid/3MzFq-V98d5K9xytG-0qjmla4J1Bn1LlPOMlI0MK0A8.xml HTTP/1.1
Host: utraff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:39:48 GMT
content-type: text/xml
last-modified: Fri, 03 May 2024 19:55:29 GMT
etag: W/"66354131-3ff"
access-control-allow-origin: https://exclusive-works.ru
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jpcc%2BYdY4rIslrMWKhTv2mD11MHKMN7wX5PqcJxxPO4QgM7vFvwsTftvhzexPAEPSJU1iU3BELswv4vnRN3V8TbSTGTM5BcoxCbfNAWM2oIHJ4s8nJECBOxNDLk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea9d9849c15696-OSL
content-encoding: br
X-Firefox-Spdy: h2

nr.bidderstack.com/sape/cm?user_id=0800007FF5803666CC346C3B023A0904

116.202.32.25

302 Found

0 B

URL GET HTTP/1.1
nr.bidderstack.com/sape/cm?user_id=0800007FF5803666CC346C3B023A0904
IP
116.202.32.25:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerGoDaddy.com, Inc.
Subject*.bidderstack.com
Fingerprint7A:83:29:BF:37:01:78:02:DF:C1:07:D8:A2:10:AB:0A:DD:11:66:B0
ValidityTue, 21 Nov 2023 08:57:57 GMT - Sun, 22 Dec 2024 08:57:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/cm?user_id=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:40:06 GMT
Content-Length: 0
Connection: keep-alive
Location: /sape/cm?user_id=0800007FF5803666CC346C3B023A0904&pupa=1
Set-Cookie: pupa=187da8a4-5e7b-8768-ed39-68cc113f0aec; domain=.bidderstack.com; path=/; expires=Sun, 04-May-2025 18:40:06 GMT;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

s.uuidksinc.net/match/396/?remote_uid=0800007FF5803666CC346C3B023A0904

31.220.27.134

302 Found

0 B

URL GET HTTP/2
s.uuidksinc.net/match/396/?remote_uid=0800007FF5803666CC346C3B023A0904
IP
31.220.27.134:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subjectuuidksinc.net
Fingerprint60:4F:7E:0B:93:FF:04:3B:02:AF:A2:9C:5C:5D:D8:F5:78:B9:39:3A
ValidityFri, 08 Mar 2024 23:20:32 GMT - Thu, 06 Jun 2024 23:20:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/396/?remote_uid=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: jcsuuid=RzPsfyQLpYD9OjJLTPfE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.23.2
date: Sat, 04 May 2024 18:40:06 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=RzPsfyQLpYD9OjJLTPfE
set-cookie: jcsuuid=RzPsfyQLpYD9OjJLTPfE; expires=Sun, 04 May 2025 18:40:06 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

sync.programmatica.com/match/01

158.160.128.78

200 OK

43 B

URL GET HTTP/2
sync.programmatica.com/match/01
IP
158.160.128.78:443
ASN
#200350 Yandex.Cloud LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subjectsync.programmatica.com
Fingerprint4A:E3:48:0E:7D:F3:3F:AA:D4:E0:E7:46:CC:AF:29:0A:F0:5A:C2:57
ValiditySun, 24 Mar 2024 10:21:50 GMT - Sat, 22 Jun 2024 10:21:49 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /match/01 HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

cs.agency2.ru/p?ssp=sp&uid=0800007FF5803666CC346C3B023A0904

23.111.107.44

301 Moved Permanently

0 B

URL GET HTTP/1.1
cs.agency2.ru/p?ssp=sp&uid=0800007FF5803666CC346C3B023A0904
IP
23.111.107.44:443
ASN
#39134 Edinaya Set Limited Liability Company

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subjectapi.agency2.ru
Fingerprint02:6A:FB:9D:0A:83:4C:93:CA:FA:19:3D:E7:2F:70:6A:A8:40:97:BE
ValiditySun, 14 Apr 2024 23:34:36 GMT - Sat, 13 Jul 2024 23:34:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sp&uid=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: uuid=19ef23e0-aea9-4b87-93a0-6cf95980ef9a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Sat, 04 May 2024 18:40:06 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=19ef23e0-aea9-4b87-93a0-6cf95980ef9a
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44

sync.dsp.solta.io/match/sape?id=0800007FF5803666CC346C3B023A0904

217.199.220.73

200 OK

43 B

URL GET HTTP/2
sync.dsp.solta.io/match/sape?id=0800007FF5803666CC346C3B023A0904
IP
217.199.220.73:443
ASN
#61400 Start LLC

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerGlobalSign nv-sa
Subject*.dsp.solta.io
Fingerprint6D:7F:91:92:30:E1:6A:A0:9B:86:49:7A:21:7F:5B:A4:23:8F:92:BC
ValidityWed, 02 Aug 2023 16:38:38 GMT - Mon, 02 Sep 2024 16:38:37 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /match/sape?id=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: sync.dsp.solta.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

pixel.dsp.onetarget.ru/sape/pixel?id=0800007FF5803666CC346C3B023A0904

130.193.53.230

302 Found

0 B

URL GET HTTP/2
pixel.dsp.onetarget.ru/sape/pixel?id=0800007FF5803666CC346C3B023A0904
IP
130.193.53.230:443
ASN
#200350 Yandex.Cloud LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subjectpixel.dsp.onetarget.ru
FingerprintC3:A5:98:2E:46:6A:1A:4F:85:6D:4A:FE:11:88:B1:D1:5F:AE:43:DD
ValidityFri, 15 Mar 2024 12:44:47 GMT - Thu, 13 Jun 2024 12:44:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/pixel?id=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: pixel.dsp.onetarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Sat, 04 May 2024 18:40:06 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=5813217&id=9dfdedfc-f404-4ade-bd58-69a4840c3383
set-cookie: USER_ID=9dfdedfc-f404-4ade-bd58-69a4840c3383;max-age=2147483647;Secure;HttpOnly;SameSite=None
SAPE_USER_ID=0800007FF5803666CC346C3B023A0904;max-age=30758400;Secure;HttpOnly;SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
X-Firefox-Spdy: h2

sync.bumlam.com/?src=sap1&uid=0800007FF5803666CC346C3B023A0904

31.172.81.158

200 OK

0 B

URL GET HTTP/1.1
sync.bumlam.com/?src=sap1&uid=0800007FF5803666CC346C3B023A0904
IP
31.172.81.158:443
ASN
#44066 firstcolo GmbH

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint9F:E0:4A:B3:57:B0:3C:3E:13:7F:9F:FF:82:A2:91:87:45:9F:A4:7F
ValidityThu, 28 Mar 2024 09:09:43 GMT - Wed, 26 Jun 2024 09:09:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sap1&uid=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: suuid3=IiRiMDNlNTNkYy0wYTQ1LTExZWYtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 18:40:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: close
Set-Cookie: suuid3=IiRiMDNlNTNkYy0wYTQ1LTExZWYtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Fri, 29 Apr 2044 18:40:06 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

pix.bumlam.com/sync/sape/check?sspuid=0800007FF5803666CC346C3B023A0904

31.172.81.160

0 B

URL GET
pix.bumlam.com/sync/sape/check?sspuid=0800007FF5803666CC346C3B023A0904
IP
31.172.81.160:0
ASN
#44066 firstcolo GmbH

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/sape/check?sspuid=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: suuid3=IiRiMDNlNTNkYy0wYTQ1LTExZWYtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:40:06 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://mc.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://b03e53dc-0a45-11ef-86e0-002590c0647c.n2.sync.bumlam.com/?src=sape

ssp.al-adtech.com/api/sync/sape

45.139.25.125

302 Found

0 B

URL GET HTTP/1.1
ssp.al-adtech.com/api/sync/sape
IP
45.139.25.125:443
ASN
#34959 Kviktel LLC

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.al-adtech.com
Fingerprint09:19:46:AF:0C:12:1A:6D:06:41:56:6B:AF:2F:C2:69:A3:3F:1A:37
ValidityMon, 15 Apr 2024 04:45:07 GMT - Sun, 14 Jul 2024 04:45:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/sync/sape HTTP/1.1
Host: ssp.al-adtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: afp_cookie=gAAAAABmNoD1v9oreKkXJ3p1n5Cs6b3_-DeWplFtaOB-Y2T2_Vh_qX_v0M8iXugMDDmBGMQM9Q0Evzg0MWshpUDMad6x9a1h3BcGqBY72CHllvBdIia2Yu7CcdEJEeLgJ8IVLIm_cijwf4dcukjJ_UxkPtzR8gSnDD_S4e54QlFPUKpTQWtAVHGxfcU6_CiSYolplLN72R5f53E9-Qk5WMGeNRCrZLGrQCOst5uYhgYOZzAtKGytMYM=$
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Sat, 04 May 2024 18:40:06 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Allow-Origin: 
Access-Control-Allow-Credentials: true
Location: https://mc.acint.net/rmatch?dp=261&euid=cf196db8-fb09-484b-9e19-189f88f6970f&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261
Set-Cookie: afp_cookie=gAAAAABmNoEGCp7S_VRZ74kfMsiQvWoc9zNuefj1ldX1TXgLR-MypTOsWGY65RW544U6ptgBA05UYbGudQb22bZgjZQx_DsFY2cQ24HzEuLh0VASQDgJauUQ-MDNAqElm66tj9a1BaSIpKecHRY_g_jYDn-PS1niKscmg4HS9xa283W6x-7z5S0r5nHWtJ32Nrs6LQFM0qiuLCShFlM2czvFfrBv4ADiuLJfI0B3SdBbDMH_l3yWV9U=$; expires=Tue, 04 Jun 2024 18:40:06 GMT; path=/; secure; SameSite=None

exclusive-works.ru/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2

87.236.16.222

5.1 kB

URL
exclusive-works.ru/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
IP
87.236.16.222:0
ASN
#198610 Beget LLC

Certificate
IssuerLet's Encrypt
Subjectexclusive-works.ru
FingerprintC6:F1:85:00:31:02:65:80:DF:66:0D:9C:20:FE:78:0D:DF:F7:6F:1B
ValidityWed, 01 May 2024 06:34:48 GMT - Tue, 30 Jul 2024 06:34:47 GMT

File type
JavaScript source, ASCII text, with very long lines (15752)
Size
5.1 kB (5056 bytes)
Hash
b976b651932bfd25b9ddb5b7693d88a7
7fcb7cb5c11227f9213b1e08a07d0212209e1432
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: exclusive-works.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Sat, 04 May 2024 18:39:47 GMT
content-type: application/x-javascript
last-modified: Wed, 24 Apr 2024 05:44:38 GMT
vary: Accept-Encoding
etag: W/"66289c46-4926"
expires: Sat, 11 May 2024 18:39:47 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

dm-eu.hybrid.ai/match?id=106&vid=0800007FF5803666CC346C3B023A0904

37.230.131.16

302 Found

0 B

URL GET HTTP/2
dm-eu.hybrid.ai/match?id=106&vid=0800007FF5803666CC346C3B023A0904
IP
37.230.131.16:443
ASN
#200197 Hybrid Adtech Sp.z.o.o.

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerSectigo Limited
Subject*.hybrid.ai
Fingerprint40:F9:88:C5:EF:2B:26:9C:61:DC:CC:ED:B1:67:03:F4:E2:CC:B7:C8
ValidityThu, 14 Sep 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?id=106&vid=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: vid=1a0153a4378b62073146
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Sat, 04 May 2024 18:40:06 GMT
content-length: 0
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
location: https://an.yandex.ru/mapuid/targetixis/1a0153a4378b62073146
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 546
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.acint.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2

ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D

193.3.184.25

302 Moved Temporarily

142 B

URL GET HTTP/1.1
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP
193.3.184.25:443
ASN
#50214 QWARTA LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.sape.ru
Fingerprint73:95:22:E3:B6:12:3E:90:3A:10:10:DC:38:ED:28:2D:82:7B:EB:E2
ValidityWed, 10 Apr 2024 03:20:28 GMT - Tue, 09 Jul 2024 03:20:27 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: sspuid=CkIDPWY2gPUQpwAkIZCSAtwObK2VDTfOUuJ95155S8M/WBWo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sat, 04 May 2024 18:40:06 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=3D03420AF58036662400A71002929021
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0

match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D

167.235.10.91

302 Found

0 B

URL GET HTTP/1.1
match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D
IP
167.235.10.91:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subjectmatch.ohmy.bid
Fingerprint93:CC:18:6B:4E:10:D1:20:7F:8C:75:21:78:30:60:00:A2:B6:B0:39
ValiditySat, 23 Mar 2024 20:09:13 GMT - Fri, 21 Jun 2024 20:09:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cm?ssp=sape&redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D HTTP/1.1
Host: match.ohmy.bid
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:40:06 GMT
Content-Length: 0
Connection: keep-alive
Bidder: bid-14 1.1542.871fc768
Location: https://mc.acint.net/match?dp=217&euid=c537dde4-084a-4d9f-86d7-c3eeafe0ae3c
Set-Cookie: uid=c537dde4-084a-4d9f-86d7-c3eeafe0ae3c.66368106.96f3427ccfa6f146; domain=.ohmy.bid; path=/; expires=Mon, 03-Jun-2024 18:40:06 GMT; SameSite=None; Secure;
Access-Control-Allow-Credentials: true

s.uuidksinc.net/match/396/?remote_uid=0800007FF5803666CC346C3B023A0904

31.220.27.134

302 Found

0 B

URL GET HTTP/2
s.uuidksinc.net/match/396/?remote_uid=0800007FF5803666CC346C3B023A0904
IP
31.220.27.134:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subjectuuidksinc.net
Fingerprint60:4F:7E:0B:93:FF:04:3B:02:AF:A2:9C:5C:5D:D8:F5:78:B9:39:3A
ValidityFri, 08 Mar 2024 23:20:32 GMT - Thu, 06 Jun 2024 23:20:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/396/?remote_uid=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: jcsuuid=RzPsfyQLpYD9OjJLTPfE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx/1.23.2
date: Sat, 04 May 2024 18:40:06 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=RzPsfyQLpYD9OjJLTPfE
set-cookie: jcsuuid=RzPsfyQLpYD9OjJLTPfE; expires=Sun, 04 May 2025 18:40:06 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

pix.bumlam.com/sync/sape/check?sspuid=0800007FF5803666CC346C3B023A0904

31.172.81.160

0 B

URL GET
pix.bumlam.com/sync/sape/check?sspuid=0800007FF5803666CC346C3B023A0904
IP
31.172.81.160:0
ASN
#44066 firstcolo GmbH

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/sape/check?sspuid=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: suuid3=IiRiMDNlNTNkYy0wYTQ1LTExZWYtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:40:06 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://b03e53dc-0a45-11ef-86e0-002590c0647c.n6.sync.bumlam.com/?src=sape

exchange.buzzoola.com/cookiesync/dsp/sape-banner?uid=0800007FF5803666CC346C3B023A0904&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126

49.12.83.94

302 Found

156 B

URL GET HTTP/2
exchange.buzzoola.com/cookiesync/dsp/sape-banner?uid=0800007FF5803666CC346C3B023A0904&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126
IP
49.12.83.94:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
156 B (156 bytes)
Hash
24302bbfdbf7c5e3f8857ff3a94c9dfd
314fdfac8f549df51d2ee5ff2e732b43f28a32c8
bfc03ca59b1f3ad8b6d4fd6430ba2ec9ed99a52e86df606d38f565ac73babed3

HTTP Headers

GET /cookiesync/dsp/sape-banner?uid=0800007FF5803666CC346C3B023A0904&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126 HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: uuid=8ad0d2c9-58c4-4866-67a2-429b982be014; cookiesyncs=000000000000000000000000c81756b5eb0b4032d2c0f1eca5f032b4079d9ed2258b7ee62ea31059af24f469428022e9b4e603b6c73d93d622f913fa2e483a695700570149d64a8577b2be15b15a12801a0610b88dc54e6f9ea0a451d0030ff3e995b8244c0d82bc54e9ebb6a485cf7eecce95437ba65ad067cf7d52605dab1af17bd9d75d7c46058e6035c1c124a53d19c6ac7a64c6ff285aff48bc2daf457b8770e0a8a7b74516e2b16e050ba622ea6e37d94318ab7e08ac5db8d212f717c5003d1aed2c1cb2cfeb7832b92515acbd7ee6a97ace0c98403617ec0f66facc6efef167c11974750f462791e450f8c5c809c6f959d2ae54521b6975fe535b256eabb654f1616fa8e22be8e0f41dedec6633875f7ba146b4c939089321a542ced4f54eababd865872b8fe50bc97aafe7596bbf35864363e2aa17ec4e55a59bca2d42dda89eb92e5871196880287aaabc17067111c11fce471791844e543ff9260c9aa86e89d9d2b623efa68c8170a07b9ca07e10380f27f70df948fc137991893bf01b6914ed5a2bbb2c7706fc3459684bfe4c76a1e3cfdea75a9095b3576bf80584fcb50fa510c11964f2dc9352af35efac675e3f27b41868ecb00b295e452b76078c8a85a059eab843181289b0c7d7040314ed0ba037e46bb06864f7cdb35cfdcffc274e78d7a8ee4696a9b6dd71089ce3560e8a9db6929c130be824ab1fa254ab1181fc28e8b14afe32b8f5f2bb7e339ad7ae5c2274d412e0777304b7afca4d81099fe78b2503ac03846e9f1aaef9939e0ca04fe791dc5b9ec083e0c3fd2da646edf0f83842ef37f645ee01a46ae28f3228eae4e1cdb54dc5682a32905991e8aad470066ec9ba14706bbc32db32e7b6cec851c6d5c075be8a2c517735855790bf5ce8ae954db3749d8222b716a918b06fcdc8a2af60e3d0ab65cba5f5c072ce92c5213a97ce98b435d3b5bb0dab66937e349af3de18ad879756562b4465003186378758dbdc5cb46b26898f50525be5e07766cb9330250a3657bd1b7f62a0977fda0aa2a8df78686b55c3c44c78b95e1122e6505ccb3c5be8cc2fd58b6323240ccfc71ff1d991dee4772b8fccb36be1c38ad12cd29a445e51e25b36c9e3594deb4c7d24215a023ae2a52528d6bd634d34a99ebbee4703c83d68c538e5082c558a9fc17d839caceab6bfed48e080db05e16480fc8b19643e836887489d70f05ae232afec768ae7c38b51c92db68ca7c4c5acd441c78d883308b6cc6d6632de52180874bb9fec4ceaf0e66141bb81be82197ae0ebb5692790392c8888cec98c418a0da0fd192e05ced5603d0fc1441e64d80a42e7969559d705e4c29838e877adb3eef603cab1f88dc87d3d8ee9711384a41953843302ed3fdd27574120fbea6cfccdc50305b4d9d6accc3e20c3f8cb80de2d98069389203867bba982d5b073a9d6e303dabf5dbd6fd71ee9a94c1ae16df07f5d1b227c1c997ef221e8e0b0d02414c06a6058466c2f547f3a845ead444713843253baef5b1b024302af2e37ff69653c17560a1c2f7d7fa327cfaa9e3f60792b7b033f9020acce25c26de6ad83497d5cc6855ac0be57d7cefbbbe6f0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html; charset=utf-8
content-length: 156
location: https://mc.acint.net/rmatch?dp=126&euid=8ad0d2c9-58c4-4866-67a2-429b982be014&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126
set-cookie: uuid=; Path=/; Domain=exchange.buzzoola.com; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; Secure; SameSite=None
uuid=8ad0d2c9-58c4-4866-67a2-429b982be014; Path=/; Domain=buzzoola.com; Expires=Mon, 03 Jun 2024 18:40:06 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2

sync.upravel.com/sape/sync

195.201.193.230

302 Found

0 B

URL GET HTTP/2
sync.upravel.com/sape/sync
IP
195.201.193.230:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerGlobalSign nv-sa
Subject*.upravel.com
Fingerprint4C:ED:03:57:58:43:18:2C:CC:41:F3:3B:19:72:75:BD:29:C1:04:08
ValiditySat, 29 Apr 2023 07:48:21 GMT - Thu, 30 May 2024 07:48:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: session_tptc=1714847989788; user_id=6ba44ca9-6f74-425b-94c4-ebe04fdbf3b2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=6ba44ca9-6f74-425b-94c4-ebe04fdbf3b2;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=6ba44ca9-6f74-425b-94c4-ebe04fdbf3b2;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/rmatch?dp=71&euid=6ba44ca9-6f74-425b-94c4-ebe04fdbf3b2&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

sync.dmp.otm-r.com/match/sape?id=0800007FF5803666CC346C3B023A0904

138.201.65.74

302 Found

94 B

URL GET HTTP/2
sync.dmp.otm-r.com/match/sape?id=0800007FF5803666CC346C3B023A0904
IP
138.201.65.74:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerGlobalSign nv-sa
Subject*.dmp.otm-r.com
FingerprintC6:A2:9D:82:0D:D1:C1:2D:A4:ED:7F:05:13:52:5B:94:6B:10:58:D6
ValidityMon, 19 Jun 2023 10:50:51 GMT - Sat, 20 Jul 2024 10:50:50 GMT

File type
HTML document, ASCII text
Size
94 B (94 bytes)
Hash
0da8244f4a9add97a5c17e3c385e2d61
75b62658dc8ee9c2147d7e78e183d764433448f7
87d7b0d10a7b25023bb3a1ff4b9078d5e17b65a82a5d0be9a31b04b1123e77f1

HTTP Headers

GET /match/sape?id=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: mpid=NjYzNjgwZjUwNzI0NGY3Yw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx/1.17.4
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html; charset=utf-8
content-length: 94
access-control-allow-origin: *
location: https://www.acint.net/match?dp=68&euid=NjYzNjgwZjUwNzI0NGY3Yw%3D%3D
set-cookie: mpid=NjYzNjgwZjUwNzI0NGY3Yw==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2

exclusive-works.ru/wp-content/themes/neve/style-main-new.min.css?ver=3.8.5

87.236.16.222

200 OK

8.4 kB

URL GET HTTP/2
exclusive-works.ru/wp-content/themes/neve/style-main-new.min.css?ver=3.8.5
IP
87.236.16.222:443
ASN
#198610 Beget LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subjectexclusive-works.ru
FingerprintC6:F1:85:00:31:02:65:80:DF:66:0D:9C:20:FE:78:0D:DF:F7:6F:1B
ValidityWed, 01 May 2024 06:34:48 GMT - Tue, 30 Jul 2024 06:34:47 GMT

File type
ASCII text, with very long lines (39013), with no line terminators
Size
8.4 kB (8437 bytes)
Hash
20ac7966f6cea2b533bf8aa5c54dfda5
6193b4c82bef495d512ece6b38176e327fbde5c6
f3954f68a37b99d294258ba83caad8941974dd00af2a86ea9928615aff110232

HTTP Headers

GET /wp-content/themes/neve/style-main-new.min.css?ver=3.8.5 HTTP/1.1
Host: exclusive-works.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Sat, 04 May 2024 18:39:47 GMT
content-type: text/css
last-modified: Wed, 24 Apr 2024 05:44:36 GMT
vary: Accept-Encoding
etag: W/"66289c44-9865"
expires: Sat, 11 May 2024 18:39:47 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D

167.235.10.91

302 Found

0 B

URL GET HTTP/1.1
match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D
IP
167.235.10.91:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subjectmatch.ohmy.bid
Fingerprint93:CC:18:6B:4E:10:D1:20:7F:8C:75:21:78:30:60:00:A2:B6:B0:39
ValiditySat, 23 Mar 2024 20:09:13 GMT - Fri, 21 Jun 2024 20:09:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cm?ssp=sape&redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D HTTP/1.1
Host: match.ohmy.bid
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:40:06 GMT
Content-Length: 0
Connection: keep-alive
Bidder: bid-27 1.1542.871fc768
Location: https://mc.acint.net/match?dp=217&euid=7efdc6e0-9896-40cf-a6b9-dcc91aad08a0
Set-Cookie: uid=7efdc6e0-9896-40cf-a6b9-dcc91aad08a0.66368106.baa06d344f5d2018; domain=.ohmy.bid; path=/; expires=Mon, 03-Jun-2024 18:40:06 GMT; SameSite=None; Secure;
Access-Control-Allow-Credentials: true

nr.bidderstack.com/sape/cm?user_id=0800007FF5803666CC346C3B023A0904

116.202.32.25

302 Found

0 B

URL GET HTTP/1.1
nr.bidderstack.com/sape/cm?user_id=0800007FF5803666CC346C3B023A0904
IP
116.202.32.25:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerGoDaddy.com, Inc.
Subject*.bidderstack.com
Fingerprint7A:83:29:BF:37:01:78:02:DF:C1:07:D8:A2:10:AB:0A:DD:11:66:B0
ValidityTue, 21 Nov 2023 08:57:57 GMT - Sun, 22 Dec 2024 08:57:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/cm?user_id=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:40:06 GMT
Content-Length: 0
Connection: keep-alive
Location: /sape/cm?user_id=0800007FF5803666CC346C3B023A0904&pupa=1
Set-Cookie: pupa=3a0334ba-9589-962c-038b-b3f73975490b; domain=.bidderstack.com; path=/; expires=Sun, 04-May-2025 18:40:06 GMT;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

cs.agency2.ru/p?ssp=sp&uid=0800007FF5803666CC346C3B023A0904

23.111.107.44

301 Moved Permanently

0 B

URL GET HTTP/1.1
cs.agency2.ru/p?ssp=sp&uid=0800007FF5803666CC346C3B023A0904
IP
23.111.107.44:443
ASN
#39134 Edinaya Set Limited Liability Company

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subjectapi.agency2.ru
Fingerprint02:6A:FB:9D:0A:83:4C:93:CA:FA:19:3D:E7:2F:70:6A:A8:40:97:BE
ValiditySun, 14 Apr 2024 23:34:36 GMT - Sat, 13 Jul 2024 23:34:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sp&uid=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: uuid=19ef23e0-aea9-4b87-93a0-6cf95980ef9a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Sat, 04 May 2024 18:40:06 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=19ef23e0-aea9-4b87-93a0-6cf95980ef9a
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44

sync.programmatica.com/match/01

158.160.128.78

200 OK

43 B

URL GET HTTP/2
sync.programmatica.com/match/01
IP
158.160.128.78:443
ASN
#200350 Yandex.Cloud LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subjectsync.programmatica.com
Fingerprint4A:E3:48:0E:7D:F3:3F:AA:D4:E0:E7:46:CC:AF:29:0A:F0:5A:C2:57
ValiditySun, 24 Mar 2024 10:21:50 GMT - Sat, 22 Jun 2024 10:21:49 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /match/01 HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

pixel.dsp.onetarget.ru/sape/pixel?id=0800007FF5803666CC346C3B023A0904

130.193.53.230

302 Found

0 B

URL GET HTTP/2
pixel.dsp.onetarget.ru/sape/pixel?id=0800007FF5803666CC346C3B023A0904
IP
130.193.53.230:443
ASN
#200350 Yandex.Cloud LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subjectpixel.dsp.onetarget.ru
FingerprintC3:A5:98:2E:46:6A:1A:4F:85:6D:4A:FE:11:88:B1:D1:5F:AE:43:DD
ValidityFri, 15 Mar 2024 12:44:47 GMT - Thu, 13 Jun 2024 12:44:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/pixel?id=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: pixel.dsp.onetarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: USER_ID=9dfdedfc-f404-4ade-bd58-69a4840c3383; SAPE_USER_ID=0800007FF5803666CC346C3B023A0904
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Sat, 04 May 2024 18:40:06 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=5813217&id=9dfdedfc-f404-4ade-bd58-69a4840c3383
set-cookie: USER_ID=9dfdedfc-f404-4ade-bd58-69a4840c3383;max-age=2147483647;Secure;HttpOnly;SameSite=None
SAPE_USER_ID=0800007FF5803666CC346C3B023A0904;max-age=30758400;Secure;HttpOnly;SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
X-Firefox-Spdy: h2

ssp.al-adtech.com/api/sync/sape

45.139.25.125

302 Found

0 B

URL GET HTTP/1.1
ssp.al-adtech.com/api/sync/sape
IP
45.139.25.125:443
ASN
#34959 Kviktel LLC

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.al-adtech.com
Fingerprint09:19:46:AF:0C:12:1A:6D:06:41:56:6B:AF:2F:C2:69:A3:3F:1A:37
ValidityMon, 15 Apr 2024 04:45:07 GMT - Sun, 14 Jul 2024 04:45:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/sync/sape HTTP/1.1
Host: ssp.al-adtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: afp_cookie=gAAAAABmNoD1v9oreKkXJ3p1n5Cs6b3_-DeWplFtaOB-Y2T2_Vh_qX_v0M8iXugMDDmBGMQM9Q0Evzg0MWshpUDMad6x9a1h3BcGqBY72CHllvBdIia2Yu7CcdEJEeLgJ8IVLIm_cijwf4dcukjJ_UxkPtzR8gSnDD_S4e54QlFPUKpTQWtAVHGxfcU6_CiSYolplLN72R5f53E9-Qk5WMGeNRCrZLGrQCOst5uYhgYOZzAtKGytMYM=$
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Sat, 04 May 2024 18:40:06 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Allow-Origin: 
Access-Control-Allow-Credentials: true
Location: https://mc.acint.net/rmatch?dp=261&euid=cf196db8-fb09-484b-9e19-189f88f6970f&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261
Set-Cookie: afp_cookie=gAAAAABmNoEGXrtzXAW5n8OLifp5ZyV3vrmLfEhf2UhWeQaSjJO6a293MEVQwiIEBu1gzvmLtBKG-CnJ_xDp1oREYwlNKkbvldA9qLRPB5E3fMFJU5doNXtWH17ibbCSCzL4KEyKZ6DBVi5-9-zY8g3tvYnMSehP3W_pqoRmrW5hQxAY3-a58T6QLJpMPDnV60IVxuEO-tQN6fG_d4ISPtFYr-4Kz-e5rheb8nHauKV-y2Hp6EUJ7vqcQRigHbTxs6IhnSyLeMrg$; expires=Tue, 04 Jun 2024 18:40:06 GMT; path=/; secure; SameSite=None

sync.dsp.solta.io/match/sape?id=0800007FF5803666CC346C3B023A0904

217.199.220.73

200 OK

43 B

URL GET HTTP/2
sync.dsp.solta.io/match/sape?id=0800007FF5803666CC346C3B023A0904
IP
217.199.220.73:443
ASN
#61400 Start LLC

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerGlobalSign nv-sa
Subject*.dsp.solta.io
Fingerprint6D:7F:91:92:30:E1:6A:A0:9B:86:49:7A:21:7F:5B:A4:23:8F:92:BC
ValidityWed, 02 Aug 2023 16:38:38 GMT - Mon, 02 Sep 2024 16:38:37 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /match/sape?id=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: sync.dsp.solta.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

sync.bumlam.com/?src=sap1&uid=0800007FF5803666CC346C3B023A0904

31.172.81.158

200 OK

0 B

URL GET HTTP/1.1
sync.bumlam.com/?src=sap1&uid=0800007FF5803666CC346C3B023A0904
IP
31.172.81.158:443
ASN
#44066 firstcolo GmbH

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint9F:E0:4A:B3:57:B0:3C:3E:13:7F:9F:FF:82:A2:91:87:45:9F:A4:7F
ValidityThu, 28 Mar 2024 09:09:43 GMT - Wed, 26 Jun 2024 09:09:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sap1&uid=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: suuid3=IiRiMDNlNTNkYy0wYTQ1LTExZWYtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 18:40:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: close
Set-Cookie: suuid3=IiRiMDNlNTNkYy0wYTQ1LTExZWYtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Fri, 29 Apr 2044 18:40:06 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

kimberlite.io/rtb/sync/sape2?u=0800007FF5803666CC346C3B023A0904

217.199.220.44

307 Temporary Redirect

0 B

URL GET HTTP/1.1
kimberlite.io/rtb/sync/sape2?u=0800007FF5803666CC346C3B023A0904
IP
217.199.220.44:443
ASN
#61400 Start LLC

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerGlobalSign nv-sa
Subject*.kimberlite.io
Fingerprint27:9B:57:5F:3C:19:A5:31:A3:1B:E6:A4:8E:CF:2F:73:78:4E:46:C1
ValidityThu, 29 Feb 2024 12:20:14 GMT - Tue, 01 Apr 2025 12:20:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rtb/sync/sape2?u=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: as=-WrUeGY2gPU; f=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dst%26id%3DZjaA9SFsm2w; n=1; u=ZjaA9SFsm2w~S8xangkHdK_S8Q_uE4IWnuqaxA8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Sat, 04 May 2024 18:40:06 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: as=OFrH4WY2gQb5atR4ZjaA9Q; max-age=604800; samesite=none; httponly; secure
n=2; max-age=30; samesite=none; httponly; secure
location: https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZjaA9SFsm2w
referrer-policy: no-referrer
server-timing: app;srv=8;dur=0.0002

acint.net/match?dp=14&euid=3D03420AF58036662400A71002929021

193.3.184.16

43 B

URL
acint.net/match?dp=14&euid=3D03420AF58036662400A71002929021
IP
193.3.184.16:0
ASN
#50214 QWARTA LLC

Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=14&euid=3D03420AF58036662400A71002929021 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sync.opendsp.ru/match/sape_ex?id=0800007FF5803666CC346C3B023A0904

82.148.20.186

200 OK

43 B

URL GET HTTP/2
sync.opendsp.ru/match/sape_ex?id=0800007FF5803666CC346C3B023A0904
IP
82.148.20.186:443
ASN
#50340 OOO Network of data-centers Selectel

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subjectsync.opendsp.ru
Fingerprint61:B4:DA:9F:EB:AB:9D:73:4C:76:FB:7C:3B:0B:80:A4:0F:14:18:28
ValidityThu, 04 Apr 2024 10:36:13 GMT - Wed, 03 Jul 2024 10:36:12 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /match/sape_ex?id=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: sync.opendsp.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=YBEOXVvoc7NBEQgrlUcG517HBzOHNN2Kgm9%2BXWXEPcACN7TT%2FOk%2BQ4zY6pf6QVfMGZkw%2BhYxW4ljSe9%2FUnRbOuzB%2F7h%2FPEjZI4utaFfsJEN8cRWbSWzelSAJQdm%2BiDa11AyTidsKU7QukfrfasGrmr8Q5TAQv0qdiTlVNKcE01K99JfWd9GbII3aQXABFvVBw40jNw%3D%3D&r=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&eo=&cb=171484800222970295&_adlk_ts=171484800222970295

5.101.76.186

200 OK

51 kB

URL GET HTTP/2
stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=YBEOXVvoc7NBEQgrlUcG517HBzOHNN2Kgm9%2BXWXEPcACN7TT%2FOk%2BQ4zY6pf6QVfMGZkw%2BhYxW4ljSe9%2FUnRbOuzB%2F7h%2FPEjZI4utaFfsJEN8cRWbSWzelSAJQdm%2BiDa11AyTidsKU7QukfrfasGrmr8Q5TAQv0qdiTlVNKcE01K99JfWd9GbII3aQXABFvVBw40jNw%3D%3D&r=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&eo=&cb=171484800222970295&_adlk_ts=171484800222970295
IP
5.101.76.186:443
ASN
#48096 Enterprise Cloud Ltd.

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT

File type
gzip compressed data, from Unix
Size
51 kB (50757 bytes)
Hash
99322feb4acb8be7a04b5085c22bc7d6
cd43488249921e5bfbb07bc31a09838e7fa5fbd9
8fd12389799d200a68b81522651454cf468ac4dd43b3ab00e4c88adbe69be305

HTTP Headers

GET /reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=YBEOXVvoc7NBEQgrlUcG517HBzOHNN2Kgm9%2BXWXEPcACN7TT%2FOk%2BQ4zY6pf6QVfMGZkw%2BhYxW4ljSe9%2FUnRbOuzB%2F7h%2FPEjZI4utaFfsJEN8cRWbSWzelSAJQdm%2BiDa11AyTidsKU7QukfrfasGrmr8Q5TAQv0qdiTlVNKcE01K99JfWd9GbII3aQXABFvVBw40jNw%3D%3D&r=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&eo=&cb=171484800222970295&_adlk_ts=171484800222970295 HTTP/1.1
Host: stat.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: Microsoft-IIS/10.0
date: Sat, 04 May 2024 18:40:01 GMT
X-Firefox-Spdy: h2

tube.buzzoola.com/js/lib/vpaid_js_proxy_hash_only.js

151.236.127.161

25 kB

URL
tube.buzzoola.com/js/lib/vpaid_js_proxy_hash_only.js
IP
151.236.127.161:0
ASN
#204720 Global Cloud Network LLC

File type
gzip compressed data, from Unix
Size
25 kB (25293 bytes)
Hash
777e7164efd2b38bd7b7c33aa7261104
497ec296d19026e73d0d618121201e485bd7cdeb
58140f81f8700fe65c9255ce15773074adb0082621591f01f3444212973890ba

HTTP Headers

GET /js/lib/vpaid_js_proxy_hash_only.js HTTP/1.1
Host: tube.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Cookie: uuid=8ad0d2c9-58c4-4866-67a2-429b982be014
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:40:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 05 Apr 2024 09:35:03 GMT
expires: Sat, 04 May 2024 19:00:00 GMT
content-encoding: gzip
x-cdn-edge-cache: HIT
x-cdn-edge-id: 119
x-cdn-request-id: 1399115262f922f3b02e53d4dea336e2
X-Firefox-Spdy: h2

www.acint.net/rmatch?dp=71&euid=6ba44ca9-6f74-425b-94c4-ebe04fdbf3b2&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71

193.3.184.16

302 Found

154 B

URL GET HTTP/2
www.acint.net/rmatch?dp=71&euid=6ba44ca9-6f74-425b-94c4-ebe04fdbf3b2&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=71&euid=6ba44ca9-6f74-425b-94c4-ebe04fdbf3b2&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html
content-length: 154
location: https://acint.net/cmatch?dp=71
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=68&euid=NjYzNjgwZjUwNzI0NGY3Yw%3D%3D

193.3.184.16

200 OK

43 B

URL GET HTTP/2
www.acint.net/match?dp=68&euid=NjYzNjgwZjUwNzI0NGY3Yw%3D%3D
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=68&euid=NjYzNjgwZjUwNzI0NGY3Yw%3D%3D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/oci/?v=0.7.0&uid=cebeac03-78bf-46ae-9d69-9db45d1bc6ea&dp=14&tz=%2B00%3A00&nc=446179&aid=0800007FF5803666CC346C3B023A0904&oid=9ff350b615091c0f6cbf094af0928028

193.3.184.16

43 B

URL
www.acint.net/oci/?v=0.7.0&uid=cebeac03-78bf-46ae-9d69-9db45d1bc6ea&dp=14&tz=%2B00%3A00&nc=446179&aid=0800007FF5803666CC346C3B023A0904&oid=9ff350b615091c0f6cbf094af0928028
IP
193.3.184.16:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /oci/?v=0.7.0&uid=cebeac03-78bf-46ae-9d69-9db45d1bc6ea&dp=14&tz=%2B00%3A00&nc=446179&aid=0800007FF5803666CC346C3B023A0904&oid=9ff350b615091c0f6cbf094af0928028 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=129&euid=jbp52za189

193.3.184.16

200 OK

43 B

URL GET HTTP/2
www.acint.net/match?dp=129&euid=jbp52za189
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=129&euid=jbp52za189 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sync.gonet-ads.com/match/sape.js?id=0800007FF5803666CC346C3B023A0904

188.42.105.220

200 OK

43 B

URL GET HTTP/2
sync.gonet-ads.com/match/sape.js?id=0800007FF5803666CC346C3B023A0904
IP
188.42.105.220:443
ASN
#7979 SERVERS-COM

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerSectigo Limited
Subject*.gonet-ads.com
Fingerprint2B:BE:BF:75:0A:67:AA:2D:FA:0A:7F:92:F4:37:AE:9B:DD:47:68:2D
ValidityWed, 07 Jun 2023 00:00:00 GMT - Tue, 11 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /match/sape.js?id=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: sync.gonet-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

tube.buzzoola.com/build/buzzlibrary_extra.buzzplayer_placement_submodules.js

151.236.127.161

34 kB

URL
tube.buzzoola.com/build/buzzlibrary_extra.buzzplayer_placement_submodules.js
IP
151.236.127.161:0
ASN
#204720 Global Cloud Network LLC

File type
gzip compressed data, from Unix
Size
34 kB (34279 bytes)
Hash
ac995ecc81a60b01503e4ae902a48a73
12a8adabdc5ed57afd31dbc43e26cfb9652837a2
4ae8d621b35b4c80abba11a605ceae0df17c943faab81722e8dba75c787b5e4e

HTTP Headers

GET /build/buzzlibrary_extra.buzzplayer_placement_submodules.js HTTP/1.1
Host: tube.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Cookie: uuid=8ad0d2c9-58c4-4866-67a2-429b982be014; cookiesyncs=000000000000000000000000c81756b5eb0b4032d2c0f1eca5f032b4079d9ed2258b7ee62ea31059af24f469428022e9b4e603b6c73d93d622f913fa2e483a695700570149d64a8577b2be15b15a12801a0610b88dc54e6f9ea0a451d0030ff3e995b8244c0d82bc54e9ebb6a485cf7eecce95437ba65ad067cf7d52605dab1af17bd9d75d7c46058e6035c1c124a53d19c6ac7a64c6ff285aff48bc2daf457b8770e0a8a7b74516e2b16e050ba622ea6e37d94318ab7e08ac5db8d212f717c5003d1aed2c1cb2cfeb7832b92515acbd7ee6a97ace0c98403617ec0f66facc6efef167c11974750f462791e450f8c5c809c6f959d2ae54521b6975fe535b256eabb654f1616fa8e22be8e0f41dedec6633875f7ba146b4c939089321a542ced4f54eababd865872b8fe50bc97aafe7596bbf35864363e2aa17ec4e55a59bca2d42dda89eb92e5871196880287aaabc17067111c11fce471791844e543ff9260c9aa86e89d9d2b623efa68c8170a07b9ca07e10380f27f70df948fc137991893bf01b6914ed5a2bbb2c7706fc3459684bfe4c76a1e3cfdea75a9095b3576bf80584fcb50fa510c11964f2dc9352af35efac675e3f27b41868ecb00b295e452b76078c8a85a059eab843181289b0c7d7040314ed0ba037e46bb06864f7cdb35cfdcffc274e78d7a8ee4696a9b6dd71089ce3560e8a9db6929c130be824ab1fa254ab1181fc28e8b14afe32b8f5f2bb7e339ad7ae5c2274d412e0777304b7afca4d81099fe78b2503ac03846e9f1aaef9939e0ca04fe791dc5b9ec083e0c3fd2da646edf0f83842ef37f645ee01a46ae28f3228eae4e1cdb54dc5682a32905991e8aad470066ec9ba14706bbc32db32e7b6cec851c6d5c075be8a2c517735855790bf5ce8ae954db3749d8222b716a918b06fcdc8a2af60e3d0ab65cba5f5c072ce92c5213a97ce98b435d3b5bb0dab66937e349af3de18ad879756562b4465003186378758dbdc5cb46b26898f50525be5e07766cb9330250a3657bd1b7f62a0977fda0aa2a8df78686b55c3c44c78b95e1122e6505ccb3c5be8cc2fd58b6323240ccfc71ff1d991dee4772b8fccb36be1c38ad12cd29a445e51e25b36c9e3594deb4c7d24215a023ae2a52528d6bd634d34a99ebbee4703c83d68c538e5082c558a9fc17d839caceab6bfed48e080db05e16480fc8b19643e836887489d70f05ae232afec768ae7c38b51c92db68ca7c4c5acd441c78d883308b6cc6d6632de52180874bb9fec4ceaf0e66141bb81be82197ae0ebb5692790392c8888cec98c418a0da0fd192e05ced5603d0fc1441e64d80a42e7969559d705e4c29838e877adb3eef603cab1f88dc87d3d8ee9711384a41953843302ed3fdd27574120fbea6cfccdc50305b4d9d6accc3e20c3f8cb80de2d98069389203867bba982d5b073a9d6e303dabf5dbd6fd71ee9a94c1ae16df07f5d1b227c1c997ef221e8e0b0d02414c06a6058466c2f547f3a845ead444713843253baef5b1b024302af2e37ff69653c17560a1c2f7d7fa327cfaa9e3f60792b7b033f9020acce25c26de6ad83497d5cc6855ac0be57d7cefbbbe6f0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:40:04 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 05 Apr 2024 09:35:04 GMT
expires: Sat, 04 May 2024 19:00:00 GMT
content-encoding: gzip
x-cdn-edge-cache: HIT
x-cdn-edge-id: 119
x-cdn-request-id: 47ec546dcdf30e40c0a03e0e0f74bad8
X-Firefox-Spdy: h2

mc.acint.net/rmatch?dp=126&euid=8ad0d2c9-58c4-4866-67a2-429b982be014&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126

193.3.184.16

302 Found

154 B

URL GET HTTP/2
mc.acint.net/rmatch?dp=126&euid=8ad0d2c9-58c4-4866-67a2-429b982be014&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=126&euid=8ad0d2c9-58c4-4866-67a2-429b982be014&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=126
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

nr.bidderstack.com/sape/cm?user_id=0800007FF5803666CC346C3B023A0904&pupa=1

116.202.32.25

302 Found

0 B

URL GET HTTP/1.1
nr.bidderstack.com/sape/cm?user_id=0800007FF5803666CC346C3B023A0904&pupa=1
IP
116.202.32.25:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerGoDaddy.com, Inc.
Subject*.bidderstack.com
Fingerprint7A:83:29:BF:37:01:78:02:DF:C1:07:D8:A2:10:AB:0A:DD:11:66:B0
ValidityTue, 21 Nov 2023 08:57:57 GMT - Sun, 22 Dec 2024 08:57:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/cm?user_id=0800007FF5803666CC346C3B023A0904&pupa=1 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:40:06 GMT
Content-Length: 0
Connection: keep-alive
Location: https://exchange.buzzoola.com/cookiesync/dsp/hyperadx-video?uid=187da8a4-5e7b-8768-ed39-68cc113f0aec
Set-Cookie: pupa=187da8a4-5e7b-8768-ed39-68cc113f0aec; domain=.bidderstack.com; path=/; expires=Sun, 04-May-2025 18:40:06 GMT;
csorigin2=3; domain=.bidderstack.com; path=/; expires=Sat, 04-May-2024 18:45:06 GMT;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

www.acint.net/match?dp=127&euid=RzPsfyQLpYD9OjJLTPfE

193.3.184.16

43 B

URL
www.acint.net/match?dp=127&euid=RzPsfyQLpYD9OjJLTPfE
IP
193.3.184.16:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=127&euid=RzPsfyQLpYD9OjJLTPfE HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=186&euid=19ef23e0-aea9-4b87-93a0-6cf95980ef9a

193.3.184.16

43 B

URL
www.acint.net/match?dp=186&euid=19ef23e0-aea9-4b87-93a0-6cf95980ef9a
IP
193.3.184.16:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=186&euid=19ef23e0-aea9-4b87-93a0-6cf95980ef9a HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D95%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D95%26euid%3D

83.222.96.170

126 B

URL
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D95%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D95%26euid%3D
IP
83.222.96.170:0
ASN
#42632 MnogoByte LLC

File type
HTML document, ASCII text
Size
126 B (126 bytes)
Hash
6b0fbc565331278c21bde44db0f87dac
27abf8769d2827e0045b03dbb5c2e24ee47d0223
56a1bd2e5cb2420c331485916afe2e677d0cbad096f84c1b6599abdc751822cd

HTTP Headers

GET /sspmatch?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D95%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.22.0
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html; charset=utf-8
content-length: 126
location: https://mc.acint.net/rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=RZKAYIJM
set-cookie: uid=RZKAYIJM; Expires=Tue, 02 May 2034 18:40:06 GMT
X-Firefox-Spdy: h2

kimberlite.io/rtb/sync/sape2?u=0800007FF5803666CC346C3B023A0904

217.199.220.44

307 Temporary Redirect

0 B

URL GET HTTP/1.1
kimberlite.io/rtb/sync/sape2?u=0800007FF5803666CC346C3B023A0904
IP
217.199.220.44:443
ASN
#61400 Start LLC

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerGlobalSign nv-sa
Subject*.kimberlite.io
Fingerprint27:9B:57:5F:3C:19:A5:31:A3:1B:E6:A4:8E:CF:2F:73:78:4E:46:C1
ValidityThu, 29 Feb 2024 12:20:14 GMT - Tue, 01 Apr 2025 12:20:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rtb/sync/sape2?u=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: as=-WrUeGY2gPU; f=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dst%26id%3DZjaA9SFsm2w; n=1; u=ZjaA9SFsm2w~S8xangkHdK_S8Q_uE4IWnuqaxA8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Sat, 04 May 2024 18:40:06 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: as=-WrUeGY2gPU4WsfhZjaBBg; max-age=604800; samesite=none; httponly; secure
n=2; max-age=30; samesite=none; httponly; secure
location: https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZjaA9SFsm2w
referrer-policy: no-referrer
server-timing: app;srv=13;dur=0.0002

sync.opendsp.ru/match/sape_ex?id=0800007FF5803666CC346C3B023A0904

82.148.20.186

200 OK

43 B

URL GET HTTP/2
sync.opendsp.ru/match/sape_ex?id=0800007FF5803666CC346C3B023A0904
IP
82.148.20.186:443
ASN
#50340 OOO Network of data-centers Selectel

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subjectsync.opendsp.ru
Fingerprint61:B4:DA:9F:EB:AB:9D:73:4C:76:FB:7C:3B:0B:80:A4:0F:14:18:28
ValidityThu, 04 Apr 2024 10:36:13 GMT - Wed, 03 Jul 2024 10:36:12 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /match/sape_ex?id=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: sync.opendsp.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

sync.gonet-ads.com/match/sape.js?id=0800007FF5803666CC346C3B023A0904

188.42.105.220

200 OK

43 B

URL GET HTTP/2
sync.gonet-ads.com/match/sape.js?id=0800007FF5803666CC346C3B023A0904
IP
188.42.105.220:443
ASN
#7979 SERVERS-COM

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerSectigo Limited
Subject*.gonet-ads.com
Fingerprint2B:BE:BF:75:0A:67:AA:2D:FA:0A:7F:92:F4:37:AE:9B:DD:47:68:2D
ValidityWed, 07 Jun 2023 00:00:00 GMT - Tue, 11 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /match/sape.js?id=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: sync.gonet-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

mc.acint.net/rmatch?dp=261&euid=cf196db8-fb09-484b-9e19-189f88f6970f&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261

193.3.184.16

302 Found

154 B

URL GET HTTP/2
mc.acint.net/rmatch?dp=261&euid=cf196db8-fb09-484b-9e19-189f88f6970f&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=261&euid=cf196db8-fb09-484b-9e19-189f88f6970f&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=261
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

acint.net/match?dp=14&euid=3D03420AF58036662400A71002929021

193.3.184.16

43 B

URL
acint.net/match?dp=14&euid=3D03420AF58036662400A71002929021
IP
193.3.184.16:0
ASN
#50214 QWARTA LLC

Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=14&euid=3D03420AF58036662400A71002929021 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/match?dp=217&euid=c537dde4-084a-4d9f-86d7-c3eeafe0ae3c

193.3.184.16

200 OK

43 B

URL GET HTTP/2
mc.acint.net/match?dp=217&euid=c537dde4-084a-4d9f-86d7-c3eeafe0ae3c
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=217&euid=c537dde4-084a-4d9f-86d7-c3eeafe0ae3c HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=53&euid=476ce644-de34-4928-9eba-a89f8afaf9b2

193.3.184.16

200 OK

43 B

URL GET HTTP/2
www.acint.net/match?dp=53&euid=476ce644-de34-4928-9eba-a89f8afaf9b2
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=53&euid=476ce644-de34-4928-9eba-a89f8afaf9b2 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=129&euid=jbp52za189

193.3.184.16

200 OK

43 B

URL GET HTTP/2
www.acint.net/match?dp=129&euid=jbp52za189
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=129&euid=jbp52za189 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=127&euid=RzPsfyQLpYD9OjJLTPfE

193.3.184.16

43 B

URL
www.acint.net/match?dp=127&euid=RzPsfyQLpYD9OjJLTPfE
IP
193.3.184.16:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=127&euid=RzPsfyQLpYD9OjJLTPfE HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/rmatch?dp=110&euid=409d949b9b9c4c14951ec8dd1ad27f27&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D110

193.3.184.16

154 B

URL
mc.acint.net/rmatch?dp=110&euid=409d949b9b9c4c14951ec8dd1ad27f27&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D110
IP
193.3.184.16:0
ASN
#50214 QWARTA LLC

Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=110&euid=409d949b9b9c4c14951ec8dd1ad27f27&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D110 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=110
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/rmatch?dp=126&euid=8ad0d2c9-58c4-4866-67a2-429b982be014&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126

193.3.184.16

302 Found

154 B

URL GET HTTP/2
mc.acint.net/rmatch?dp=126&euid=8ad0d2c9-58c4-4866-67a2-429b982be014&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=126&euid=8ad0d2c9-58c4-4866-67a2-429b982be014&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=126
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/rmatch?dp=71&euid=6ba44ca9-6f74-425b-94c4-ebe04fdbf3b2&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71

193.3.184.16

302 Found

154 B

URL GET HTTP/2
www.acint.net/rmatch?dp=71&euid=6ba44ca9-6f74-425b-94c4-ebe04fdbf3b2&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=71&euid=6ba44ca9-6f74-425b-94c4-ebe04fdbf3b2&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html
content-length: 154
location: https://acint.net/cmatch?dp=71
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=68&euid=NjYzNjgwZjUwNzI0NGY3Yw%3D%3D

193.3.184.16

200 OK

43 B

URL GET HTTP/2
www.acint.net/match?dp=68&euid=NjYzNjgwZjUwNzI0NGY3Yw%3D%3D
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=68&euid=NjYzNjgwZjUwNzI0NGY3Yw%3D%3D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

nr.bidderstack.com/sape/cm?user_id=0800007FF5803666CC346C3B023A0904&pupa=1

116.202.32.25

302 Found

0 B

URL GET HTTP/1.1
nr.bidderstack.com/sape/cm?user_id=0800007FF5803666CC346C3B023A0904&pupa=1
IP
116.202.32.25:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerGoDaddy.com, Inc.
Subject*.bidderstack.com
Fingerprint7A:83:29:BF:37:01:78:02:DF:C1:07:D8:A2:10:AB:0A:DD:11:66:B0
ValidityTue, 21 Nov 2023 08:57:57 GMT - Sun, 22 Dec 2024 08:57:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/cm?user_id=0800007FF5803666CC346C3B023A0904&pupa=1 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:40:06 GMT
Content-Length: 0
Connection: keep-alive
Location: https://www.acint.net/match?dp=251&euid=187da8a4-5e7b-8768-ed39-68cc113f0aec
Set-Cookie: pupa=187da8a4-5e7b-8768-ed39-68cc113f0aec; domain=.bidderstack.com; path=/; expires=Sun, 04-May-2025 18:40:06 GMT;
csorigin2=244; domain=.bidderstack.com; path=/; expires=Sat, 04-May-2024 18:45:06 GMT;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

mc.acint.net/match?dp=217&euid=7efdc6e0-9896-40cf-a6b9-dcc91aad08a0

193.3.184.16

200 OK

43 B

URL GET HTTP/2
mc.acint.net/match?dp=217&euid=7efdc6e0-9896-40cf-a6b9-dcc91aad08a0
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=217&euid=7efdc6e0-9896-40cf-a6b9-dcc91aad08a0 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=186&euid=19ef23e0-aea9-4b87-93a0-6cf95980ef9a

193.3.184.16

43 B

URL
www.acint.net/match?dp=186&euid=19ef23e0-aea9-4b87-93a0-6cf95980ef9a
IP
193.3.184.16:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=186&euid=19ef23e0-aea9-4b87-93a0-6cf95980ef9a HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/rmatch?dp=261&euid=cf196db8-fb09-484b-9e19-189f88f6970f&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261

193.3.184.16

302 Found

154 B

URL GET HTTP/2
mc.acint.net/rmatch?dp=261&euid=cf196db8-fb09-484b-9e19-189f88f6970f&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=261&euid=cf196db8-fb09-484b-9e19-189f88f6970f&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=261
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

adx.com.ru/sape-sync?uid=0800007FF5803666CC346C3B023A0904

83.222.105.118

169 B

URL
adx.com.ru/sape-sync?uid=0800007FF5803666CC346C3B023A0904
IP
83.222.105.118:0
ASN
#42632 MnogoByte LLC

File type
HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
5974b7b0a4b06e9c2da4b0c7448ed7c0
f8260d70d9cffdb0522e4e5d326c07117fd8947c
c9878bc7dccad3a43bbe44367be20caf9ba94fb40e84c038ea49f6dafb19daa1

HTTP Headers

GET /sape-sync?uid=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: adx.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 429 Too Many Requests
server: nginx/1.26.0
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html
content-length: 169
X-Firefox-Spdy: h2

mc.acint.net/rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=BBKUWZCP

193.3.184.16

302 Found

154 B

URL GET HTTP/2
mc.acint.net/rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=BBKUWZCP
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=BBKUWZCP HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=95
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

acint.net/cmatch?dp=71

193.3.184.16

302 Found

154 B

URL GET HTTP/2
acint.net/cmatch?dp=71
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /cmatch?dp=71 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html
content-length: 154
location: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0800007FF5803666CC346C3B023A0904
set-cookie: cSyncDp7v3=1714848006; expires=Mon, 03-Jun-24 18:40:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

exchange.buzzoola.com/cookiesync/dsp/hyperadx-video?uid=187da8a4-5e7b-8768-ed39-68cc113f0aec

49.12.83.94

43 B

URL
exchange.buzzoola.com/cookiesync/dsp/hyperadx-video?uid=187da8a4-5e7b-8768-ed39-68cc113f0aec
IP
49.12.83.94:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /cookiesync/dsp/hyperadx-video?uid=187da8a4-5e7b-8768-ed39-68cc113f0aec HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: uuid=8ad0d2c9-58c4-4866-67a2-429b982be014; cookiesyncs=000000000000000000000000c81756b5eb0b4032d2c0f1eca5f032b4079d9ed2258b7ee62ea31059af24f469428022e9b4e603b6c73d93d622f913fa2e483a695700570149d64a8577b2be15b15a12801a0610b88dc54e6f9ea0a451d0030ff3e995b8244c0d82bc54e9ebb6a485cf7eecce95437ba65ad067cf7d52605dab1af17bd9d75d7c46058e6035c1c124a53d19c6ac7a64c6ff285aff48bc2daf457b8770e0a8a7b74516e2b16e050ba622ea6e37d94318ab7e08ac5db8d212f717c5003d1aed2c1cb2cfeb7832b92515acbd7ee6a97ace0c98403617ec0f66facc6efef167c11974750f462791e450f8c5c809c6f959d2ae54521b6975fe535b256eabb654f1616fa8e22be8e0f41dedec6633875f7ba146b4c939089321a542ced4f54eababd865872b8fe50bc97aafe7596bbf35864363e2aa17ec4e55a59bca2d42dda89eb92e5871196880287aaabc17067111c11fce471791844e543ff9260c9aa86e89d9d2b623efa68c8170a07b9ca07e10380f27f70df948fc137991893bf01b6914ed5a2bbb2c7706fc3459684bfe4c76a1e3cfdea75a9095b3576bf80584fcb50fa510c11964f2dc9352af35efac675e3f27b41868ecb00b295e452b76078c8a85a059eab843181289b0c7d7040314ed0ba037e46bb06864f7cdb35cfdcffc274e78d7a8ee4696a9b6dd71089ce3560e8a9db6929c130be824ab1fa254ab1181fc28e8b14afe32b8f5f2bb7e339ad7ae5c2274d412e0777304b7afca4d81099fe78b2503ac03846e9f1aaef9939e0ca04fe791dc5b9ec083e0c3fd2da646edf0f83842ef37f645ee01a46ae28f3228eae4e1cdb54dc5682a32905991e8aad470066ec9ba14706bbc32db32e7b6cec851c6d5c075be8a2c517735855790bf5ce8ae954db3749d8222b716a918b06fcdc8a2af60e3d0ab65cba5f5c072ce92c5213a97ce98b435d3b5bb0dab66937e349af3de18ad879756562b4465003186378758dbdc5cb46b26898f50525be5e07766cb9330250a3657bd1b7f62a0977fda0aa2a8df78686b55c3c44c78b95e1122e6505ccb3c5be8cc2fd58b6323240ccfc71ff1d991dee4772b8fccb36be1c38ad12cd29a445e51e25b36c9e3594deb4c7d24215a023ae2a52528d6bd634d34a99ebbee4703c83d68c538e5082c558a9fc17d839caceab6bfed48e080db05e16480fc8b19643e836887489d70f05ae232afec768ae7c38b51c92db68ca7c4c5acd441c78d883308b6cc6d6632de52180874bb9fec4ceaf0e66141bb81be82197ae0ebb5692790392c8888cec98c418a0da0fd192e05ced5603d0fc1441e64d80a42e7969559d705e4c29838e877adb3eef603cab1f88dc87d3d8ee9711384a41953843302ed3fdd27574120fbea6cfccdc50305b4d9d6accc3e20c3f8cb80de2d98069389203867bba982d5b073a9d6e303dabf5dbd6fd71ee9a94c1ae16df07f5d1b227c1c997ef221e8e0b0d02414c06a6058466c2f547f3a845ead444713843253baef5b1b024302af2e37ff69653c17560a1c2f7d7fa327cfaa9e3f60792b7b033f9020acce25c26de6ad83497d5cc6855ac0be57d7cefbbbe6f0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
set-cookie: uuid=; Path=/; Domain=exchange.buzzoola.com; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; Secure; SameSite=None
uuid=8ad0d2c9-58c4-4866-67a2-429b982be014; Path=/; Domain=buzzoola.com; Expires=Mon, 03 Jun 2024 18:40:06 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2

mc.acint.net/cmatch?dp=110

193.3.184.16

302 Found

154 B

URL GET HTTP/2
mc.acint.net/cmatch?dp=110
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /cmatch?dp=110 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html
content-length: 154
location: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0800007FF5803666CC346C3B023A0904
set-cookie: cSyncDp7v3=1714848006; expires=Mon, 03-Jun-24 18:40:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/cmatch?dp=126

193.3.184.16

302 Found

154 B

URL GET HTTP/2
mc.acint.net/cmatch?dp=126
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /cmatch?dp=126 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html
content-length: 154
location: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0800007FF5803666CC346C3B023A0904
set-cookie: cSyncDp7v3=1714848006; expires=Mon, 03-Jun-24 18:40:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=98&euid=3aa4576d-37aa-47da-903f-69db790ebc26

193.3.184.16

200 OK

43 B

URL GET HTTP/2
www.acint.net/match?dp=98&euid=3aa4576d-37aa-47da-903f-69db790ebc26
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=98&euid=3aa4576d-37aa-47da-903f-69db790ebc26 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=RZKAYIJM

193.3.184.16

154 B

URL
mc.acint.net/rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=RZKAYIJM
IP
193.3.184.16:0
ASN
#50214 QWARTA LLC

Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=RZKAYIJM HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=95
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/cmatch?dp=110

193.3.184.16

302 Found

154 B

URL GET HTTP/2
mc.acint.net/cmatch?dp=110
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /cmatch?dp=110 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html
content-length: 154
location: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0800007FF5803666CC346C3B023A0904
set-cookie: cSyncDp7v3=1714848006; expires=Mon, 03-Jun-24 18:40:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/cmatch?dp=126

193.3.184.16

302 Found

154 B

URL GET HTTP/2
mc.acint.net/cmatch?dp=126
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /cmatch?dp=126 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html
content-length: 154
location: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0800007FF5803666CC346C3B023A0904
set-cookie: cSyncDp7v3=1714848006; expires=Mon, 03-Jun-24 18:40:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

acint.net/cmatch?dp=71

193.3.184.16

302 Found

154 B

URL GET HTTP/2
acint.net/cmatch?dp=71
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /cmatch?dp=71 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html
content-length: 154
location: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0800007FF5803666CC346C3B023A0904
set-cookie: cSyncDp7v3=1714848006; expires=Mon, 03-Jun-24 18:40:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=251&euid=187da8a4-5e7b-8768-ed39-68cc113f0aec

193.3.184.16

43 B

URL
www.acint.net/match?dp=251&euid=187da8a4-5e7b-8768-ed39-68cc113f0aec
IP
193.3.184.16:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=251&euid=187da8a4-5e7b-8768-ed39-68cc113f0aec HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/cmatch?dp=261

193.3.184.16

302 Found

154 B

URL GET HTTP/2
mc.acint.net/cmatch?dp=261
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /cmatch?dp=261 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html
content-length: 154
location: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0800007FF5803666CC346C3B023A0904
set-cookie: cSyncDp7v3=1714848006; expires=Mon, 03-Jun-24 18:40:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/cmatch?dp=261

193.3.184.16

302 Found

154 B

URL GET HTTP/2
mc.acint.net/cmatch?dp=261
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /cmatch?dp=261 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html
content-length: 154
location: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0800007FF5803666CC346C3B023A0904
set-cookie: cSyncDp7v3=1714848006; expires=Mon, 03-Jun-24 18:40:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=98&euid=17fcbcf7-49bf-4a5c-9a8d-014dc443d567

193.3.184.16

200 OK

43 B

URL GET HTTP/2
www.acint.net/match?dp=98&euid=17fcbcf7-49bf-4a5c-9a8d-014dc443d567
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=98&euid=17fcbcf7-49bf-4a5c-9a8d-014dc443d567 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

gw-iad-bid.ymmobi.com/dsp/user/sync?dspid=c2FwZV9kc3A=&gdpr=0&gdpr_consent=0&us_privacy=0&callback=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D293%26euid%3D%7Bym_user_id%7D

47.253.61.56

302 Found

0 B

URL GET HTTP/2
gw-iad-bid.ymmobi.com/dsp/user/sync?dspid=c2FwZV9kc3A=&gdpr=0&gdpr_consent=0&us_privacy=0&callback=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D293%26euid%3D%7Bym_user_id%7D
IP
47.253.61.56:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerDigiCert, Inc.
Subject*.ymmobi.com
FingerprintAA:CB:8B:48:C7:AB:0D:56:82:39:63:A5:E1:5E:34:8B:62:7B:6F:52
ValiditySun, 04 Feb 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dsp/user/sync?dspid=c2FwZV9kc3A=&gdpr=0&gdpr_consent=0&us_privacy=0&callback=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D293%26euid%3D%7Bym_user_id%7D HTTP/1.1
Host: gw-iad-bid.ymmobi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 04 May 2024 18:40:06 GMT
content-length: 0
location: https://mc.acint.net/match?dp=293&euid=ym_user_d1f9903a-24a8-4ab1-8ec8-cc7acf59b08d
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
access-control-allow-credentials: true
set-cookie: ym_user_cookie=ym_user_d1f9903a-24a8-4ab1-8ec8-cc7acf59b08d; max-age=31104000; domain=ymmobi.com; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

gw-iad-bid.ymmobi.com/dsp/user/sync?dspid=c2FwZV9kc3A=&gdpr=0&gdpr_consent=0&us_privacy=0&callback=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D293%26euid%3D%7Bym_user_id%7D

47.253.61.56

302 Found

0 B

URL GET HTTP/2
gw-iad-bid.ymmobi.com/dsp/user/sync?dspid=c2FwZV9kc3A=&gdpr=0&gdpr_consent=0&us_privacy=0&callback=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D293%26euid%3D%7Bym_user_id%7D
IP
47.253.61.56:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerDigiCert, Inc.
Subject*.ymmobi.com
FingerprintAA:CB:8B:48:C7:AB:0D:56:82:39:63:A5:E1:5E:34:8B:62:7B:6F:52
ValiditySun, 04 Feb 2024 00:00:00 GMT - Mon, 03 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dsp/user/sync?dspid=c2FwZV9kc3A=&gdpr=0&gdpr_consent=0&us_privacy=0&callback=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D293%26euid%3D%7Bym_user_id%7D HTTP/1.1
Host: gw-iad-bid.ymmobi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 04 May 2024 18:40:06 GMT
content-length: 0
location: https://mc.acint.net/match?dp=293&euid=ym_user_5ca87f91-6b48-4d34-817a-d281390ee275
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
access-control-allow-credentials: true
set-cookie: ym_user_cookie=ym_user_5ca87f91-6b48-4d34-817a-d281390ee275; max-age=31104000; domain=ymmobi.com; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

mc.acint.net/cmatch?dp=95

193.3.184.16

154 B

URL
mc.acint.net/cmatch?dp=95
IP
193.3.184.16:0
ASN
#50214 QWARTA LLC

Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /cmatch?dp=95 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005; cSyncDp7v3=1714848006
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html
content-length: 154
location: https://match.qtarget.tech/userbind?src=sape&id=0800007FF5803666CC346C3B023A0904
set-cookie: cSyncDp241v2=1714848006; expires=Mon, 03-Jun-24 18:40:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/cmatch?dp=95

193.3.184.16

154 B

URL
mc.acint.net/cmatch?dp=95
IP
193.3.184.16:0
ASN
#50214 QWARTA LLC

Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /cmatch?dp=95 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005; cSyncDp7v3=1714848006
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 18:40:07 GMT
content-type: text/html
content-length: 154
location: https://match.qtarget.tech/userbind?src=sape&id=0800007FF5803666CC346C3B023A0904
set-cookie: cSyncDp241v2=1714848007; expires=Mon, 03-Jun-24 18:40:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.acint.net/match?dp=293&euid=ym_user_d1f9903a-24a8-4ab1-8ec8-cc7acf59b08d

193.3.184.16

200 OK

43 B

URL GET HTTP/2
mc.acint.net/match?dp=293&euid=ym_user_d1f9903a-24a8-4ab1-8ec8-cc7acf59b08d
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=293&euid=ym_user_d1f9903a-24a8-4ab1-8ec8-cc7acf59b08d HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005; cSyncDp7v3=1714848006; cSyncDp241v2=1714848007
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

b03e53dc-0a45-11ef-86e0-002590c0647c.n2.sync.bumlam.com/?src=sape

94.141.105.124

0 B

URL
b03e53dc-0a45-11ef-86e0-002590c0647c.n2.sync.bumlam.com/?src=sape
IP
94.141.105.124:0
ASN
#29226 JSC Mastertel

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape HTTP/1.1
Host: b03e53dc-0a45-11ef-86e0-002590c0647c.n2.sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiRiMDNlNTNkYy0wYTQ1LTExZWYtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.25.5
date: Sat, 04 May 2024 18:40:07 GMT
content-length: 0
location: https://pix.bumlam.com/sync/sape/done
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
X-Firefox-Spdy: h2

mc.acint.net/match?dp=293&euid=ym_user_5ca87f91-6b48-4d34-817a-d281390ee275

193.3.184.16

200 OK

43 B

URL GET HTTP/2
mc.acint.net/match?dp=293&euid=ym_user_5ca87f91-6b48-4d34-817a-d281390ee275
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=293&euid=ym_user_5ca87f91-6b48-4d34-817a-d281390ee275 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005; cSyncDp7v3=1714848006; cSyncDp241v2=1714848007
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

adx.com.ru/sape-sync?uid=0800007FF5803666CC346C3B023A0904

83.222.105.118

85 B

URL
adx.com.ru/sape-sync?uid=0800007FF5803666CC346C3B023A0904
IP
83.222.105.118:0
ASN
#42632 MnogoByte LLC

File type
HTML document, ASCII text
Size
85 B (85 bytes)
Hash
f856006cba2513151630fc73cdd88743
37f9d1444339b2f0cae6005a2cf8e459a4092ab6
facda92b4aa809813ea0fd70f9bbdca0967b012eb28ae89ebe408a11b13eb79f

HTTP Headers

GET /sape-sync?uid=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: adx.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.26.0
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html; charset=utf-8
content-length: 85
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
location: /sync?sspKey=25&sspUserID=0800007FF5803666CC346C3B023A0904
p3p: CP="adx.com.ru does not have a P3P policy"
set-cookie: user=663681067011cb00010758f6; Path=/; Domain=adx.com.ru; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2

pix.bumlam.com/sync/sape/done

31.172.81.160

200 OK

43 B

URL GET HTTP/1.1
pix.bumlam.com/sync/sape/done
IP
31.172.81.160:443
ASN
#44066 firstcolo GmbH

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint9F:E0:4A:B3:57:B0:3C:3E:13:7F:9F:FF:82:A2:91:87:45:9F:A4:7F
ValidityThu, 28 Mar 2024 09:09:43 GMT - Wed, 26 Jun 2024 09:09:42 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiRiMDNlNTNkYy0wYTQ1LTExZWYtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 18:40:07 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://mc.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

match.qtarget.tech/userbind?src=sape&id=0800007FF5803666CC346C3B023A0904

95.163.92.180

204 No Content

0 B

URL GET HTTP/1.1
match.qtarget.tech/userbind?src=sape&id=0800007FF5803666CC346C3B023A0904
IP
95.163.92.180:443
ASN
#12695 LLC Digital Network

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subjectdsp.qtarget.tech
Fingerprint24:73:C6:BB:59:50:7A:E0:31:C6:8F:43:2D:DD:E3:63:4A:F7:F7:24
ValiditySun, 11 Feb 2024 18:29:31 GMT - Sat, 11 May 2024 18:29:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userbind?src=sape&id=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: match.qtarget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Sat, 04 May 2024 18:40:07 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

match.qtarget.tech/userbind?src=sape&id=0800007FF5803666CC346C3B023A0904

95.163.92.180

204 No Content

0 B

URL GET HTTP/1.1
match.qtarget.tech/userbind?src=sape&id=0800007FF5803666CC346C3B023A0904
IP
95.163.92.180:443
ASN
#12695 LLC Digital Network

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerLet's Encrypt
Subjectdsp.qtarget.tech
Fingerprint24:73:C6:BB:59:50:7A:E0:31:C6:8F:43:2D:DD:E3:63:4A:F7:F7:24
ValiditySun, 11 Feb 2024 18:29:31 GMT - Sat, 11 May 2024 18:29:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userbind?src=sape&id=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: match.qtarget.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Sat, 04 May 2024 18:40:07 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

adx.com.ru/sync?sspKey=25&sspUserID=0800007FF5803666CC346C3B023A0904

83.222.105.118

231 B

URL
adx.com.ru/sync?sspKey=25&sspUserID=0800007FF5803666CC346C3B023A0904
IP
83.222.105.118:0
ASN
#42632 MnogoByte LLC

File type
HTML document, ASCII text
Size
231 B (231 bytes)
Hash
039f48c6bb3ae6778cd16cf0dd7d3c61
8487a114d2c19164de3e208a1fab020fb775b1f4
b6a6f4ecafde505f8dd22e15155033cb95522231ff6fb055853a3a4d96561d3a

HTTP Headers

GET /sync?sspKey=25&sspUserID=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: adx.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: user=663681067011cb00010758f6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx/1.26.0
date: Sat, 04 May 2024 18:40:07 GMT
content-type: text/html; charset=utf-8
content-length: 231
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D663681067011cb00010758f6%2526r%253D%26webouid%3D{WEBO_CID}
p3p: CP="adx.com.ru does not have a P3P policy"
X-Firefox-Spdy: h2

www.acint.net/ping/?v=0.7.0&uid=cebeac03-78bf-46ae-9d69-9db45d1bc6ea&dp=14&tz=%2B00%3A00&nc=711232&aid=0800007FF5803666CC346C3B023A0904&dT=2024-05-04T18%3A40%3A08.807

193.3.184.16

43 B

URL
www.acint.net/ping/?v=0.7.0&uid=cebeac03-78bf-46ae-9d69-9db45d1bc6ea&dp=14&tz=%2B00%3A00&nc=711232&aid=0800007FF5803666CC346C3B023A0904&dT=2024-05-04T18%3A40%3A08.807
IP
193.3.184.16:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /ping/?v=0.7.0&uid=cebeac03-78bf-46ae-9d69-9db45d1bc6ea&dp=14&tz=%2B00%3A00&nc=711232&aid=0800007FF5803666CC346C3B023A0904&dT=2024-05-04T18%3A40%3A08.807 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990; cSyncDp14v6=1714848005; cSyncDp45v5=1714848005; cSyncDp53v5=1714848005; cSyncDp62v2=1714848005; cSyncDp67v3=1714848005; cSyncDp68v3=1714848005; cSyncDp71v2=1714848005; cSyncDp80v2=1714848005; cSyncDp85v2=1714848005; cSyncDp95v4=1714848005; cSyncDp98v3=1714848005; cSyncDp107v2=1714848005; cSyncDp110v3=1714848005; cSyncDp125v4=1714848005; cSyncDp126v3=1714848005; cSyncDp127v2=1714848005; cSyncDp129v2=1714848005; cSyncDp136v3=1714848005; cSyncDp146v2=1714848005; cSyncDp148v2=1714848005; cSyncDp149v3=1714848005; cSyncDp151v2=1714848005; cSyncDp251v1=1714848005; cSyncDp186v2=1714848005; cSyncDp217v2=1714848005; cSyncDp235v2=1714848005; cSyncDp239v2=1714848005; cSyncDp243v2=1714848005; cSyncDp260v2=1714848005; cSyncDp244v2=1714848005; cSyncDp248v2=1714848005; cSyncDp261v1=1714848005; cSyncDp289v2=1714848005; cSyncDp293v1=1714848005; cSyncDp296v2=1714848005; cSyncDp312v1=1714848005; cSyncDp7v3=1714848006; cSyncDp241v2=1714848007
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:08 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

ssp-rtb.sape.ru/prebid

193.3.184.25

204 No Content

0 B

URL POST HTTP/1.1
ssp-rtb.sape.ru/prebid
IP
193.3.184.25:443
ASN
#50214 QWARTA LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subject*.sape.ru
Fingerprint73:95:22:E3:B6:12:3E:90:3A:10:10:DC:38:ED:28:2D:82:7B:EB:E2
ValidityWed, 10 Apr 2024 03:20:28 GMT - Tue, 09 Jul 2024 03:20:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /prebid HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
content-type: text/plain
Content-Length: 2045
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Cookie: sspuid=CkIDPWY2gPUQpwAkIZCSAtwObK2VDTfOUuJ95155S8M/WBWo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: openresty
Date: Sat, 04 May 2024 18:40:08 GMT
Content-Type: text/html
Connection: keep-alive
Access-Control-Allow-Origin: https://exclusive-works.ru
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST
X-YaRequestId: 9a50011f94514d1a829e27f9183a9b86
X-YaSpanId: e7eac888f48d2cf6
X-YaTraceId: 7edb5c74a1bf46d5b64d3f0a467a3635
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0

kimberlite.io/rtb/bid/pbjs

217.199.220.44

204 No Content

0 B

URL POST HTTP/1.1
kimberlite.io/rtb/bid/pbjs
IP
217.199.220.44:443
ASN
#61400 Start LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.kimberlite.io
Fingerprint27:9B:57:5F:3C:19:A5:31:A3:1B:E6:A4:8E:CF:2F:73:78:4E:46:C1
ValidityThu, 29 Feb 2024 12:20:14 GMT - Tue, 01 Apr 2025 12:20:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /rtb/bid/pbjs HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
content-type: text/plain
Content-Length: 694
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Cookie: u=ZjaA9SFsm2w~S8xangkHdK_S8Q_uE4IWnuqaxA8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 04 May 2024 18:40:08 GMT
Content-Length: 0
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://exclusive-works.ru
set-cookie: u=ZjaA9SFsm2w~S8xangkHdK_S8Q_uE4IWnuqaxA8; path=/; max-age=7776000; samesite=none; httponly; secure
server-timing: app;srv=0;dur=0.0735

ssp.otm-r.com/adjson?tz=0&w=970&h=90&domain=exclusive-works.ru&l=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&s=38014&cur=RUB&bidid=244f2cd94a23e65&transactionid=&auctionid=&bidfloor=0

159.69.59.100

2 B

URL GET
ssp.otm-r.com/adjson?tz=0&w=970&h=90&domain=exclusive-works.ru&l=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&s=38014&cur=RUB&bidid=244f2cd94a23e65&transactionid=&auctionid=&bidfloor=0
IP
159.69.59.100:0
ASN
#24940 Hetzner Online GmbH

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

GET /adjson?tz=0&w=970&h=90&domain=exclusive-works.ru&l=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&s=38014&cur=RUB&bidid=244f2cd94a23e65&transactionid=&auctionid=&bidfloor=0 HTTP/1.1
Host: ssp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
content-type: text/plain
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Cookie: mpid=NjYzNjgwZjUwNzI0NGY3Yw==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.17.10
date: Sat, 04 May 2024 18:40:09 GMT
content-type: application/javascript
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://exclusive-works.ru
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: mpid=NjYzNjgwZjUwNzI0NGY3Yw==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
vary: Origin
X-Firefox-Spdy: h2

pbs.alfasense.com/yandex/auction

23.111.115.84

0 B

URL POST
pbs.alfasense.com/yandex/auction
IP
23.111.115.84:0
ASN
#39134 Edinaya Set Limited Liability Company

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /yandex/auction HTTP/1.1
Host: pbs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
content-type: text/plain
Content-Length: 271
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Cookie: uuid=d6151ccc-3fbe-44d4-9e13-22bc107eb806; wist_ps=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Date: Sat, 04 May 2024 18:40:09 GMT
Connection: keep-alive
server: adx
x-error: empty candidates
Access-Control-Allow-Origin: https://exclusive-works.ru
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.115.84
Content-type: text/xml

ssp.hybrid.ai/auction/prebid

37.230.131.17

204 No Content

0 B

URL OPTIONS HTTP/2
ssp.hybrid.ai/auction/prebid
IP
37.230.131.17:443
ASN
#200197 Hybrid Adtech Sp.z.o.o.

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerSectigo Limited
Subject*.hybrid.ai
Fingerprint40:F9:88:C5:EF:2B:26:9C:61:DC:CC:ED:B1:67:03:F4:E2:CC:B7:C8
ValidityThu, 14 Sep 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /auction/prebid HTTP/1.1
Host: ssp.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://exclusive-works.ru/
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 04 May 2024 18:40:09 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://exclusive-works.ru
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server: Hybrid Web Server
X-Firefox-Spdy: h2

ssp.hybrid.ai/auction/prebid

37.230.131.17

204 No Content

0 B

URL OPTIONS HTTP/2
ssp.hybrid.ai/auction/prebid
IP
37.230.131.17:443
ASN
#200197 Hybrid Adtech Sp.z.o.o.

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerSectigo Limited
Subject*.hybrid.ai
Fingerprint40:F9:88:C5:EF:2B:26:9C:61:DC:CC:ED:B1:67:03:F4:E2:CC:B7:C8
ValidityThu, 14 Sep 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /auction/prebid HTTP/1.1
Host: ssp.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
content-type: application/json
Content-Length: 353
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Cookie: vid=ab50f70f2972c179694d; vid=1a0153a4378b62073146
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 04 May 2024 18:40:09 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://exclusive-works.ru
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server: Hybrid Web Server
X-Firefox-Spdy: h2

b03e53dc-0a45-11ef-86e0-002590c0647c.n6.sync.bumlam.com/?src=sape

188.120.246.182

0 B

URL
b03e53dc-0a45-11ef-86e0-002590c0647c.n6.sync.bumlam.com/?src=sape
IP
188.120.246.182:0
ASN
#29182 JSC IOT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape HTTP/1.1
Host: b03e53dc-0a45-11ef-86e0-002590c0647c.n6.sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiRiMDNlNTNkYy0wYTQ1LTExZWYtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.26.0
date: Sat, 04 May 2024 18:40:10 GMT
content-length: 0
location: https://pix.bumlam.com/sync/sape/done
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
X-Firefox-Spdy: h2

cdn.alfasense.net/lib_test/config.js

136.144.31.36

200 OK

721 B

URL GET HTTP/2
cdn.alfasense.net/lib_test/config.js
IP
136.144.31.36:443
ASN
#52000 MIRhosting B.V.

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.alfasense.net
Fingerprint15:61:D7:BD:E9:E1:37:36:5F:FD:47:F7:69:F7:5E:53:CD:95:A9:59
ValidityWed, 22 Nov 2023 16:23:03 GMT - Mon, 23 Dec 2024 16:23:02 GMT

File type
JavaScript source, ASCII text, with very long lines (805), with no line terminators
Size
721 B (721 bytes)
Hash
a297d50e856778a54298ee0df1efecd4
96e19be59c6e11a11d3b7d188978c1e3fba9e69b
a5e5b0affbbccc6af1f9dc758a3c77124f863b00fabd8511aebeb498c88d8edf

HTTP Headers

GET /lib_test/config.js HTTP/1.1
Host: cdn.alfasense.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:39:48 GMT
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 11:58:49 GMT
etag: W/"661d1679-2d1"
content-security-policy: frame-ancestors 'none';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
cache-control: public, max-age=60
content-encoding: gzip
set-cookie: route=dd92c318b574e2af8018c0207c5098f9; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

cdn.alfasense.net/ext/weboctxrun.js

136.144.31.36

200 OK

213 B

URL GET HTTP/2
cdn.alfasense.net/ext/weboctxrun.js
IP
136.144.31.36:443
ASN
#52000 MIRhosting B.V.

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.alfasense.net
Fingerprint15:61:D7:BD:E9:E1:37:36:5F:FD:47:F7:69:F7:5E:53:CD:95:A9:59
ValidityWed, 22 Nov 2023 16:23:03 GMT - Mon, 23 Dec 2024 16:23:02 GMT

File type
JavaScript source, ASCII text, with no line terminators
Size
213 B (213 bytes)
Hash
7e6e77a84388919cef04b18773e40546
dfcee86d73693ac10ada371c448d02af02b63f51
a3b9b5f351cc23a9d67c5884cc76e44c6a76ca07d725a14f48e6af9fe6f8c9b3

HTTP Headers

GET /ext/weboctxrun.js HTTP/1.1
Host: cdn.alfasense.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:39:48 GMT
content-type: application/javascript
last-modified: Wed, 12 Jul 2023 13:34:46 GMT
etag: W/"64aeabf6-d5"
content-security-policy: frame-ancestors 'none';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
cache-control: public, max-age=60
content-encoding: gzip
set-cookie: route=e7a39e6e3385558e2f6a6a18cac7185b; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

sync.adspend.space/sape?uid=0800007FF5803666CC346C3B023A0904

104.21.26.195

302 Found

43 B

URL GET HTTP/3
sync.adspend.space/sape?uid=0800007FF5803666CC346C3B023A0904
IP
104.21.26.195:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerGoogle Trust Services LLC
Subjectadspend.space
Fingerprint86:42:73:83:B4:96:F1:E2:8E:8F:5F:67:2B:A5:20:3C:AE:F0:FE:57
ValiditySat, 16 Mar 2024 00:50:56 GMT - Fri, 14 Jun 2024 00:50:55 GMT

File type

Size
43 B (43 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape?uid=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: as-user=3aa4576d-37aa-47da-903f-69db790ebc26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html; charset=utf-8
location: https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D17fcbcf7-49bf-4a5c-9a8d-014dc443d567
set-cookie: as-user=17fcbcf7-49bf-4a5c-9a8d-014dc443d567; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RyHwO3gMDxmG6riOA7z2wpG5boxx7ZfeH8YBPvmEmfI146yaHasb7FMRIn6OBOJ8%2BnTCRJVkBLqPIfk88SZvHipmgd0R%2BzyQQBRmq7G2c2h9OVAQqyBJh5XzI3RWq5WGbbsYLR0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea9e07198656a2-OSL
alt-svc: h3=":443"; ma=86400

sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D17fcbcf7-49bf-4a5c-9a8d-014dc443d567

104.21.26.195

302 Found

43 B

URL GET HTTP/3
sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D17fcbcf7-49bf-4a5c-9a8d-014dc443d567
IP
104.21.26.195:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerGoogle Trust Services LLC
Subjectadspend.space
Fingerprint86:42:73:83:B4:96:F1:E2:8E:8F:5F:67:2B:A5:20:3C:AE:F0:FE:57
ValiditySat, 16 Mar 2024 00:50:56 GMT - Fri, 14 Jun 2024 00:50:55 GMT

File type

Size
43 B (43 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D17fcbcf7-49bf-4a5c-9a8d-014dc443d567 HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: as-user=17fcbcf7-49bf-4a5c-9a8d-014dc443d567
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html; charset=utf-8
location: https://www.acint.net/match?dp=98&euid=17fcbcf7-49bf-4a5c-9a8d-014dc443d567
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, OPTIONS
access-control-allow-headers: Content-Type, authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3kztT77NwiFjjvF2RvrNLsKheCV%2By0skJMFybhBD1mjjMzsiEfUeovLnptjeO%2BKsBzw6Mk7UCwCF7zwGl4S3Wyb6QtbmuI4sQse9P%2Fx%2BWnbXiHeMM6Ya%2FpQO64QiOQnMkNgVrUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea9e09ad6256a2-OSL
alt-svc: h3=":443"; ma=86400

stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=yfbu%2FTgiOFUFv8ncQJiy0STSIA3uXPPMf1niY0LJgG8g9XEe1uWw5cueCW2LaBebN0psCBGQKTCMYNf6gt2Ns7AyeLfI%2FPu%2FVOX%2F0GtbwuX3JY%2Br5lIzs7IDK7URPgrR9A5HJRtcysoFX0NS%2BT88wmIvZmsjZ4oqLRyALKQZ3oaUI%2FJWFzXdyfIY9vYjEQPLpi3MOh8cGTA%3D&r=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&eo=&cb=171484798945255199&_adlk_ts=171484798945255199

5.101.76.186

200 OK

0 B

URL GET HTTP/2
stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=yfbu%2FTgiOFUFv8ncQJiy0STSIA3uXPPMf1niY0LJgG8g9XEe1uWw5cueCW2LaBebN0psCBGQKTCMYNf6gt2Ns7AyeLfI%2FPu%2FVOX%2F0GtbwuX3JY%2Br5lIzs7IDK7URPgrR9A5HJRtcysoFX0NS%2BT88wmIvZmsjZ4oqLRyALKQZ3oaUI%2FJWFzXdyfIY9vYjEQPLpi3MOh8cGTA%3D&r=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&eo=&cb=171484798945255199&_adlk_ts=171484798945255199
IP
5.101.76.186:443
ASN
#48096 Enterprise Cloud Ltd.

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=yfbu%2FTgiOFUFv8ncQJiy0STSIA3uXPPMf1niY0LJgG8g9XEe1uWw5cueCW2LaBebN0psCBGQKTCMYNf6gt2Ns7AyeLfI%2FPu%2FVOX%2F0GtbwuX3JY%2Br5lIzs7IDK7URPgrR9A5HJRtcysoFX0NS%2BT88wmIvZmsjZ4oqLRyALKQZ3oaUI%2FJWFzXdyfIY9vYjEQPLpi3MOh8cGTA%3D&r=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&eo=&cb=171484798945255199&_adlk_ts=171484798945255199 HTTP/1.1
Host: stat.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Microsoft-IIS/10.0
date: Sat, 04 May 2024 18:39:49 GMT
X-Firefox-Spdy: h2

sync.dmp.otm-r.com/match/alfasensor?id=d6151ccc-3fbe-44d4-9e13-22bc107eb806&otcm_check=1714847989

138.201.65.74

302 Found

35 B

URL GET HTTP/2
sync.dmp.otm-r.com/match/alfasensor?id=d6151ccc-3fbe-44d4-9e13-22bc107eb806&otcm_check=1714847989
IP
138.201.65.74:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.dmp.otm-r.com
FingerprintC6:A2:9D:82:0D:D1:C1:2D:A4:ED:7F:05:13:52:5B:94:6B:10:58:D6
ValidityMon, 19 Jun 2023 10:50:51 GMT - Sat, 20 Jul 2024 10:50:50 GMT

File type

Size
35 B (35 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/alfasensor?id=d6151ccc-3fbe-44d4-9e13-22bc107eb806&otcm_check=1714847989 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: mpid=NjYzNjgwZjUwNzI0NGY3Yw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.17.4
date: Sat, 04 May 2024 18:39:50 GMT
content-type: text/html; charset=utf-8
content-length: 92
access-control-allow-origin: *
location: https://cs.alfasense.com/p?ssp=ot&id=NjYzNjgwZjUwNzI0NGY3Yw%3D%3D
set-cookie: mpid=NjYzNjgwZjUwNzI0NGY3Yw==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2

stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=orhjLnZvgH3CFpowuaR5hjkQKjua0sWs46AA9%2Fu4HJpw5dW%2Ba4txULbOs1RC3oIDIravf2mD2wosg9O1stMiuZRcopcvxJ1H%2Bg6EiPzDSlEOigN582jTWAHLX57183eOeVE79nS%2Bd%2BmMRZG%2B4nOWdV%2FiCzfxFtG%2Blu5p5xO%2BOotnDIEkM1VaJHAhRAQKo4Iypm6FXg%3D%3D&r=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&eo=&cb=171484800021956328&_adlk_ts=171484800021956328

5.101.76.186

200 OK

0 B

URL GET HTTP/2
stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=orhjLnZvgH3CFpowuaR5hjkQKjua0sWs46AA9%2Fu4HJpw5dW%2Ba4txULbOs1RC3oIDIravf2mD2wosg9O1stMiuZRcopcvxJ1H%2Bg6EiPzDSlEOigN582jTWAHLX57183eOeVE79nS%2Bd%2BmMRZG%2B4nOWdV%2FiCzfxFtG%2Blu5p5xO%2BOotnDIEkM1VaJHAhRAQKo4Iypm6FXg%3D%3D&r=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&eo=&cb=171484800021956328&_adlk_ts=171484800021956328
IP
5.101.76.186:443
ASN
#48096 Enterprise Cloud Ltd.

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=orhjLnZvgH3CFpowuaR5hjkQKjua0sWs46AA9%2Fu4HJpw5dW%2Ba4txULbOs1RC3oIDIravf2mD2wosg9O1stMiuZRcopcvxJ1H%2Bg6EiPzDSlEOigN582jTWAHLX57183eOeVE79nS%2Bd%2BmMRZG%2B4nOWdV%2FiCzfxFtG%2Blu5p5xO%2BOotnDIEkM1VaJHAhRAQKo4Iypm6FXg%3D%3D&r=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&eo=&cb=171484800021956328&_adlk_ts=171484800021956328 HTTP/1.1
Host: stat.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Microsoft-IIS/10.0
date: Sat, 04 May 2024 18:39:59 GMT
X-Firefox-Spdy: h2

exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng/jsvpaid?set_buzzoola_cookie=t

49.12.83.94

200 OK

11 kB

URL GET HTTP/2
exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng/jsvpaid?set_buzzoola_cookie=t
IP
49.12.83.94:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT

File type
XML 1.0 document, ASCII text, with very long lines (11331), with no line terminators
Size
11 kB (11331 bytes)
Hash
43a1868f3ed81e2d88f9a175398efa2f
feb7afad36e5047873b09a2cfd095f5c5d39439d
30a5f1bcf4a775208157ed5caf6149becadece30c298d427d0e9d462306ddb94

HTTP Headers

GET /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng/jsvpaid?set_buzzoola_cookie=t HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exclusive-works.ru
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: uuid=13df691e-c896-4704-419c-507ed4a2c070
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:39:46 GMT
content-type: application/xml
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
access-control-allow-origin: https://exclusive-works.ru
access-control-expose-headers: Set-Cookie, Etag
serverid: TODO
content-encoding: gzip
X-Firefox-Spdy: h2

s.ccsyncuuid.net/match/5/?remote_uid=0800007FF5803666CC346C3B023A0904

0.0.0.0

0 B

URL GET
s.ccsyncuuid.net/match/5/?remote_uid=0800007FF5803666CC346C3B023A0904
IP
0.0.0.0:0
ASN
#0

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /match/5/?remote_uid=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: s.ccsyncuuid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

sync.bumlam.com/?src=adlook&s_data=CAIQARj1gdqxBmIgNDA5ZDk0OWI5YjljNGMxNDk1MWVjOGRkMWFkMjdmMjeiARCv8CmWCkUR75t7ACWQyCQ2

31.172.81.158

302 Moved Temporarily

43 B

URL GET HTTP/1.1
sync.bumlam.com/?src=adlook&s_data=CAIQARj1gdqxBmIgNDA5ZDk0OWI5YjljNGMxNDk1MWVjOGRkMWFkMjdmMjeiARCv8CmWCkUR75t7ACWQyCQ2
IP
31.172.81.158:443
ASN
#44066 firstcolo GmbH

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint9F:E0:4A:B3:57:B0:3C:3E:13:7F:9F:FF:82:A2:91:87:45:9F:A4:7F
ValidityThu, 28 Mar 2024 09:09:43 GMT - Wed, 26 Jun 2024 09:09:42 GMT

File type

Size
43 B (43 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=adlook&s_data=CAIQARj1gdqxBmIgNDA5ZDk0OWI5YjljNGMxNDk1MWVjOGRkMWFkMjdmMjeiARCv8CmWCkUR75t7ACWQyCQ2 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiRiMDNlNTNkYy0wYTQ1LTExZWYtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 May 2024 18:39:50 GMT
Content-Length: 0
Connection: close
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=adlook&s_data=CAIQAhj1gdqxBmIgNDA5ZDk0OWI5YjljNGMxNDk1MWVjOGRkMWFkMjdmMjeiARCwPlPcCkUR74bgACWQwGR8
ETag: b03e53dc-0a45-11ef-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://exclusive-works.ru
Access-Control-Allow-Credentials: true

exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng/jsvpaid

49.12.83.94

307 Temporary Redirect

11 kB

URL GET HTTP/2
exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng/jsvpaid
IP
49.12.83.94:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT

File type

Size
11 kB (11331 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng/jsvpaid HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
server: nginx
date: Sat, 04 May 2024 18:39:48 GMT
content-type: text/html; charset=utf-8
content-length: 114
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
access-control-allow-origin: https://exclusive-works.ru
access-control-expose-headers: Set-Cookie, Etag
location: /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng/jsvpaid?set_buzzoola_cookie=t
set-cookie: uuid=5ff1f71a-ff52-4265-6f59-dc2619e1d86f; Path=/; Domain=buzzoola.com; Expires=Mon, 03 Jun 2024 18:39:48 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2

www.acint.net/oci.js?t=1714848005807

193.3.184.16

200 OK

32 kB

URL GET HTTP/2
www.acint.net/oci.js?t=1714848005807
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
JavaScript source, ASCII text, with very long lines (32168)
Size
32 kB (32169 bytes)
Hash
c3fa5133b6899a2abb39fb79ed94300f
dc1d5c75420b38cd7509a783ed09345d0ff78ac4
66b141eb9ae44c86efc510844a71cf208c02d02abe03af3a7d8cc26736d3e19c

HTTP Headers

GET /oci.js?t=1714848005807 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:05 GMT
content-type: application/x-javascript
last-modified: Wed, 17 Jan 2024 22:00:10 GMT
etag: W/"65a84dea-7dac"
content-encoding: gzip
X-Firefox-Spdy: h2

ads.adlook.me/csync?pid=sape&uid=0800007FF5803666CC346C3B023A0904&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D110%26euid%3D%7BuserId%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D110

78.140.242.106

302 Found

0 B

URL GET HTTP/2
ads.adlook.me/csync?pid=sape&uid=0800007FF5803666CC346C3B023A0904&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D110%26euid%3D%7BuserId%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D110
IP
78.140.242.106:443
ASN
#209974 Itglobalcom Rus LLC

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /csync?pid=sape&uid=0800007FF5803666CC346C3B023A0904&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D110%26euid%3D%7BuserId%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D110 HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: adlm_userId=409d949b9b9c4c14951ec8dd1ad27f27; adlk_cmatch=alab%3Ae60082d7-f712-4990-85a0-4cadfb917038%2Cotm%3ANjYzNjgwZjUwNzI0NGY3Yw%3D%3D%2Csape%3A0800007FF5803666CC346C3B023A0904
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://mc.acint.net/rmatch?dp=110&euid=409d949b9b9c4c14951ec8dd1ad27f27&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D110
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=409d949b9b9c4c14951ec8dd1ad27f27; expires=Sat, 03 May 2025 21:00:00 GMT; path=/; SameSite=None; secure; samesite=none
adlk_cmatch=alab%3Ae60082d7-f712-4990-85a0-4cadfb917038%2Cotm%3ANjYzNjgwZjUwNzI0NGY3Yw%3D%3D%2Csape%3A0800007FF5803666CC346C3B023A0904; expires=Fri, 31 Dec 9999 20:59:59 GMT; path=/; SameSite=None; secure; samesite=none
date: Sat, 04 May 2024 18:40:05 GMT
X-Firefox-Spdy: h2

exclusive-works.ru/wp-content/plugins/easy-fancybox/vendor/jquery.mousewheel.min.js?ver=3.1.13

87.236.16.222

200 OK

2.6 kB

URL GET HTTP/2
exclusive-works.ru/wp-content/plugins/easy-fancybox/vendor/jquery.mousewheel.min.js?ver=3.1.13
IP
87.236.16.222:443
ASN
#198610 Beget LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subjectexclusive-works.ru
FingerprintC6:F1:85:00:31:02:65:80:DF:66:0D:9C:20:FE:78:0D:DF:F7:6F:1B
ValidityWed, 01 May 2024 06:34:48 GMT - Tue, 30 Jul 2024 06:34:47 GMT

File type
JavaScript source, ASCII text, with very long lines (2696), with no line terminators
Size
2.6 kB (2609 bytes)
Hash
d2c8f2ec155db31cedf5016adbf08fbd
ac0c269512306dc6ff09322d82134172ebeacc21
692a3efcf122e58b1ad5579170d37d79f83d44b24d89b8e54e8a5d5e8fc358ea

HTTP Headers

GET /wp-content/plugins/easy-fancybox/vendor/jquery.mousewheel.min.js?ver=3.1.13 HTTP/1.1
Host: exclusive-works.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Sat, 04 May 2024 18:39:47 GMT
content-type: application/x-javascript
last-modified: Wed, 24 Apr 2024 05:44:35 GMT
vary: Accept-Encoding
etag: W/"66289c43-a31"
expires: Sat, 11 May 2024 18:39:47 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904

193.3.184.16

200 OK

6.3 kB

URL GET HTTP/2
mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
HTML document, ASCII text, with very long lines (6531), with no line terminators
Size
6.3 kB (6262 bytes)
Hash
589a0a5b732815e1acd0274f080245a5
e1255c17430c24bd842a2e5d0463302c79d9dde0
6304ce109c9bd57f6cfac7750bc4f73efab9ae7f1ef7738534e5bf272261f9ff

HTTP Headers

GET /mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:05 GMT
content-type: text/html
set-cookie: cSyncDp14v6=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v5=1714848005; expires=Sun, 05-May-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53v5=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v3=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68v3=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp80v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v4=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp98v3=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110v3=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v4=1714848005; expires=Sun, 19-May-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126v3=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v3=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v3=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp251v1=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp217v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp235v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp239v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp243v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp260v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp244v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp248v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp261v1=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp289v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp293v1=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp296v2=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp312v1=1714848005; expires=Mon, 03-Jun-24 18:40:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2

ssp-rtb.sape.ru/ymcode?callback=sapeRTB_66368105c_59897306

0.0.0.0

0 B

URL GET
ssp-rtb.sape.ru/ymcode?callback=sapeRTB_66368105c_59897306
IP
0.0.0.0:0
ASN
#0

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subject*.sape.ru
Fingerprint73:95:22:E3:B6:12:3E:90:3A:10:10:DC:38:ED:28:2D:82:7B:EB:E2
ValidityWed, 10 Apr 2024 03:20:28 GMT - Tue, 09 Jul 2024 03:20:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ymcode?callback=sapeRTB_66368105c_59897306 HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Cookie: sspuid=CkIDPWY2gPUQpwAkIZCSAtwObK2VDTfOUuJ95155S8M/WBWo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sat, 04 May 2024 18:40:05 GMT
Content-Type: text/html
Content-Length: 56
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
X-YaRequestId: 085a1cad4bc04ea0bc7e9a94a95c50c9
X-YaTraceId: 2fe764c0b68e44edbc112ec8dbe051be
X-YaSpanId: f25cd067eb828279
Content-Encoding: gzip
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0

www.acint.net/hit/?v=0.7.0&uid=cebeac03-78bf-46ae-9d69-9db45d1bc6ea&dp=14&tz=%2B00%3A00&nc=244741&aid=0800007FF5803666CC346C3B023A0904&u=&r=&rs=1280x1024&t=&oE=1&oP=1&dT=2024-05-04T18%3A40%3A05.801&fu=8e288a1c-3ebb-49fe-a452-1c2649331876&if=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34

193.3.184.16

200 OK

43 B

URL GET HTTP/2
www.acint.net/hit/?v=0.7.0&uid=cebeac03-78bf-46ae-9d69-9db45d1bc6ea&dp=14&tz=%2B00%3A00&nc=244741&aid=0800007FF5803666CC346C3B023A0904&u=&r=&rs=1280x1024&t=&oE=1&oP=1&dT=2024-05-04T18%3A40%3A05.801&fu=8e288a1c-3ebb-49fe-a452-1c2649331876&if=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34
IP
193.3.184.16:443
ASN
#50214 QWARTA LLC

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hit/?v=0.7.0&uid=cebeac03-78bf-46ae-9d69-9db45d1bc6ea&dp=14&tz=%2B00%3A00&nc=244741&aid=0800007FF5803666CC346C3B023A0904&u=&r=&rs=1280x1024&t=&oE=1&oP=1&dT=2024-05-04T18%3A40%3A05.801&fu=8e288a1c-3ebb-49fe-a452-1c2649331876&if=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Cookie: test_cookie=CheckForPermission; aid=fwAACGY2gPU7bDTMBAk6AkvO2kO9WpkLiHAsjvWCFnhdIvrS; cSyncDp17v2=1714847989; cSyncDp14v4=1714847989; cSyncDp104v2=1714847990
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:40:05 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=VDj9yIrvemLinM6aZ8u9lm1sHSbXPMysZfR4xLRI9BEAap9YBrcbpenWwe697Eoby3DMaQHWiMfhUcBkgWPxkRkYb64vZpD%2B%2F%2FkFm79m%2Fzj%2BdeF%2FwSJyyHfZfLqjDyPobm4yBxhkuSLFw%2FHY%2BOPgR3V6%2Frt9f2Ty%2BvVAg4JJXXxk6EQpXttqiBfpFVo5Cq08jMn8WQ%3D%3D&r=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&eo=&cb=171484800386185842&_adlk_ts=171484800386185842

5.101.76.186

200 OK

0 B

URL GET HTTP/2
stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=VDj9yIrvemLinM6aZ8u9lm1sHSbXPMysZfR4xLRI9BEAap9YBrcbpenWwe697Eoby3DMaQHWiMfhUcBkgWPxkRkYb64vZpD%2B%2F%2FkFm79m%2Fzj%2BdeF%2FwSJyyHfZfLqjDyPobm4yBxhkuSLFw%2FHY%2BOPgR3V6%2Frt9f2Ty%2BvVAg4JJXXxk6EQpXttqiBfpFVo5Cq08jMn8WQ%3D%3D&r=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&eo=&cb=171484800386185842&_adlk_ts=171484800386185842
IP
5.101.76.186:443
ASN
#48096 Enterprise Cloud Ltd.

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=VDj9yIrvemLinM6aZ8u9lm1sHSbXPMysZfR4xLRI9BEAap9YBrcbpenWwe697Eoby3DMaQHWiMfhUcBkgWPxkRkYb64vZpD%2B%2F%2FkFm79m%2Fzj%2BdeF%2FwSJyyHfZfLqjDyPobm4yBxhkuSLFw%2FHY%2BOPgR3V6%2Frt9f2Ty%2BvVAg4JJXXxk6EQpXttqiBfpFVo5Cq08jMn8WQ%3D%3D&r=https%3A%2F%2Fexclusive-works.ru%2Fen%2Fcomponent%2Fcontent%2Farticle%2F1-2009-09-21-12-52-48%2F1-2009-09-21-13-02-34&eo=&cb=171484800386185842&_adlk_ts=171484800386185842 HTTP/1.1
Host: stat.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Microsoft-IIS/10.0
date: Sat, 04 May 2024 18:40:03 GMT
X-Firefox-Spdy: h2

78.140.242.106

302 Found

0 B

URL GET HTTP/2
ads.adlook.me/csync?pid=sape&uid=0800007FF5803666CC346C3B023A0904&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D110%26euid%3D%7BuserId%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D110
IP
78.140.242.106:443
ASN
#209974 Itglobalcom Rus LLC

Requested by
https://www.acint.net/mc/?dp=14&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /csync?pid=sape&uid=0800007FF5803666CC346C3B023A0904&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D110%26euid%3D%7BuserId%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D110 HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: adlm_userId=409d949b9b9c4c14951ec8dd1ad27f27; adlk_cmatch=alab%3Ae60082d7-f712-4990-85a0-4cadfb917038%2Cotm%3ANjYzNjgwZjUwNzI0NGY3Yw%3D%3D%2Csape%3A0800007FF5803666CC346C3B023A0904
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://mc.acint.net/rmatch?dp=110&euid=409d949b9b9c4c14951ec8dd1ad27f27&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D110
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=409d949b9b9c4c14951ec8dd1ad27f27; expires=Sat, 03 May 2025 21:00:00 GMT; path=/; SameSite=None; secure; samesite=none
adlk_cmatch=alab%3Ae60082d7-f712-4990-85a0-4cadfb917038%2Cotm%3ANjYzNjgwZjUwNzI0NGY3Yw%3D%3D%2Csape%3A0800007FF5803666CC346C3B023A0904; expires=Fri, 31 Dec 9999 20:59:59 GMT; path=/; SameSite=None; secure; samesite=none
date: Sat, 04 May 2024 18:40:05 GMT
X-Firefox-Spdy: h2

exchange.buzzoola.com/adv/kbDH64c7yFY_jqB7YcKn5M6dGqNDbHMZffr_5APkVM07AVtRv698Lw/jsvpaid

49.12.83.94

307 Temporary Redirect

11 kB

URL GET HTTP/2
exchange.buzzoola.com/adv/kbDH64c7yFY_jqB7YcKn5M6dGqNDbHMZffr_5APkVM07AVtRv698Lw/jsvpaid
IP
49.12.83.94:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT

File type

Size
11 kB (11352 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /adv/kbDH64c7yFY_jqB7YcKn5M6dGqNDbHMZffr_5APkVM07AVtRv698Lw/jsvpaid HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exclusive-works.ru
DNT: 1
Connection: keep-alive
Referer: https://exclusive-works.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
server: nginx
date: Sat, 04 May 2024 18:39:48 GMT
content-type: text/html; charset=utf-8
content-length: 125
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
access-control-allow-origin: https://exclusive-works.ru
access-control-expose-headers: Set-Cookie, Etag
location: /adv/kbDH64c7yFY_jqB7YcKn5M6dGqNDbHMZffr_5APkVM07AVtRv698Lw/jsvpaid?set_buzzoola_cookie=t
set-cookie: uuid=6f9370d9-d9cf-42d1-7489-25ba52da6e48; Path=/; Domain=buzzoola.com; Expires=Mon, 03 Jun 2024 18:39:48 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2

exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHYBaHVOHr2Dk/jsvpaid?set_buzzoola_cookie=t

49.12.83.94

200 OK

8.0 kB

URL GET HTTP/2
exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHYBaHVOHr2Dk/jsvpaid?set_buzzoola_cookie=t
IP
49.12.83.94:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://exclusive-works.ru/en/component/content/article/1-2009-09-21-12-52-48/1-2009-09-21-13-02-34
Certificate
IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT

File type
XML document, ASCII text, with very long lines (8505), with no line terminators
Size
8.0 kB (7971 bytes)
Hash
fcaa8460d8a9bdacb44a9137033a9203
317a3d590def0ac027a43698d4b0e0d386499ef0
4a2d891f29ce4e9544319803d552544ba405ed40b5e1c631d88224ff925a83cc

HTTP Headers

GET /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHYBaHVOHr2Dk/jsvpaid?set_buzzoola_cookie=t HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exclusive-works.ru
Referer: https://exclusive-works.ru/
DNT: 1
Connection: keep-alive
Cookie: uuid=8ad0d2c9-58c4-4866-67a2-429b982be014
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:39:49 GMT
content-type: application/xml
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
access-control-allow-origin: https://exclusive-works.ru
access-control-expose-headers: Set-Cookie, Etag
serverid: TODO
content-encoding: gzip
X-Firefox-Spdy: h2

sync.adspend.space/sape?uid=0800007FF5803666CC346C3B023A0904

104.21.26.195

302 Found

43 B

URL GET HTTP/3
sync.adspend.space/sape?uid=0800007FF5803666CC346C3B023A0904
IP
104.21.26.195:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mc.acint.net/mc/?dp=131&aid=0800007FF5803666CC346C3B023A0904
Certificate
IssuerGoogle Trust Services LLC
Subjectadspend.space
Fingerprint86:42:73:83:B4:96:F1:E2:8E:8F:5F:67:2B:A5:20:3C:AE:F0:FE:57
ValiditySat, 16 Mar 2024 00:50:56 GMT - Fri, 14 Jun 2024 00:50:55 GMT

File type

Size
43 B (43 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape?uid=0800007FF5803666CC346C3B023A0904 HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Sat, 04 May 2024 18:40:06 GMT
content-type: text/html; charset=utf-8
location: https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D3aa4576d-37aa-47da-903f-69db790ebc26
set-cookie: as-user=3aa4576d-37aa-47da-903f-69db790ebc26; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hSH49dtjUvSGacznofPXkLk87TBZyLKTkfcTix5c7TTNXqoze12SKUu59OVm5sXAefdK%2FkqiVu2dHzuHbAfp1HqWy5n70wsAJSRpCCQb46GrAkjjmhrbI69ruEjmUHSQwzk8YXw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea9e05cf0556a2-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (40)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML