Overview

URL password.mk/index.php?option=com_k2
IP208.113.153.12
ASNDREAMHOST-AS
Location United States
Report completed2022-07-07 01:27:23 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-07 2 password.mk/index.php?option=com_k2 Malware
2022-07-07 2 password.mk/index.php?option=com_k2 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (54)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] ad.mail.ru (1) 7643 2017-01-30 05:06:12 UTC 2022-07-06 17:33:16 UTC 94.100.180.197
[Mnemonic Passive DNS] sync.bumlam.com (3) 3243 No data No data 31.172.81.160
[Mnemonic Passive DNS] x01.aidata.io (2) 12188 No data No data 89.108.120.76
[Mnemonic Passive DNS] tag.digitaltarget.ru (2) 98193 No data No data 185.15.175.144
[Mnemonic Passive DNS] ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-07-06 04:42:12 UTC 142.250.74.3
[Mnemonic Passive DNS] ocsp2.globalsign.com (1) 1544 2012-05-21 07:12:19 UTC 2022-07-06 04:56:10 UTC 104.18.20.226
[Mnemonic Passive DNS] cs.agency2.ru (1) 0 No data No data 23.111.107.44 Unknown ranking
[Mnemonic Passive DNS] ads.betweendigital.com (4) 1571 2012-10-30 05:08:04 UTC 2022-07-06 22:50:51 UTC 188.42.191.196
[Mnemonic Passive DNS] sync.upravel.com (2) 28097 2017-05-29 09:13:46 UTC 2022-07-06 22:50:48 UTC 176.9.8.252
[Mnemonic Passive DNS] stat.adlabs.ru (1) 200922 No data No data 109.248.237.37
[Mnemonic Passive DNS] status.geotrust.com (1) 3662 2017-12-01 08:55:31 UTC 2022-07-06 04:59:18 UTC 93.184.220.29
[Mnemonic Passive DNS] sync.1dmp.io (2) 10017 No data No data 136.243.148.229
[Mnemonic Passive DNS] redirect.frontend.weborama.fr (1) 8348 No data No data 35.190.24.218
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.65
[Mnemonic Passive DNS] sync3.adsniper.ru (2) 13411 No data No data 31.172.81.172
[Mnemonic Passive DNS] ssp.bidvol.com (1) 31817 No data No data 65.108.1.47
[Mnemonic Passive DNS] dmg.digitaltarget.ru (3) 21471 No data No data 185.15.175.158
[Mnemonic Passive DNS] r3.o.lencr.org (19) 344 2020-12-02 08:52:13 UTC 2022-07-06 04:41:34 UTC 23.36.77.32
[Mnemonic Passive DNS] ocsp.globalsign.com (5) 2075 2012-05-25 06:20:55 UTC 2022-07-06 04:55:58 UTC 104.18.20.226
[Mnemonic Passive DNS] 89b803c16e36c6626700633602f9c4b9-sp.ops.beeline.ru (1) 0 No data No data 37.9.245.57 Domain (beeline.ru) ranked at: 20964
[Mnemonic Passive DNS] cm.g.doubleclick.net (2) 202 2017-01-30 05:00:11 UTC 2021-02-24 05:20:01 UTC 216.58.207.226
[Mnemonic Passive DNS] sm.rtb.mts.ru (2) 27154 No data No data 217.66.147.168
[Mnemonic Passive DNS] tech.rtb.mts.ru (1) 27360 No data No data 213.87.44.187
[Mnemonic Passive DNS] www.acint.net (15) 29072 2014-02-14 21:23:16 UTC 2015-12-16 14:44:31 UTC 185.12.125.26
[Mnemonic Passive DNS] an.yandex.ru (2) 2577 2019-11-15 16:14:08 UTC 2022-07-06 22:01:59 UTC 93.158.134.90
[Mnemonic Passive DNS] sync.republer.com (1) 45392 2016-06-22 10:41:06 UTC 2022-07-06 23:03:19 UTC 194.190.117.93
[Mnemonic Passive DNS] match.new-programmatic.com (1) 33613 No data No data 217.65.2.150
[Mnemonic Passive DNS] ocsp.usertrust.com (1) 899 2012-09-05 20:20:29 UTC 2022-07-06 04:56:16 UTC 104.18.32.68
[Mnemonic Passive DNS] ssp.adriver.ru (2) 12439 No data No data 195.209.111.7
[Mnemonic Passive DNS] ad.adriver.ru (2) 19548 2012-11-19 06:13:18 UTC 2022-07-06 11:36:13 UTC 195.209.108.38
[Mnemonic Passive DNS] a.utraff.com (1) 39874 No data No data 104.21.59.66
[Mnemonic Passive DNS] ut.rktch.com (1) 41215 No data No data 89.108.97.2
[Mnemonic Passive DNS] status.thawte.com (1) 5123 2017-11-27 12:33:51 UTC 2022-07-06 05:06:55 UTC 93.184.220.29
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] dmp.gotechnology.io (2) 48839 No data No data 142.132.209.136
[Mnemonic Passive DNS] dc53997d-bf54-4d59-a70b-d44e98a2acf6.sync.upravel.com (1) 0 No data No data 136.243.48.22 Domain (upravel.com) ranked at: 27764
[Mnemonic Passive DNS] ssp.bestssp.com (1) 90974 2018-10-09 04:39:23 UTC 2022-07-06 18:05:13 UTC 185.147.80.35
[Mnemonic Passive DNS] exchange.buzzoola.com (1) 18389 No data No data 168.119.8.212
[Mnemonic Passive DNS] fcgi4.gnezdo.ru (1) 69027 No data No data 93.95.102.105
[Mnemonic Passive DNS] ocsp.godaddy.com (2) 698 2017-01-30 05:00:35 UTC 2022-07-06 05:00:39 UTC 192.124.249.22
[Mnemonic Passive DNS] sync.dmp.otm-r.com (1) 19534 2019-10-16 13:57:31 UTC 2022-07-06 22:50:48 UTC 138.201.65.66
[Mnemonic Passive DNS] ocsp.sectigo.com (5) 487 2018-12-17 11:31:55 UTC 2022-07-06 16:56:01 UTC 104.18.32.68
[Mnemonic Passive DNS] acint.net (2) 22962 2014-02-14 21:23:16 UTC 2022-07-02 07:02:00 UTC 185.12.125.26
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-07-06 17:02:11 UTC 34.120.237.76
[Mnemonic Passive DNS] s.uuidksinc.net (1) 3423 No data No data 31.220.27.134
[Mnemonic Passive DNS] sape-sync.rutarget.ru (1) 173587 2018-08-07 14:11:47 UTC 2022-07-06 23:03:19 UTC 188.72.107.228
[Mnemonic Passive DNS] px.adhigh.net (2) 10272 2013-01-03 21:02:08 UTC 2022-07-06 17:03:41 UTC 193.232.150.60
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-07-06 04:47:23 UTC 44.242.32.27
[Mnemonic Passive DNS] ssp-rtb.sape.ru (1) 31166 2016-02-02 17:01:03 UTC 2016-11-30 19:06:18 UTC 168.119.145.118
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-06 04:55:23 UTC 54.230.111.14
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-07-06 19:05:02 UTC 93.184.220.29
[Mnemonic Passive DNS] password.mk (4) 0 No data No data 208.113.153.12 Unknown ranking
[Mnemonic Passive DNS] dm-eu.hybrid.ai (1) 28847 No data No data 37.18.103.21
[Mnemonic Passive DNS] ads.adlook.me (1) 43352 2022-03-21 08:09:30 UTC 2022-07-06 23:03:19 UTC 5.200.43.131


Recent reports on same IP/ASN/Domain

Last 1 reports on IP: 208.113.153.12

Date UQ / IDS / BL URL IP
2018-05-18 08:06:34 +0200
0 - 0 - 1 thebeyonds.com/newboap/ccss/index/info.php?cm (...) 208.113.153.12

Last 10 reports on ASN: DREAMHOST-AS

Date UQ / IDS / BL URL IP
2022-08-09 12:00:10 +0000
0 - 0 - 3 www.easyprotocols.com/blog2/mXyTuU7Iog67cqYYJ/ 208.113.170.14
2022-08-09 11:35:49 +0000
0 - 0 - 3 https://benconry.com/wp-includes/eUXuRrm1G6bRZ/ 69.163.165.96
2022-08-09 11:27:42 +0000
0 - 0 - 2 www.davidludlow.com/KYM/UYruujsiC2YXaBBSSl7/ 208.97.189.155
2022-08-09 11:27:30 +0000
0 - 0 - 3 hcsnet.com.br/wp-content/zvPeH/ 69.163.157.137
2022-08-09 11:27:17 +0000
0 - 0 - 2 www.hellojohnwebb.com/TMkGx6CJ5WWoFnH8t6eAQ8E91/ 69.163.217.127
2022-08-09 11:27:13 +0000
0 - 0 - 2 www.hellojohnwebb.com/TMkGx6CJ5WWoFnH8t6eAQ8E (...) 69.163.217.127
2022-08-09 11:26:12 +0000
0 - 0 - 3 bethelmbcarvada.org/EZTracker_Errors/9Pbi1J2/ 208.97.177.194
2022-08-09 11:16:58 +0000
0 - 0 - 3 hcsnet.com.br/wp-content/emmK/ 69.163.157.137
2022-08-09 11:08:09 +0000
0 - 0 - 3 mepstein.com/wp-admin/SJKyWuS8YYcU7GNWHmjR/ 69.163.217.207
2022-08-09 10:56:21 +0000
0 - 0 - 3 https://benconry.com/wp-includes/a/ 69.163.165.96

No other reports on domain: password.mk



JavaScript

Executed Scripts (5)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (124)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 07 Jul 2022 00:56:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CaaGfsktGCaIOQdl1jD7L0IkUwOFll_1Fdd58ydpBahVLaNdo80MHQ==
Age: 1844


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "78A5DCFAF2D93D9C87CFB6DBC56100E9F22965D4500554BA65F71CB7D84DD666"
Last-Modified: Wed, 06 Jul 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8301
Expires: Thu, 07 Jul 2022 03:45:30 GMT
Date: Thu, 07 Jul 2022 01:27:09 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.14
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 06 Jul 2022 03:26:46 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BQ0ycUOtyvfmOj6l1IPeXWUdZzZN2Iytf4l3r0qVK4917hEAFXnxJQ==
age: 79224
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            GET /index.php?option=com_k2 HTTP/1.1 
Host: password.mk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         208.113.153.12
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 07 Jul 2022 01:27:09 GMT
Server: Apache
Location: https://password.mk/index.php?option=com_k2
Content-Length: 251
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   251
Md5:    9d4e51b26a62e06f9d982456d7efa4df
Sha1:   9c695b7ba5e49cb87e83d8733888dfc84aa0985f
Sha256: f5def796d0fa5a7daa401f9df35fac6b1048714388a26ebcd3779dfcde96948d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 07 Jul 2022 01:27:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /index.php?option=com_k2 HTTP/1.1 
Host: password.mk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         208.113.153.12
HTTP/2 500 Internal Server Error
                                        
date: Thu, 07 Jul 2022 01:27:10 GMT
server: Apache
x-logged-in: False
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache
pragma: no-cache
set-cookie: 48decbf2ef4690a2fd7216fcb1216b00=f9-5Nsqq2DvpZ4y3yBCF02; path=/
vary: User-Agent
content-length: 2035
content-type: text/html; charset=utf-8
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   2035
Md5:    446580c1243cc3f96c6dd09f73fbf9f5
Sha1:   625126d1d63e844ecafcbea964850a18c4a2795e
Sha256: cd1a64f0ae462a4b88520cfaa97de06382a95189a9f3ce3faa2720077f17be5c

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /templates/system/css/error.css HTTP/1.1 
Host: password.mk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://password.mk/index.php?option=com_k2
Cookie: 48decbf2ef4690a2fd7216fcb1216b00=f9-5Nsqq2DvpZ4y3yBCF02
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.153.12
HTTP/2 200 OK
                                        
date: Thu, 07 Jul 2022 01:27:10 GMT
server: Apache
last-modified: Wed, 18 Dec 2013 01:39:24 GMT
etag: "5a3-4edc51d5fcb00-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sat, 06 Aug 2022 01:27:10 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 596
content-type: text/css
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   596
Md5:    04c50cdea89a3c0086d9229ee8191433
Sha1:   c3a44573df785191379ccc4c97eb2e1121ff24ae
Sha256: 44399a698f388f21585b965a0d7e5e370a327b842dd15daab96e922538a249ef
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "95A13CD52AD7A5DBB070D5A9E9065A77A758623791FBCB074B0F2DBD0761B86E"
Last-Modified: Mon, 04 Jul 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4619
Expires: Thu, 07 Jul 2022 02:44:09 GMT
Date: Thu, 07 Jul 2022 01:27:10 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 07 Jul 2022 00:34:56 GMT
Cache-Control: max-age=3600
Expires: Thu, 07 Jul 2022 01:11:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: m_uOqYRS8xRkh0JRxDi0l5oDrf7OoyVQ2rqDKiZdQNPrzjBkMeDkVQ==
Age: 3134


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /aci.js HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://password.mk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.12.125.26
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 07 Jul 2022 01:27:10 GMT
content-type: application/x-javascript
content-length: 7461
last-modified: Mon, 16 May 2022 07:14:50 GMT
etag: "6281f9ea-1d25"
content-encoding: gzip
expires: Thu, 07 Jul 2022 13:27:10 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1408)
Size:   7461
Md5:    ae0aab6c5a2ae2e1168e74f6e6ae4741
Sha1:   2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
Sha256: a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5001
Cache-Control: 'max-age=158059'
Date: Thu, 07 Jul 2022 01:27:10 GMT
Last-Modified: Thu, 07 Jul 2022 00:03:49 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /hit/?v=0.4.0&uid=aedf8aa0-e43b-420c-ad7b-b66b91906fde&dp=10&tz=%2B00%3A00&nc=46930500&u=https%3A%2F%2Fpassword.mk%2Findex.php%3Foption%3Dcom_k2&r=&rs=1280x1024&t=500%20-%20View%20not%20found%20%5Bname%2C%20type%2C%20prefix%5D%3A%20k2%2C%20html%2C%20k2View&oE=1&oP=1&dT=2022-07-07T01%3A27%3A10.281&fu=b84cfbc3-4278-40c8-8ca0-c662e977ee90 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://password.mk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 07 Jul 2022 01:27:10 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=fwAAAWLGNm51EgA+u8YEAs7oEhPTYfTUc0Rkq2llygeLAdtb; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /mc/?dp=10 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://password.mk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 302 Found
                                        
server: openresty
date: Thu, 07 Jul 2022 01:27:10 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Thu, 07-Jul-22 01:37:10 GMT aid=wQO4iWLGNm42YwBnucT5ApxkNvjHe10lnZb8QxSqbChgeF8S; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   154
Md5:    cfbeaf604823f038b8b46f0ac862b98c
Sha1:   7b9eb1dac48e74fa5f418bc456cb410f88b81d98
Sha256: 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: password.mk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://password.mk/index.php?option=com_k2
Cookie: 48decbf2ef4690a2fd7216fcb1216b00=f9-5Nsqq2DvpZ4y3yBCF02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         208.113.153.12
HTTP/2 200 OK
                                        
date: Thu, 07 Jul 2022 01:27:10 GMT
server: Apache
last-modified: Sat, 01 Jun 2013 21:39:13 GMT
etag: "0-4de1e8ffdc240"
accept-ranges: bytes
content-length: 0
cache-control: max-age=172800
expires: Sat, 09 Jul 2022 01:27:10 GMT
vary: User-Agent
content-type: image/vnd.microsoft.icon
X-Firefox-Spdy: h2

                                        
                                            GET /sync?ssp=sape HTTP/1.1 
Host: a.utraff.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.59.66
HTTP/2 204 No Content
                                        
date: Thu, 07 Jul 2022 01:27:11 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Sat, 06 Aug 2022 04:27:11 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/ preutid=1; Expires=Sat, 06 Aug 2022 04:27:11 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynD2jVp%2FKWzE8nv09nl0tlPEdomHuQNA2Rxs%2FoghJn4rywY%2FbK%2B6xAbkOlHepIlGE%2F6Qedxni35rIFNhttHS1xvmkHCLFvE0imr0vyx6f5QD0x51oitUxc6b%2Fbp3kp4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 726ccbd59d1e1c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /match?id=106&vid=89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: dm-eu.hybrid.ai
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.18.103.21
HTTP/2 204 No Content
                                        
date: Thu, 07 Jul 2022 01:27:11 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=0ca3f32132510ee77847; expires=Fri, 07 Jul 2023 01:27:10 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 523
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B9ABA89800C4B00E0ADED52FFA3F3F68880B48CDCA8E93C6881AB80D067EAB9C"
Last-Modified: Wed, 06 Jul 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11303
Expires: Thu, 07 Jul 2022 04:35:34 GMT
Date: Thu, 07 Jul 2022 01:27:11 GMT
Connection: keep-alive

                                        
                                            GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1 
Host: ads.adlook.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         5.200.43.131
HTTP/2 302 Found
                                        
location: https://acint.net/match?dp=110&euid=2c05722604364ac59bc371b1bc99e4f5
server: Kestrel
set-cookie: adlm_userId=2c05722604364ac59bc371b1bc99e4f5; expires=Thu, 06 Jul 2023 21:00:00 GMT
date: Thu, 07 Jul 2022 01:27:11 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "508956D9447B9A45D7521EAF5FFE58A621AC06948BB6659AAD9BB01549EB60EC"
Last-Modified: Mon, 04 Jul 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10375
Expires: Thu, 07 Jul 2022 04:20:06 GMT
Date: Thu, 07 Jul 2022 01:27:11 GMT
Connection: keep-alive

                                        
                                            GET /match?dsp=sape HTTP/1.1 
Host: sync.republer.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         194.190.117.93
HTTP/2 204 No Content
                                        
server: nginx
date: Thu, 07 Jul 2022 01:32:05 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eJLm9mqK5l5UiEE+lc2f4Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.242.32.27
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4H2QYNgzBl86oQ/4Id+00iByy3I=

                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 10 Jul 2022 23:18:41 GMT
ETag: "072545db5c88350ed0070681112c6c8b99d01316"
Last-Modified: Wed, 06 Jul 2022 23:18:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 807
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 726ccbd66cc9b523-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    eb91a6357788342cba3b596bc2be2461
Sha1:   072545db5c88350ed0070681112c6c8b99d01316
Sha256: 525a7e2e7c691afa3613ae23f62ee21c38ce1fa82a0e4efdc5f3856918ddae3a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2F1F864F9B604BC13215125E83DF71BB984721AB39585F6C25CBBDDEF994D42E"
Last-Modified: Mon, 04 Jul 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3556
Expires: Thu, 07 Jul 2022 02:26:27 GMT
Date: Thu, 07 Jul 2022 01:27:11 GMT
Connection: keep-alive

                                        
                                            GET /match?dp=110&euid=2c05722604364ac59bc371b1bc99e4f5 HTTP/1.1 
Host: acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWLGNm42YwBnucT5ApxkNvjHe10lnZb8QxSqbChgeF8S; test_cookie=CheckForPermission; cSyncDp7v2=1657157230; cSyncDp14v3=1657157230; cSyncDp17=1657157230; cSyncDp32=1657157230; cSyncDp45v3=1657157230; cSyncDp53=1657157230; cSyncDp54v2=1657157230; cSyncDp62=1657157230; cSyncDp67v2=1657157230; cSyncDp68=1657157230; cSyncDp71=1657157230; cSyncDp77=1657157230; cSyncDp84=1657157230; cSyncDp85=1657157230; cSyncDp95v3=1657157230; cSyncDp101=1657157230; cSyncDp104v2=1657157230; cSyncDp107=1657157230; cSyncDp110=1657157230; cSyncDp111v2=1657157230; cSyncDp112v2=1657157230; cSyncDp125v2=1657157230; cSyncDp126=1657157230; cSyncDp127=1657157230; cSyncDp129=1657157230; cSyncDp136v2=1657157230; cSyncDp138=1657157230; cSyncDp144=1657157230; cSyncDp146=1657157230; cSyncDp148=1657157230; cSyncDp149=1657157230; cSyncDp151=1657157230; cSyncDp186=1657157230
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 07 Jul 2022 01:27:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1 
Host: ssp.bestssp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.147.80.35
HTTP/1.1 302 Found
                                        
Server: nginx/1.16.1
Date: Thu, 07 Jul 2022 01:27:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=TYHYGVLF
Set-Cookie: uid=TYHYGVLF; Expires=Thu, 07 Jul 2032 00:00:00 GMT; mf2=1; Expires=Sat, 06 Aug 2022 00:00:00 GMT;

                                        
                                            GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1 
Host: ssp-rtb.sape.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         168.119.145.118
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: openresty
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=9233CA746F36C6628C00016C020A0860
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=dMozkmLGNm9sAQCMYAgKAilFqU72hI2UiaIXJmjvZbeFkQvP; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   142
Md5:    82c98e8e012b79c922655461171cc2fa
Sha1:   0828d79135573276005b04be42d79a8a3291292b
Sha256: 745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DE54D83626BFE8CF825E097001CBCA3E48BF3111833E518C2FCCD2EB8FAF7C0E"
Last-Modified: Tue, 05 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6178
Expires: Thu, 07 Jul 2022 03:10:09 GMT
Date: Thu, 07 Jul 2022 01:27:11 GMT
Connection: keep-alive

                                        
                                            GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: sync.1dmp.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         136.243.148.229
HTTP/2 302 Found
                                        
server: nginx
date: Thu, 07 Jul 2022 01:27:11 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=ec7d7eb0-fd93-11ec-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 07 Jul 2023 01:27:11 GMT; SameSite=None; Secure uid-legacy=ec7d7eb0-fd93-11ec-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 07 Jul 2023 01:27:11 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C16E36C6626700633602F9C4B9&cs=1
X-Firefox-Spdy: h2

                                        
                                            GET /sape/sync HTTP/1.1 
Host: sync.upravel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         176.9.8.252
HTTP/2 302 Found
                                        
server: nginx
date: Thu, 07 Jul 2022 01:27:11 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1657157231134;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180 session_tptc-legacy=1657157231134;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

                                        
                                            GET /match/396/?remote_uid=89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: s.uuidksinc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.220.27.134
HTTP/2 302 Found
                                        
server: nginx/1.19.0
date: Thu, 07 Jul 2022 01:27:11 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=9HCL9dgZQb4O95uwnCdH
set-cookie: jcsuuid=9HCL9dgZQb4O95uwnCdH; expires=Fri, 07 Jul 2023 01:27:11 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A76DBC67E7A376C23891873DDB96A3E59BC198758781A2B6553421D1F710EC14"
Last-Modified: Wed, 06 Jul 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19693
Expires: Thu, 07 Jul 2022 06:55:24 GMT
Date: Thu, 07 Jul 2022 01:27:11 GMT
Connection: keep-alive

                                        
                                            GET /matchspm?pi=1000005&pui=89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: ut.rktch.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         89.108.97.2
HTTP/1.1 302 Found
                                        
Server: nginx/1.22.0
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=1730df9a0c647ca8c4b95ca4daef98116df9; Max-Age=2592000; Expires=Sat, 06 Aug 2022 01:27:11 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "06D65A2AAD9315C812DDB623381C5F4115ADF15F8486A96571549F7EA980E065"
Last-Modified: Mon, 04 Jul 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4376
Expires: Thu, 07 Jul 2022 02:40:07 GMT
Date: Thu, 07 Jul 2022 01:27:11 GMT
Connection: keep-alive

                                        
                                            GET /match?dp=95&euid=TYHYGVLF HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWLGNm42YwBnucT5ApxkNvjHe10lnZb8QxSqbChgeF8S; test_cookie=CheckForPermission; cSyncDp7v2=1657157230; cSyncDp14v3=1657157230; cSyncDp17=1657157230; cSyncDp32=1657157230; cSyncDp45v3=1657157230; cSyncDp53=1657157230; cSyncDp54v2=1657157230; cSyncDp62=1657157230; cSyncDp67v2=1657157230; cSyncDp68=1657157230; cSyncDp71=1657157230; cSyncDp77=1657157230; cSyncDp84=1657157230; cSyncDp85=1657157230; cSyncDp95v3=1657157230; cSyncDp101=1657157230; cSyncDp104v2=1657157230; cSyncDp107=1657157230; cSyncDp110=1657157230; cSyncDp111v2=1657157230; cSyncDp112v2=1657157230; cSyncDp125v2=1657157230; cSyncDp126=1657157230; cSyncDp127=1657157230; cSyncDp129=1657157230; cSyncDp136v2=1657157230; cSyncDp138=1657157230; cSyncDp144=1657157230; cSyncDp146=1657157230; cSyncDp148=1657157230; cSyncDp149=1657157230; cSyncDp151=1657157230; cSyncDp186=1657157230
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 07 Jul 2022 01:27:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match?dp=14&euid=9233CA746F36C6628C00016C020A0860 HTTP/1.1 
Host: acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWLGNm42YwBnucT5ApxkNvjHe10lnZb8QxSqbChgeF8S; test_cookie=CheckForPermission; cSyncDp7v2=1657157230; cSyncDp14v3=1657157230; cSyncDp17=1657157230; cSyncDp32=1657157230; cSyncDp45v3=1657157230; cSyncDp53=1657157230; cSyncDp54v2=1657157230; cSyncDp62=1657157230; cSyncDp67v2=1657157230; cSyncDp68=1657157230; cSyncDp71=1657157230; cSyncDp77=1657157230; cSyncDp84=1657157230; cSyncDp85=1657157230; cSyncDp95v3=1657157230; cSyncDp101=1657157230; cSyncDp104v2=1657157230; cSyncDp107=1657157230; cSyncDp110=1657157230; cSyncDp111v2=1657157230; cSyncDp112v2=1657157230; cSyncDp125v2=1657157230; cSyncDp126=1657157230; cSyncDp127=1657157230; cSyncDp129=1657157230; cSyncDp136v2=1657157230; cSyncDp138=1657157230; cSyncDp144=1657157230; cSyncDp146=1657157230; cSyncDp148=1657157230; cSyncDp149=1657157230; cSyncDp151=1657157230; cSyncDp186=1657157230
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 07 Jul 2022 01:27:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match/sape?id=89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: sync.dmp.otm-r.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.65.66
HTTP/2 204 No Content
                                        
server: nginx/1.19.7
date: Thu, 07 Jul 2022 01:27:11 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /match?dp=127&euid=9HCL9dgZQb4O95uwnCdH HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWLGNm42YwBnucT5ApxkNvjHe10lnZb8QxSqbChgeF8S; test_cookie=CheckForPermission; cSyncDp7v2=1657157230; cSyncDp14v3=1657157230; cSyncDp17=1657157230; cSyncDp32=1657157230; cSyncDp45v3=1657157230; cSyncDp53=1657157230; cSyncDp54v2=1657157230; cSyncDp62=1657157230; cSyncDp67v2=1657157230; cSyncDp68=1657157230; cSyncDp71=1657157230; cSyncDp77=1657157230; cSyncDp84=1657157230; cSyncDp85=1657157230; cSyncDp95v3=1657157230; cSyncDp101=1657157230; cSyncDp104v2=1657157230; cSyncDp107=1657157230; cSyncDp110=1657157230; cSyncDp111v2=1657157230; cSyncDp112v2=1657157230; cSyncDp125v2=1657157230; cSyncDp126=1657157230; cSyncDp127=1657157230; cSyncDp129=1657157230; cSyncDp136v2=1657157230; cSyncDp138=1657157230; cSyncDp144=1657157230; cSyncDp146=1657157230; cSyncDp148=1657157230; cSyncDp149=1657157230; cSyncDp151=1657157230; cSyncDp186=1657157230
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 07 Jul 2022 01:27:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C16E36C6626700633602F9C4B9&cs=1 HTTP/1.1 
Host: sync.1dmp.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=ec7d7eb0-fd93-11ec-acfd-901b0e8b2a6e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         136.243.148.229
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 07 Jul 2022 01:27:11 GMT
content-type: image/gif
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=ec7d7eb0-fd93-11ec-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 07 Jul 2023 01:27:11 GMT; SameSite=None; Secure uid-legacy=ec7d7eb0-fd93-11ec-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 07 Jul 2023 01:27:11 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2939DE6084C456A32C72745E49D6E3DB3D8BBCF08E8C210C50E3A8617B24CDA4"
Last-Modified: Wed, 06 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8312
Expires: Thu, 07 Jul 2022 03:45:43 GMT
Date: Thu, 07 Jul 2022 01:27:11 GMT
Connection: keep-alive

                                        
                                            GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1 
Host: sync.upravel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1657157231134
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         176.9.8.252
HTTP/2 302 Found
                                        
server: nginx
date: Thu, 07 Jul 2022 01:27:11 GMT
content-type: image/png
content-length: 0
location: https://dc53997d-bf54-4d59-a70b-d44e98a2acf6.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
set-cookie: user_id=dc53997d-bf54-4d59-a70b-d44e98a2acf6;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000 user_id-legacy=dc53997d-bf54-4d59-a70b-d44e98a2acf6;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4327E40D9069FD964418A8CD2174E3B7EAA71042DFE8BD2941F43A9E7A54A50D"
Last-Modified: Mon, 04 Jul 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14954
Expires: Thu, 07 Jul 2022 05:36:25 GMT
Date: Thu, 07 Jul 2022 01:27:11 GMT
Connection: keep-alive

                                        
                                            GET /userbind?src=sape&id=89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: match.new-programmatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.65.2.150
HTTP/1.1 204 No Content
                                        
Server: nginx/1.18.0
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 06 Jul 2022 12:21:01 GMT
Expires: Wed, 13 Jul 2022 12:21:01 GMT
ETag: 46CD4BD2553DF3E25ADD9DE71D859F74989F5AAF
Cache-Control: max-age=557029,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp13
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726ccbd6ac3fb524-OSL

                                        
                                            GET /match?dp=129&euid=8dzbvnqt9p HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWLGNm42YwBnucT5ApxkNvjHe10lnZb8QxSqbChgeF8S; test_cookie=CheckForPermission; cSyncDp7v2=1657157230; cSyncDp14v3=1657157230; cSyncDp17=1657157230; cSyncDp32=1657157230; cSyncDp45v3=1657157230; cSyncDp53=1657157230; cSyncDp54v2=1657157230; cSyncDp62=1657157230; cSyncDp67v2=1657157230; cSyncDp68=1657157230; cSyncDp71=1657157230; cSyncDp77=1657157230; cSyncDp84=1657157230; cSyncDp85=1657157230; cSyncDp95v3=1657157230; cSyncDp101=1657157230; cSyncDp104v2=1657157230; cSyncDp107=1657157230; cSyncDp110=1657157230; cSyncDp111v2=1657157230; cSyncDp112v2=1657157230; cSyncDp125v2=1657157230; cSyncDp126=1657157230; cSyncDp127=1657157230; cSyncDp129=1657157230; cSyncDp136v2=1657157230; cSyncDp138=1657157230; cSyncDp144=1657157230; cSyncDp146=1657157230; cSyncDp148=1657157230; cSyncDp149=1657157230; cSyncDp151=1657157230; cSyncDp186=1657157230
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 07 Jul 2022 01:27:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /merge_gpsid/?sid=50&id=89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: stat.adlabs.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         109.248.237.37
HTTP/2 302 Found
                                        
server: nginx
date: Thu, 07 Jul 2022 01:27:11 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=89B803C16E36C6626700633602F9C4B9
X-Firefox-Spdy: h2

                                        
                                            GET /?src=sap1&uid=89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: sync.bumlam.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.172.81.160
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync3.adsniper.ru/?src=ss1&s_data=CAEQABjv7JiWBlIFrbKc-w9iIDg5QjgwM0MxNkUzNkM2NjI2NzAwNjMzNjAyRjlDNEI5
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

                                        
                                            GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1 
Host: exchange.buzzoola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         168.119.8.212
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Thu, 07 Jul 2022 01:27:11 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=b59d18fa-3064-48a9-5e11-a0601cedccd6
serverid: TODO
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   115
Md5:    e229b859cb568bf33a070c89fc7dde23
Sha1:   121d8766bb706db11384264612ae82fbc3e52ab7
Sha256: 4663a6a87b18ece1d0bb3d9045e026bd2423bc1e6f59e170b228389f99ae7cc6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 03 Jul 2022 11:26:49 GMT
Expires: Sun, 10 Jul 2022 11:26:49 GMT
ETag: 0955040577BDB3C86327D91755C309BDF744DC6E
Cache-Control: max-age=294577,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp13
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726ccbd6eccdb518-OSL

                                        
                                            GET /p?ssp=sp&uid=89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: cs.agency2.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.111.107.44
HTTP/1.1 301 Moved Permanently
                                        
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=699f7f71-ab79-442a-983d-2621c8e0e5da
Set-Cookie: uuid=699f7f71-ab79-442a-983d-2621c8e0e5da; expires=Wed, 28 Jun 2023 01:27:11 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 11 Jul 2022 00:29:24 GMT
ETag: "cbdb78a865a3af771dcc82dbe6f0194f991585d2"
Last-Modified: Thu, 07 Jul 2022 00:29:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 391
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 726ccbd77f6afac8-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    4cc2572c38e2c504d0be9f782ba649ce
Sha1:   cbdb78a865a3af771dcc82dbe6f0194f991585d2
Sha256: d0342a1f3d3a6cc13c6aa1d617cf6119e580f4a8d038b44e9ddd7cac171e9bb6
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E77C8246299124A84FCAFDBAAD797AFFE32F3D618B15BDCED2FFF8D6A3DEEBE6"
Last-Modified: Wed, 06 Jul 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9464
Expires: Thu, 07 Jul 2022 04:04:55 GMT
Date: Thu, 07 Jul 2022 01:27:11 GMT
Connection: keep-alive

                                        
                                            GET /match?dp=126&euid=b59d18fa-3064-48a9-5e11-a0601cedccd6 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWLGNm42YwBnucT5ApxkNvjHe10lnZb8QxSqbChgeF8S; test_cookie=CheckForPermission; cSyncDp7v2=1657157230; cSyncDp14v3=1657157230; cSyncDp17=1657157230; cSyncDp32=1657157230; cSyncDp45v3=1657157230; cSyncDp53=1657157230; cSyncDp54v2=1657157230; cSyncDp62=1657157230; cSyncDp67v2=1657157230; cSyncDp68=1657157230; cSyncDp71=1657157230; cSyncDp77=1657157230; cSyncDp84=1657157230; cSyncDp85=1657157230; cSyncDp95v3=1657157230; cSyncDp101=1657157230; cSyncDp104v2=1657157230; cSyncDp107=1657157230; cSyncDp110=1657157230; cSyncDp111v2=1657157230; cSyncDp112v2=1657157230; cSyncDp125v2=1657157230; cSyncDp126=1657157230; cSyncDp127=1657157230; cSyncDp129=1657157230; cSyncDp136v2=1657157230; cSyncDp138=1657157230; cSyncDp144=1657157230; cSyncDp146=1657157230; cSyncDp148=1657157230; cSyncDp149=1657157230; cSyncDp151=1657157230; cSyncDp186=1657157230
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 07 Jul 2022 01:27:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match/sape?id=89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: dmp.gotechnology.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.132.209.136
HTTP/2 302 Found
                                        
server: nginx
date: Thu, 07 Jul 2022 01:27:11 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=89B803C16E36C6626700633602F9C4B9&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

                                        
                                            GET /match?dp=186&euid=699f7f71-ab79-442a-983d-2621c8e0e5da HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWLGNm42YwBnucT5ApxkNvjHe10lnZb8QxSqbChgeF8S; test_cookie=CheckForPermission; cSyncDp7v2=1657157230; cSyncDp14v3=1657157230; cSyncDp17=1657157230; cSyncDp32=1657157230; cSyncDp45v3=1657157230; cSyncDp53=1657157230; cSyncDp54v2=1657157230; cSyncDp62=1657157230; cSyncDp67v2=1657157230; cSyncDp68=1657157230; cSyncDp71=1657157230; cSyncDp77=1657157230; cSyncDp84=1657157230; cSyncDp85=1657157230; cSyncDp95v3=1657157230; cSyncDp101=1657157230; cSyncDp104v2=1657157230; cSyncDp107=1657157230; cSyncDp110=1657157230; cSyncDp111v2=1657157230; cSyncDp112v2=1657157230; cSyncDp125v2=1657157230; cSyncDp126=1657157230; cSyncDp127=1657157230; cSyncDp129=1657157230; cSyncDp136v2=1657157230; cSyncDp138=1657157230; cSyncDp144=1657157230; cSyncDp146=1657157230; cSyncDp148=1657157230; cSyncDp149=1657157230; cSyncDp151=1657157230; cSyncDp186=1657157230
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 07 Jul 2022 01:27:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B0B91160D5D2FAF2869F44DAC43BD44E4C687E4DD5A8C82A74E35DD93E5768D3"
Last-Modified: Wed, 06 Jul 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15959
Expires: Thu, 07 Jul 2022 05:53:10 GMT
Date: Thu, 07 Jul 2022 01:27:11 GMT
Connection: keep-alive

                                        
                                            GET /match/sape?id=89B803C16E36C6626700633602F9C4B9&chk=1 HTTP/1.1 
Host: dmp.gotechnology.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.132.209.136
HTTP/2 302 Found
                                        
server: nginx
date: Thu, 07 Jul 2022 01:27:11 GMT
content-length: 0
location: http://an.yandex.ru/mapuid/gonetdspis/NTMzYjBkOTE1MjE3M2ZlYg
set-cookie: pid=NTMzYjBkOTE1MjE3M2ZlYg; expires=Fri, 07 Jul 2023 01:27:11 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

                                        
                                            GET /sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP/1.1 
Host: dc53997d-bf54-4d59-a70b-d44e98a2acf6.sync.upravel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1657157231134; user_id=dc53997d-bf54-4d59-a70b-d44e98a2acf6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         136.243.48.22
HTTP/2 302 Found
                                        
server: nginx
date: Thu, 07 Jul 2022 01:27:11 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=dc53997d-bf54-4d59-a70b-d44e98a2acf6;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000 user_id-legacy=dc53997d-bf54-4d59-a70b-d44e98a2acf6;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=dc53997d-bf54-4d59-a70b-d44e98a2acf6
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

                                        
                                            GET /?src=ss1&s_data=CAEQABjv7JiWBlIFrbKc-w9iIDg5QjgwM0MxNkUzNkM2NjI2NzAwNjMzNjAyRjlDNEI5 HTTP/1.1 
Host: sync3.adsniper.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.172.81.172
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: uuid3=IiRlY2EyOTg2Yy1mZDkzLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 02 Jul 2042 01:27:11 GMT; Domain=adsniper.ru; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync3.adsniper.ru/?src=ss1&s_data=CAIQARjv7JiWBlIFrbKc-w9iIDg5QjgwM0MxNkUzNkM2NjI2NzAwNjMzNjAyRjlDNEI5ogEQ7KKYbP2TEeyG4AAlkMBkfA**
ETag: eca2986c-fd93-11ec-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

                                        
                                            GET /match?dp=71&euid=dc53997d-bf54-4d59-a70b-d44e98a2acf6 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWLGNm42YwBnucT5ApxkNvjHe10lnZb8QxSqbChgeF8S; test_cookie=CheckForPermission; cSyncDp7v2=1657157230; cSyncDp14v3=1657157230; cSyncDp17=1657157230; cSyncDp32=1657157230; cSyncDp45v3=1657157230; cSyncDp53=1657157230; cSyncDp54v2=1657157230; cSyncDp62=1657157230; cSyncDp67v2=1657157230; cSyncDp68=1657157230; cSyncDp71=1657157230; cSyncDp77=1657157230; cSyncDp84=1657157230; cSyncDp85=1657157230; cSyncDp95v3=1657157230; cSyncDp101=1657157230; cSyncDp104v2=1657157230; cSyncDp107=1657157230; cSyncDp110=1657157230; cSyncDp111v2=1657157230; cSyncDp112v2=1657157230; cSyncDp125v2=1657157230; cSyncDp126=1657157230; cSyncDp127=1657157230; cSyncDp129=1657157230; cSyncDp136v2=1657157230; cSyncDp138=1657157230; cSyncDp144=1657157230; cSyncDp146=1657157230; cSyncDp148=1657157230; cSyncDp149=1657157230; cSyncDp151=1657157230; cSyncDp186=1657157230
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 07 Jul 2022 01:27:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /?src=ss1&s_data=CAIQARjv7JiWBlIFrbKc-w9iIDg5QjgwM0MxNkUzNkM2NjI2NzAwNjMzNjAyRjlDNEI5ogEQ7KKYbP2TEeyG4AAlkMBkfA** HTTP/1.1 
Host: sync3.adsniper.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uuid3=IiRlY2EyOTg2Yy1mZDkzLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.172.81.172
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQABjv7JiWBmIgODlCODAzQzE2RTM2QzY2MjY3MDA2MzM2MDJGOUM0QjmiARDsophs_ZMR7IbgACWQwGR8
ETag: eca2986c-fd93-11ec-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

                                        
                                            GET /p?ssp=sp&id=89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: 89b803c16e36c6626700633602f9c4b9-sp.ops.beeline.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.9.245.57
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Thu, 07 Jul 2022 01:27:11 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=d6ede3e0-d00d-417f-b3dc-e309e73bd976
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=d6ede3e0-d00d-417f-b3dc-e309e73bd976; expires=Wed, 28 Jun 2023 01:27:11 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.37
X-Firefox-Spdy: h2

                                        
                                            GET /?src=sap1&s_data=CAIQABjv7JiWBmIgODlCODAzQzE2RTM2QzY2MjY3MDA2MzM2MDJGOUM0QjmiARDsophs_ZMR7IbgACWQwGR8 HTTP/1.1 
Host: sync.bumlam.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.172.81.160
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRlY2EyOTg2Yy1mZDkzLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 02 Jul 2042 01:27:11 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjv7JiWBmIgODlCODAzQzE2RTM2QzY2MjY3MDA2MzM2MDJGOUM0QjmiARDsophs_ZMR7IbgACWQwGR8
ETag: eca2986c-fd93-11ec-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

                                        
                                            GET /match?dp=111&euid=d6ede3e0-d00d-417f-b3dc-e309e73bd976 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWLGNm42YwBnucT5ApxkNvjHe10lnZb8QxSqbChgeF8S; test_cookie=CheckForPermission; cSyncDp7v2=1657157230; cSyncDp14v3=1657157230; cSyncDp17=1657157230; cSyncDp32=1657157230; cSyncDp45v3=1657157230; cSyncDp53=1657157230; cSyncDp54v2=1657157230; cSyncDp62=1657157230; cSyncDp67v2=1657157230; cSyncDp68=1657157230; cSyncDp71=1657157230; cSyncDp77=1657157230; cSyncDp84=1657157230; cSyncDp85=1657157230; cSyncDp95v3=1657157230; cSyncDp101=1657157230; cSyncDp104v2=1657157230; cSyncDp107=1657157230; cSyncDp110=1657157230; cSyncDp111v2=1657157230; cSyncDp112v2=1657157230; cSyncDp125v2=1657157230; cSyncDp126=1657157230; cSyncDp127=1657157230; cSyncDp129=1657157230; cSyncDp136v2=1657157230; cSyncDp138=1657157230; cSyncDp144=1657157230; cSyncDp146=1657157230; cSyncDp148=1657157230; cSyncDp149=1657157230; cSyncDp151=1657157230; cSyncDp186=1657157230
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 07 Jul 2022 01:27:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /?src=sap1&s_data=CAIQARjv7JiWBmIgODlCODAzQzE2RTM2QzY2MjY3MDA2MzM2MDJGOUM0QjmiARDsophs_ZMR7IbgACWQwGR8 HTTP/1.1 
Host: sync.bumlam.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRlY2EyOTg2Yy1mZDkzLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.172.81.160
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRlY2EyOTg2Yy1mZDkzLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 02 Jul 2042 01:27:11 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:27:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cookie_matching_ssp/Sape-dsp/89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: fcgi4.gnezdo.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.95.102.105
HTTP/2 204 No Content
                                        
server: nginx
date: Thu, 07 Jul 2022 01:27:11 GMT
set-cookie: uid=XV9maWLGNm9XqU2D/0c/Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2

                                        
                                            GET /pixel?google_nid=agentstvo_sape_limited&google_hm=ibgDwW42xmJnAGM2AvnEuQ HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.226
HTTP/2 302 Found
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=ibgDwW42xmJnAGM2AvnEuQ&google_tc=
date: Thu, 07 Jul 2022 01:27:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 317
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 07-Jul-2022 01:42:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   317
Md5:    a24aae254f99be044e19b53e528bc8d9
Sha1:   6e406d8bb93a466ee9b91cb96a6dd250b7a67143
Sha256: c09e18767ed3526d291cf20fc87579875c91e29b1653c3a2fdc93b63715531ee
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 07 Jul 2022 00:02:33 GMT
Expires: Fri, 08 Jul 2022 00:02:33 GMT
ETag: "edcc6ff7016c1fe5626de0cd3d9938f46ad42579"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    aa0452ed467ca11d4a04b1b6a2f2ca7a
Sha1:   edcc6ff7016c1fe5626de0cd3d9938f46ad42579
Sha256: e7a2b0214251dac57968934eb9750d29871d451148ad8ea34f5d5574fe0fb74d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 04 Jul 2022 04:18:20 GMT
Expires: Mon, 11 Jul 2022 04:18:20 GMT
ETag: 01b8e7910a7138725b98d770ea3ad82c6a651221
Cache-Control: max-age=600625,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp1
CF-Cache-Status: HIT
Age: 1517
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 726ccbd988ac1bfa-OSL

                                        
                                            GET /pixel?google_nid=agentstvo_sape_limited&google_hm=ibgDwW42xmJnAGM2AvnEuQ&google_tc= HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.226
HTTP/2 302 Found
                                        
location: https://www.acint.net/match?dp=77&euid=&google_error=3
date: Thu, 07 Jul 2022 01:27:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 259
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   259
Md5:    d0ce7ee22936e89ccdefb125abf1cda8
Sha1:   dfe5793799a6ac5d416918faa8a1e3f07dc846b2
Sha256: 5c7999497471729bf61bdd7affd4b18f30536a77cc64fc0d3af82365b57753a6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 05 Jul 2022 04:09:17 GMT
Expires: Tue, 12 Jul 2022 04:09:17 GMT
ETag: FF742DD3EFBEF2CABB4E306F150EECEBD638A675
Cache-Control: max-age=441125,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp1
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726ccbd94dd2b524-OSL

                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1118
Cache-Control: max-age=158388
Date: Thu, 07 Jul 2022 01:27:11 GMT
Etag: "62c5f9c5-1d7"
Expires: Fri, 08 Jul 2022 21:26:59 GMT
Last-Modified: Wed, 06 Jul 2022 21:08:21 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4130
Cache-Control: max-age=136882
Date: Thu, 07 Jul 2022 01:27:11 GMT
Etag: "62c599ff-118"
Expires: Fri, 08 Jul 2022 15:28:33 GMT
Last-Modified: Wed, 06 Jul 2022 14:19:43 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 05 Jul 2022 14:18:46 GMT
Expires: Tue, 12 Jul 2022 14:18:46 GMT
ETag: 419E33D925875C7E67871D93DD9958F1CE08068B
Cache-Control: max-age=477694,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp1
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726ccbd96df9b518-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4574EE8F2E13E8FDDA1BD86FBF71282234C07726B4ABCC19C406CFE955AB4E2B"
Last-Modified: Tue, 05 Jul 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20595
Expires: Thu, 07 Jul 2022 07:10:26 GMT
Date: Thu, 07 Jul 2022 01:27:11 GMT
Connection: keep-alive

                                        
                                            GET /usersync?dspcsid=8&redirect=1 HTTP/1.1 
Host: ssp.bidvol.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.108.1.47
HTTP/2 302 Found
                                        
server: nginx/1.14.0
date: Thu, 07 Jul 2022 01:27:11 GMT
x-request-id: 22ef6513-4058-4bd5-8c56-0f5ad682cbe2
set-cookie: bvuid=8dzbvnqt9p; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None bvuid2=8dzbvnqt9p; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=8dzbvnqt9p
X-Firefox-Spdy: h2

                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 10 Jul 2022 23:26:55 GMT
ETag: "093de7a91cb4d228bff5ece6a06a5a5cc423063e"
Last-Modified: Wed, 06 Jul 2022 23:26:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 726ccbd9dff1fac8-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    765a401866992eefa042e76bea70a9c7
Sha1:   093de7a91cb4d228bff5ece6a06a5a5cc423063e
Sha256: e155b312b3491a0bb9964f3a57b61a50cca95ab044f48fc02fec8e71d37361b4
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 05 Jul 2022 04:09:17 GMT
Expires: Tue, 12 Jul 2022 04:09:17 GMT
ETag: FF742DD3EFBEF2CABB4E306F150EECEBD638A675
Cache-Control: max-age=441125,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp11
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726ccbd97f5db527-OSL

                                        
                                            GET /match?dp=77&euid=&google_error=3 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWLGNm42YwBnucT5ApxkNvjHe10lnZb8QxSqbChgeF8S; test_cookie=CheckForPermission; cSyncDp7v2=1657157230; cSyncDp14v3=1657157230; cSyncDp17=1657157230; cSyncDp32=1657157230; cSyncDp45v3=1657157230; cSyncDp53=1657157230; cSyncDp54v2=1657157230; cSyncDp62=1657157230; cSyncDp67v2=1657157230; cSyncDp68=1657157230; cSyncDp71=1657157230; cSyncDp77=1657157230; cSyncDp84=1657157230; cSyncDp85=1657157230; cSyncDp95v3=1657157230; cSyncDp101=1657157230; cSyncDp104v2=1657157230; cSyncDp107=1657157230; cSyncDp110=1657157230; cSyncDp111v2=1657157230; cSyncDp112v2=1657157230; cSyncDp125v2=1657157230; cSyncDp126=1657157230; cSyncDp127=1657157230; cSyncDp129=1657157230; cSyncDp136v2=1657157230; cSyncDp138=1657157230; cSyncDp144=1657157230; cSyncDp146=1657157230; cSyncDp148=1657157230; cSyncDp149=1657157230; cSyncDp151=1657157230; cSyncDp186=1657157230
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 07 Jul 2022 01:27:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         188.42.191.196
HTTP/2 302 Found
                                        
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 07 Jul 2023 01:27:11 GMT; Path=/; Domain=.betweendigital.com tuuid=51e0fb59-5d1f-52bc-95b2-1605f774206a; Max-Age=31536000; Expires=Fri, 07 Jul 2023 01:27:11 GMT; Path=/; Domain=.betweendigital.com ut=YsY2bwAKIcCXBIZ-TMzRkG290CybTVHTfqF_ow==; Max-Age=31536000; Expires=Fri, 07 Jul 2023 01:27:11 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:27:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 941
Connection: keep-alive
Expires: Sun, 10 Jul 2022 22:31:16 GMT
ETag: "d47ae9bee2b00688276e32a52a82a4a70727375a"
Last-Modified: Wed, 06 Jul 2022 22:31:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2985
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 726ccbda0ffffac8-OSL

                                        
                                            GET /sync HTTP/1.1 
Host: sape-sync.rutarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         188.72.107.228
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=KdzVlQ5ga5y9
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=KdzVlQ5ga5y9; Path=/; Domain=.rutarget.ru; Expires=Tue, 03 Jan 2023 01:27:11 GMT; SameSite=None; Secure

                                        
                                            GET /mapuid/gonetdspis/NTMzYjBkOTE1MjE3M2ZlYg HTTP/1.1 
Host: an.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

                                         
                                         93.158.134.90
HTTP/1.1 404 Not Found
Content-Type: image/gif; charset=utf-8
                                        
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Content-Encoding: gzip
Date: Thu, 07 Jul 2022 01:27:11 GMT
Expires: Thu, 07 Jul 2022 01:27:11 GMT
Last-Modified: Thu, 07 Jul 2022 01:27:11 GMT
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Timing-Allow-Origin: *
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   50
Md5:    bef53a5c76b7ad469692178eeaeb08d8
Sha1:   aaae1c11fa0b5a086770957c8857d3937ed653e9
Sha256: be24bb564cc16e1fe9113f63db905a1b7a3a653c6642f0c27d5e823729a99ee3
                                        
                                            GET /0.gif?pid=9401454&id=89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: x01.aidata.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         89.108.120.76
HTTP/2 302 Found
                                        
server: nginx
date: Thu, 07 Jul 2022 01:27:11 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=89B803C16E36C6626700633602F9C4B9&bounce=1
expires: Thu, 07 Jul 2022 01:27:10 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Thu, 07 Jul 2022 01:27:10 GMT
set-cookie: __upin=pg/PGqVD+uEqDymcTpgY1Q;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure __upints=1657157231;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

                                        
                                            GET /match?bidder_id=73&external_user_id=89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         188.42.191.196
HTTP/2 302 Found
                                        
location: /match?bidder_id=73&external_user_id=89B803C16E36C6626700633602F9C4B9&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 07 Jul 2023 01:27:11 GMT; Path=/; Domain=.betweendigital.com tuuid=cfd70269-3ced-52bc-8ca8-50acee6e66c3; Max-Age=31536000; Expires=Fri, 07 Jul 2023 01:27:11 GMT; Path=/; Domain=.betweendigital.com ut=YsY2bwAKc8jlBP2OzYsTOpB4V9pTuGoOxoXy3Q==; Max-Age=31536000; Expires=Fri, 07 Jul 2023 01:27:11 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /p?ssp=sape&id=89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: sm.rtb.mts.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.66.147.168
HTTP/1.1 301 Moved Permanently
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:25:26 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=89B803C16E36C6626700633602F9C4B9
Set-Cookie: dspid=aa31e34c-7820-41b2-8807-3b20f65eb965; expires=Wed, 28 Jun 2023 01:27:11 GMT; domain=.mts.ru; path=/; secure; SameSite=None

                                        
                                            GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=3764447738 HTTP/1.1 
Host: redirect.frontend.weborama.fr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.24.218
HTTP/2 204 No Content
                                        
server: Weborama Collect Frontend
date: Thu, 07 Jul 2022 01:27:11 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Thu, 07 Jul 2022 01:27:11 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.42.191.196
HTTP/2 200 OK
                                        
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 07 Jul 2023 01:27:11 GMT; Path=/; Domain=.betweendigital.com tuuid=d964a0f4-a84b-52bc-b88f-b66ada498005; Max-Age=31536000; Expires=Fri, 07 Jul 2023 01:27:11 GMT; Path=/; Domain=.betweendigital.com ut=YsY2bwAKjyAVLynUiH4eVJhEdHXCcjnPf4avfA==; Max-Age=31536000; Expires=Fri, 07 Jul 2023 01:27:11 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   68
Md5:    c4a2b870062c2bb98c500bc1526c0498
Sha1:   528666ccdb12997358077bc8fcdbfb6b825c7788
Sha256: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
                                        
                                            GET /adcm.js HTTP/1.1 
Host: tag.digitaltarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.15.175.144
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 3051
Last-Modified: Thu, 07 Jul 2022 01:04:00 GMT
Connection: keep-alive
ETag: "62c63100-beb"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (3051), with no line terminators
Size:   3051
Md5:    e7097284185069f52fc736bcd50cda13
Sha1:   1cdfdf2d869841202079ddf91e0a00a8610812e6
Sha256: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
                                        
                                            GET /match?dp=104&euid=KdzVlQ5ga5y9 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWLGNm42YwBnucT5ApxkNvjHe10lnZb8QxSqbChgeF8S; test_cookie=CheckForPermission; cSyncDp7v2=1657157230; cSyncDp14v3=1657157230; cSyncDp17=1657157230; cSyncDp32=1657157230; cSyncDp45v3=1657157230; cSyncDp53=1657157230; cSyncDp54v2=1657157230; cSyncDp62=1657157230; cSyncDp67v2=1657157230; cSyncDp68=1657157230; cSyncDp71=1657157230; cSyncDp77=1657157230; cSyncDp84=1657157230; cSyncDp85=1657157230; cSyncDp95v3=1657157230; cSyncDp101=1657157230; cSyncDp104v2=1657157230; cSyncDp107=1657157230; cSyncDp110=1657157230; cSyncDp111v2=1657157230; cSyncDp112v2=1657157230; cSyncDp125v2=1657157230; cSyncDp126=1657157230; cSyncDp127=1657157230; cSyncDp129=1657157230; cSyncDp136v2=1657157230; cSyncDp138=1657157230; cSyncDp144=1657157230; cSyncDp146=1657157230; cSyncDp148=1657157230; cSyncDp149=1657157230; cSyncDp151=1657157230; cSyncDp186=1657157230
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 07 Jul 2022 01:27:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match?bidder_id=73&external_user_id=89B803C16E36C6626700633602F9C4B9&crf=1 HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.42.191.196
HTTP/2 200 OK
                                        
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 07 Jul 2023 01:27:11 GMT; Path=/; Domain=.betweendigital.com tuuid=7b814c7f-d3fa-52bc-a8de-9711ca18a17e; Max-Age=31536000; Expires=Fri, 07 Jul 2023 01:27:11 GMT; Path=/; Domain=.betweendigital.com ut=YsY2bwALBFAg3VjAy3wR8HiCobogrYXm-uijRA==; Max-Age=31536000; Expires=Fri, 07 Jul 2023 01:27:11 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   68
Md5:    c4a2b870062c2bb98c500bc1526c0498
Sha1:   528666ccdb12997358077bc8fcdbfb6b825c7788
Sha256: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
                                        
                                            GET /cm.gif?p=48&id=89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: ad.mail.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         94.100.180.197
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 07 Jul 2022 01:27:11 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=0UFnpM2iUcYB002Atf3P0PoB:::0-0-0-7e08f2f:CAASECt7gch_mt5_lWEp_J3iiG0aYA9y4azm-0FqT8VpBa4b43PhTuxuO77xi5LSOgEcPa4Kq0jUnNxO00lrjtkF4uYBN5WUJgTjin3vpqjv-ueqFeMAwP_A2r5fwOWkSlY47Yj1gN5et80TsVDppXmdNrNqrA; path=/; expires=Sat, 08-Jul-23 01:27:11 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Thu, 07 Jul 2022 07:27:11 GMT
cache-control: max-age=21600
last-modified: Thu, 07 Jul 2022 01:27:11 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /0.gif?pid=9401454&id=89B803C16E36C6626700633602F9C4B9&bounce=1 HTTP/1.1 
Host: x01.aidata.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         89.108.120.76
HTTP/2 204 No Content
                                        
server: nginx
date: Thu, 07 Jul 2022 01:27:11 GMT
expires: Thu, 07 Jul 2022 01:27:10 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Thu, 07 Jul 2022 01:27:10 GMT
set-cookie: __upin=HMQzQYlEvIcj53K4M6OjTw;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure __upints=1657157231;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 07 Jul 2022 00:02:33 GMT
Expires: Fri, 08 Jul 2022 00:02:33 GMT
ETag: "edcc6ff7016c1fe5626de0cd3d9938f46ad42579"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    aa0452ed467ca11d4a04b1b6a2f2ca7a
Sha1:   edcc6ff7016c1fe5626de0cd3d9938f46ad42579
Sha256: e7a2b0214251dac57968934eb9750d29871d451148ad8ea34f5d5574fe0fb74d
                                        
                                            GET /p/cm/sape?u=89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: px.adhigh.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         193.232.150.60
HTTP/2 302 Found
                                        
server: nginx
date: Thu, 07 Jul 2022 01:27:11 GMT
content-length: 0
x-backend-id: f20-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=PXO5osWfhcq.AikABlGB1kSkZw;Path=/;Domain=.adhigh.net;Expires=Fri, 07-Jul-2023 01:27:11 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=89B803C16E36C6626700633602F9C4B9&bounced=1
X-Firefox-Spdy: h2

                                        
                                            GET /match/second?ssp=30&exu=89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: sm.rtb.mts.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.66.147.168
HTTP/1.1 301 Moved Permanently
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:25:26 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://tech.rtb.mts.ru/

                                        
                                            GET /p/cm/sape?u=89B803C16E36C6626700633602F9C4B9&bounced=1 HTTP/1.1 
Host: px.adhigh.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         193.232.150.60
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 07 Jul 2022 01:27:11 GMT
content-type: image/gif
content-length: 49
x-backend-id: f20-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   49
Md5:    889bc1fffc025af4685839fb516a0b8b
Sha1:   7f105137a4eafe93213ecd8cc34dd907c340467c
Sha256: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
                                        
                                            GET /processor.js?i=515905672766696 HTTP/1.1 
Host: tag.digitaltarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.15.175.144
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 15878
Last-Modified: Thu, 07 Jul 2022 01:04:01 GMT
Connection: keep-alive
ETag: "62c63101-3e06"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (15878), with no line terminators
Size:   15878
Md5:    5fb72141505b525aa1ac96bf2f2fdd8b
Sha1:   5e463c12f0e56864739dbe44e419d01cd9ebd84d
Sha256: 3329813e0c2788f727bbb57c75a5751c683649372d99dd1a3627f2f7d95e2e58
                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 11 Jul 2022 00:41:54 GMT
ETag: "4e19ef94e8f8836f9910e52fb59a3531f32adf9e"
Last-Modified: Thu, 07 Jul 2022 00:41:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 148
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 726ccbdb984ffac8-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    75375f04cef86d19e938cea93cf1ee6b
Sha1:   4e19ef94e8f8836f9910e52fb59a3531f32adf9e
Sha256: 9fda64c49f9f2dd5d5986c46bcf2281e7232ebb5b5d63d25cb79fa0f78b39315
                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 07 Jul 2022 01:27:11 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 11 Jul 2022 00:41:54 GMT
ETag: "4e19ef94e8f8836f9910e52fb59a3531f32adf9e"
Last-Modified: Thu, 07 Jul 2022 00:41:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 148
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 726ccbdbae3eb515-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    75375f04cef86d19e938cea93cf1ee6b
Sha1:   4e19ef94e8f8836f9910e52fb59a3531f32adf9e
Sha256: 9fda64c49f9f2dd5d5986c46bcf2281e7232ebb5b5d63d25cb79fa0f78b39315
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "88B81A2479D9F4BD31BBDD16AD70039D92E8E4BDCF07F3C553A62AE9121AF7D5"
Last-Modified: Tue, 05 Jul 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7310
Expires: Thu, 07 Jul 2022 03:29:02 GMT
Date: Thu, 07 Jul 2022 01:27:12 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: tech.rtb.mts.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         213.87.44.187
HTTP/1.1 204 No Content
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.20.2
Date: Thu, 07 Jul 2022 01:27:12 GMT
Connection: keep-alive
Set-Cookie: mts_id=8400b21c-9c20-4a5a-9c7f-ad60850de46a; Domain=mts.ru; expires=Sat, 15 May 2032 01:27:12 GMT; SameSite=None; Secure mts_id_last_sync=1657157232; Domain=mts.ru; expires=Sat, 15 May 2032 01:27:12 GMT; SameSite=None; Secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

                                        
                                            GET /cgi-bin/sync.cgi?dsp_id=153&external_id=89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: ssp.adriver.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.209.111.7
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:27:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1 
Host: ad.adriver.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.209.108.38
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Thu, 07 Jul 2022 01:27:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-5526396189; expires=Sat, 06 Jul 2024 01:27:12 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5526396189
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

                                        
                                            GET /1/1093/i/i?i=732435847684889.602408079004329&a=77&e=89B803C16E36C6626700633602F9C4B9&pref=https%3A%2F%2Fpassword.mk%2F&c=ss:77.up:89B803C16E36C6626700633602F9C4B9.sync:up.xdua:du4NcaAE7uhyBCKEHKtFADth.xps:xpsIn7ZkBWRTGqTsBNF62gfgC.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1 
Host: dmg.digitaltarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.15.175.158
HTTP/1.1 307 Temporary Redirect
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:27:12 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=732435847684889.602408079004329&a=77&e=89B803C16E36C6626700633602F9C4B9&pref=https%3A%2F%2Fpassword.mk%2F&c=ss:77.up:89B803C16E36C6626700633602F9C4B9.sync:up.xdua:du4NcaAE7uhyBCKEHKtFADth.xps:xpsIn7ZkBWRTGqTsBNF62gfgC.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=02lXC7LwMkAgikF7g-l5; Max-Age=93312000; Expires=Sat, 21 Jun 2025 01:27:12 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

                                        
                                            GET /mapuid/sapeis/89B803C16E36C6626700633602F9C4B9?redir-setuniq=1 HTTP/1.1 
Host: an.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         93.158.134.90
HTTP/2 200 OK
                                        
timing-allow-origin: *
date: Thu, 07 Jul 2022 01:27:11 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 07 Jul 2022 01:27:11 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 07 Jul 2022 01:27:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   50
Md5:    bef53a5c76b7ad469692178eeaeb08d8
Sha1:   aaae1c11fa0b5a086770957c8857d3937ed653e9
Sha256: be24bb564cc16e1fe9113f63db905a1b7a3a653c6642f0c27d5e823729a99ee3
                                        
                                            GET /awg/custom/1093/i/i?call_source=awg&i=732435847684889.602408079004329&a=77&e=89B803C16E36C6626700633602F9C4B9&pref=https%3A%2F%2Fpassword.mk%2F&c=ss:77.up:89B803C16E36C6626700633602F9C4B9.sync:up.xdua:du4NcaAE7uhyBCKEHKtFADth.xps:xpsIn7ZkBWRTGqTsBNF62gfgC.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1 
Host: dmg.digitaltarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.15.175.158
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:27:12 GMT
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   64
Md5:    ffd585dfb1ac6320633a0be46d579437
Sha1:   5a6033d23bc9cd5d1de9ee61de69a44428086dcb
Sha256: df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
                                        
                                            GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5526396189 HTTP/1.1 
Host: ad.adriver.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.209.108.38
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Thu, 07 Jul 2022 01:27:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Sat, 06 Jul 2024 01:27:12 GMT; path=/; domain=.adriver.ru; uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   40
Md5:    251630b588179b239e8fab1ac9ef6d3a
Sha1:   91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
Sha256: c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
                                        
                                            GET /awg/custom/1093/i/i?call_source=awg&i=732435847684889.253972998927057&a=77&e=89B803C16E36C6626700633602F9C4B9&pref=https%3A%2F%2Fpassword.mk%2F&c=ss:77.up:89B803C16E36C6626700633602F9C4B9.sync:up.xdua:du4NcaAE7uhyBCKEHKtFADth.xps:xpsIn7ZkBWRTGqTsBNF62gfgC.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1 
Host: dmg.digitaltarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.15.175.158
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:27:12 GMT
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   64
Md5:    ffd585dfb1ac6320633a0be46d579437
Sha1:   5a6033d23bc9cd5d1de9ee61de69a44428086dcb
Sha256: df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
                                        
                                            GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWLGNm42YwBnucT5ApxkNvjHe10lnZb8QxSqbChgeF8S; test_cookie=CheckForPermission; cSyncDp7v2=1657157230; cSyncDp14v3=1657157230; cSyncDp17=1657157230; cSyncDp32=1657157230; cSyncDp45v3=1657157230; cSyncDp53=1657157230; cSyncDp54v2=1657157230; cSyncDp62=1657157230; cSyncDp67v2=1657157230; cSyncDp68=1657157230; cSyncDp71=1657157230; cSyncDp77=1657157230; cSyncDp84=1657157230; cSyncDp85=1657157230; cSyncDp95v3=1657157230; cSyncDp101=1657157230; cSyncDp104v2=1657157230; cSyncDp107=1657157230; cSyncDp110=1657157230; cSyncDp111v2=1657157230; cSyncDp112v2=1657157230; cSyncDp125v2=1657157230; cSyncDp126=1657157230; cSyncDp127=1657157230; cSyncDp129=1657157230; cSyncDp136v2=1657157230; cSyncDp138=1657157230; cSyncDp144=1657157230; cSyncDp146=1657157230; cSyncDp148=1657157230; cSyncDp149=1657157230; cSyncDp151=1657157230; cSyncDp186=1657157230
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 302 Found
                                        
server: openresty
date: Thu, 07 Jul 2022 01:27:12 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=89B803C16E36C6626700633602F9C4B9
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   154
Md5:    cfbeaf604823f038b8b46f0ac862b98c
Sha1:   7b9eb1dac48e74fa5f418bc456cb410f88b81d98
Sha256: 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
                                        
                                            GET /cgi-bin/sync.cgi?ssp_id=43&external_id=89B803C16E36C6626700633602F9C4B9 HTTP/1.1 
Host: ssp.adriver.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.209.111.7
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Thu, 07 Jul 2022 01:27:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4038
Expires: Thu, 07 Jul 2022 02:34:30 GMT
Date: Thu, 07 Jul 2022 01:27:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4038
Expires: Thu, 07 Jul 2022 02:34:30 GMT
Date: Thu, 07 Jul 2022 01:27:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4038
Expires: Thu, 07 Jul 2022 02:34:30 GMT
Date: Thu, 07 Jul 2022 01:27:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4038
Expires: Thu, 07 Jul 2022 02:34:30 GMT
Date: Thu, 07 Jul 2022 01:27:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4038
Expires: Thu, 07 Jul 2022 02:34:30 GMT
Date: Thu, 07 Jul 2022 01:27:12 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5943e946-454d-4fa2-9a42-3742d5c15b9c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8185
x-amzn-requestid: 4175b120-06ce-4a9c-bc4e-03631c38f97b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UoJB0FzDoAMFUTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bfeed8-705a0dc35090e183285bfa9a;Sampled=0
x-amzn-remapped-date: Sat, 02 Jul 2022 07:08:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: noyuVo7-k6XK-GX49yRV5JSF3UzqNjEpQ8N8b6Tv5iUok1C9rMFOrQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 08:38:20 GMT
age: 60532
etag: "71d91b56c51c8e6c72049088c5f48d047e3c2528"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8185
Md5:    71f575ec1945ef97114e5125f7f46bec
Sha1:   71d91b56c51c8e6c72049088c5f48d047e3c2528
Sha256: b0aafa06050270acd35bd434d7418ca1c6ed4b66c0680302da29477d78bc4578
                                        
                                            GET /mc/?dp=10&tc=1 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://password.mk/
Connection: keep-alive
Cookie: aid=wQO4iWLGNm42YwBnucT5ApxkNvjHe10lnZb8QxSqbChgeF8S; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 07 Jul 2022 01:27:10 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp14v3=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp17=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp32=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp45v3=1657157230; expires=Fri, 08-Jul-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp53=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp54v2=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp62=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp67v2=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp68=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp71=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp77=1657157230; expires=Thu, 21-Jul-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp84=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp85=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp95v3=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp101=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp104v2=1657157230; expires=Thu, 21-Jul-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp107=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp110=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp111v2=1657157230; expires=Thu, 21-Jul-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp112v2=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp125v2=1657157230; expires=Fri, 22-Jul-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp126=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp127=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp129=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp136v2=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp138=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp144=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp146=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp148=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp149=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp151=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp186=1657157230; expires=Sat, 06-Aug-22 01:27:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   8112
Md5:    3fbd25795246e634fc9841a1eab0e280
Sha1:   e91c5f2d3f7080ea1ae5c0a1c0d290eec49f3e6b
Sha256: 3fab50491a52f0de472bcf3d32f4b1dd795ac5f47134186296089e64879b690d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7633309-5f51-4741-aec1-77223d21def2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6219
x-amzn-requestid: 5c99b20a-4356-4613-a812-994358d8d2f2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U3UD1FbRIAMFcOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c6007e-63e05e65678eab473ef18a0f;Sampled=0
x-amzn-remapped-date: Wed, 06 Jul 2022 21:37:02 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OIMI0B5-SyhCAhrXYNb9kwvL1DMDz7RIeeR1OAFsrzBUHuWn8XMaUA==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 21:54:05 GMT
age: 12787
etag: "7721f00647b911279b6f42bf463eed176e389622"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6219
Md5:    6a5de65d5b600c0785e0415233eb2eae
Sha1:   7721f00647b911279b6f42bf463eed176e389622
Sha256: 835ba3151816b32ab23e3d8a215d0dee67dd070428bad5bb3ab596b67a1373b7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b3c96c9-a522-4ac7-b26d-8a493fdad54e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5833
x-amzn-requestid: b1906d58-4339-4e95-933b-111b98d7e7f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U3UEfHnwIAMFSNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c60082-7ae16f081c0a62cc04191bf0;Sampled=0
x-amzn-remapped-date: Wed, 06 Jul 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9f1t_-f8XyBhRAVJJ5ehuh092td7RE4XCCVgW0ZGoI9kJXn_HE0hOA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 22:03:50 GMT
age: 12202
etag: "9e45ca5390279272ab7991b250cd035c569db6c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5833
Md5:    0c8f6d61cb2fa1b87748d6ea53f21678
Sha1:   9e45ca5390279272ab7991b250cd035c569db6c9
Sha256: 1f909a49d5f85085e8ebc982bf8e2d0fc4f94b2f01946d0c7dbb232020ce5e8f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7394f5d-cdce-41b4-a77f-497fd53c5173.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6510
x-amzn-requestid: dc00e158-bcd9-4662-9c0d-26dbd34b129d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Uq6E6FJtIAMF13A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c10a1f-4944bf2575232fb746670844;Sampled=0
x-amzn-remapped-date: Sun, 03 Jul 2022 03:16:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JNVJHzyUaCkNSOg04LO5vfV16RUnILPnqJBNPLFLTH_Bwxq8ALnZZA==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 06:38:09 GMT
age: 67743
etag: "5e1dc99fa1b894ae83dd0ef04b3daa5ff820cd40"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6510
Md5:    35403bff40fe010a03fbbfa56185ef30
Sha1:   5e1dc99fa1b894ae83dd0ef04b3daa5ff820cd40
Sha256: 6c7efc03f6c3ebcf6ed69bff044d63ba19c832cb8ecb7ce291226b69cb7b3ac5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf054370-6b80-40cd-a42e-91d4d8e3c37e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7271
x-amzn-requestid: cec81cbd-de3f-4d78-85e6-5b1a51bc148f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U3Dp7GmtIAMFzgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c5e63f-7b0aeb393b5a87d65e40c8e3;Sampled=0
x-amzn-remapped-date: Wed, 06 Jul 2022 19:45:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ePVvRFQ2fP52OzAesEQDL3uhCOjYKl7Nmr1NQ4gkwvuXCwu_TdKc3g==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 21:53:24 GMT
age: 12828
etag: "949707b56fd4aa6464f5f4a5d52b18ab72d307ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7271
Md5:    1d4f4e3ad0f3ca501b797538d0f3aaac
Sha1:   949707b56fd4aa6464f5f4a5d52b18ab72d307ff
Sha256: 66cf72056531f6151e2e72d48f07f1ba063753316160fe165cb00e125efbca90
                                        
                                            GET /ping/?v=0.4.0&uid=aedf8aa0-e43b-420c-ad7b-b66b91906fde&dp=10&tz=%2B00%3A00&nc=73993031&dT=2022-07-07T01%3A27%3A13.284 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://password.mk/
Cookie: aid=wQO4iWLGNm42YwBnucT5ApxkNvjHe10lnZb8QxSqbChgeF8S; test_cookie=CheckForPermission; cSyncDp7v2=1657157230; cSyncDp14v3=1657157230; cSyncDp17=1657157230; cSyncDp32=1657157230; cSyncDp45v3=1657157230; cSyncDp53=1657157230; cSyncDp54v2=1657157230; cSyncDp62=1657157230; cSyncDp67v2=1657157230; cSyncDp68=1657157230; cSyncDp71=1657157230; cSyncDp77=1657157230; cSyncDp84=1657157230; cSyncDp85=1657157230; cSyncDp95v3=1657157230; cSyncDp101=1657157230; cSyncDp104v2=1657157230; cSyncDp107=1657157230; cSyncDp110=1657157230; cSyncDp111v2=1657157230; cSyncDp112v2=1657157230; cSyncDp125v2=1657157230; cSyncDp126=1657157230; cSyncDp127=1657157230; cSyncDp129=1657157230; cSyncDp136v2=1657157230; cSyncDp138=1657157230; cSyncDp144=1657157230; cSyncDp146=1657157230; cSyncDp148=1657157230; cSyncDp149=1657157230; cSyncDp151=1657157230; cSyncDp186=1657157230
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 07 Jul 2022 01:27:13 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda