poranarabotu.ru/vse_novosti/nArch/2
94.198.50.208308 Permanent Redirect 0 B URL HTTP/1.1 poranarabotu.ru/vse_novosti/nArch/2
IP 94.198.50.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /vse_novosti/nArch/2 HTTP/1.1
Host: poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 308 Permanent Redirect
Connection: close
Location: https://poranarabotu.ru/vse_novosti/nArch/2
Server: Caddy
Date: Thu, 02 Feb 2023 04:39:42 GMT
Content-Length: 0
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19359
Expires: Thu, 02 Feb 2023 10:02:22 GMT
Date: Thu, 02 Feb 2023 04:39:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12894
Expires: Thu, 02 Feb 2023 08:14:37 GMT
Date: Thu, 02 Feb 2023 04:39:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 04:36:03 GMT
content-type: application/json
age: 220
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15250
Expires: Thu, 02 Feb 2023 08:53:53 GMT
Date: Thu, 02 Feb 2023 04:39:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /ZAnu/n5s1D3LcbJFSL4cNAu47Kj6U7t21K4vYvp4EpkyTzjphQVWHsBzyRMdr9dWdTCuQCSWn8=
x-amz-request-id: S35V0J3VNDTEXDFH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 03:51:49 GMT
age: 2874
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
poranarabotu.ru/vse_novosti/nArch/2
94.198.50.208301 Moved Permanently 0 B URL HTTP/2 poranarabotu.ru/vse_novosti/nArch/2
IP 94.198.50.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /vse_novosti/nArch/2 HTTP/1.1
Host: poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: http://www.poranarabotu.ru/vse_novosti/nArch/2
server: Caddy
status: 301 Moved Permanently
x-powered-by: PHP/5.6.40
content-length: 0
date: Thu, 02 Feb 2023 04:39:43 GMT
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 04:39:43 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.poranarabotu.ru/vse_novosti/nArch/2
94.198.50.208308 Permanent Redirect 0 B URL HTTP/1.1 www.poranarabotu.ru/vse_novosti/nArch/2
IP 94.198.50.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /vse_novosti/nArch/2 HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 308 Permanent Redirect
Connection: close
Location: https://www.poranarabotu.ru/vse_novosti/nArch/2
Server: Caddy
Date: Thu, 02 Feb 2023 04:39:43 GMT
Content-Length: 0
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 03:41:43 GMT
age: 3480
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6127
Expires: Thu, 02 Feb 2023 06:21:50 GMT
Date: Thu, 02 Feb 2023 04:39:43 GMT
Connection: keep-alive
www.poranarabotu.ru/css/reset.css
94.198.50.208200 OK 595 B URL HTTP/2 www.poranarabotu.ru/css/reset.css
IP 94.198.50.208:0
File type ASCII text, with CRLF line terminators
Hash 36927d06feb4d92bcebfdc1f8d940d07
9a77ee5b093e9b90944107d9b9239926edd5799e
8ebcc6b69cde27925b950ad1f449c2736952926077cf85bf695f71367ff24f04
GET /css/reset.css HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/css; charset=utf-8
etag: "ljk8u0wo"
last-modified: Tue, 12 Apr 2011 22:22:48 GMT
server: Caddy
vary: Accept-Encoding
content-length: 595
date: Thu, 02 Feb 2023 04:39:43 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/css/content.css
94.198.50.208200 OK 1.0 kB URL HTTP/2 www.poranarabotu.ru/css/content.css
IP 94.198.50.208:0
File type ASCII text, with CRLF line terminators
Hash 94394f64bab4deb324fe4295436c1cea
a072327c2b670cbc7b408ac42974393eb5e3c5b3
5ac497196cd6ae24d5fbf40e737de2ce99531604c069a110f898115e41683cff
GET /css/content.css HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/css; charset=utf-8
etag: "lychbx22a"
last-modified: Wed, 25 Jan 2012 08:09:33 GMT
server: Caddy
vary: Accept-Encoding
content-length: 1009
date: Thu, 02 Feb 2023 04:39:43 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/project/plugin/search/search.css
94.198.50.208200 OK 569 B URL HTTP/2 www.poranarabotu.ru/project/plugin/search/search.css
IP 94.198.50.208:0
File type ASCII text, with CRLF line terminators
Hash 124d3ea06d012cecd1cd8340c61e0dd7
bd62b944c8ae884277f4735f99d7723731c6e854
d34b9c01eaaed19246d8f1754b08272ea6e247c6c60282d3d43f7114a3a4b5ff
GET /project/plugin/search/search.css HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/css; charset=utf-8
etag: "lkgcp912s"
last-modified: Sat, 30 Apr 2011 06:29:33 GMT
server: Caddy
vary: Accept-Encoding
content-length: 569
date: Thu, 02 Feb 2023 04:39:43 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/project/plugin/news/news.css
94.198.50.208200 OK 1.2 kB URL HTTP/2 www.poranarabotu.ru/project/plugin/news/news.css
IP 94.198.50.208:0
File type ASCII text, with CRLF line terminators
Hash c1141498e9ad9219304d0f7824ccd4ac
6bc24e9cc0d744d384b662213db65e0ef09ea45a
db3c09d696b0638254d1f58227310efc984e5b9e11f21fee48f9c972f72dd4aa
GET /project/plugin/news/news.css HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/css; charset=utf-8
etag: "lngvwb3gb"
last-modified: Mon, 27 Jun 2011 21:04:59 GMT
server: Caddy
vary: Accept-Encoding
content-length: 1193
date: Thu, 02 Feb 2023 04:39:43 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/js/js.js
94.198.50.208200 OK 3.1 kB URL HTTP/2 www.poranarabotu.ru/js/js.js
IP 94.198.50.208:0
Hash 023093e910f3b080bf84d465b07d92de
4b1d2d9f0db1501b426686537f5ac825615c0137
5cbd81ee616c1cd25564d246256c4fc4d41702f0c76139dbe7d31b2974efd81d
Analyzer Verdict Alert fortinet Malware
GET /js/js.js HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: "mvwqr27zb"
last-modified: Thu, 07 Nov 2013 19:13:50 GMT
server: Caddy
vary: Accept-Encoding
content-length: 3132
date: Thu, 02 Feb 2023 04:39:43 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/js/daAlert-min.js
94.198.50.208200 OK 4.0 kB URL HTTP/2 www.poranarabotu.ru/js/daAlert-min.js
IP 94.198.50.208:0
File type HTML document, ASCII text, with very long lines (5453)
Hash c08f327ec6dedba5ffafaccb12f43424
b02825dd921a63615ba3d4d868f3423ee5128e6e
9c5c3cec9ea1edcc65e97f34dfc8a99b6faf26dc23c737ad6d88968a672d743b
Analyzer Verdict Alert fortinet Malware
GET /js/daAlert-min.js HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: "lc1y3c48b"
last-modified: Wed, 17 Nov 2010 23:18:48 GMT
server: Caddy
vary: Accept-Encoding
content-length: 4025
date: Thu, 02 Feb 2023 04:39:43 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/engine/js/functions.js
94.198.50.208200 OK 1.3 kB URL HTTP/2 www.poranarabotu.ru/engine/js/functions.js
IP 94.198.50.208:0
Hash bfc03ac72e22f23e13d678a4f21b91d8
610bd528055632758bb208b83d0664836efbe129
c96caef1c08ff53ef56ac944a6c1a5400e399237059de619e57027079255d18a
Analyzer Verdict Alert fortinet Malware
GET /engine/js/functions.js HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: "mw4vnm2bx"
last-modified: Tue, 12 Nov 2013 04:40:34 GMT
server: Caddy
vary: Accept-Encoding
content-length: 1347
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/js/daPlaceholder.js
94.198.50.208200 OK 376 B URL HTTP/2 www.poranarabotu.ru/js/daPlaceholder.js
IP 94.198.50.208:0
File type ASCII text, with CRLF line terminators
Hash fabf40e4c5cbc9d0e0b611e94c4fbfa1
8e075d03fa39aa5ad58f929332cfb04ba0fa04b8
129b0c9ff9c029af683bc680a9b80ddd79d9bc94dd610c3c3f1594be8f667d53
Analyzer Verdict Alert fortinet Malware
GET /js/daPlaceholder.js HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
etag: "mwo5p9ag"
last-modified: Fri, 22 Nov 2013 14:31:57 GMT
server: Caddy
content-length: 376
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/engine/js/json2-min.js
94.198.50.208200 OK 1.4 kB URL HTTP/2 www.poranarabotu.ru/engine/js/json2-min.js
IP 94.198.50.208:0
File type ASCII text, with very long lines (582)
Hash 5ff2657334d2d6f82b59c20bd32f48d5
091baceeece25753721b97be377e872d6318d0c5
702bf10d41940e59fc1c8bd7ec39ed9ac7cb398caf2af85bf97a5becdc7430da
Analyzer Verdict Alert fortinet Malware
GET /engine/js/json2-min.js HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: "mwdcdg2mo"
last-modified: Sat, 16 Nov 2013 18:22:28 GMT
server: Caddy
vary: Accept-Encoding
content-length: 1384
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/engine/js/jquery.ui.datepicker-ru.js
94.198.50.208200 OK 650 B URL HTTP/2 www.poranarabotu.ru/engine/js/jquery.ui.datepicker-ru.js
IP 94.198.50.208:0
Hash f7af90234e50e4eee1e20e0fbac266a9
bc7d96d24dc5e1396a43007ecf401e6d92923627
11e91d719e0ca0885db95c603f11662fc38b028e32c3bf855aa1b53c03520433
Analyzer Verdict Alert fortinet Malware
GET /engine/js/jquery.ui.datepicker-ru.js HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: "lvtkfzuy"
last-modified: Wed, 07 Dec 2011 05:55:11 GMT
server: Caddy
vary: Accept-Encoding
content-length: 650
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/project/plugin/search/search.js
94.198.50.208200 OK 449 B URL HTTP/2 www.poranarabotu.ru/project/plugin/search/search.js
IP 94.198.50.208:0
File type Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash faa847a2be26778b8496c27dda334a29
388f904d8e90b9954337a8fa47873efb4efbc478
cfac983b5f35ce372a958392cb093b252414135e4717cc3eec16a517644f712d
Analyzer Verdict Alert fortinet Malware
GET /project/plugin/search/search.js HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
etag: "mwf9tmch"
last-modified: Sun, 17 Nov 2013 19:22:34 GMT
server: Caddy
content-length: 449
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/gfx/stat.png
94.198.50.208200 OK 11 kB URL HTTP/2 www.poranarabotu.ru/gfx/stat.png
IP 94.198.50.208:0
File type PNG image data, 299 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 2ecb29aeed1290b9f31ffc46c091dc56
ee9197c4f2bcd593b23353feaa0fd13ca4292648
0baab02ebd0320613d14affc17dbc9e2ce4767d8fc21b43897523d98d057186f
GET /gfx/stat.png HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
etag: "ljyrmu8nl"
last-modified: Wed, 20 Apr 2011 18:35:18 GMT
server: Caddy
content-length: 11217
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/gfx/bnr/bnn.gif
94.198.50.208200 OK 7.0 kB URL HTTP/2 www.poranarabotu.ru/gfx/bnr/bnn.gif
IP 94.198.50.208:0
File type GIF image data, version 89a, 116 x 80\012- data
Hash cdc6b1e02474382583a9d56ec434a6d4
a145494ff22b9966e75747751324aa4606d36377
6d41a7cbb77508a791cbc7a85cf17da6cb90988a391a9f23c2cc441ab777df80
GET /gfx/bnr/bnn.gif HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
etag: "ljyrm65dt"
last-modified: Wed, 20 Apr 2011 18:34:54 GMT
server: Caddy
content-length: 6977
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/gfx/besplatno_consult.png
94.198.50.208200 OK 6.6 kB URL HTTP/2 www.poranarabotu.ru/gfx/besplatno_consult.png
IP 94.198.50.208:0
File type PNG image data, 281 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash b17bdf07f1872f402f24074c137be70a
5e3a4b15c74eecc4d9cd840172681542c6eead2e
f88cd9f63075f6a3a71f25e6e0422d8e91a4649d5b1748b332e164a2fda76197
GET /gfx/besplatno_consult.png HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
etag: "ljyva252h"
last-modified: Wed, 20 Apr 2011 19:54:02 GMT
server: Caddy
content-length: 6569
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/engine/class/ajax/jquery.php.js
94.198.50.208200 OK 3.0 kB URL HTTP/2 www.poranarabotu.ru/engine/class/ajax/jquery.php.js
IP 94.198.50.208:0
File type ASCII text, with very long lines (5522), with CRLF, LF line terminators
Hash 90e7ea9eeb777e42be2f0697d0c12ba2
06ad334a1f7eda62405813bd1a887d6b5f828a11
579ddb6b920d6e727ebec12e3734b595ae606775baaa46283dd775e995f3b854
Analyzer Verdict Alert fortinet Malware
GET /engine/class/ajax/jquery.php.js HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: "mvzzrs4kd"
last-modified: Sat, 09 Nov 2013 13:21:28 GMT
server: Caddy
vary: Accept-Encoding
content-length: 2994
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/gfx/bnr/timecode-1.gif
94.198.50.208200 OK 29 kB URL HTTP/2 www.poranarabotu.ru/gfx/bnr/timecode-1.gif
IP 94.198.50.208:0
File type GIF image data, version 89a, 495 x 60\012- data
Hash 9f84565f264d84824d8af59b0d7aec06
65073fc4b6245188d8385a73bd9b569a3f0694f2
6d7343630550fa4e23a64a8b5ddd100e3044e2d3313b54683d345931f6f4dd4c
GET /gfx/bnr/timecode-1.gif HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
etag: "m98x75mn5"
last-modified: Fri, 24 Aug 2012 06:11:29 GMT
server: Caddy
content-length: 29345
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/gfx/pora.png
94.198.50.208200 OK 5.2 kB URL HTTP/2 www.poranarabotu.ru/gfx/pora.png
IP 94.198.50.208:0
File type PNG image data, 470 x 55, 8-bit colormap, non-interlaced\012- data
Hash 4a5de9584a4c0b3b11297ecf3dba6c98
43a0725ecc449ed4da5682e36e24ba694e563e07
b8ec1868e9dcea382c9f37ea57a5e0ea4e575612a96379917821f7e08b920a67
GET /gfx/pora.png HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
etag: "ljyrmp40p"
last-modified: Wed, 20 Apr 2011 18:35:13 GMT
server: Caddy
content-length: 5209
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/gfx/bnr/OtpuskRK_945_60.gif
94.198.50.208200 OK 40 kB URL HTTP/2 www.poranarabotu.ru/gfx/bnr/OtpuskRK_945_60.gif
IP 94.198.50.208:0
File type GIF image data, version 89a, 495 x 60\012- data
Hash 61881c09673189787ebfcb1fb07b679d
e253a1b6dcab293a926ad3b12deac1fd3defce4c
7ca41e0d4799f4c5cd7fb2831cd165730e6bdf11bf552a6d549aa9f4e8e65728
GET /gfx/bnr/OtpuskRK_945_60.gif HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
etag: "m2u37ouio"
last-modified: Sat, 21 Apr 2012 14:35:48 GMT
server: Caddy
content-length: 39552
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 624a767e1ddbdb003cf86ad9eed82467
22e3cb3edd898ecb15771a53d1ad6bc922b11c4b
23ba9a79dc6704f42e6cd421b25133fbe59f4923f81f09abe25ce4878d7278d8
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:39:44 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 06 Feb 2023 01:10:14 GMT
ETag: "22e3cb3edd898ecb15771a53d1ad6bc922b11c4b"
Last-Modified: Thu, 02 Feb 2023 01:10:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1931
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79303ea4c836b4e8-OSL
www.poranarabotu.ru/gfx/noise.png
94.198.50.208200 OK 2.2 kB URL HTTP/2 www.poranarabotu.ru/gfx/noise.png
IP 94.198.50.208:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 7028cd24b4479bc50ec1337847e6194e
d8d96ea01713ec686a8ef451d9132c7ca7fbac25
720a6cba258ed07cc36fb4a8243429402503525151ba2435e6e2df38fcd28b52
GET /gfx/noise.png HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/css/page.css?20130926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
etag: "lo4mhd1q9"
last-modified: Sun, 10 Jul 2011 16:44:01 GMT
server: Caddy
content-length: 2241
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.88.143.102101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.143.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nNZnkGg4B53BcPVgZ6X28A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: utggVXur0NYfHrqCe9MYroKBQgA=
mc.yandex.ru/metrika/watch.js
87.250.250.119200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (554)
Hash 315a601116a9b3b0fbc85feb58375ba4
5d283ed923d0b3beb8a2ec4e80c2958d1d132fbf
251ba0fc04953e3615e7c19a9a10c5d6a4f25cc03bef190f8a5e7c6cd72a991a
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 58140
date: Thu, 02 Feb 2023 04:39:44 GMT
access-control-allow-origin: *
etag: "63c93a4b-e31c"
expires: Thu, 02 Feb 2023 05:39:44 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.poranarabotu.ru/gfx/misc.png
94.198.50.208200 OK 1.6 kB URL HTTP/2 www.poranarabotu.ru/gfx/misc.png
IP 94.198.50.208:0
File type PNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data
Hash 868ed740d59d474e82fc1c03f038b198
dd521643772a07d40454ccb825ceffb257e803dc
3d90fb4d59352ef8006345cd13964739a5eaa51750456becc1097c6214759b6b
GET /gfx/misc.png HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/css/page.css?20130926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
etag: "ljyrml17g"
last-modified: Wed, 20 Apr 2011 18:35:09 GMT
server: Caddy
content-length: 1564
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/gfx/social.png
94.198.50.208200 OK 6.4 kB URL HTTP/2 www.poranarabotu.ru/gfx/social.png
IP 94.198.50.208:0
File type PNG image data, 136 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash d4c2cf4204276bb635baf9f52d69158c
645e535e70cf5d2d866520684ac0be38585b96bd
d7da28ec7675aace19aa13a9fb2d80a0d59177bf23239ab437911ce016b6718c
GET /gfx/social.png HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/css/page.css?20130926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
etag: "lm10eb4xc"
last-modified: Mon, 30 May 2011 20:46:59 GMT
server: Caddy
content-length: 6384
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/gfx/menu_bg.png
94.198.50.208200 OK 239 B URL HTTP/2 www.poranarabotu.ru/gfx/menu_bg.png
IP 94.198.50.208:0
File type PNG image data, 200 x 36, 8-bit colormap, non-interlaced\012- data
Hash ab11060fc5f2ac87fee7c7321afc63c4
c3e776f86b596d7ffbed3535e3091e06941972be
98062d5fc97202767afa540a81c296c30adcb11cd3b06e2a6217fe1d982af8e2
GET /gfx/menu_bg.png HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/css/page.css?20130926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
etag: "ljyrmk6n"
last-modified: Wed, 20 Apr 2011 18:35:08 GMT
server: Caddy
content-length: 239
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/gfx/menu.png
94.198.50.208200 OK 1.8 kB URL HTTP/2 www.poranarabotu.ru/gfx/menu.png
IP 94.198.50.208:0
File type PNG image data, 300 x 144, 8-bit colormap, non-interlaced\012- data
Hash 3ac98c80220fd4496837e1cfd9192370
f6c987f445d0fe2ce97962c78d9b6ccc97fb47a9
bde14367187d43f9e662fc968241329942676847f529deb6db2895f8508ac184
GET /gfx/menu.png HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/css/page.css?20130926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
etag: "ljyrmj1ec"
last-modified: Wed, 20 Apr 2011 18:35:07 GMT
server: Caddy
content-length: 1812
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/css/porana/images/ui-bg_highlight-soft_100_eeeeee_1x100.png
94.198.50.208200 OK 90 B URL HTTP/2 www.poranarabotu.ru/css/porana/images/ui-bg_highlight-soft_100_eeeeee_1x100.png
IP 94.198.50.208:0
File type PNG image data, 1 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 384c3f17709ba0f809b023b6e7b10b84
c12c01392b4c7016a1f63101f13f6296b1ac5493
41ff65fb4f9b6f2fa9c9d025c2e9b0c9e09a2aee6f32266d19ee93c8af4dacbf
GET /css/porana/images/ui-bg_highlight-soft_100_eeeeee_1x100.png HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/css/porana/jquery-ui-1.8.11.custom.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
etag: "ljk8t52i"
last-modified: Tue, 12 Apr 2011 22:22:17 GMT
server: Caddy
content-length: 90
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5117915a0a3632d04b72e65ea2a4fe72
2263c7273f623d75b82fb8ca00e5a771956b0d89
cf4eb4156859b45fd6cce69e44a6b4a3cbc777cae9ae3855e431e43510ab34d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF4EB4156859B45FD6CCE69E44A6B4A3CBC777CAE9AE3855E431E43510AB34D5"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1392
Expires: Thu, 02 Feb 2023 05:02:56 GMT
Date: Thu, 02 Feb 2023 04:39:44 GMT
Connection: keep-alive
www.acint.net/aci.js
193.3.184.226200 OK 7.8 kB IP 193.3.184.226:0
File type ASCII text, with very long lines (1649)
Hash 23df47b4330754db70e9c1e32f0092d6
dea956b3a9dad9fa3cc352180be435943e8d0352
0056d5c8969a597094abb6cc9f3a383631ba9c0f13ac620d735f0788807fb4de
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:39:44 GMT
content-type: application/x-javascript
content-length: 7757
last-modified: Mon, 09 Jan 2023 08:01:12 GMT
etag: "63bbc9c8-1e4d"
content-encoding: gzip
expires: Thu, 02 Feb 2023 16:39:44 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.5.0&uid=94aa2f7b-d510-495d-bb16-fb1724bd325f&dp=10&tz=%2B00%3A00&nc=56420590&u=https%3A%2F%2Fwww.poranarabotu.ru%2Fvse_novosti%2FnArch%2F2&r=&rs=1280x1024&t=%D0%92%D1%81%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%7C%20PoraNaRabotu.ru&oE=1&oP=1&dT=2023-02-02T04%3A40%3A09.093&fu=e5fd9210-c519-4731-bb22-09a26acec6e3
193.3.184.226200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.5.0&uid=94aa2f7b-d510-495d-bb16-fb1724bd325f&dp=10&tz=%2B00%3A00&nc=56420590&u=https%3A%2F%2Fwww.poranarabotu.ru%2Fvse_novosti%2FnArch%2F2&r=&rs=1280x1024&t=%D0%92%D1%81%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%7C%20PoraNaRabotu.ru&oE=1&oP=1&dT=2023-02-02T04%3A40%3A09.093&fu=e5fd9210-c519-4731-bb22-09a26acec6e3
IP 193.3.184.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.5.0&uid=94aa2f7b-d510-495d-bb16-fb1724bd325f&dp=10&tz=%2B00%3A00&nc=56420590&u=https%3A%2F%2Fwww.poranarabotu.ru%2Fvse_novosti%2FnArch%2F2&r=&rs=1280x1024&t=%D0%92%D1%81%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%7C%20PoraNaRabotu.ru&oE=1&oP=1&dT=2023-02-02T04%3A40%3A09.093&fu=e5fd9210-c519-4731-bb22-09a26acec6e3 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:39:44 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=CkIDFWPbPpA1/xNO1QyIAvXGcocbpk4SpaAl5Xy3YTaVRPtF; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10
193.3.184.226302 Found 154 B IP 193.3.184.226:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 02 Feb 2023 04:39:44 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Thu, 02-Feb-23 04:49:44 GMT
aid=CkIDE2PbPpAVnQo+bR34AuVhGl4XlAbTLZ02Hne6VhMGqeuv; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 02 Feb 2023 04:39:44 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Thu, 02 Feb 2023 05:39:44 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.poranarabotu.ru/favicon.ico
94.198.50.208200 OK 1.2 kB URL HTTP/2 www.poranarabotu.ru/favicon.ico
IP 94.198.50.208:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash c5a95888f7777cac03aa60d69090b00d
0a3057156a45a83a92ed48d51bd8b869e51b9ff3
7f1f7a802bc2a02846049e3873860c9d3c0081e8cdd5253f4f273c19add245a2
GET /favicon.ico HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Cookie: _ym_uid=1675312809195903412; _ym_d=1675312809; fid=e5fd9210-c519-4731-bb22-09a26acec6e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
etag: "l34tn2vy"
last-modified: Fri, 28 May 2010 13:33:02 GMT
server: Caddy
content-length: 1150
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 625db98ded64d33f3649378918788897
e48be419f8559bf38d62d48bb391251f40553fcf
934f40c7f5a20e2d2f241da3087d4166bcb2481a6ee6e3970c93b8ccfeddf543
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "934F40C7F5A20E2D2F241DA3087D4166BCB2481A6EE6E3970C93B8CCFEDDF543"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6627
Expires: Thu, 02 Feb 2023 06:30:11 GMT
Date: Thu, 02 Feb 2023 04:39:44 GMT
Connection: keep-alive
www.acint.net/mc/?dp=10&tc=1
193.3.184.226200 OK 1.4 kB URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP 193.3.184.226:0
Hash afe6a0b25b37e4653d7a96df3b70b777
87400fcf2ff2c2587132a0b7259f388a75af23e4
81397380096207c4f2cf6d50723c23f3944196a30de486e28d385b59ffed3146
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.poranarabotu.ru/
Connection: keep-alive
Cookie: aid=CkIDE2PbPpAVnQo+bR34AuVhGl4XlAbTLZ02Hne6VhMGqeuv; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:39:44 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1675312784; expires=Fri, 03-Feb-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53v2=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp98v2=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1675312784; expires=Thu, 16-Feb-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v3=1675312784; expires=Fri, 17-Feb-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp235=1675312784; expires=Sat, 04-Mar-23 04:39:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
d3.c0.bf.a1.top.mail.ru/counter?id=2032486;t=60;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6428981102213687
95.163.52.67302 Moved Temporarily 0 B URL HTTP/1.1 d3.c0.bf.a1.top.mail.ru/counter?id=2032486;t=60;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6428981102213687
IP 95.163.52.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /counter?id=2032486;t=60;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6428981102213687 HTTP/1.1
Host: d3.c0.bf.a1.top.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 04:39:44 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://top-fwz1.mail.ru/counter?id=2032486;t=60;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6428981102213687
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: private, no-cache, no-store, max-age=0
Pragma: no-cache
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
Accept-CH-Lifetime: 86400
hit37.hotlog.ru/cgi-bin/hotlog/count?0.8727619650601335&s=2126736&im=415&r=&pg=https%3A//www.poranarabotu.ru/vse_novosti/nArch/2&j=N&wh=1280x1024&px=24&js=1.3
89.208.236.251404 Not Found 19 B URL HTTP/1.1 hit37.hotlog.ru/cgi-bin/hotlog/count?0.8727619650601335&s=2126736&im=415&r=&pg=https%3A//www.poranarabotu.ru/vse_novosti/nArch/2&j=N&wh=1280x1024&px=24&js=1.3
IP 89.208.236.251:0
ASN #12695 LLC Digital Network
Hash 595e88012a6521aae3e12cbebe76eb9e
da3968197e7bf67aa45a77515b52ba2710c5fc34
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
GET /cgi-bin/hotlog/count?0.8727619650601335&s=2126736&im=415&r=&pg=https%3A//www.poranarabotu.ru/vse_novosti/nArch/2&j=N&wh=1280x1024&px=24&js=1.3 HTTP/1.1
Host: hit37.hotlog.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 04:39:44 GMT
Content-Length: 19
a.utraff.com/sync?ssp=Sape
172.67.217.151204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=Sape
IP 172.67.217.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=Sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 04:39:44 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Sat, 04 Mar 2023 07:39:44 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Sat, 04 Mar 2023 07:39:44 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6k%2B6T1If8X%2FiP5LWzmVhC3bcHauIOfdPQ7xviYWs%2BoOnYyGAbcxwhDjd%2FH8Vdyil7ZUkt1g3CvNVznWM4VQ8yias6aiJDYpGDlHdYc57c%2F0L1CBENoQy3YDk52mHlc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79303ea8cfbcfabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dm-eu.hybrid.ai/match?id=106&vid=1303420A903EDB633E0A9D1502F81D6D
37.18.103.16204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=1303420A903EDB633E0A9D1502F81D6D
IP 37.18.103.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 04:39:44 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=8a53e4b439507879324d; Expires=Fri, 02 Feb 2024 04:39:43 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 521
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.acint.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1058735/1?wmode=7&page-url=https%3A%2F%2Fwww.poranarabotu.ru%2Fvse_novosti%2FnArch%2F2&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1574%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1202593850390%3Ahid%3A600076217%3Az%3A0%3Ai%3A20230202044009%3Aet%3A1675312809%3Ac%3A1%3Arn%3A54307826%3Arqn%3A1%3Au%3A1675312809195903412%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C66%2C392%2C0%2C695%2C0%2C%2C319%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1675312807263%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675312809%3At%3A%D0%92%D1%81%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%7C%20PoraNaRabotu.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.250.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/1058735/1?wmode=7&page-url=https%3A%2F%2Fwww.poranarabotu.ru%2Fvse_novosti%2FnArch%2F2&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1574%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1202593850390%3Ahid%3A600076217%3Az%3A0%3Ai%3A20230202044009%3Aet%3A1675312809%3Ac%3A1%3Arn%3A54307826%3Arqn%3A1%3Au%3A1675312809195903412%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C66%2C392%2C0%2C695%2C0%2C%2C319%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1675312807263%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675312809%3At%3A%D0%92%D1%81%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%7C%20PoraNaRabotu.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash c9f676b9dc25cc05bee2d9ed766cd1e5
920644268d5a16788f3a1db8a2f5f9909c17ea30
3f27692e5caab82e5e223893b087c8a8285e877c80b0979b59548cde14c529a3
GET /watch/1058735/1?wmode=7&page-url=https%3A%2F%2Fwww.poranarabotu.ru%2Fvse_novosti%2FnArch%2F2&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1574%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1202593850390%3Ahid%3A600076217%3Az%3A0%3Ai%3A20230202044009%3Aet%3A1675312809%3Ac%3A1%3Arn%3A54307826%3Arqn%3A1%3Au%3A1675312809195903412%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C66%2C392%2C0%2C695%2C0%2C%2C319%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1675312807263%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675312809%3At%3A%D0%92%D1%81%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%7C%20PoraNaRabotu.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.poranarabotu.ru
Referer: https://www.poranarabotu.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Thu, 02 Feb 2023 04:39:44 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.poranarabotu.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 04:39:44 GMT
last-modified: Thu, 02-Feb-2023 04:39:44 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 213bf18096690cc57ffe2b030352f8ce
6d09271ba2e35da23eac601cccea7e3ec3b4a604
7969d8481f3db7aa880ccee7fee64582d724455df82d006481ec54816a726d9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7969D8481F3DB7AA880CCEE7FEE64582D724455DF82D006481EC54816A726D9F"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1834
Expires: Thu, 02 Feb 2023 05:10:18 GMT
Date: Thu, 02 Feb 2023 04:39:44 GMT
Connection: keep-alive
acint.net/match?dp=14&euid=3403420A903EDB635000129A02D5556E
193.3.184.226200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=3403420A903EDB635000129A02D5556E
IP 193.3.184.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=3403420A903EDB635000129A02D5556E HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2PbPpAVnQo+bR34AuVhGl4XlAbTLZ02Hne6VhMGqeuv; test_cookie=CheckForPermission; cSyncDp7v2=1675312784; cSyncDp14v3=1675312784; cSyncDp17=1675312784; cSyncDp32=1675312784; cSyncDp45v3=1675312784; cSyncDp53v2=1675312784; cSyncDp62=1675312784; cSyncDp67v2=1675312784; cSyncDp68=1675312784; cSyncDp71=1675312784; cSyncDp85=1675312784; cSyncDp95v3=1675312784; cSyncDp98v2=1675312784; cSyncDp101=1675312784; cSyncDp104v2=1675312784; cSyncDp107=1675312784; cSyncDp110=1675312784; cSyncDp125v3=1675312784; cSyncDp126=1675312784; cSyncDp127=1675312784; cSyncDp129=1675312784; cSyncDp136v2=1675312784; cSyncDp146=1675312784; cSyncDp148=1675312784; cSyncDp149v2=1675312784; cSyncDp151=1675312784; cSyncDp178=1675312784; cSyncDp186=1675312784; cSyncDp221=1675312784; cSyncDp235=1675312784
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:39:44 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
185.147.80.35302 Found 74 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP 185.147.80.35:0
File type HTML document, ASCII text
Hash 996ee34ad1053c6925d5573137066c52
3277aa008f0c0d77885d92edc612580e60899f65
9627eca1ec57545a4bde8c3eb2b3aa4e7f318d501924af731ddc667f42bb1b1d
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Thu, 02 Feb 2023 04:39:44 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 74
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=LAPBMPEO
Set-Cookie: uid=LAPBMPEO; Expires=Sun, 30 Jan 2033 04:39:44 GMT
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 2d71b883e815e5377e30ea9ecb86f44e
48c6855735bd96b91cbed064acae766bec8987cd
9a8d9f53386a17f038963b77ab5c72eec95a16aa30782ccde15bb3d94b7c32ae
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:39:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 06 Feb 2023 01:48:58 GMT
ETag: "48c6855735bd96b91cbed064acae766bec8987cd"
Last-Modified: Thu, 02 Feb 2023 01:48:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3530
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79303ea9ac250b06-OSL
mc.yandex.ru/watch/1058735?wmode=7&page-url=https%3A%2F%2Fwww.poranarabotu.ru%2Fvse_novosti%2FnArch%2F2&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1574%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1202593850390%3Ahid%3A600076217%3Az%3A0%3Ai%3A20230202044009%3Aet%3A1675312809%3Ac%3A1%3Arn%3A54307826%3Arqn%3A1%3Au%3A1675312809195903412%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C66%2C392%2C0%2C695%2C0%2C%2C319%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1675312807263%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675312809%3At%3A%D0%92%D1%81%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%7C%20PoraNaRabotu.ru&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.250.119302 Found 1.4 kB URL HTTP/2 mc.yandex.ru/watch/1058735?wmode=7&page-url=https%3A%2F%2Fwww.poranarabotu.ru%2Fvse_novosti%2FnArch%2F2&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1574%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1202593850390%3Ahid%3A600076217%3Az%3A0%3Ai%3A20230202044009%3Aet%3A1675312809%3Ac%3A1%3Arn%3A54307826%3Arqn%3A1%3Au%3A1675312809195903412%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C66%2C392%2C0%2C695%2C0%2C%2C319%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1675312807263%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675312809%3At%3A%D0%92%D1%81%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%7C%20PoraNaRabotu.ru&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
Hash 9cfe41b6a33ed44fedc0fd0fdcef7ae4
1b78950825e8b9b78d5fbaed9734765402dd371c
c40c428def3e947190edc846794b5353a45a53939f255a3eeffde2b008e368a9
GET /watch/1058735?wmode=7&page-url=https%3A%2F%2Fwww.poranarabotu.ru%2Fvse_novosti%2FnArch%2F2&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1574%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1202593850390%3Ahid%3A600076217%3Az%3A0%3Ai%3A20230202044009%3Aet%3A1675312809%3Ac%3A1%3Arn%3A54307826%3Arqn%3A1%3Au%3A1675312809195903412%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C66%2C392%2C0%2C695%2C0%2C%2C319%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1675312807263%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675312809%3At%3A%D0%92%D1%81%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%7C%20PoraNaRabotu.ru&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.poranarabotu.ru
Connection: keep-alive
Referer: https://www.poranarabotu.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/1058735/1?wmode=7&page-url=https%3A%2F%2Fwww.poranarabotu.ru%2Fvse_novosti%2FnArch%2F2&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1574%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1202593850390%3Ahid%3A600076217%3Az%3A0%3Ai%3A20230202044009%3Aet%3A1675312809%3Ac%3A1%3Arn%3A54307826%3Arqn%3A1%3Au%3A1675312809195903412%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C66%2C392%2C0%2C695%2C0%2C%2C319%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1675312807263%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675312809%3At%3A%D0%92%D1%81%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%7C%20PoraNaRabotu.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Thu, 02 Feb 2023 04:39:44 GMT
access-control-allow-origin: https://www.poranarabotu.ru
set-cookie: yabs-sid=1258130241675312784; Path=/; SameSite=None; Secure
i=9gMxP/yMRrXyA/CeECVypLjES+igFn+xRJnNpL9xSiYDBhH4U0lHTOwtLL50wA4TvFL6x4d04Zg0D9OqY4NC898SoVI=; Expires=Sun, 30-Jan-2033 04:39:40 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4709713451675312784; Expires=Fri, 02-Feb-2024 04:39:44 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4709713451675312784; Expires=Fri, 02-Feb-2024 04:39:44 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706848784.yc.1675312784#1706848784.yrts.1675312784#1706848784.yrtsi.1675312784; Expires=Fri, 02-Feb-2024 04:39:44 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 04:39:44 GMT
last-modified: Thu, 02-Feb-2023 04:39:44 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:39:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 8d1704aa68d04fd80db66a01edb4f35f
9503fc287323aee329fc076aa8abad1c0e1cf25d
da3eeaf8aed1f09d326ce2705eb30100f0146ad8f41486e20f31b8db4c4e0d85
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:39:44 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Mon, 06 Feb 2023 01:34:21 GMT
ETag: "9503fc287323aee329fc076aa8abad1c0e1cf25d"
Last-Modified: Thu, 02 Feb 2023 01:34:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1699
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79303ea9ba3fb4e8-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash aa8a4de2da89e63bf5d87528f4942f8e
842533601fec8fa0504e9f12a68c638ac83f99f3
acad47db275e28fde5be3477bdb915aca613e8e7a3e04486e52fd47f6463151f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ACAD47DB275E28FDE5BE3477BDB915ACA613E8E7A3E04486E52FD47F6463151F"
Last-Modified: Tue, 31 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9794
Expires: Thu, 02 Feb 2023 07:22:58 GMT
Date: Thu, 02 Feb 2023 04:39:44 GMT
Connection: keep-alive
ssl.google-analytics.com/ga.js
142.250.74.8200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.8:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Thu, 02 Feb 2023 02:41:16 GMT
expires: Thu, 02 Feb 2023 04:41:16 GMT
cache-control: public, max-age=7200
age: 7108
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
counter.yadro.ru/hit?t26.6;r;s1280*1024*24;uhttps%3A//www.poranarabotu.ru/vse_novosti/nArch/2;h%u0412%u0441%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%7C%20PoraNaRabotu.ru;0.5134757663248961
88.212.201.198200 OK 115 B URL HTTP/1.1 counter.yadro.ru/hit?t26.6;r;s1280*1024*24;uhttps%3A//www.poranarabotu.ru/vse_novosti/nArch/2;h%u0412%u0441%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%7C%20PoraNaRabotu.ru;0.5134757663248961
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 15\012- data
Hash 7f2a832d9580a8402b7438b70b09ee5d
3f172dc97f79f0f14c54def3b74a76c77de97873
a7ea248c6a1489e9fdea79047cc4e1b4687b64ca42e5b06549afc260ba871e61
GET /hit?t26.6;r;s1280*1024*24;uhttps%3A//www.poranarabotu.ru/vse_novosti/nArch/2;h%u0412%u0441%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%7C%20PoraNaRabotu.ru;0.5134757663248961 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 04:39:44 GMT
Content-Type: image/gif
Content-Length: 115
Connection: keep-alive
Expires: Tue, 01 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9a29b90b6cc122d5b1b06a481d5c3403
93b8504321dbfca45ac31e85b1256477313570eb
8c7f76a9f6a23c8523aa93f4a6eeb9fa93249126c1c48274a0c5a54cda8e82fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C7F76A9F6A23C8523AA93F4A6EEB9FA93249126C1C48274A0C5A54CDA8E82FA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4307
Expires: Thu, 02 Feb 2023 05:51:31 GMT
Date: Thu, 02 Feb 2023 04:39:44 GMT
Connection: keep-alive
www.acint.net/oci/?v=0.5.0&uid=94aa2f7b-d510-495d-bb16-fb1724bd325f&dp=10&tz=%2B00%3A00&nc=10859706&oid=39e8192718f4ed5a678fc273d654392b
193.3.184.226200 OK 43 B URL HTTP/2 www.acint.net/oci/?v=0.5.0&uid=94aa2f7b-d510-495d-bb16-fb1724bd325f&dp=10&tz=%2B00%3A00&nc=10859706&oid=39e8192718f4ed5a678fc273d654392b
IP 193.3.184.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /oci/?v=0.5.0&uid=94aa2f7b-d510-495d-bb16-fb1724bd325f&dp=10&tz=%2B00%3A00&nc=10859706&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/
Cookie: aid=CkIDE2PbPpAVnQo+bR34AuVhGl4XlAbTLZ02Hne6VhMGqeuv; test_cookie=CheckForPermission; cSyncDp7v2=1675312784; cSyncDp14v3=1675312784; cSyncDp17=1675312784; cSyncDp32=1675312784; cSyncDp45v3=1675312784; cSyncDp53v2=1675312784; cSyncDp62=1675312784; cSyncDp67v2=1675312784; cSyncDp68=1675312784; cSyncDp71=1675312784; cSyncDp85=1675312784; cSyncDp95v3=1675312784; cSyncDp98v2=1675312784; cSyncDp101=1675312784; cSyncDp104v2=1675312784; cSyncDp107=1675312784; cSyncDp110=1675312784; cSyncDp125v3=1675312784; cSyncDp126=1675312784; cSyncDp127=1675312784; cSyncDp129=1675312784; cSyncDp136v2=1675312784; cSyncDp146=1675312784; cSyncDp148=1675312784; cSyncDp149v2=1675312784; cSyncDp151=1675312784; cSyncDp178=1675312784; cSyncDp186=1675312784; cSyncDp221=1675312784; cSyncDp235=1675312784
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:39:44 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.dmp.otm-r.com/match/sape?id=1303420A903EDB633E0A9D1502F81D6D
195.201.152.105204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=1303420A903EDB633E0A9D1502F81D6D
IP 195.201.152.105:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.17.6
date: Thu, 02 Feb 2023 04:39:44 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8cb121fee2d0993df5d3b99198ea9d7a
d5e0f8cbed9361a74eba857b113c9b02420e9a87
5d746cc761124be8cca201249fcd80087fe186773395ae37fe637cc1a2c8d7be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D746CC761124BE8CCA201249FCD80087FE186773395AE37FE637CC1A2C8D7BE"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13378
Expires: Thu, 02 Feb 2023 08:22:42 GMT
Date: Thu, 02 Feb 2023 04:39:44 GMT
Connection: keep-alive
www.acint.net/match?dp=95&euid=LAPBMPEO
193.3.184.226200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=LAPBMPEO
IP 193.3.184.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=LAPBMPEO HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2PbPpAVnQo+bR34AuVhGl4XlAbTLZ02Hne6VhMGqeuv; test_cookie=CheckForPermission; cSyncDp7v2=1675312784; cSyncDp14v3=1675312784; cSyncDp17=1675312784; cSyncDp32=1675312784; cSyncDp45v3=1675312784; cSyncDp53v2=1675312784; cSyncDp62=1675312784; cSyncDp67v2=1675312784; cSyncDp68=1675312784; cSyncDp71=1675312784; cSyncDp85=1675312784; cSyncDp95v3=1675312784; cSyncDp98v2=1675312784; cSyncDp101=1675312784; cSyncDp104v2=1675312784; cSyncDp107=1675312784; cSyncDp110=1675312784; cSyncDp125v3=1675312784; cSyncDp126=1675312784; cSyncDp127=1675312784; cSyncDp129=1675312784; cSyncDp136v2=1675312784; cSyncDp146=1675312784; cSyncDp148=1675312784; cSyncDp149v2=1675312784; cSyncDp151=1675312784; cSyncDp178=1675312784; cSyncDp186=1675312784; cSyncDp221=1675312784; cSyncDp235=1675312784
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:39:44 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d5aa03d944374e364d4fdbb8f9cbf95e
43e3c5a8a5ff027de3c9ad9a41b572e4f33e72f9
483314668ec3c34108277a26d39a4282ce255e416cb5cec43e3d30d5340b8138
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "483314668EC3C34108277A26D39A4282CE255E416CB5CEC43E3D30D5340B8138"
Last-Modified: Wed, 01 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15748
Expires: Thu, 02 Feb 2023 09:02:12 GMT
Date: Thu, 02 Feb 2023 04:39:44 GMT
Connection: keep-alive
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1303420A903EDB633E0A9D1502F81D6D
87.242.89.90200 OK 12 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1303420A903EDB633E0A9D1502F81D6D
IP 87.242.89.90:0
File type exported SGML document, ASCII text, with no line terminators
Hash d8932e1cb3ee147415fbf5591a7217ca
97da5b95fb7f60ecd8d9ed0e5a05d83ad5a9c070
c0327cbcde50f1ab8228334a550b947301123d6f6f7d625707cb6d08a1faec35
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 04:39:44 GMT
content-type: text/html
content-length: 12
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
etag: "63d8131e-c"
accept-ranges: bytes
server: elb
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c38aef777743922d08ac552bdc4b3968
d0f8258c4a8aeb9259973c4492e6c9cf7518e744
a521d1d7702d2f422b03313d0e76e34eda17838bd8e989464e1bd72cbd5c9b34
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A521D1D7702D2F422B03313D0E76E34EDA17838BD8E989464E1BD72CBD5C9B34"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10408
Expires: Thu, 02 Feb 2023 07:33:13 GMT
Date: Thu, 02 Feb 2023 04:39:45 GMT
Connection: keep-alive
nr.bidderstack.com/sape/cm?user_id=1303420A903EDB633E0A9D1502F81D6D
23.88.12.13200 OK 44 B URL HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=1303420A903EDB633E0A9D1502F81D6D
IP 23.88.12.13:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
GET /sape/cm?user_id=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:39:44 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c38aef777743922d08ac552bdc4b3968
d0f8258c4a8aeb9259973c4492e6c9cf7518e744
a521d1d7702d2f422b03313d0e76e34eda17838bd8e989464e1bd72cbd5c9b34
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A521D1D7702D2F422B03313D0E76E34EDA17838BD8E989464E1BD72CBD5C9B34"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10408
Expires: Thu, 02 Feb 2023 07:33:13 GMT
Date: Thu, 02 Feb 2023 04:39:45 GMT
Connection: keep-alive
s.uuidksinc.net/match/396/?remote_uid=1303420A903EDB633E0A9D1502F81D6D
31.220.27.135302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=1303420A903EDB633E0A9D1502F81D6D
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Thu, 02 Feb 2023 04:39:45 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=TVJ5I5bLI6gF8NPxAjS0
set-cookie: jcsuuid=TVJ5I5bLI6gF8NPxAjS0; expires=Fri, 02 Feb 2024 04:39:45 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
acint.net/match?dp=110&euid=070a8552ac124c8d9af3dc4b8e15db27
193.3.184.226200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=070a8552ac124c8d9af3dc4b8e15db27
IP 193.3.184.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=070a8552ac124c8d9af3dc4b8e15db27 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2PbPpAVnQo+bR34AuVhGl4XlAbTLZ02Hne6VhMGqeuv; test_cookie=CheckForPermission; cSyncDp7v2=1675312784; cSyncDp14v3=1675312784; cSyncDp17=1675312784; cSyncDp32=1675312784; cSyncDp45v3=1675312784; cSyncDp53v2=1675312784; cSyncDp62=1675312784; cSyncDp67v2=1675312784; cSyncDp68=1675312784; cSyncDp71=1675312784; cSyncDp85=1675312784; cSyncDp95v3=1675312784; cSyncDp98v2=1675312784; cSyncDp101=1675312784; cSyncDp104v2=1675312784; cSyncDp107=1675312784; cSyncDp110=1675312784; cSyncDp125v3=1675312784; cSyncDp126=1675312784; cSyncDp127=1675312784; cSyncDp129=1675312784; cSyncDp136v2=1675312784; cSyncDp146=1675312784; cSyncDp148=1675312784; cSyncDp149v2=1675312784; cSyncDp151=1675312784; cSyncDp178=1675312784; cSyncDp186=1675312784; cSyncDp221=1675312784; cSyncDp235=1675312784
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:39:44 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&uid=1303420A903EDB633E0A9D1502F81D6D
31.172.81.159302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=1303420A903EDB633E0A9D1502F81D6D
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ5ZGU0NmI1NC1hMmIzLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 28 Jan 2043 04:39:45 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARiR_eyeBmIgMTMwMzQyMEE5MDNFREI2MzNFMEE5RDE1MDJGODFENkSiARCd5GtUorMR7YbgACWQwGR8
ETag: 9de46b54-a2b3-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 04:39:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sync.upravel.com/sape/sync
144.76.138.28302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP 144.76.138.28:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 04:39:45 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1675312785022;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1675312785022;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/check?sspuid=1303420A903EDB633E0A9D1502F81D6D
31.172.81.159302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/check?sspuid=1303420A903EDB633E0A9D1502F81D6D
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/check?sspuid=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape
sync.adspend.space/sape?uid=1303420A903EDB633E0A9D1502F81D6D
212.76.129.182302 Found 149 B URL HTTP/2 sync.adspend.space/sape?uid=1303420A903EDB633E0A9D1502F81D6D
IP 212.76.129.182:0
File type HTML document, ASCII text
Hash 88844e7725b6e4801e8469efed8c4799
db6273a1a14ef533426747924ee9e0ab2983eef5
7ece46e01a9f62b8873525f6179affabbc4773ebc93c83b157cc5e552952561d
GET /sape?uid=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 02 Feb 2023 04:39:45 GMT
content-type: text/html; charset=utf-8
content-length: 149
location: https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3Dd8c7caee-7f35-4b7f-b501-87755e559020
set-cookie: as-user=d8c7caee-7f35-4b7f-b501-87755e559020; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a8b1a317ae862d4c08b3c555cffcbf29
9d3bd7bdc9705fc54310fc4388636ce9720540b6
70cf4f755cfa9270020afe93954ef4d6a10b26aaa78ca1cdf7df1ad0ebf1691a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70CF4F755CFA9270020AFE93954EF4D6A10B26AAA78CA1CDF7DF1AD0EBF1691A"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4287
Expires: Thu, 02 Feb 2023 05:51:12 GMT
Date: Thu, 02 Feb 2023 04:39:45 GMT
Connection: keep-alive
www.acint.net/match?dp=129&euid=oq3qi6pik3
193.3.184.226200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=oq3qi6pik3
IP 193.3.184.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=oq3qi6pik3 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2PbPpAVnQo+bR34AuVhGl4XlAbTLZ02Hne6VhMGqeuv; test_cookie=CheckForPermission; cSyncDp7v2=1675312784; cSyncDp14v3=1675312784; cSyncDp17=1675312784; cSyncDp32=1675312784; cSyncDp45v3=1675312784; cSyncDp53v2=1675312784; cSyncDp62=1675312784; cSyncDp67v2=1675312784; cSyncDp68=1675312784; cSyncDp71=1675312784; cSyncDp85=1675312784; cSyncDp95v3=1675312784; cSyncDp98v2=1675312784; cSyncDp101=1675312784; cSyncDp104v2=1675312784; cSyncDp107=1675312784; cSyncDp110=1675312784; cSyncDp125v3=1675312784; cSyncDp126=1675312784; cSyncDp127=1675312784; cSyncDp129=1675312784; cSyncDp136v2=1675312784; cSyncDp146=1675312784; cSyncDp148=1675312784; cSyncDp149v2=1675312784; cSyncDp151=1675312784; cSyncDp178=1675312784; cSyncDp186=1675312784; cSyncDp221=1675312784; cSyncDp235=1675312784
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:39:45 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=127&euid=TVJ5I5bLI6gF8NPxAjS0
193.3.184.226200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=TVJ5I5bLI6gF8NPxAjS0
IP 193.3.184.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=TVJ5I5bLI6gF8NPxAjS0 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2PbPpAVnQo+bR34AuVhGl4XlAbTLZ02Hne6VhMGqeuv; test_cookie=CheckForPermission; cSyncDp7v2=1675312784; cSyncDp14v3=1675312784; cSyncDp17=1675312784; cSyncDp32=1675312784; cSyncDp45v3=1675312784; cSyncDp53v2=1675312784; cSyncDp62=1675312784; cSyncDp67v2=1675312784; cSyncDp68=1675312784; cSyncDp71=1675312784; cSyncDp85=1675312784; cSyncDp95v3=1675312784; cSyncDp98v2=1675312784; cSyncDp101=1675312784; cSyncDp104v2=1675312784; cSyncDp107=1675312784; cSyncDp110=1675312784; cSyncDp125v3=1675312784; cSyncDp126=1675312784; cSyncDp127=1675312784; cSyncDp129=1675312784; cSyncDp136v2=1675312784; cSyncDp146=1675312784; cSyncDp148=1675312784; cSyncDp149v2=1675312784; cSyncDp151=1675312784; cSyncDp178=1675312784; cSyncDp186=1675312784; cSyncDp221=1675312784; cSyncDp235=1675312784
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:39:45 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 1afd3517ebc844038700db8c82d69ae3
1327e511903b229cd36c1647fdb71c17d4ce7bdd
ff3430f1affa22881cd632c75d9f51cb97deb53a2cd76f3ee3be5e4b0518192a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 23:26:49 GMT
Expires: Wed, 08 Feb 2023 23:26:48 GMT
Etag: "1327e511903b229cd36c1647fdb71c17d4ce7bdd"
Cache-Control: max-age=585422,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79303eaa79ac0b55-OSL
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
144.76.138.28302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP 144.76.138.28:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1675312785022
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 04:39:45 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=bdb57208-fdf7-4562-94b7-27875259a4d8;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=bdb57208-fdf7-4562-94b7-27875259a4d8;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=bdb57208-fdf7-4562-94b7-27875259a4d8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&s_data=CAIQARiR_eyeBmIgMTMwMzQyMEE5MDNFREI2MzNFMEE5RDE1MDJGODFENkSiARCd5GtUorMR7YbgACWQwGR8
31.172.81.159200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARiR_eyeBmIgMTMwMzQyMEE5MDNFREI2MzNFMEE5RDE1MDJGODFENkSiARCd5GtUorMR7YbgACWQwGR8
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARiR_eyeBmIgMTMwMzQyMEE5MDNFREI2MzNFMEE5RDE1MDJGODFENkSiARCd5GtUorMR7YbgACWQwGR8 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ5ZGU0NmI1NC1hMmIzLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ5ZGU0NmI1NC1hMmIzLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 28 Jan 2043 04:39:45 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
cs.agency2.ru/p?ssp=sp&uid=1303420A903EDB633E0A9D1502F81D6D
23.111.107.44301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=1303420A903EDB633E0A9D1502F81D6D
IP 23.111.107.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=c909287d-eaac-480e-9fb3-7fa2789e1844
Set-Cookie: uuid=c909287d-eaac-480e-9fb3-7fa2789e1844; expires=Wed, 24 Jan 2024 04:39:45 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
5.200.44.122302 Found 939 B URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP 5.200.44.122:0
ASN #48096 Enterprise Cloud Ltd.
Hash f2aa47894a98f584f80c3f0a4ce3456b
31091b3b175cd0a4326702b6f6dbe756e85860d8
896c40b188e8e205d8d3ffbdf972e2d408922edbb27a441e5b573e8a5ecef5e9
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=070a8552ac124c8d9af3dc4b8e15db27
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=070a8552ac124c8d9af3dc4b8e15db27; expires=Thu, 01 Feb 2024 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Thu, 02 Feb 2023 04:39:44 GMT
X-Firefox-Spdy: h2
dmp.gotechnology.io/match/sape?id=1303420A903EDB633E0A9D1502F81D6D
167.235.32.7302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=1303420A903EDB633E0A9D1502F81D6D
IP 167.235.32.7:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 04:39:45 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=1303420A903EDB633E0A9D1502F81D6D&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3Dd8c7caee-7f35-4b7f-b501-87755e559020
212.76.129.182302 Found 102 B URL HTTP/2 sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3Dd8c7caee-7f35-4b7f-b501-87755e559020
IP 212.76.129.182:0
File type HTML document, ASCII text
Hash 7e760b3520a158d256c55f60377813c6
11bfa5521692f3479a382bf65d9d1be33f1a6bb4
a2ca930798e73d8ab0c31ac1ad5f49a8dd98e8e005606d177be10c019fbbcf57
GET /check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3Dd8c7caee-7f35-4b7f-b501-87755e559020 HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: as-user=d8c7caee-7f35-4b7f-b501-87755e559020
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 02 Feb 2023 04:39:45 GMT
content-type: text/html; charset=utf-8
content-length: 102
location: https://www.acint.net/match?dp=98&euid=d8c7caee-7f35-4b7f-b501-87755e559020
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sape
31.172.81.159302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ5ZGU0NmI1NC1hMmIzLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ5ZGU0NmI1NC1hMmIzLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 28 Jan 2043 04:39:45 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=9de46b54-a2b3-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 26896c6042f71e76e9612b93ced1f1dc
fd7a548019cc4e48be4129f578c0579e8d127269
fa16e2e7e3c433eb56017508ed7cb011bd0a94e5ca51e5bc20cd87c8ba3ab024
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA16E2E7E3C433EB56017508ED7CB011BD0A94E5CA51E5BC20CD87C8BA3AB024"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6823
Expires: Thu, 02 Feb 2023 06:33:28 GMT
Date: Thu, 02 Feb 2023 04:39:45 GMT
Connection: keep-alive
pix.bumlam.com/sync/sape/sync_ok?guid=9de46b54-a2b3-11ed-86e0-002590c0647c
31.172.81.159302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/sync_ok?guid=9de46b54-a2b3-11ed-86e0-002590c0647c
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/sync_ok?guid=9de46b54-a2b3-11ed-86e0-002590c0647c HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ5ZGU0NmI1NC1hMmIzLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://9de46b54-a2b3-11ed-86e0-002590c0647c.n7.sync.bumlam.com/?src=sape
www.acint.net/match?dp=71&euid=bdb57208-fdf7-4562-94b7-27875259a4d8
193.3.184.226200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=bdb57208-fdf7-4562-94b7-27875259a4d8
IP 193.3.184.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=bdb57208-fdf7-4562-94b7-27875259a4d8 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2PbPpAVnQo+bR34AuVhGl4XlAbTLZ02Hne6VhMGqeuv; test_cookie=CheckForPermission; cSyncDp7v2=1675312784; cSyncDp14v3=1675312784; cSyncDp17=1675312784; cSyncDp32=1675312784; cSyncDp45v3=1675312784; cSyncDp53v2=1675312784; cSyncDp62=1675312784; cSyncDp67v2=1675312784; cSyncDp68=1675312784; cSyncDp71=1675312784; cSyncDp85=1675312784; cSyncDp95v3=1675312784; cSyncDp98v2=1675312784; cSyncDp101=1675312784; cSyncDp104v2=1675312784; cSyncDp107=1675312784; cSyncDp110=1675312784; cSyncDp125v3=1675312784; cSyncDp126=1675312784; cSyncDp127=1675312784; cSyncDp129=1675312784; cSyncDp136v2=1675312784; cSyncDp146=1675312784; cSyncDp148=1675312784; cSyncDp149v2=1675312784; cSyncDp151=1675312784; cSyncDp178=1675312784; cSyncDp186=1675312784; cSyncDp221=1675312784; cSyncDp235=1675312784
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:39:45 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
dmp.gotechnology.io/match/sape?id=1303420A903EDB633E0A9D1502F81D6D&chk=1
167.235.32.7302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=1303420A903EDB633E0A9D1502F81D6D&chk=1
IP 167.235.32.7:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1303420A903EDB633E0A9D1502F81D6D&chk=1 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 04:39:45 GMT
content-length: 0
location: https://an.yandex.ru/mapuid/gonetdspis/NjY2MWRkNzNmY2QzMGE3Mw
set-cookie: pid=NjY2MWRkNzNmY2QzMGE3Mw; expires=Fri, 02 Feb 2024 04:39:45 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.acint.net/match?dp=186&euid=c909287d-eaac-480e-9fb3-7fa2789e1844
193.3.184.226200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=c909287d-eaac-480e-9fb3-7fa2789e1844
IP 193.3.184.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=c909287d-eaac-480e-9fb3-7fa2789e1844 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2PbPpAVnQo+bR34AuVhGl4XlAbTLZ02Hne6VhMGqeuv; test_cookie=CheckForPermission; cSyncDp7v2=1675312784; cSyncDp14v3=1675312784; cSyncDp17=1675312784; cSyncDp32=1675312784; cSyncDp45v3=1675312784; cSyncDp53v2=1675312784; cSyncDp62=1675312784; cSyncDp67v2=1675312784; cSyncDp68=1675312784; cSyncDp71=1675312784; cSyncDp85=1675312784; cSyncDp95v3=1675312784; cSyncDp98v2=1675312784; cSyncDp101=1675312784; cSyncDp104v2=1675312784; cSyncDp107=1675312784; cSyncDp110=1675312784; cSyncDp125v3=1675312784; cSyncDp126=1675312784; cSyncDp127=1675312784; cSyncDp129=1675312784; cSyncDp136v2=1675312784; cSyncDp146=1675312784; cSyncDp148=1675312784; cSyncDp149v2=1675312784; cSyncDp151=1675312784; cSyncDp178=1675312784; cSyncDp186=1675312784; cSyncDp221=1675312784; cSyncDp235=1675312784
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:39:45 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ad50fd429d43590d1ef8635ee01498ea
f0917fd3a14ea4f5b1e97dcd534338c5ff06c8af
50edbb5e017eb9381fccaf770b4fc5dc94e970ea2631eec51e180ac69d59a70b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 15:41:07 GMT
Expires: Tue, 07 Feb 2023 15:41:06 GMT
Etag: "f0917fd3a14ea4f5b1e97dcd534338c5ff06c8af"
Cache-Control: max-age=471080,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79303eaa0ce7b51b-OSL
top-fwz1.mail.ru/counter?id=2032486;t=60;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6428981102213687
95.163.52.67302 Found 0 B URL HTTP/2 top-fwz1.mail.ru/counter?id=2032486;t=60;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6428981102213687
IP 95.163.52.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /counter?id=2032486;t=60;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6428981102213687 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 04:39:45 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?id=2032486;t=60;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6428981102213687
set-cookie: FTID=1RMYgQ0tkIIF:1675312785:2032486:::; path=/; expires=Sat, 03-Feb-24 04:39:45 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
www.acint.net/match?dp=98&euid=d8c7caee-7f35-4b7f-b501-87755e559020
193.3.184.226200 OK 43 B URL HTTP/2 www.acint.net/match?dp=98&euid=d8c7caee-7f35-4b7f-b501-87755e559020
IP 193.3.184.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=98&euid=d8c7caee-7f35-4b7f-b501-87755e559020 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2PbPpAVnQo+bR34AuVhGl4XlAbTLZ02Hne6VhMGqeuv; test_cookie=CheckForPermission; cSyncDp7v2=1675312784; cSyncDp14v3=1675312784; cSyncDp17=1675312784; cSyncDp32=1675312784; cSyncDp45v3=1675312784; cSyncDp53v2=1675312784; cSyncDp62=1675312784; cSyncDp67v2=1675312784; cSyncDp68=1675312784; cSyncDp71=1675312784; cSyncDp85=1675312784; cSyncDp95v3=1675312784; cSyncDp98v2=1675312784; cSyncDp101=1675312784; cSyncDp104v2=1675312784; cSyncDp107=1675312784; cSyncDp110=1675312784; cSyncDp125v3=1675312784; cSyncDp126=1675312784; cSyncDp127=1675312784; cSyncDp129=1675312784; cSyncDp136v2=1675312784; cSyncDp146=1675312784; cSyncDp148=1675312784; cSyncDp149v2=1675312784; cSyncDp151=1675312784; cSyncDp178=1675312784; cSyncDp186=1675312784; cSyncDp221=1675312784; cSyncDp235=1675312784
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:39:45 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
176.9.158.88301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP 176.9.158.88:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash 2bff2bd7fe8b2f6b0958db4cae5adc23
f3f2c111c83864d87e823963b8e0fe3a6d4c49f5
4e23fc7b8c61d85a42331c2c2cd80ca679bfa587f495069092d4645f8c276795
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 02 Feb 2023 04:39:45 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=240ac844-d55b-4474-6fe7-716c9a29f2f6
serverid: TODO
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter2?id=2032486;t=60;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6428981102213687
95.163.52.67200 OK 559 B URL HTTP/2 top-fwz1.mail.ru/counter2?id=2032486;t=60;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6428981102213687
IP 95.163.52.67:0
File type GIF image data, version 87a, 88 x 31\012- data
Hash 672c9c410e2a28900cefd1c93a489bf4
745c0ac8a6131837173edb37fc2f99261b040a91
031653efcbc319985b3d0f0203de2313b99199aa741fe6cfc57bcd7bef2af224
GET /counter2?id=2032486;t=60;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6428981102213687 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 04:39:45 GMT
content-type: image/gif
content-length: 559
set-cookie: FTID=1RMYgQ0tkIIF:1675312785:2032486:::; path=/; expires=Sat, 03-Feb-24 04:39:45 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
match.new-programmatic.com/userbind?src=sape&id=1303420A903EDB633E0A9D1502F81D6D
217.65.2.150204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=1303420A903EDB633E0A9D1502F81D6D
IP 217.65.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Thu, 02 Feb 2023 04:36:34 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
ocsp.globalsign.com/alphasslcasha256g4
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.20.226:0
Hash 5c76d7240c2eba1e781efcbf6538a8c7
7989ea379b82a8d3fe31e4288a4a5a2374a96bb5
669c9d9aa4f2a610d4f620f0dcf490c27e667b8820a6764e4ebc96d18599fce4
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Mon, 06 Feb 2023 01:14:16 GMT
ETag: "7989ea379b82a8d3fe31e4288a4a5a2374a96bb5"
Last-Modified: Thu, 02 Feb 2023 01:14:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79303eaaaab2b4e8-OSL
www.acint.net/match?dp=126&euid=240ac844-d55b-4474-6fe7-716c9a29f2f6
193.3.184.226200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=240ac844-d55b-4474-6fe7-716c9a29f2f6
IP 193.3.184.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=240ac844-d55b-4474-6fe7-716c9a29f2f6 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2PbPpAVnQo+bR34AuVhGl4XlAbTLZ02Hne6VhMGqeuv; test_cookie=CheckForPermission; cSyncDp7v2=1675312784; cSyncDp14v3=1675312784; cSyncDp17=1675312784; cSyncDp32=1675312784; cSyncDp45v3=1675312784; cSyncDp53v2=1675312784; cSyncDp62=1675312784; cSyncDp67v2=1675312784; cSyncDp68=1675312784; cSyncDp71=1675312784; cSyncDp85=1675312784; cSyncDp95v3=1675312784; cSyncDp98v2=1675312784; cSyncDp101=1675312784; cSyncDp104v2=1675312784; cSyncDp107=1675312784; cSyncDp110=1675312784; cSyncDp125v3=1675312784; cSyncDp126=1675312784; cSyncDp127=1675312784; cSyncDp129=1675312784; cSyncDp136v2=1675312784; cSyncDp146=1675312784; cSyncDp148=1675312784; cSyncDp149v2=1675312784; cSyncDp151=1675312784; cSyncDp178=1675312784; cSyncDp186=1675312784; cSyncDp221=1675312784; cSyncDp235=1675312784
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:39:45 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5877
Expires: Thu, 02 Feb 2023 06:17:42 GMT
Date: Thu, 02 Feb 2023 04:39:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5877
Expires: Thu, 02 Feb 2023 06:17:42 GMT
Date: Thu, 02 Feb 2023 04:39:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5877
Expires: Thu, 02 Feb 2023 06:17:42 GMT
Date: Thu, 02 Feb 2023 04:39:45 GMT
Connection: keep-alive
sync.programmatica.com/match/RTBSape?id=1303420A903EDB633E0A9D1502F81D6D
167.235.117.42302 Found 0 B URL HTTP/2 sync.programmatica.com/match/RTBSape?id=1303420A903EDB633E0A9D1502F81D6D
IP 167.235.117.42:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/RTBSape?id=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 04:39:45 GMT
content-length: 0
location: https://sync.programmatica.com/match/RTBSape?id=1303420A903EDB633E0A9D1502F81D6D&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 91987222-d376-4099-a4e9-5f877b5212be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzO2FSDIAMFktg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce325e-281a7e062ee3039d42ae8f83;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SEH32iK4aCkxhxQyu3fSlW8uVM1Oj5hwnl2U09k_THEOdAqdEeVMJw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:03:43 GMT
age: 23762
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i697kJpdT4ZPeMLWIftWf16pWCic0-v4tL4GDKfVfTZLo-E4-3FwDQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 22687
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00c1df1d-5e83-46c4-87de-093028c17afe.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00c1df1d-5e83-46c4-87de-093028c17afe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbb3b7fe13504478f3fe5e8c0190b8db
b8ca03ed416b5ab9cd118f32a1890ffa764a7aec
e47f269c393ee8d87bfce593f31fd49309e1d9b47b8745dd3b6568036da50d55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00c1df1d-5e83-46c4-87de-093028c17afe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7416
x-amzn-requestid: c4e8c4e6-5f2a-4b94-ad48-f10fb51c78c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BH1-IAMF17g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-40e58e6e49f919a3740bb92a;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2-O9YJrb-baVaEYFpesrbfMrIDBautEp2f5ilm1-vmHcjUGxE0c1VA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:29:58 GMT
etag: "b8ca03ed416b5ab9cd118f32a1890ffa764a7aec"
content-type: image/jpeg
age: 22187
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53ad6bfb-91d6-4204-960a-49f84cc18db2.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53ad6bfb-91d6-4204-960a-49f84cc18db2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5129c5bd93215d4f092922326826223e
b6df7a2f09b0efd9342589ffde5621ca6f894285
07fb43e6e0e11d9cd4bcf5d51d248f0fb85d41e231042bc7ad6c1897b3e82556
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53ad6bfb-91d6-4204-960a-49f84cc18db2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8296
x-amzn-requestid: 5961f5cd-2288-44e2-9eb2-35c115cdd95f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGqWoAMF34A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-609946154fa2e547084125e4;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JFS3n1VPoHesu6OC4w3L5ygNtVOxAL2EyfIZG-S26x8m9GFKdJpHpA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:22 GMT
age: 23963
etag: "b6df7a2f09b0efd9342589ffde5621ca6f894285"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 4fd756de906b94c0a45cd980b645f416
371ef609bf7a5b773b7a8d42e26021b9794ffc44
5fcb9e087a65a03d34e8754477ebd376f5fe15881221a1d1a2124c17daaa61e6
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 06 Feb 2023 03:46:31 GMT
ETag: "371ef609bf7a5b773b7a8d42e26021b9794ffc44"
Last-Modified: Thu, 02 Feb 2023 03:46:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2251
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79303eac7b8db4e8-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 93ef9da6520124f03883a2b5241e0623
41b557bb05e1769c124aa0195c398e2dbd1fc0e9
dd6a1589ae40fb69c60f1675ea49a6a1a00d43e29d1a18f0d30b7c4e9bceee5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11198
x-amzn-requestid: f21313a6-3ca8-4c58-981c-a1700769719c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKUGu6IAMFsww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-1d60cc337f91692e436f2990;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pwsRzGhqa83gc7xjxWBwpPFEmiVKLY3_YKm1OuRbKgXPyvOSzRtoZQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:22 GMT
age: 23963
etag: "41b557bb05e1769c124aa0195c398e2dbd1fc0e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
65.109.23.99302 Found 15 kB URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP 65.109.23.99:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ceb09fa3caa0fcda4a6314141e2d019
d08f43956f6859e4c2385231bb5506262257445f
a2100701c69f86920b14714b19ec14db9ebfd91000f0ec2397b8f27d981bc1ee
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Thu, 02 Feb 2023 04:39:44 GMT
x-request-id: 5db57277-39a8-43e5-8975-e414c5057d0c
set-cookie: bvuid=oq3qi6pik3; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=oq3qi6pik3; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=oq3qi6pik3
X-Firefox-Spdy: h2
sync.programmatica.com/match/RTBSape?id=1303420A903EDB633E0A9D1502F81D6D&chk=1
167.235.117.42200 OK 43 B URL HTTP/2 sync.programmatica.com/match/RTBSape?id=1303420A903EDB633E0A9D1502F81D6D&chk=1
IP 167.235.117.42:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/RTBSape?id=1303420A903EDB633E0A9D1502F81D6D&chk=1 HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 04:39:45 GMT
content-type: image/gif
content-length: 43
set-cookie: pid=NWQ1Y2JmZTRmZmVmYjQzZA; expires=Fri, 02 Aug 2024 04:39:45 GMT; domain=.programmatica.com; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c26c9d885fe65989ba4f45bfa689c80d
02ebe3e544d04cc2c645b7f2c1f3bf82cf30533b
031f14f6f03d79abbce3ea6477942637731b1bd284baac7430607804fa25e18d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "031F14F6F03D79ABBCE3EA6477942637731B1BD284BAAC7430607804FA25E18D"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 02 Feb 2023 10:39:45 GMT
Date: Thu, 02 Feb 2023 04:39:45 GMT
Connection: keep-alive
9de46b54-a2b3-11ed-86e0-002590c0647c.n7.sync.bumlam.com/?src=sape
62.109.24.241302 Found 0 B URL HTTP/2 9de46b54-a2b3-11ed-86e0-002590c0647c.n7.sync.bumlam.com/?src=sape
IP 62.109.24.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: 9de46b54-a2b3-11ed-86e0-002590c0647c.n7.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ5ZGU0NmI1NC1hMmIzLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.1
date: Thu, 02 Feb 2023 04:39:45 GMT
content-length: 0
location: https://pix.bumlam.com/sync/sape/done
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/done
31.172.81.159200 OK 43 B URL HTTP/1.1 pix.bumlam.com/sync/sape/done
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ5ZGU0NmI1NC1hMmIzLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash b488de3db028e351911981452a9c3ef3
a30257532f2866e11125e9a616d824e6542eb3de
3fa0da5b42be0436a2e15e3e17509ad792122ead12c5403c86c7e35d5cf1cd0c
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:08:28 GMT
ETag: "a30257532f2866e11125e9a616d824e6542eb3de"
Last-Modified: Thu, 02 Feb 2023 00:08:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3395
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79303eadbc1db4e8-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash b488de3db028e351911981452a9c3ef3
a30257532f2866e11125e9a616d824e6542eb3de
3fa0da5b42be0436a2e15e3e17509ad792122ead12c5403c86c7e35d5cf1cd0c
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:08:28 GMT
ETag: "a30257532f2866e11125e9a616d824e6542eb3de"
Last-Modified: Thu, 02 Feb 2023 00:08:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3395
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79303eadec2ab4e8-OSL
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
195.209.108.49302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP 195.209.108.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-4694719474; expires=Sat, 01 Feb 2025 04:39:45 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4694719474
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1303420A903EDB633E0A9D1502F81D6D
81.222.128.214200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1303420A903EDB633E0A9D1502F81D6D
IP 81.222.128.214:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
ocsp.globalsign.com/alphasslcasha256g4
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.20.226:0
Hash 45cc3902d7987738771c0f6a04adc91f
d3a49731c42d4d3512df494aa67dab40e78dd5ce
6172e0b12566e35ffc9d899f64103af8d002a8d0aaad5999bf215f83e556d193
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Mon, 06 Feb 2023 02:54:55 GMT
ETag: "d3a49731c42d4d3512df494aa67dab40e78dd5ce"
Last-Modified: Thu, 02 Feb 2023 02:54:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1607
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79303eae2c40b4e8-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:03:25 GMT
Expires: Wed, 08 Feb 2023 02:03:24 GMT
Etag: "a9569ad568776c896099e2e7b4291dbe7101cb9b"
Cache-Control: max-age=508418,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79303eadfa680b55-OSL
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4694719474
195.209.108.49302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4694719474
IP 195.209.108.49:0
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4694719474 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Sat, 01 Feb 2025 04:39:45 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash c60ca4b761622aee6dac8fcd5a7b47bb
bf27b8a42a03073eb548b79b3adfc1c4a09921ba
55e4d169563b096866bbab23531097fd09fa620a64f56261165cf190aa90aaa7
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 04:18:19 GMT
Expires: Mon, 06 Feb 2023 04:18:18 GMT
Etag: "bf27b8a42a03073eb548b79b3adfc1c4a09921ba"
Cache-Control: max-age=604094,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 431
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79303eae4b54b51d-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9bfb439fb08a32861d09348061be89b1
7c8e9f24fa24ae6a5860bf9b7cc96377089f727b
418cb2a96b67658132868ef799dbe9b55ebe9ca82d9a18d1a06c6868ef8cc54e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "418CB2A96B67658132868EF799DBE9B55EBE9CA82D9A18D1A06C6868EF8CC54E"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1033
Expires: Thu, 02 Feb 2023 04:56:58 GMT
Date: Thu, 02 Feb 2023 04:39:45 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 3db08d47898fa2e9e3d1cb5cc21e384e
9a6475c4339b09f4c12858f0056149997e3bfd91
ac9b9cd007d0a3b95898a8c9ca37b051316fbc53041f6b0c22f8ef8cd74ee591
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:39:19 GMT
ETag: "9a6475c4339b09f4c12858f0056149997e3bfd91"
Last-Modified: Thu, 02 Feb 2023 00:39:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3030
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79303eae6c62b4e8-OSL
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
188.42.34.65302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP 188.42.34.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:39:45 GMT; Path=/; Domain=.betweendigital.com
tuuid=6b43e3ff-cc76-5221-95f9-a791f6229900; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:39:45 GMT; Path=/; Domain=.betweendigital.com
ut=Y9s-kQAJ9sjAptT1utL7ggWfiJ6OpYmegcjufg==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:39:45 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
77.245.57.72400 Bad Request 22 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
File type ASCII text, with no line terminators
Hash b0b11e1c78b526b61477f8e9ee540be0
d5e73002987ff54626542b116d98a8f4aa9ee2eb
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Length: 22
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 98ce9dc30109312be81603be0a438486
15fe0064e4286e00e6ccdcd0b07558f606fbb9af
688fa90142846e3d2cd3f3daf6fdc04e91e7721934b5c894589e20e059f87b57
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 06 Feb 2023 01:54:45 GMT
ETag: "15fe0064e4286e00e6ccdcd0b07558f606fbb9af"
Last-Modified: Thu, 02 Feb 2023 01:54:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2700
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79303eae8c76b4e8-OSL
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
193.3.184.226302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP 193.3.184.226:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2PbPpAVnQo+bR34AuVhGl4XlAbTLZ02Hne6VhMGqeuv; test_cookie=CheckForPermission; cSyncDp7v2=1675312784; cSyncDp14v3=1675312784; cSyncDp17=1675312784; cSyncDp32=1675312784; cSyncDp45v3=1675312784; cSyncDp53v2=1675312784; cSyncDp62=1675312784; cSyncDp67v2=1675312784; cSyncDp68=1675312784; cSyncDp71=1675312784; cSyncDp85=1675312784; cSyncDp95v3=1675312784; cSyncDp98v2=1675312784; cSyncDp101=1675312784; cSyncDp104v2=1675312784; cSyncDp107=1675312784; cSyncDp110=1675312784; cSyncDp125v3=1675312784; cSyncDp126=1675312784; cSyncDp127=1675312784; cSyncDp129=1675312784; cSyncDp136v2=1675312784; cSyncDp146=1675312784; cSyncDp148=1675312784; cSyncDp149v2=1675312784; cSyncDp151=1675312784; cSyncDp178=1675312784; cSyncDp186=1675312784; cSyncDp221=1675312784; cSyncDp235=1675312784
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 02 Feb 2023 04:39:45 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1303420A903EDB633E0A9D1502F81D6D
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sape-sync.rutarget.ru/sync
188.72.107.156302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP 188.72.107.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=9lvI8Ti5lxd5
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=9lvI8Ti5lxd5; Path=/; Domain=.rutarget.ru; Expires=Tue, 01 Aug 2023 04:39:45 GMT; SameSite=None; Secure
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
188.42.34.65200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.34.65:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:39:45 GMT; Path=/; Domain=.betweendigital.com
tuuid=9f67bc03-660e-5221-8821-b0fcebfa8e6d; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:39:45 GMT; Path=/; Domain=.betweendigital.com
ut=Y9s-kQAKh1A0_vBHPF_d2HWxHhvljDd2pzsIBg==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:39:45 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
tag.digitaltarget.ru/adcm.js
185.15.175.145200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP 185.15.175.145:0
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Thu, 02 Feb 2023 04:34:10 GMT
Connection: keep-alive
ETag: "63db3d42-beb"
Accept-Ranges: bytes
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1303420A903EDB633E0A9D1502F81D6D
81.222.128.214200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1303420A903EDB633E0A9D1502F81D6D
IP 81.222.128.214:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
ad.mail.ru/cm.gif?p=48&id=1303420A903EDB633E0A9D1502F81D6D
95.163.41.56200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=1303420A903EDB633E0A9D1502F81D6D
IP 95.163.41.56:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 04:39:45 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=28pYgs1le2YF0029aN0di52F:::0-0-0-8f59751:CAASEPLmw83WRRnsnNbs3RL65RMaYJ_9OQJe4AZgz0xAsRpeP5YbyI6ZUOwaOZvAfgegDraucngnSOaqeNDfyAZd0FUlDqsDY8qMu2VM7HQbDxP6-jd0KNBW_6jHtJONrn3BDnocmPddH55G-HnAoo50cd-lfw; path=/; expires=Sat, 03-Feb-24 04:39:45 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Thu, 02 Feb 2023 10:39:45 GMT
cache-control: max-age=21600
last-modified: Thu, 02 Feb 2023 04:39:45 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
www.acint.net/match?dp=104&euid=9lvI8Ti5lxd5
193.3.184.226200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=9lvI8Ti5lxd5
IP 193.3.184.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=9lvI8Ti5lxd5 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=CkIDE2PbPpAVnQo+bR34AuVhGl4XlAbTLZ02Hne6VhMGqeuv; test_cookie=CheckForPermission; cSyncDp7v2=1675312784; cSyncDp14v3=1675312784; cSyncDp17=1675312784; cSyncDp32=1675312784; cSyncDp45v3=1675312784; cSyncDp53v2=1675312784; cSyncDp62=1675312784; cSyncDp67v2=1675312784; cSyncDp68=1675312784; cSyncDp71=1675312784; cSyncDp85=1675312784; cSyncDp95v3=1675312784; cSyncDp98v2=1675312784; cSyncDp101=1675312784; cSyncDp104v2=1675312784; cSyncDp107=1675312784; cSyncDp110=1675312784; cSyncDp125v3=1675312784; cSyncDp126=1675312784; cSyncDp127=1675312784; cSyncDp129=1675312784; cSyncDp136v2=1675312784; cSyncDp146=1675312784; cSyncDp148=1675312784; cSyncDp149v2=1675312784; cSyncDp151=1675312784; cSyncDp178=1675312784; cSyncDp186=1675312784; cSyncDp221=1675312784; cSyncDp235=1675312784
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:39:45 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sm.rtb.mts.ru/p?ssp=sape&id=1303420A903EDB633E0A9D1502F81D6D
217.66.147.39301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=1303420A903EDB633E0A9D1502F81D6D
IP 217.66.147.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=1303420A903EDB633E0A9D1502F81D6D
Set-Cookie: dspid=467ad20e-1052-4b11-b766-9e072e30f9a3; expires=Wed, 24 Jan 2024 04:39:45 GMT; domain=.mts.ru; path=/; secure; SameSite=None
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:03:25 GMT
Expires: Wed, 08 Feb 2023 02:03:24 GMT
Etag: "a9569ad568776c896099e2e7b4291dbe7101cb9b"
Cache-Control: max-age=508418,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79303eadfe6eb51b-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 47104af366e237afec3af30f37af7dba
b24492f724ba1d4395df66bc2e0de1bdabc4264d
59c7255b4bd417487377052a2b4ec75029319525bad73a5ef43dce28d79efbbb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 14:18:45 GMT
Expires: Tue, 07 Feb 2023 14:18:44 GMT
Etag: "b24492f724ba1d4395df66bc2e0de1bdabc4264d"
Cache-Control: max-age=466138,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79303eae3bb2b4f3-OSL
px.adhigh.net/p/cm/sape?u=1303420A903EDB633E0A9D1502F81D6D
194.190.76.38302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1303420A903EDB633E0A9D1502F81D6D
IP 194.190.76.38:0
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 04:39:45 GMT
content-length: 0
x-backend-id: f10-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=efBXzwbmppD.AikABlGGEGxphQ;Path=/;Domain=.adhigh.net;Expires=Fri, 02-Feb-2024 04:39:45 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=1303420A903EDB633E0A9D1502F81D6D&bounced=1
X-Firefox-Spdy: h2
sm.rtb.mts.ru/match/second?ssp=30&exu=1303420A903EDB633E0A9D1502F81D6D
217.66.147.39200 OK 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=1303420A903EDB633E0A9D1502F81D6D
IP 217.66.147.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=30&exu=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
ads.betweendigital.com/match?bidder_id=73&external_user_id=1303420A903EDB633E0A9D1502F81D6D
188.42.34.65302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=1303420A903EDB633E0A9D1502F81D6D
IP 188.42.34.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=1303420A903EDB633E0A9D1502F81D6D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:39:45 GMT; Path=/; Domain=.betweendigital.com
tuuid=2235d5e0-fa6e-5221-a9f1-ab1bca2a958a; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:39:45 GMT; Path=/; Domain=.betweendigital.com
ut=Y9s-kQAMlqgcZJ_npO4FEjxhwFJ8J3n1yx6uXQ==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:39:45 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
tag.digitaltarget.ru/processor.js?i=679239823571951
185.15.175.145200 OK 16 kB URL HTTP/1.1 tag.digitaltarget.ru/processor.js?i=679239823571951
IP 185.15.175.145:0
File type ASCII text, with very long lines (15892), with no line terminators
Hash 736e2fb1da94f3277e3f931048c1b9f3
196387db95a17da825b629de3542eff901b09905
4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc
GET /processor.js?i=679239823571951 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:39:45 GMT
Content-Type: application/javascript
Content-Length: 15892
Last-Modified: Thu, 02 Feb 2023 04:34:10 GMT
Connection: keep-alive
ETag: "63db3d42-3e14"
Accept-Ranges: bytes
x01.aidata.io/0.gif?pid=9401454&id=1303420A903EDB633E0A9D1502F81D6D
89.108.119.43302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=1303420A903EDB633E0A9D1502F81D6D
IP 89.108.119.43:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 04:39:45 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=1303420A903EDB633E0A9D1502F81D6D&bounce=1
expires: Thu, 02 Feb 2023 04:39:44 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Thu, 02 Feb 2023 04:39:44 GMT
set-cookie: __upin=UQULG4lBVVc8Ike2EiKGOg;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675312785;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=1303420A903EDB633E0A9D1502F81D6D&crf=1
188.42.34.65200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=1303420A903EDB633E0A9D1502F81D6D&crf=1
IP 188.42.34.65:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=1303420A903EDB633E0A9D1502F81D6D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:39:45 GMT; Path=/; Domain=.betweendigital.com
tuuid=7394f9a4-3eda-5221-adfe-51bbce256f2a; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:39:45 GMT; Path=/; Domain=.betweendigital.com
ut=Y9s-kQANKxgvRjnC8EcMmDnjp5lR40l0HPgsTA==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 04:39:45 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=1303420A903EDB633E0A9D1502F81D6D&bounced=1
194.190.76.38200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1303420A903EDB633E0A9D1502F81D6D&bounced=1
IP 194.190.76.38:0
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=1303420A903EDB633E0A9D1502F81D6D&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 04:39:45 GMT
content-type: image/gif
content-length: 49
x-backend-id: f10-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=1303420A903EDB633E0A9D1502F81D6D&bounce=1
89.108.119.43204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=1303420A903EDB633E0A9D1502F81D6D&bounce=1
IP 89.108.119.43:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=1303420A903EDB633E0A9D1502F81D6D&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 02 Feb 2023 04:39:45 GMT
expires: Thu, 02 Feb 2023 04:39:44 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Thu, 02 Feb 2023 04:39:44 GMT
set-cookie: __upin=ppJaHfZP14nZQhWaQEXHbw;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675312785;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9fda91fa23cb10f30886b8eeb9f707e2
6f7a61ea7e4c4529997bd00f12e97930a632f8c5
b3540cb1284fe60c7bc16e069e88439b8bfe80058aeb10131e6199cfd97ac3c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3540CB1284FE60C7BC16E069E88439B8BFE80058AEB10131E6199CFD97AC3C7"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13576
Expires: Thu, 02 Feb 2023 08:26:02 GMT
Date: Thu, 02 Feb 2023 04:39:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9fda91fa23cb10f30886b8eeb9f707e2
6f7a61ea7e4c4529997bd00f12e97930a632f8c5
b3540cb1284fe60c7bc16e069e88439b8bfe80058aeb10131e6199cfd97ac3c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3540CB1284FE60C7BC16E069E88439B8BFE80058AEB10131E6199CFD97AC3C7"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13576
Expires: Thu, 02 Feb 2023 08:26:02 GMT
Date: Thu, 02 Feb 2023 04:39:46 GMT
Connection: keep-alive
dmg.digitaltarget.ru/1/1093/i/i?i=104312388066139.795018094839967&a=77&e=1303420A903EDB633E0A9D1502F81D6D&pref=https%3A%2F%2Fwww.poranarabotu.ru%2F&c=ss:77.up:1303420A903EDB633E0A9D1502F81D6D.sync:up.xdua:duCg1Zv5NuiS7OR5JZ8LOcHe.xps:xps4zkVefvWCIz_MxWpmnj_m5.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.158307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=104312388066139.795018094839967&a=77&e=1303420A903EDB633E0A9D1502F81D6D&pref=https%3A%2F%2Fwww.poranarabotu.ru%2F&c=ss:77.up:1303420A903EDB633E0A9D1502F81D6D.sync:up.xdua:duCg1Zv5NuiS7OR5JZ8LOcHe.xps:xps4zkVefvWCIz_MxWpmnj_m5.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=104312388066139.795018094839967&a=77&e=1303420A903EDB633E0A9D1502F81D6D&pref=https%3A%2F%2Fwww.poranarabotu.ru%2F&c=ss:77.up:1303420A903EDB633E0A9D1502F81D6D.sync:up.xdua:duCg1Zv5NuiS7OR5JZ8LOcHe.xps:xps4zkVefvWCIz_MxWpmnj_m5.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 02 Feb 2023 04:39:46 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675312786024&i=104312388066139.795018094839967&a=77&e=1303420A903EDB633E0A9D1502F81D6D&pref=https%3A%2F%2Fwww.poranarabotu.ru%2F&c=ss:77.up:1303420A903EDB633E0A9D1502F81D6D.sync:up.xdua:duCg1Zv5NuiS7OR5JZ8LOcHe.xps:xps4zkVefvWCIz_MxWpmnj_m5.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=A0Y0xmPL.KiibEp7kVJ1; Max-Age=93312000; Expires=Sat, 17 Jan 2026 04:39:46 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/1/1093/i/i?i=104312388066139.686249394215206&a=77&e=1303420A903EDB633E0A9D1502F81D6D&pref=https%3A%2F%2Fwww.poranarabotu.ru%2F&c=ss:77.up:1303420A903EDB633E0A9D1502F81D6D.sync:up.xdua:duCg1Zv5NuiS7OR5JZ8LOcHe.xps:xps4zkVefvWCIz_MxWpmnj_m5.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.158307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=104312388066139.686249394215206&a=77&e=1303420A903EDB633E0A9D1502F81D6D&pref=https%3A%2F%2Fwww.poranarabotu.ru%2F&c=ss:77.up:1303420A903EDB633E0A9D1502F81D6D.sync:up.xdua:duCg1Zv5NuiS7OR5JZ8LOcHe.xps:xps4zkVefvWCIz_MxWpmnj_m5.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=104312388066139.686249394215206&a=77&e=1303420A903EDB633E0A9D1502F81D6D&pref=https%3A%2F%2Fwww.poranarabotu.ru%2F&c=ss:77.up:1303420A903EDB633E0A9D1502F81D6D.sync:up.xdua:duCg1Zv5NuiS7OR5JZ8LOcHe.xps:xps4zkVefvWCIz_MxWpmnj_m5.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 02 Feb 2023 04:39:46 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675312786028&i=104312388066139.686249394215206&a=77&e=1303420A903EDB633E0A9D1502F81D6D&pref=https%3A%2F%2Fwww.poranarabotu.ru%2F&c=ss:77.up:1303420A903EDB633E0A9D1502F81D6D.sync:up.xdua:duCg1Zv5NuiS7OR5JZ8LOcHe.xps:xps4zkVefvWCIz_MxWpmnj_m5.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=QHt8ZuEL.qizh2X7cbQ6; Max-Age=93312000; Expires=Sat, 17 Jan 2026 04:39:46 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675312786024&i=104312388066139.795018094839967&a=77&e=1303420A903EDB633E0A9D1502F81D6D&pref=https%3A%2F%2Fwww.poranarabotu.ru%2F&c=ss:77.up:1303420A903EDB633E0A9D1502F81D6D.sync:up.xdua:duCg1Zv5NuiS7OR5JZ8LOcHe.xps:xps4zkVefvWCIz_MxWpmnj_m5.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.158200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675312786024&i=104312388066139.795018094839967&a=77&e=1303420A903EDB633E0A9D1502F81D6D&pref=https%3A%2F%2Fwww.poranarabotu.ru%2F&c=ss:77.up:1303420A903EDB633E0A9D1502F81D6D.sync:up.xdua:duCg1Zv5NuiS7OR5JZ8LOcHe.xps:xps4zkVefvWCIz_MxWpmnj_m5.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.158:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1675312786024&i=104312388066139.795018094839967&a=77&e=1303420A903EDB633E0A9D1502F81D6D&pref=https%3A%2F%2Fwww.poranarabotu.ru%2F&c=ss:77.up:1303420A903EDB633E0A9D1502F81D6D.sync:up.xdua:duCg1Zv5NuiS7OR5JZ8LOcHe.xps:xps4zkVefvWCIz_MxWpmnj_m5.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:39:46 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675312786028&i=104312388066139.686249394215206&a=77&e=1303420A903EDB633E0A9D1502F81D6D&pref=https%3A%2F%2Fwww.poranarabotu.ru%2F&c=ss:77.up:1303420A903EDB633E0A9D1502F81D6D.sync:up.xdua:duCg1Zv5NuiS7OR5JZ8LOcHe.xps:xps4zkVefvWCIz_MxWpmnj_m5.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.158200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675312786028&i=104312388066139.686249394215206&a=77&e=1303420A903EDB633E0A9D1502F81D6D&pref=https%3A%2F%2Fwww.poranarabotu.ru%2F&c=ss:77.up:1303420A903EDB633E0A9D1502F81D6D.sync:up.xdua:duCg1Zv5NuiS7OR5JZ8LOcHe.xps:xps4zkVefvWCIz_MxWpmnj_m5.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.158:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1675312786028&i=104312388066139.686249394215206&a=77&e=1303420A903EDB633E0A9D1502F81D6D&pref=https%3A%2F%2Fwww.poranarabotu.ru%2F&c=ss:77.up:1303420A903EDB633E0A9D1502F81D6D.sync:up.xdua:duCg1Zv5NuiS7OR5JZ8LOcHe.xps:xps4zkVefvWCIz_MxWpmnj_m5.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 04:39:46 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 12
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
www.acint.net/ping/?v=0.5.0&uid=94aa2f7b-d510-495d-bb16-fb1724bd325f&dp=10&tz=%2B00%3A00&nc=63782171&dT=2023-02-02T04%3A40%3A12.095
193.3.184.226200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.5.0&uid=94aa2f7b-d510-495d-bb16-fb1724bd325f&dp=10&tz=%2B00%3A00&nc=63782171&dT=2023-02-02T04%3A40%3A12.095
IP 193.3.184.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.5.0&uid=94aa2f7b-d510-495d-bb16-fb1724bd325f&dp=10&tz=%2B00%3A00&nc=63782171&dT=2023-02-02T04%3A40%3A12.095 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/
Cookie: aid=CkIDE2PbPpAVnQo+bR34AuVhGl4XlAbTLZ02Hne6VhMGqeuv; test_cookie=CheckForPermission; cSyncDp7v2=1675312784; cSyncDp14v3=1675312784; cSyncDp17=1675312784; cSyncDp32=1675312784; cSyncDp45v3=1675312784; cSyncDp53v2=1675312784; cSyncDp62=1675312784; cSyncDp67v2=1675312784; cSyncDp68=1675312784; cSyncDp71=1675312784; cSyncDp85=1675312784; cSyncDp95v3=1675312784; cSyncDp98v2=1675312784; cSyncDp101=1675312784; cSyncDp104v2=1675312784; cSyncDp107=1675312784; cSyncDp110=1675312784; cSyncDp125v3=1675312784; cSyncDp126=1675312784; cSyncDp127=1675312784; cSyncDp129=1675312784; cSyncDp136v2=1675312784; cSyncDp146=1675312784; cSyncDp148=1675312784; cSyncDp149v2=1675312784; cSyncDp151=1675312784; cSyncDp178=1675312784; cSyncDp186=1675312784; cSyncDp221=1675312784; cSyncDp235=1675312784
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 04:39:47 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/1058735?wv-check=36825&wv-type=0&wmode=0&wv-part=1&wv-hit=600076217&page-url=https%3A%2F%2Fwww.poranarabotu.ru%2Fvse_novosti%2FnArch%2F2&rn=634763022&browser-info=et%3A1675312816%3Aw%3A1268x939%3Av%3A960%3Az%3A0%3Ai%3A20230202044016%3Au%3A1675312809195903412%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Ast%3A1675312816&t=gdpr(14)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/1058735?wv-check=36825&wv-type=0&wmode=0&wv-part=1&wv-hit=600076217&page-url=https%3A%2F%2Fwww.poranarabotu.ru%2Fvse_novosti%2FnArch%2F2&rn=634763022&browser-info=et%3A1675312816%3Aw%3A1268x939%3Av%3A960%3Az%3A0%3Ai%3A20230202044016%3Au%3A1675312809195903412%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Ast%3A1675312816&t=gdpr(14)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/1058735?wv-check=36825&wv-type=0&wmode=0&wv-part=1&wv-hit=600076217&page-url=https%3A%2F%2Fwww.poranarabotu.ru%2Fvse_novosti%2FnArch%2F2&rn=634763022&browser-info=et%3A1675312816%3Aw%3A1268x939%3Av%3A960%3Az%3A0%3Ai%3A20230202044016%3Au%3A1675312809195903412%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Ast%3A1675312816&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 48
Origin: https://www.poranarabotu.ru
Connection: keep-alive
Referer: https://www.poranarabotu.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 02 Feb 2023 04:39:51 GMT
access-control-allow-origin: https://www.poranarabotu.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 04:39:51 GMT
last-modified: Thu, 02-Feb-2023 04:39:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/1058735?wv-check=3341&wv-type=0&wmode=0&wv-part=2&wv-hit=600076217&page-url=https%3A%2F%2Fwww.poranarabotu.ru%2Fvse_novosti%2FnArch%2F2&rn=777485967&browser-info=et%3A1675312816%3Aw%3A1268x939%3Av%3A960%3Az%3A0%3Ai%3A20230202044016%3Au%3A1675312809195903412%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Ast%3A1675312816&t=gdpr(14)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/1058735?wv-check=3341&wv-type=0&wmode=0&wv-part=2&wv-hit=600076217&page-url=https%3A%2F%2Fwww.poranarabotu.ru%2Fvse_novosti%2FnArch%2F2&rn=777485967&browser-info=et%3A1675312816%3Aw%3A1268x939%3Av%3A960%3Az%3A0%3Ai%3A20230202044016%3Au%3A1675312809195903412%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Ast%3A1675312816&t=gdpr(14)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/1058735?wv-check=3341&wv-type=0&wmode=0&wv-part=2&wv-hit=600076217&page-url=https%3A%2F%2Fwww.poranarabotu.ru%2Fvse_novosti%2FnArch%2F2&rn=777485967&browser-info=et%3A1675312816%3Aw%3A1268x939%3Av%3A960%3Az%3A0%3Ai%3A20230202044016%3Au%3A1675312809195903412%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Ast%3A1675312816&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 12
Origin: https://www.poranarabotu.ru
Connection: keep-alive
Referer: https://www.poranarabotu.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 02 Feb 2023 04:39:51 GMT
access-control-allow-origin: https://www.poranarabotu.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 04:39:51 GMT
last-modified: Thu, 02-Feb-2023 04:39:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/1058735?wv-check=50327&wv-type=0&wmode=0&wv-part=3&wv-hit=600076217&page-url=https%3A%2F%2Fwww.poranarabotu.ru%2Fvse_novosti%2FnArch%2F2&rn=485695197&browser-info=et%3A1675312816%3Aw%3A1268x939%3Av%3A960%3Az%3A0%3Ai%3A20230202044016%3Au%3A1675312809195903412%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Ast%3A1675312816&t=gdpr(14)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/1058735?wv-check=50327&wv-type=0&wmode=0&wv-part=3&wv-hit=600076217&page-url=https%3A%2F%2Fwww.poranarabotu.ru%2Fvse_novosti%2FnArch%2F2&rn=485695197&browser-info=et%3A1675312816%3Aw%3A1268x939%3Av%3A960%3Az%3A0%3Ai%3A20230202044016%3Au%3A1675312809195903412%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Ast%3A1675312816&t=gdpr(14)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/1058735?wv-check=50327&wv-type=0&wmode=0&wv-part=3&wv-hit=600076217&page-url=https%3A%2F%2Fwww.poranarabotu.ru%2Fvse_novosti%2FnArch%2F2&rn=485695197&browser-info=et%3A1675312816%3Aw%3A1268x939%3Av%3A960%3Az%3A0%3Ai%3A20230202044016%3Au%3A1675312809195903412%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Ast%3A1675312816&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 12
Origin: https://www.poranarabotu.ru
Connection: keep-alive
Referer: https://www.poranarabotu.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 02 Feb 2023 04:39:51 GMT
access-control-allow-origin: https://www.poranarabotu.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 04:39:51 GMT
last-modified: Thu, 02-Feb-2023 04:39:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.poranarabotu.ru/vse_novosti/nArch/2
94.198.50.208200 OK 0 B URL HTTP/2 www.poranarabotu.ru/vse_novosti/nArch/2
IP 94.198.50.208:0
Analyzer Verdict Alert fortinet Malware
GET /vse_novosti/nArch/2 HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
server: Caddy
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
date: Thu, 02 Feb 2023 04:39:43 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/js/jquery-ui-1.8.10.custom.min.js
94.198.50.208200 OK 0 B URL HTTP/2 www.poranarabotu.ru/js/jquery-ui-1.8.10.custom.min.js
IP 94.198.50.208:0
Analyzer Verdict Alert fortinet Malware
GET /js/jquery-ui-1.8.10.custom.min.js HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: "mvwqr21ece"
last-modified: Thu, 07 Nov 2013 19:13:50 GMT
server: Caddy
vary: Accept-Encoding
date: Thu, 02 Feb 2023 04:39:43 GMT
X-Firefox-Spdy: h2
bs.yandex.ru/informer/1058735/3_1_FFFFFFFF_FFF5EEFF_0_pageviews
93.158.134.90404 Not Found 0 B URL HTTP/2 bs.yandex.ru/informer/1058735/3_1_FFFFFFFF_FFF5EEFF_0_pageviews
IP 93.158.134.90:0
GET /informer/1058735/3_1_FFFFFFFF_FFF5EEFF_0_pageviews HTTP/1.1
Host: bs.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Thu, 02 Feb 2023 04:39:44 GMT
content-type: text/plain; charset=UTF-8
content-encoding: gzip
timing-allow-origin: *
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/1303420A903EDB633E0A9D1502F81D6D
93.158.134.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/1303420A903EDB633E0A9D1502F81D6D
IP 93.158.134.90:0
GET /mapuid/sapeis/1303420A903EDB633E0A9D1502F81D6D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/1303420A903EDB633E0A9D1502F81D6D?redir-setuniq=1
date: Thu, 02 Feb 2023 04:39:45 GMT
set-cookie: yandexuid=31438841675312785; domain=.yandex.ru; path=/; expires=Sun, 30-Jan-2033 04:39:45 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 04:39:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 02 Feb 2023 04:39:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/1303420A903EDB633E0A9D1502F81D6D?redir-setuniq=1
93.158.134.90200 OK 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/1303420A903EDB633E0A9D1502F81D6D?redir-setuniq=1
IP 93.158.134.90:0
GET /mapuid/sapeis/1303420A903EDB633E0A9D1502F81D6D?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Thu, 02 Feb 2023 04:39:45 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 04:39:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 02 Feb 2023 04:39:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.poranarabotu.ru/css/porana/jquery-ui-1.8.11.custom.css
94.198.50.208200 OK 0 B URL HTTP/2 www.poranarabotu.ru/css/porana/jquery-ui-1.8.11.custom.css
IP 94.198.50.208:0
GET /css/porana/jquery-ui-1.8.11.custom.css HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/css; charset=utf-8
etag: "ljk8txqcp"
last-modified: Tue, 12 Apr 2011 22:22:45 GMT
server: Caddy
vary: Accept-Encoding
date: Thu, 02 Feb 2023 04:39:43 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/css/page.css?20130926
94.198.50.208200 OK 0 B URL HTTP/2 www.poranarabotu.ru/css/page.css?20130926
IP 94.198.50.208:0
GET /css/page.css?20130926 HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/css; charset=utf-8
etag: "mtqs4vnyo"
last-modified: Thu, 26 Sep 2013 16:50:55 GMT
server: Caddy
vary: Accept-Encoding
date: Thu, 02 Feb 2023 04:39:43 GMT
X-Firefox-Spdy: h2
www.poranarabotu.ru/engine/js/jquery.js
94.198.50.208200 OK 0 B URL HTTP/2 www.poranarabotu.ru/engine/js/jquery.js
IP 94.198.50.208:0
Analyzer Verdict Alert fortinet Malware
GET /engine/js/jquery.js HTTP/1.1
Host: www.poranarabotu.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.poranarabotu.ru/vse_novosti/nArch/2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: "mvyr0u20js"
last-modified: Fri, 08 Nov 2013 21:14:54 GMT
server: Caddy
vary: Accept-Encoding
date: Thu, 02 Feb 2023 04:39:43 GMT
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/NjY2MWRkNzNmY2QzMGE3Mw
93.158.134.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/NjY2MWRkNzNmY2QzMGE3Mw
IP 93.158.134.90:0
GET /mapuid/gonetdspis/NjY2MWRkNzNmY2QzMGE3Mw HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/gonetdspis/NjY2MWRkNzNmY2QzMGE3Mw?redir-setuniq=1
date: Thu, 02 Feb 2023 04:39:45 GMT
set-cookie: yandexuid=7076936911675312785; domain=.yandex.ru; path=/; expires=Sun, 30-Jan-2033 04:39:45 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 04:39:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 02 Feb 2023 04:39:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2