docka1.ru/rashodnie_materiali
176.99.4.61200 OK 3.7 kB URL HTTP/1.1 docka1.ru/rashodnie_materiali
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1402), with CRLF, CR, LF line terminators
Hash c5bdf0a3f4170ff017d763fb6e987868
e6d6418b48be6b7fa42ee4227f46d58a85545ae5
90ea889e59b04738b8a5c1577e0fb56446ceb9b149b8c69cdcc941d3489b6cf9
Analyzer Verdict Alert fortinet Malware
GET /rashodnie_materiali HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:33 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3688
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8691
Expires: Sat, 04 Feb 2023 04:11:25 GMT
Date: Sat, 04 Feb 2023 01:46:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7031
Expires: Sat, 04 Feb 2023 03:43:45 GMT
Date: Sat, 04 Feb 2023 01:46:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 01:43:35 GMT
content-type: application/json
age: 179
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9063
Expires: Sat, 04 Feb 2023 04:17:37 GMT
Date: Sat, 04 Feb 2023 01:46:34 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: etsnBiU7UcZIUqghJqZ6xRSBpqdRbPYfI36hL+FP75JNB4vnr8QE8hUDRgkSR30y0bNkt2mO8ds=
x-amz-request-id: ZWBDSQ8GJHRDQNDZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 00:52:38 GMT
age: 3236
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:46:34 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
docka1.ru/images/logo.gif
176.99.4.61200 OK 7.1 kB URL HTTP/1.1 docka1.ru/images/logo.gif
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 136 x 106\012- data
Hash 42af3e737a231a91f4495b536743ccee
29e36376c955fa4fc6996d55ffc6a7e373bfe75f
a1daf95cbeed737718e3f414f4b3d061661212c4a63a8a4d9a113f2cabaacb53
GET /images/logo.gif HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/rashodnie_materiali
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:34 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Sun, 15 Dec 2019 22:23:19 GMT
ETag: "1b98-599c58ace17df"
Accept-Ranges: bytes
Content-Length: 7064
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
pagead2.googlesyndication.com/pagead/show_ads.js
216.58.211.2200 OK 37 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP 216.58.211.2:0
File type ASCII text, with very long lines (4130)
Hash 7d4dfe9c919680da93d8db5aae4dd3cc
b3351e97ccbbb56777bda997b9681a79a151c5b6
710a20ef61d3a98caaff8bae02f0c42b170be93b60a98cc85cf2577fad01b4c6
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Sat, 04 Feb 2023 01:46:34 GMT
Expires: Sat, 04 Feb 2023 01:46:34 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 1072850881457680936
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 36770
X-XSS-Protection: 0
docka1.ru/images/bg_logo.jpg
176.99.4.61200 OK 26 kB URL HTTP/1.1 docka1.ru/images/bg_logo.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 778x144, components 3\012- data
Hash 752413bf8f0902df0bb713d870d0d6cc
8922e1d5ac23e8eedd21680f77181e9372edcbbb
3b25c1745c80448c0412789831c44dba35b6820d15b718ddb977ebd256c77071
GET /images/bg_logo.jpg HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/rashodnie_materiali
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:34 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Sun, 15 Dec 2019 22:23:19 GMT
ETag: "6544-599c58acd8b3f"
Accept-Ranges: bytes
Content-Length: 25924
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
docka1.ru/pics/3512_small.jpg
176.99.4.61200 OK 10 kB URL HTTP/1.1 docka1.ru/pics/3512_small.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 208x156, components 3\012- data
Hash f7f04ce97f7b46e2dee635df8239d237
93c307eb25df0e87ce8e56fab4a9a42e6f788b05
02e296e39091ebdf2d81e298e3a415ff975bb2def78797ca3302b4986e80c684
GET /pics/3512_small.jpg HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/rashodnie_materiali
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:34 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Thu, 19 Mar 2020 12:11:20 GMT
ETag: "283a-5a1341118a56e"
Accept-Ranges: bytes
Content-Length: 10298
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
docka1.ru/pics/4030_small.jpg
176.99.4.61200 OK 20 kB URL HTTP/1.1 docka1.ru/pics/4030_small.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 208x156, components 3\012- data
Hash 519210cd3a00f0d532d884e2ffe34b68
a42b7415e2e52ec2eca6411aed732b0fd46c4993
46be69697d6205a0494dbd635191e6b5c5a387f5041d345b42b91c0a209f2db5
GET /pics/4030_small.jpg HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/rashodnie_materiali
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:34 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Mon, 14 Dec 2020 10:17:01 GMT
ETag: "4cb2-5b669f161a548"
Accept-Ranges: bytes
Content-Length: 19634
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
docka1.ru/pics/5388_small.jpg
176.99.4.61200 OK 12 kB URL HTTP/1.1 docka1.ru/pics/5388_small.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 208x156, components 3\012- data
Hash 83ab4695dad1cbb2d7f5833cab9f4fd7
b8db99e9a7ef67e0016de46bb75177ef1454587c
a79233f51f6cbd1bff65d0e5bbcfb151a3391603063faf446966651277e7ddb8
GET /pics/5388_small.jpg HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/rashodnie_materiali
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:34 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Sat, 28 Jan 2023 20:24:58 GMT
ETag: "304e-5f358c69bdfe0"
Accept-Ranges: bytes
Content-Length: 12366
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
docka1.ru/pics/5335_small.jpg
176.99.4.61200 OK 10 kB URL HTTP/1.1 docka1.ru/pics/5335_small.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 208x156, components 3\012- data
Hash bf88f69bd64cc1710a3a6bdcba2667ab
108a55d40f73cc5f9003abe43d862755aa449b24
d6552cee88980c98cb1bc021b9860d7e9a35706f5442983e944a8149eb3fef96
GET /pics/5335_small.jpg HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/rashodnie_materiali
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:34 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Wed, 21 Dec 2022 17:05:00 GMT
ETag: "27f2-5f0598d8ac809"
Accept-Ranges: bytes
Content-Length: 10226
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
docka1.ru/pics/5378_small.jpg
176.99.4.61200 OK 6.4 kB URL HTTP/1.1 docka1.ru/pics/5378_small.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 208x156, components 3\012- data
Hash d8fc4e9d614e523ef566da9f405afd1f
63c7a370054aec177426f0fe613bda934a148657
edce43a29e3eb99d99588e39ea76593bb82aa242f61cd084345d91116d9bfc10
GET /pics/5378_small.jpg HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/rashodnie_materiali
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:34 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Thu, 26 Jan 2023 09:34:12 GMT
ETag: "192e-5f32773a19323"
Accept-Ranges: bytes
Content-Length: 6446
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
docka1.ru/pics/5356_small.jpg
176.99.4.61200 OK 9.6 kB URL HTTP/1.1 docka1.ru/pics/5356_small.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 208x156, components 3\012- data
Hash b2a61b0d883423d530b88bb85c9f3a78
9a694116660bce0bec903470f5ca15a56944569e
002182ea222900964c3a48b1f648606852c0facf3bf46cfe09344ca80aeecb76
GET /pics/5356_small.jpg HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/rashodnie_materiali
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:34 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Mon, 16 Jan 2023 14:14:56 GMT
ETag: "257e-5f262352da2de"
Accept-Ranges: bytes
Content-Length: 9598
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
docka1.ru/images/bg_verh.gif
176.99.4.61200 OK 430 B URL HTTP/1.1 docka1.ru/images/bg_verh.gif
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 778 x 9\012- data
Hash dda863576e31043ee132d7d2eba95936
ce8a6bded10b89311758d918fb8e3b279fce32c2
9567345775957a2ee99160898ef8e7b6546c1a4ddf9b0584ebf9c4fad4b4acd4
GET /images/bg_verh.gif HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/rashodnie_materiali
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:34 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Sun, 15 Dec 2019 22:23:19 GMT
ETag: "1ae-599c58acdba1f"
Accept-Ranges: bytes
Content-Length: 430
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
docka1.ru/images/bg_sred.gif
176.99.4.61200 OK 108 B URL HTTP/1.1 docka1.ru/images/bg_sred.gif
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 1 x 37\012- data
Hash 1f7bae42917a0cbfd9b9c679312536fe
ead841fecc600cb7048f9ff134e12da8f8f62a72
0472665c384d52f95cd6c7ee6ce6803e17073840bf4133eba33add2587e57973
GET /images/bg_sred.gif HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/rashodnie_materiali
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:34 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Sun, 15 Dec 2019 22:23:19 GMT
ETag: "6c-599c58acd6bfe"
Accept-Ranges: bytes
Content-Length: 108
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
ocsp2.globalsign.com/gsalphasha2g2
151.101.194.133200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 151.101.194.133:0
Hash e372454f9558b938476b77e105b0dbe8
bc06602ce8e21b5b2601137b051bd462e0ce65fe
0b6c15853f447be26b0e9e91457e40fafe54b40066802f8fd908d92b503c833b
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Tue, 07 Feb 2023 23:38:23 GMT
ETag: "bc06602ce8e21b5b2601137b051bd462e0ce65fe"
Last-Modified: Fri, 03 Feb 2023 23:38:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 04 Feb 2023 01:46:34 GMT
Age: 3800
X-Served-By: cache-qpg1247-QPG, cache-bma1624-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1
X-Timer: S1675475195.533262,VS0,VE1
vse.doski.ru/top.gif?id=68673
185.10.63.173200 OK 2.3 kB URL HTTP/1.1 vse.doski.ru/top.gif?id=68673
IP 185.10.63.173:0
File type GIF image data, version 89a, 88 x 31\012- data
Hash bb668e5a17164c04c036cfeba2666748
2023e2503e73ae07b493aa5934b8bc8c7f9b49c6
ac237f3a6741dae13425b8fe8cd04a3d8ed3227e7f7c8bbde8f13860b2a7c9f1
GET /top.gif?id=68673 HTTP/1.1
Host: vse.doski.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:34 GMT
Server: Apache/2.4.41 (Ubuntu)
Expires: Mon, 1 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Length: 2323
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
docka1.ru/images/bg_cat.gif
176.99.4.61200 OK 1.3 kB URL HTTP/1.1 docka1.ru/images/bg_cat.gif
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 250 x 54\012- data
Hash 146117d39c554aa61c98920c12730b58
e90432c9e88eccdb8509084474294a498f87ef40
3aa0895804b3628216cb908e26def1f515d2ddbd62b37504ba9e58c6b8a76eae
GET /images/bg_cat.gif HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/rashodnie_materiali
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:34 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Sun, 15 Dec 2019 22:23:19 GMT
ETag: "50e-599c58acbe55d"
Accept-Ranges: bytes
Content-Length: 1294
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
docka1.ru/images/bg_cat2.gif
176.99.4.61200 OK 166 B URL HTTP/1.1 docka1.ru/images/bg_cat2.gif
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 250 x 1\012- data
Hash 6918f8d167ca7c13972ad164cb6eea43
d464754813a089c8ec63a8ca5a9f3d5b3845ab3e
64fea0d82ffc80afd3a8d3486f9767b4cb1cb65d3565ef1d8fa8ca1309a48402
GET /images/bg_cat2.gif HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/rashodnie_materiali
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:34 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Sun, 15 Dec 2019 22:23:19 GMT
ETag: "a6-599c58acc819d"
Accept-Ranges: bytes
Content-Length: 166
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
docka1.ru/images/bg_niz.gif
176.99.4.61200 OK 111 B URL HTTP/1.1 docka1.ru/images/bg_niz.gif
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 1 x 54\012- data
Hash 1f79a36b7e6e0e0a9642bfbb86340e1a
dba001a2b17efe3c38368fc26c97ac78ac1ad947
ba5e2e2f8f24e7a8397e11d5ae9f53d093b2e8984b8e5adbc7505797057e7f45
GET /images/bg_niz.gif HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/rashodnie_materiali
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:34 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Sun, 15 Dec 2019 22:23:19 GMT
ETag: "6f-599c58acd0e3e"
Accept-Ranges: bytes
Content-Length: 111
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
st.top100.ru/top100/top100.js
81.19.89.18200 OK 33 kB URL HTTP/1.1 st.top100.ru/top100/top100.js
IP 81.19.89.18:0
ASN #24638 Rambler Internet Holding LLC
File type Unicode text, UTF-8 text, with very long lines (65420), with no line terminators
Hash df534f83fa509c56689ab6b52690e7d8
46c61770f621c2f634d8abc066d7d41b425c4412
c11439cbce07d6c138afe076cecede048c6649f554c6dbb8cf822bf58da25707
GET /top100/top100.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/
HTTP/1.1 200 OK
Server: nginx/1.19.4
Date: Sat, 04 Feb 2023 01:46:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 30 Jan 2023 10:42:42 GMT
x-rgw-object-type: Normal
ETag: W/"85fd0629b4936ca6bd7f6dca635c0da1"
x-amz-request-id: tx000000000000009e1b90f-0063ddb716-783970ff-default
Expires: Sat, 04 Feb 2023 02:46:34 GMT
Cache-Control: max-age=3600
Set-Cookie: proto_uid=1CIAAPq43WN4BoOcAfQXQwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d82139609e323e908fac5d93cc352a0
16464d86dbab5ffda5e66d870c5d139ee69f9422
dafce9d952b644da844563623a477eec073d696e74275b56b8329ed44b64aa57
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAFCE9D952B644DA844563623A477EEC073D696E74275B56B8329ED44B64AA57"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3728
Expires: Sat, 04 Feb 2023 02:48:42 GMT
Date: Sat, 04 Feb 2023 01:46:34 GMT
Connection: keep-alive
www.acint.net/aci.js
176.9.9.10200 OK 7.8 kB IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1649)
Hash 777eef0db9280e74fe8d3e0e9561da9c
f8316623410b9735dd07b6e12a2f29352c0aa4cd
985dc8f4eb0a0b4629fa8e6d86f741ee8d22b7a0a1f64be2e9e9f2c96c9cf772
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 01:46:34 GMT
content-type: application/x-javascript
content-length: 7784
last-modified: Thu, 02 Feb 2023 13:55:24 GMT
etag: "63dbc0cc-1e68"
content-encoding: gzip
expires: Sat, 04 Feb 2023 13:46:34 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 01:07:19 GMT
age: 2355
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.acint.net/oci.js?t=1675475228245
176.9.9.10302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/oci.js?t=1675475228245
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /oci.js?t=1675475228245 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sat, 04 Feb 2023 01:46:34 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/oci.js?t=1675475228245
www.acint.net/mc/?dp=10
176.9.9.10302 Moved Temporarily 142 B IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sat, 04 Feb 2023 01:46:34 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10
www.acint.net/hit/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=43690393&u=http%3A%2F%2Fdocka1.ru%2Frashodnie_materiali&r=&rs=1280x1024&t=%D0%A0%D0%B0%D1%81%D1%85%D0%BE%D0%B4%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&oE=1&oP=1&dT=2023-02-04T01%3A47%3A08.243&fu=4b9ba647-f341-4da8-9857-e316fbe3f433
176.9.9.10302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/hit/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=43690393&u=http%3A%2F%2Fdocka1.ru%2Frashodnie_materiali&r=&rs=1280x1024&t=%D0%A0%D0%B0%D1%81%D1%85%D0%BE%D0%B4%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&oE=1&oP=1&dT=2023-02-04T01%3A47%3A08.243&fu=4b9ba647-f341-4da8-9857-e316fbe3f433
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /hit/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=43690393&u=http%3A%2F%2Fdocka1.ru%2Frashodnie_materiali&r=&rs=1280x1024&t=%D0%A0%D0%B0%D1%81%D1%85%D0%BE%D0%B4%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&oE=1&oP=1&dT=2023-02-04T01%3A47%3A08.243&fu=4b9ba647-f341-4da8-9857-e316fbe3f433 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sat, 04 Feb 2023 01:46:34 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=43690393&u=http%3A%2F%2Fdocka1.ru%2Frashodnie_materiali&r=&rs=1280x1024&t=%D0%A0%D0%B0%D1%81%D1%85%D0%BE%D0%B4%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&oE=1&oP=1&dT=2023-02-04T01%3A47%3A08.243&fu=4b9ba647-f341-4da8-9857-e316fbe3f433
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ffeec62ab7fcf936143b1e6012878fe8
4b94346a93132dd35911d4f7f063477c83e9a62f
3bf1765b735b85113b53a77fe8fb70eedbb74c0317707e933bc2da37bb7f4112
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2136
Cache-Control: max-age=122499
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:46:34 GMT
Etag: "63dcec25-1d7"
Expires: Sun, 05 Feb 2023 11:48:13 GMT
Last-Modified: Fri, 03 Feb 2023 11:12:37 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/gsgccr3dvtlsca2020
151.101.66.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 151.101.66.133:0
Hash e054e60191609b399ac14d1c2eb18b25
26691d0a189176c3deea869bc567b0e1924583b1
dd04b7762b125e57bfa7f3cbab06b0ad86beac1d7d809b646eaddf52e8ceccd2
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1414
Server: nginx
Content-Type: application/ocsp-response
Expires: Wed, 08 Feb 2023 01:27:29 GMT
ETag: "26691d0a189176c3deea869bc567b0e1924583b1"
Last-Modified: Sat, 04 Feb 2023 01:27:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 04 Feb 2023 01:46:34 GMT
Age: 1144
X-Served-By: cache-qpg1260-QPG, cache-bma1648-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 6
X-Timer: S1675475195.923863,VS0,VE0
kraken.rambler.ru/userip
81.19.89.16200 OK 12 B IP 81.19.89.16:0
ASN #24638 Rambler Internet Holding LLC
File type ASCII text, with no line terminators
Hash 35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
GET /userip HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://docka1.ru
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sat, 04 Feb 2023 01:46:34 GMT
content-type: application/octet-stream
content-length: 12
access-control-allow-origin: http://docka1.ru
x-srv: 0kraken-prod0003.ad.rambler.tech
set-cookie: ruid=1CIAAPq43WOIUrJjAde5QwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAPq43WOIUrJjAde5QwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10
176.9.9.10302 Found 154 B IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://docka1.ru/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sat, 04 Feb 2023 01:46:34 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Sat, 04-Feb-23 01:56:34 GMT
aid=LgRybWPduPozGQOtDddbAp/M7irIbsF+Qcyh5idTQYL6p4Qk; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=43690393&u=http%3A%2F%2Fdocka1.ru%2Frashodnie_materiali&r=&rs=1280x1024&t=%D0%A0%D0%B0%D1%81%D1%85%D0%BE%D0%B4%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&oE=1&oP=1&dT=2023-02-04T01%3A47%3A08.243&fu=4b9ba647-f341-4da8-9857-e316fbe3f433
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=43690393&u=http%3A%2F%2Fdocka1.ru%2Frashodnie_materiali&r=&rs=1280x1024&t=%D0%A0%D0%B0%D1%81%D1%85%D0%BE%D0%B4%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&oE=1&oP=1&dT=2023-02-04T01%3A47%3A08.243&fu=4b9ba647-f341-4da8-9857-e316fbe3f433
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=43690393&u=http%3A%2F%2Fdocka1.ru%2Frashodnie_materiali&r=&rs=1280x1024&t=%D0%A0%D0%B0%D1%81%D1%85%D0%BE%D0%B4%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&oE=1&oP=1&dT=2023-02-04T01%3A47%3A08.243&fu=4b9ba647-f341-4da8-9857-e316fbe3f433 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://docka1.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 01:46:34 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=sAkJCmPduPobxgNtDd+XAkfGZW5jBnOnWsuhmhisUN+PbZwg; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
docka1.ru/favicon.ico
176.99.4.61404 Not Found 271 B IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 011a67c36d848d8f1db31ac567bf785b
6129b716dae1d5af6e499a71893a08f2a54a0cd7
056e42f35f486ef34cbd7b6cac9b7800f2fc8f47c8a0230970545b30d75bf131
GET /favicon.ico HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/rashodnie_materiali
Cookie: adtech_uid=44472d27-72f9-477c-a933-6650c8173705%3Adocka1.ru; top100_id=t1.6960899.1940918721.1675475228206; t3_sid_6960899=s1.41835977.1675475228208.1675475228208.1.1; fid=4b9ba647-f341-4da8-9857-e316fbe3f433
HTTP/1.1 404 Not Found
Date: Sat, 04 Feb 2023 01:46:35 GMT
Server: Apache/2.4.25 (Debian)
Content-Length: 271
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:46:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2717
Expires: Sat, 04 Feb 2023 02:31:52 GMT
Date: Sat, 04 Feb 2023 01:46:35 GMT
Connection: keep-alive
www.acint.net/oci.js?t=1675475228245
176.9.9.10200 OK 136 kB URL HTTP/2 www.acint.net/oci.js?t=1675475228245
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
Size 136 kB (135882 bytes)
Hash 9e69941feefebb3771efde6a4efa74ed
4281fa1fe529afd787d926127184b68778092c8f
c5ee57fc7847b3d323b3e20e99f0e762d4927e537a8438f8c6a5a7e59a2a2f41
GET /oci.js?t=1675475228245 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://docka1.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 01:46:34 GMT
content-type: application/x-javascript
last-modified: Mon, 09 Jan 2023 08:01:26 GMT
etag: W/"63bbc9d6-7dac"
content-encoding: gzip
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6960899&session_id=41835977_1675475228208&session_number=1&session_event_number=1&version=3.13.6&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6960899.1940918721.1675475228206&adtech_uid=44472d27-72f9-477c-a933-6650c8173705&adtech_uid_scope=docka1.ru&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=http%3A%2F%2Fdocka1.ru%2Frashodnie_materiali&request_id=1675475228.206-1920005447&event_id=274952284535037&meta=%7B%22title%22%3A%22%D0%A0%D0%B0%D1%81%D1%85%D0%BE%D0%B4%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x1351%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1529707432
81.19.89.16200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6960899&session_id=41835977_1675475228208&session_number=1&session_event_number=1&version=3.13.6&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6960899.1940918721.1675475228206&adtech_uid=44472d27-72f9-477c-a933-6650c8173705&adtech_uid_scope=docka1.ru&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=http%3A%2F%2Fdocka1.ru%2Frashodnie_materiali&request_id=1675475228.206-1920005447&event_id=274952284535037&meta=%7B%22title%22%3A%22%D0%A0%D0%B0%D1%81%D1%85%D0%BE%D0%B4%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x1351%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1529707432
IP 81.19.89.16:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash 10d95efe74b84de86398a30e7b958b79
94daf75996fe1f81c858d619b00d09e9c82b093e
fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6
GET /cnt/v2/?event_type=base&event_name=page_view&project_id=6960899&session_id=41835977_1675475228208&session_number=1&session_event_number=1&version=3.13.6&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6960899.1940918721.1675475228206&adtech_uid=44472d27-72f9-477c-a933-6650c8173705&adtech_uid_scope=docka1.ru&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=http%3A%2F%2Fdocka1.ru%2Frashodnie_materiali&request_id=1675475228.206-1920005447&event_id=274952284535037&meta=%7B%22title%22%3A%22%D0%A0%D0%B0%D1%81%D1%85%D0%BE%D0%B4%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x1351%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1529707432 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sat, 04 Feb 2023 01:46:35 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 0kraken-prod0003.ad.rambler.tech
set-cookie: ruid=1CIAAPu43WNqUipcAXSCQwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAPu43WNqUipcAXSCQwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 625db98ded64d33f3649378918788897
e48be419f8559bf38d62d48bb391251f40553fcf
934f40c7f5a20e2d2f241da3087d4166bcb2481a6ee6e3970c93b8ccfeddf543
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "934F40C7F5A20E2D2F241DA3087D4166BCB2481A6EE6E3970C93B8CCFEDDF543"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9796
Expires: Sat, 04 Feb 2023 04:29:51 GMT
Date: Sat, 04 Feb 2023 01:46:35 GMT
Connection: keep-alive
kraken.rambler.ru/cnt/?et=pv&v=3.13.6&pid=6960899&tid=t1.6960899.1940918721.1675475228206&rid=1675475228.206-1920005447&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=976852284526013&aduid=44472d27-72f9-477c-a933-6650c8173705&aduidsc=docka1.ru&stid=41835977_1675475228208&sn=1&sen=1&ce=1&bs=1268x1351&rf&en=UTF-8&pt=%D0%A0%D0%B0%D1%81%D1%85%D0%BE%D0%B4%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=http%3A%2F%2Fdocka1.ru%2Frashodnie_materiali&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=31746168
81.19.89.16200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/?et=pv&v=3.13.6&pid=6960899&tid=t1.6960899.1940918721.1675475228206&rid=1675475228.206-1920005447&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=976852284526013&aduid=44472d27-72f9-477c-a933-6650c8173705&aduidsc=docka1.ru&stid=41835977_1675475228208&sn=1&sen=1&ce=1&bs=1268x1351&rf&en=UTF-8&pt=%D0%A0%D0%B0%D1%81%D1%85%D0%BE%D0%B4%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=http%3A%2F%2Fdocka1.ru%2Frashodnie_materiali&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=31746168
IP 81.19.89.16:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash 10d95efe74b84de86398a30e7b958b79
94daf75996fe1f81c858d619b00d09e9c82b093e
fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6
GET /cnt/?et=pv&v=3.13.6&pid=6960899&tid=t1.6960899.1940918721.1675475228206&rid=1675475228.206-1920005447&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=976852284526013&aduid=44472d27-72f9-477c-a933-6650c8173705&aduidsc=docka1.ru&stid=41835977_1675475228208&sn=1&sen=1&ce=1&bs=1268x1351&rf&en=UTF-8&pt=%D0%A0%D0%B0%D1%81%D1%85%D0%BE%D0%B4%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=http%3A%2F%2Fdocka1.ru%2Frashodnie_materiali&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=31746168 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sat, 04 Feb 2023 01:46:35 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 0kraken-prod0003.ad.rambler.tech
set-cookie: ruid=1CIAAPu43WNqUipcAXWCQwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAPu43WNqUipcAXWCQwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e798950bda0d223c428c68b3bc79c280
ce614125a64c75310142da2a7a0edba425f0fe71
04a09a43fd071a2426aa56f15b14bc65ca366381e00e647de8623351111d374f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04A09A43FD071A2426AA56F15B14BC65CA366381E00E647DE8623351111D374F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4732
Expires: Sat, 04 Feb 2023 03:05:27 GMT
Date: Sat, 04 Feb 2023 01:46:35 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 72ffec6ce01ac59744b196bb43992736
a397aae61c3b04a23ddc2168d68443dd9ad117d9
c5c1e579a7e5de9bbbae02977984a225f1130dacc44daae1d54742bfcfa11d95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5114
Cache-Control: max-age=141342
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:46:35 GMT
Etag: "63dd2a1f-117"
Expires: Sun, 05 Feb 2023 17:02:17 GMT
Last-Modified: Fri, 03 Feb 2023 15:37:03 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:46:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9eb9bf783fc88b84f333ff5329a11a61
7717ff74884ae148351efb3129c73f89cf38f160
74c8efdc4d58d26c28c950d103a1337f9bfabc46b10f278efcdc3fc44c90caac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "74C8EFDC4D58D26C28C950D103A1337F9BFABC46B10F278EFCDC3FC44C90CAAC"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4624
Expires: Sat, 04 Feb 2023 03:03:39 GMT
Date: Sat, 04 Feb 2023 01:46:35 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsalphasha2g2
151.101.194.133200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 151.101.194.133:0
Hash 8feeeed3d2f1c0ba492552973b864754
26521614fd101fa31c19dc637fc68e3531166aa8
92552d3d3fe2dce404a68fc93febb1e6fe4e405921c9fe56afa9d3abd1f00a61
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Wed, 08 Feb 2023 01:15:22 GMT
ETag: "26521614fd101fa31c19dc637fc68e3531166aa8"
Last-Modified: Sat, 04 Feb 2023 01:15:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 04 Feb 2023 01:46:35 GMT
Age: 1871
X-Served-By: cache-qpg1259-QPG, cache-bma1624-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 3, 10
X-Timer: S1675475195.303894,VS0,VE0
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
193.3.184.218302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP 193.3.184.218:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sat, 04 Feb 2023 01:46:35 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=1603420AFBB8DD6348004FBB02B768BD
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDFmPduPu7TwBIvWi3AincBkC46i7TIBi8NqXxdO1go8zg; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
dm-eu.hybrid.ai/match?id=106&vid=0A0909B0FAB8DD636D03C61B0297DF0D
37.18.103.21204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=0A0909B0FAB8DD636D03C61B0297DF0D
IP 37.18.103.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 04 Feb 2023 01:46:35 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=62b949f5356c0f970446; Expires=Sun, 04 Feb 2024 01:46:34 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 505
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.acint.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 594197b8439126d23e121f1ca0c13432
4f486347f2c158dd22320bf163d9021558df4d20
8f051c699a35cafa718c89fb163edb8d8869676ec77df84780b8ed83ad9e76ab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F051C699A35CAFA718C89FB163EDB8D8869676EC77DF84780B8ED83AD9E76AB"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9754
Expires: Sat, 04 Feb 2023 04:29:09 GMT
Date: Sat, 04 Feb 2023 01:46:35 GMT
Connection: keep-alive
www.acint.net/oci/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=79866680&oid=39e8192718f4ed5a678fc273d654392b
176.9.9.10302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/oci/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=79866680&oid=39e8192718f4ed5a678fc273d654392b
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /oci/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=79866680&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sat, 04 Feb 2023 01:46:35 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/oci/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=79866680&oid=39e8192718f4ed5a678fc273d654392b
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d5aa03d944374e364d4fdbb8f9cbf95e
43e3c5a8a5ff027de3c9ad9a41b572e4f33e72f9
483314668ec3c34108277a26d39a4282ce255e416cb5cec43e3d30d5340b8138
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "483314668EC3C34108277A26D39A4282CE255E416CB5CEC43E3D30D5340B8138"
Last-Modified: Wed, 01 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14141
Expires: Sat, 04 Feb 2023 05:42:16 GMT
Date: Sat, 04 Feb 2023 01:46:35 GMT
Connection: keep-alive
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
185.147.80.35302 Found 74 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP 185.147.80.35:0
File type HTML document, ASCII text
Hash ffcd063f514d1fa76248e30d7ec9bf8c
114b44233024f2554991405228541b14d6ec4036
4f0982b014d08f15bc040d4d98910540c4e3d166d8785f651d1b537c42e6daf5
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Sat, 04 Feb 2023 01:46:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 74
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=ENPTVDAV
Set-Cookie: uid=ENPTVDAV; Expires=Tue, 01 Feb 2033 01:46:35 GMT
www.acint.net/mc/?dp=10&tc=1
176.9.9.10200 OK 1.8 kB URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
Hash cc3a12f2b5046f93188ff537c48591fd
62066c5bc20252b3df41ec75f07ee29ad819f754
735016f7e225df17769401e930ba2454e33aa9aa48cb55ce52e0607a46f33586
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://docka1.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmPduPobxgNtDd+XAkfGZW5jBnOnWsuhmhisUN+PbZwg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 01:46:35 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1675475195; expires=Sun, 05-Feb-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53v2=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp98v2=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1675475195; expires=Sat, 18-Feb-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v3=1675475195; expires=Sun, 19-Feb-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp235=1675475195; expires=Mon, 06-Mar-23 01:46:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 894948b5d268f1d2a21f7d915eb79138
5fe7d1a9c6301b317b73f4037b29856eac674931
cb23963aab51ebbb8c7626800a4b1df5222c068cecf4538511cb38dbbb0960d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB23963AAB51EBBB8C7626800A4B1DF5222C068CECF4538511CB38DBBB0960D5"
Last-Modified: Thu, 02 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13531
Expires: Sat, 04 Feb 2023 05:32:06 GMT
Date: Sat, 04 Feb 2023 01:46:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8cb121fee2d0993df5d3b99198ea9d7a
d5e0f8cbed9361a74eba857b113c9b02420e9a87
5d746cc761124be8cca201249fcd80087fe186773395ae37fe637cc1a2c8d7be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D746CC761124BE8CCA201249FCD80087FE186773395AE37FE637CC1A2C8D7BE"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3398
Expires: Sat, 04 Feb 2023 02:43:13 GMT
Date: Sat, 04 Feb 2023 01:46:35 GMT
Connection: keep-alive
sync.dmp.otm-r.com/match/sape?id=0A0909B0FAB8DD636D03C61B0297DF0D
194.55.244.180204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=0A0909B0FAB8DD636D03C61B0297DF0D
IP 194.55.244.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.23.2
date: Sat, 04 Feb 2023 01:46:35 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/check?sspuid=0A0909B0FAB8DD636D03C61B0297DF0D
31.172.81.160302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/check?sspuid=0A0909B0FAB8DD636D03C61B0297DF0D
IP 31.172.81.160:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/check?sspuid=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 Feb 2023 01:46:35 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape
s.uuidksinc.net/match/396/?remote_uid=0A0909B0FAB8DD636D03C61B0297DF0D
31.220.27.134302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=0A0909B0FAB8DD636D03C61B0297DF0D
IP 31.220.27.134:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Sat, 04 Feb 2023 01:46:35 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=c2ijx4dyXYKlSlGNV2mM
set-cookie: jcsuuid=c2ijx4dyXYKlSlGNV2mM; expires=Sun, 04 Feb 2024 01:46:35 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
a.utraff.com/sync?ssp=Sape
172.67.217.151204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=Sape
IP 172.67.217.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=Sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 04 Feb 2023 01:46:35 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Mon, 06 Mar 2023 04:46:35 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Mon, 06 Mar 2023 04:46:35 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73IMWtPXqdR8P6nIU3aQiJkkgd%2BfN7%2B3FxxhXUgnisuf5I1vAjDIwK4I%2FR4HlbJ6dMH%2BTHn5ho0mIrNKmg8yijtX2lEyGRM5ulMcrCSh6d6aIjjQxoSsRMkfsDwbnQg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793fbbc2ea9eb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.acint.net/match?dp=129&euid=fgb455gdtp
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=fgb455gdtp
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=fgb455gdtp HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmPduPobxgNtDd+XAkfGZW5jBnOnWsuhmhisUN+PbZwg; cSyncDp7v2=1675475195; cSyncDp14v3=1675475195; cSyncDp17=1675475195; cSyncDp32=1675475195; cSyncDp45v3=1675475195; cSyncDp53v2=1675475195; cSyncDp62=1675475195; cSyncDp67v2=1675475195; cSyncDp68=1675475195; cSyncDp71=1675475195; cSyncDp85=1675475195; cSyncDp95v3=1675475195; cSyncDp98v2=1675475195; cSyncDp101=1675475195; cSyncDp104v2=1675475195; cSyncDp107=1675475195; cSyncDp110=1675475195; cSyncDp125v3=1675475195; cSyncDp126=1675475195; cSyncDp127=1675475195; cSyncDp129=1675475195; cSyncDp136v2=1675475195; cSyncDp146=1675475195; cSyncDp148=1675475195; cSyncDp149v2=1675475195; cSyncDp151=1675475195; cSyncDp178=1675475195; cSyncDp186=1675475195; cSyncDp221=1675475195; cSyncDp235=1675475195
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 01:46:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&uid=0A0909B0FAB8DD636D03C61B0297DF0D
31.172.81.159302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=0A0909B0FAB8DD636D03C61B0297DF0D
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Feb 2023 01:46:35 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRjMjA4NDRkYS1hNDJkLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Fri, 30 Jan 2043 01:46:35 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARj78faeBmIgMEEwOTA5QjBGQUI4REQ2MzZEMDNDNjFCMDI5N0RGMESiARDCCETapC0R7aHEACWQyCQ3
ETag: c20844da-a42d-11ed-a1c4-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
acint.net/match?dp=14&euid=1603420AFBB8DD6348004FBB02B768BD
176.9.9.10200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=1603420AFBB8DD6348004FBB02B768BD
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=1603420AFBB8DD6348004FBB02B768BD HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmPduPobxgNtDd+XAkfGZW5jBnOnWsuhmhisUN+PbZwg; cSyncDp7v2=1675475195; cSyncDp14v3=1675475195; cSyncDp17=1675475195; cSyncDp32=1675475195; cSyncDp45v3=1675475195; cSyncDp53v2=1675475195; cSyncDp62=1675475195; cSyncDp67v2=1675475195; cSyncDp68=1675475195; cSyncDp71=1675475195; cSyncDp85=1675475195; cSyncDp95v3=1675475195; cSyncDp98v2=1675475195; cSyncDp101=1675475195; cSyncDp104v2=1675475195; cSyncDp107=1675475195; cSyncDp110=1675475195; cSyncDp125v3=1675475195; cSyncDp126=1675475195; cSyncDp127=1675475195; cSyncDp129=1675475195; cSyncDp136v2=1675475195; cSyncDp146=1675475195; cSyncDp148=1675475195; cSyncDp149v2=1675475195; cSyncDp151=1675475195; cSyncDp178=1675475195; cSyncDp186=1675475195; cSyncDp221=1675475195; cSyncDp235=1675475195
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 01:46:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/oci/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=79866680&oid=39e8192718f4ed5a678fc273d654392b
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/oci/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=79866680&oid=39e8192718f4ed5a678fc273d654392b
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /oci/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=79866680&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://docka1.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmPduPobxgNtDd+XAkfGZW5jBnOnWsuhmhisUN+PbZwg; cSyncDp7v2=1675475195; cSyncDp14v3=1675475195; cSyncDp17=1675475195; cSyncDp32=1675475195; cSyncDp45v3=1675475195; cSyncDp53v2=1675475195; cSyncDp62=1675475195; cSyncDp67v2=1675475195; cSyncDp68=1675475195; cSyncDp71=1675475195; cSyncDp85=1675475195; cSyncDp95v3=1675475195; cSyncDp98v2=1675475195; cSyncDp101=1675475195; cSyncDp104v2=1675475195; cSyncDp107=1675475195; cSyncDp110=1675475195; cSyncDp125v3=1675475195; cSyncDp126=1675475195; cSyncDp127=1675475195; cSyncDp129=1675475195; cSyncDp136v2=1675475195; cSyncDp146=1675475195; cSyncDp148=1675475195; cSyncDp149v2=1675475195; cSyncDp151=1675475195; cSyncDp178=1675475195; cSyncDp186=1675475195; cSyncDp221=1675475195; cSyncDp235=1675475195
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 01:46:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 29cbed0f6d8c99166782eb19e3b3b40a
a79f0c9f23b25cd341b7810ae7c65b4f2c606193
17b752520814b21a538551090467600dc8cefa1ca4da6f660c8046c729ccf316
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17B752520814B21A538551090467600DC8CEFA1CA4DA6F660C8046C729CCF316"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8209
Expires: Sat, 04 Feb 2023 04:03:24 GMT
Date: Sat, 04 Feb 2023 01:46:35 GMT
Connection: keep-alive
sync.upravel.com/sape/sync
176.9.8.252302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP 176.9.8.252:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 01:46:35 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1675475195418;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1675475195418;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
www.acint.net/match?dp=95&euid=ENPTVDAV
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=ENPTVDAV
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=ENPTVDAV HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmPduPobxgNtDd+XAkfGZW5jBnOnWsuhmhisUN+PbZwg; cSyncDp7v2=1675475195; cSyncDp14v3=1675475195; cSyncDp17=1675475195; cSyncDp32=1675475195; cSyncDp45v3=1675475195; cSyncDp53v2=1675475195; cSyncDp62=1675475195; cSyncDp67v2=1675475195; cSyncDp68=1675475195; cSyncDp71=1675475195; cSyncDp85=1675475195; cSyncDp95v3=1675475195; cSyncDp98v2=1675475195; cSyncDp101=1675475195; cSyncDp104v2=1675475195; cSyncDp107=1675475195; cSyncDp110=1675475195; cSyncDp125v3=1675475195; cSyncDp126=1675475195; cSyncDp127=1675475195; cSyncDp129=1675475195; cSyncDp136v2=1675475195; cSyncDp146=1675475195; cSyncDp148=1675475195; cSyncDp149v2=1675475195; cSyncDp151=1675475195; cSyncDp178=1675475195; cSyncDp186=1675475195; cSyncDp221=1675475195; cSyncDp235=1675475195
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 01:46:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B0FAB8DD636D03C61B0297DF0D
87.242.89.90200 OK 12 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B0FAB8DD636D03C61B0297DF0D
IP 87.242.89.90:0
File type exported SGML document, ASCII text, with no line terminators
Hash d8932e1cb3ee147415fbf5591a7217ca
97da5b95fb7f60ecd8d9ed0e5a05d83ad5a9c070
c0327cbcde50f1ab8228334a550b947301123d6f6f7d625707cb6d08a1faec35
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:46:35 GMT
content-type: text/html
content-length: 12
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
etag: "63d8131e-c"
accept-ranges: bytes
server: elb
X-Firefox-Spdy: h2
nr.bidderstack.com/sape/cm?user_id=0A0909B0FAB8DD636D03C61B0297DF0D
23.88.12.14200 OK 44 B URL HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=0A0909B0FAB8DD636D03C61B0297DF0D
IP 23.88.12.14:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
GET /sape/cm?user_id=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 01:46:35 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Access-Control-Allow-Credentials: true
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ad50fd429d43590d1ef8635ee01498ea
f0917fd3a14ea4f5b1e97dcd534338c5ff06c8af
50edbb5e017eb9381fccaf770b4fc5dc94e970ea2631eec51e180ac69d59a70b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 15:41:07 GMT
Expires: Tue, 07 Feb 2023 15:41:06 GMT
Etag: "f0917fd3a14ea4f5b1e97dcd534338c5ff06c8af"
Cache-Control: max-age=308670,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793fbbc35f3db521-OSL
sync.bumlam.com/?src=sape
31.172.81.159302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Feb 2023 01:46:35 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRjMjBjZjE2YS1hNDJkLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Fri, 30 Jan 2043 01:46:35 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sape&s_data=CAIQARj78faeBqIBEMIM8WqkLRHtocQAJZDIJDc*
ETag: c20cf16a-a42d-11ed-a1c4-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aa462c0924ed4264cfec9c27f31963f0
5ac1625a35dcd44b33f94de25ea8fd069e3136de
6b0ada644929e561f608ed2bc8f8594dd112adc58441fdc3f697fe0fa15328bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B0ADA644929E561F608ED2BC8F8594DD112ADC58441FDC3F697FE0FA15328BD"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3348
Expires: Sat, 04 Feb 2023 02:42:23 GMT
Date: Sat, 04 Feb 2023 01:46:35 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:46:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
65.109.23.99302 Found 43 B URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP 65.109.23.99:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Sat, 04 Feb 2023 01:46:35 GMT
x-request-id: ce3a42a5-de97-48d3-8aae-23fe2fbc31af
set-cookie: bvuid=fgb455gdtp; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=fgb455gdtp; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=fgb455gdtp
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.43.158.68101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.158.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EuKXD2ST61JhzRfKf4+CZw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 95K2RIn/L2Kezuy8S/HsdpAQijs=
www.acint.net/match?dp=127&euid=c2ijx4dyXYKlSlGNV2mM
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=c2ijx4dyXYKlSlGNV2mM
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=c2ijx4dyXYKlSlGNV2mM HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmPduPobxgNtDd+XAkfGZW5jBnOnWsuhmhisUN+PbZwg; cSyncDp7v2=1675475195; cSyncDp14v3=1675475195; cSyncDp17=1675475195; cSyncDp32=1675475195; cSyncDp45v3=1675475195; cSyncDp53v2=1675475195; cSyncDp62=1675475195; cSyncDp67v2=1675475195; cSyncDp68=1675475195; cSyncDp71=1675475195; cSyncDp85=1675475195; cSyncDp95v3=1675475195; cSyncDp98v2=1675475195; cSyncDp101=1675475195; cSyncDp104v2=1675475195; cSyncDp107=1675475195; cSyncDp110=1675475195; cSyncDp125v3=1675475195; cSyncDp126=1675475195; cSyncDp127=1675475195; cSyncDp129=1675475195; cSyncDp136v2=1675475195; cSyncDp146=1675475195; cSyncDp148=1675475195; cSyncDp149v2=1675475195; cSyncDp151=1675475195; cSyncDp178=1675475195; cSyncDp186=1675475195; cSyncDp221=1675475195; cSyncDp235=1675475195
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 01:46:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.adspend.space/sape?uid=0A0909B0FAB8DD636D03C61B0297DF0D
212.76.129.183302 Found 149 B URL HTTP/2 sync.adspend.space/sape?uid=0A0909B0FAB8DD636D03C61B0297DF0D
IP 212.76.129.183:0
File type HTML document, ASCII text
Hash 66cbfedd35693ded52bca6a0eb760cdf
4e1206ede44083c6ec005fd9c32237d5d43c592f
aabc20f21217118dfe61cba03a8cd1761c59ad8408e75999485fd5135566d74e
GET /sape?uid=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 04 Feb 2023 01:46:35 GMT
content-type: text/html; charset=utf-8
content-length: 149
location: https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D44880399-bedf-4b77-8b8e-a9d3040f19ee
set-cookie: as-user=44880399-bedf-4b77-8b8e-a9d3040f19ee; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=docka1.ru
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=docka1.ru
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=docka1.ru HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 04 Feb 2023 01:46:35 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cs.agency2.ru/p?ssp=sp&uid=0A0909B0FAB8DD636D03C61B0297DF0D
23.111.107.44301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=0A0909B0FAB8DD636D03C61B0297DF0D
IP 23.111.107.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Sat, 04 Feb 2023 01:46:35 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=3a1c2b1f-8c3e-4182-99cb-67993a795b95
Set-Cookie: uuid=3a1c2b1f-8c3e-4182-99cb-67993a795b95; expires=Fri, 26 Jan 2024 01:46:35 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
176.9.8.252302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP 176.9.8.252:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1675475195418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 01:46:35 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=bf94da52-b20d-4084-aac3-80bf15d30e12;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=bf94da52-b20d-4084-aac3-80bf15d30e12;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=bf94da52-b20d-4084-aac3-80bf15d30e12
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
159.69.142.212301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP 159.69.142.212:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash 1a12419174ca63654f85783815f648c6
153e2e5f78dde01a94c65a693a19f2183d6eb7e8
6e59f60e8a82be79192b8f4e58d3bf1d29c6f5636c256f1eec9ac3b59e7e58cb
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 04 Feb 2023 01:46:36 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=28baab3c-4160-44e2-70ef-b76397850d70
serverid: TODO
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:46:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/alphasslcasha256g4
151.101.66.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 151.101.66.133:0
Hash 637f6dd457fedad9f7417142137c9402
64fc1e039b9f25aeaa92367d2b03465158fa8b0b
d26c91706f9ca0ef74617189e671c767c14035230ee9de5efffd31dcf674b4a2
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1437
Server: nginx
Content-Type: application/ocsp-response
Expires: Wed, 08 Feb 2023 00:48:50 GMT
ETag: "64fc1e039b9f25aeaa92367d2b03465158fa8b0b"
Last-Modified: Sat, 04 Feb 2023 00:48:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 04 Feb 2023 01:46:35 GMT
Age: 3464
X-Served-By: cache-qpg1230-QPG, cache-bma1648-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 4, 4
X-Timer: S1675475196.504750,VS0,VE0
match.new-programmatic.com/userbind?src=sape&id=0A0909B0FAB8DD636D03C61B0297DF0D
217.65.2.150204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=0A0909B0FAB8DD636D03C61B0297DF0D
IP 217.65.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Sat, 04 Feb 2023 01:46:35 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
sync.bumlam.com/?src=sap1&s_data=CAIQARj78faeBmIgMEEwOTA5QjBGQUI4REQ2MzZEMDNDNjFCMDI5N0RGMESiARDCCETapC0R7aHEACWQyCQ3
31.172.81.159200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARj78faeBmIgMEEwOTA5QjBGQUI4REQ2MzZEMDNDNjFCMDI5N0RGMESiARDCCETapC0R7aHEACWQyCQ3
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARj78faeBmIgMEEwOTA5QjBGQUI4REQ2MzZEMDNDNjFCMDI5N0RGMESiARDCCETapC0R7aHEACWQyCQ3 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRjMjA4NDRkYS1hNDJkLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 01:46:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRjMjA4NDRkYS1hNDJkLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Fri, 30 Jan 2043 01:46:35 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
adservice.google.no/adsid/integrator.js?domain=docka1.ru
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=docka1.ru
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=docka1.ru HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 04 Feb 2023 01:46:35 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.acint.net/match?dp=186&euid=3a1c2b1f-8c3e-4182-99cb-67993a795b95
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=3a1c2b1f-8c3e-4182-99cb-67993a795b95
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=3a1c2b1f-8c3e-4182-99cb-67993a795b95 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmPduPobxgNtDd+XAkfGZW5jBnOnWsuhmhisUN+PbZwg; cSyncDp7v2=1675475195; cSyncDp14v3=1675475195; cSyncDp17=1675475195; cSyncDp32=1675475195; cSyncDp45v3=1675475195; cSyncDp53v2=1675475195; cSyncDp62=1675475195; cSyncDp67v2=1675475195; cSyncDp68=1675475195; cSyncDp71=1675475195; cSyncDp85=1675475195; cSyncDp95v3=1675475195; cSyncDp98v2=1675475195; cSyncDp101=1675475195; cSyncDp104v2=1675475195; cSyncDp107=1675475195; cSyncDp110=1675475195; cSyncDp125v3=1675475195; cSyncDp126=1675475195; cSyncDp127=1675475195; cSyncDp129=1675475195; cSyncDp136v2=1675475195; cSyncDp146=1675475195; cSyncDp148=1675475195; cSyncDp149v2=1675475195; cSyncDp151=1675475195; cSyncDp178=1675475195; cSyncDp186=1675475195; cSyncDp221=1675475195; cSyncDp235=1675475195
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 01:46:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=71&euid=bf94da52-b20d-4084-aac3-80bf15d30e12
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=bf94da52-b20d-4084-aac3-80bf15d30e12
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=bf94da52-b20d-4084-aac3-80bf15d30e12 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmPduPobxgNtDd+XAkfGZW5jBnOnWsuhmhisUN+PbZwg; cSyncDp7v2=1675475195; cSyncDp14v3=1675475195; cSyncDp17=1675475195; cSyncDp32=1675475195; cSyncDp45v3=1675475195; cSyncDp53v2=1675475195; cSyncDp62=1675475195; cSyncDp67v2=1675475195; cSyncDp68=1675475195; cSyncDp71=1675475195; cSyncDp85=1675475195; cSyncDp95v3=1675475195; cSyncDp98v2=1675475195; cSyncDp101=1675475195; cSyncDp104v2=1675475195; cSyncDp107=1675475195; cSyncDp110=1675475195; cSyncDp125v3=1675475195; cSyncDp126=1675475195; cSyncDp127=1675475195; cSyncDp129=1675475195; cSyncDp136v2=1675475195; cSyncDp146=1675475195; cSyncDp148=1675475195; cSyncDp149v2=1675475195; cSyncDp151=1675475195; cSyncDp178=1675475195; cSyncDp186=1675475195; cSyncDp221=1675475195; cSyncDp235=1675475195
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 01:46:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=126&euid=28baab3c-4160-44e2-70ef-b76397850d70
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=28baab3c-4160-44e2-70ef-b76397850d70
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=28baab3c-4160-44e2-70ef-b76397850d70 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmPduPobxgNtDd+XAkfGZW5jBnOnWsuhmhisUN+PbZwg; cSyncDp7v2=1675475195; cSyncDp14v3=1675475195; cSyncDp17=1675475195; cSyncDp32=1675475195; cSyncDp45v3=1675475195; cSyncDp53v2=1675475195; cSyncDp62=1675475195; cSyncDp67v2=1675475195; cSyncDp68=1675475195; cSyncDp71=1675475195; cSyncDp85=1675475195; cSyncDp95v3=1675475195; cSyncDp98v2=1675475195; cSyncDp101=1675475195; cSyncDp104v2=1675475195; cSyncDp107=1675475195; cSyncDp110=1675475195; cSyncDp125v3=1675475195; cSyncDp126=1675475195; cSyncDp127=1675475195; cSyncDp129=1675475195; cSyncDp136v2=1675475195; cSyncDp146=1675475195; cSyncDp148=1675475195; cSyncDp149v2=1675475195; cSyncDp151=1675475195; cSyncDp178=1675475195; cSyncDp186=1675475195; cSyncDp221=1675475195; cSyncDp235=1675475195
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 01:46:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 72ffec6ce01ac59744b196bb43992736
a397aae61c3b04a23ddc2168d68443dd9ad117d9
c5c1e579a7e5de9bbbae02977984a225f1130dacc44daae1d54742bfcfa11d95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5114
Cache-Control: max-age=141342
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:46:35 GMT
Etag: "63dd2a1f-117"
Expires: Sun, 05 Feb 2023 17:02:17 GMT
Last-Modified: Fri, 03 Feb 2023 15:37:03 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D44880399-bedf-4b77-8b8e-a9d3040f19ee
212.76.129.183302 Found 102 B URL HTTP/2 sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D44880399-bedf-4b77-8b8e-a9d3040f19ee
IP 212.76.129.183:0
File type HTML document, ASCII text
Hash 9e349be0cc2302f63305a3bc7c3a0005
251a0be3cfe728ab53395ed5896cf19708ee6fc3
7f18ed3da46af06ca4921d967d7cac95f1d340925f346533f592240831629e52
GET /check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D44880399-bedf-4b77-8b8e-a9d3040f19ee HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: as-user=44880399-bedf-4b77-8b8e-a9d3040f19ee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 04 Feb 2023 01:46:35 GMT
content-type: text/html; charset=utf-8
content-length: 102
location: https://www.acint.net/match?dp=98&euid=44880399-bedf-4b77-8b8e-a9d3040f19ee
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:46:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sync.bumlam.com/?src=sape&s_data=CAIQARj78faeBqIBEMIM8WqkLRHtocQAJZDIJDc*
31.172.81.159302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape&s_data=CAIQARj78faeBqIBEMIM8WqkLRHtocQAJZDIJDc*
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape&s_data=CAIQARj78faeBqIBEMIM8WqkLRHtocQAJZDIJDc* HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRjMjBjZjE2YS1hNDJkLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Feb 2023 01:46:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRjMjBjZjE2YS1hNDJkLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Fri, 30 Jan 2043 01:46:35 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=c20cf16a-a42d-11ed-a1c4-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
sync.programmatica.com/match/RTBSape?id=0A0909B0FAB8DD636D03C61B0297DF0D
167.235.117.41302 Found 0 B URL HTTP/2 sync.programmatica.com/match/RTBSape?id=0A0909B0FAB8DD636D03C61B0297DF0D
IP 167.235.117.41:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/RTBSape?id=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 01:46:35 GMT
content-length: 0
location: https://sync.programmatica.com/match/RTBSape?id=0A0909B0FAB8DD636D03C61B0297DF0D&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:46:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 4869996247036dae2a82e2857fee1766
2418a61397554c71ae478679a98de688748a1b42
f680797aafc60f9a7800f73b5a139e5dd3df7d8bf10acb8a8f99e3cc2e312b05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:46:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.acint.net/match?dp=98&euid=44880399-bedf-4b77-8b8e-a9d3040f19ee
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/match?dp=98&euid=44880399-bedf-4b77-8b8e-a9d3040f19ee
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=98&euid=44880399-bedf-4b77-8b8e-a9d3040f19ee HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmPduPobxgNtDd+XAkfGZW5jBnOnWsuhmhisUN+PbZwg; cSyncDp7v2=1675475195; cSyncDp14v3=1675475195; cSyncDp17=1675475195; cSyncDp32=1675475195; cSyncDp45v3=1675475195; cSyncDp53v2=1675475195; cSyncDp62=1675475195; cSyncDp67v2=1675475195; cSyncDp68=1675475195; cSyncDp71=1675475195; cSyncDp85=1675475195; cSyncDp95v3=1675475195; cSyncDp98v2=1675475195; cSyncDp101=1675475195; cSyncDp104v2=1675475195; cSyncDp107=1675475195; cSyncDp110=1675475195; cSyncDp125v3=1675475195; cSyncDp126=1675475195; cSyncDp127=1675475195; cSyncDp129=1675475195; cSyncDp136v2=1675475195; cSyncDp146=1675475195; cSyncDp148=1675475195; cSyncDp149v2=1675475195; cSyncDp151=1675475195; cSyncDp178=1675475195; cSyncDp186=1675475195; cSyncDp221=1675475195; cSyncDp235=1675475195
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 01:46:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/sync_ok?guid=c20cf16a-a42d-11ed-a1c4-002590c82437
31.172.81.160302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/sync_ok?guid=c20cf16a-a42d-11ed-a1c4-002590c82437
IP 31.172.81.160:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/sync_ok?guid=c20cf16a-a42d-11ed-a1c4-002590c82437 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRjMjBjZjE2YS1hNDJkLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 Feb 2023 01:46:35 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://c20cf16a-a42d-11ed-a1c4-002590c82437.n3.sync.bumlam.com/?src=sape
sync.programmatica.com/match/RTBSape?id=0A0909B0FAB8DD636D03C61B0297DF0D&chk=1
167.235.117.41200 OK 43 B URL HTTP/2 sync.programmatica.com/match/RTBSape?id=0A0909B0FAB8DD636D03C61B0297DF0D&chk=1
IP 167.235.117.41:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/RTBSape?id=0A0909B0FAB8DD636D03C61B0297DF0D&chk=1 HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:46:35 GMT
content-type: image/gif
content-length: 43
set-cookie: pid=NmM3OTdiOTg1YjIzMmRhZg; expires=Sun, 04 Aug 2024 01:46:35 GMT; domain=.programmatica.com; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=docka1.ru&callback=_gfp_s_&client=ca-pub-1087108116253707
216.58.207.226200 OK 249 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=docka1.ru&callback=_gfp_s_&client=ca-pub-1087108116253707
IP 216.58.207.226:0
File type ASCII text, with very long lines (385), with no line terminators
Hash 026d88f592cd3a0b5dacf78c9b06290c
5e8821bb5f50e7c93303f968e22469680b3aba1c
dfa7df183e85c8ab825729dca4abc4bdeff9931a863540e72fe3ec095bebd031
GET /gampad/cookie.js?domain=docka1.ru&callback=_gfp_s_&client=ca-pub-1087108116253707 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 04 Feb 2023 01:46:35 GMT
server: cafe
cache-control: private
content-length: 249
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 4869996247036dae2a82e2857fee1766
2418a61397554c71ae478679a98de688748a1b42
f680797aafc60f9a7800f73b5a139e5dd3df7d8bf10acb8a8f99e3cc2e312b05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:46:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 1afd3517ebc844038700db8c82d69ae3
1327e511903b229cd36c1647fdb71c17d4ce7bdd
ff3430f1affa22881cd632c75d9f51cb97deb53a2cd76f3ee3be5e4b0518192a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 23:26:49 GMT
Expires: Wed, 08 Feb 2023 23:26:48 GMT
Etag: "1327e511903b229cd36c1647fdb71c17d4ce7bdd"
Cache-Control: max-age=423012,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793fbbc3cf91b521-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c26c9d885fe65989ba4f45bfa689c80d
02ebe3e544d04cc2c645b7f2c1f3bf82cf30533b
031f14f6f03d79abbce3ea6477942637731b1bd284baac7430607804fa25e18d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "031F14F6F03D79ABBCE3EA6477942637731B1BD284BAAC7430607804FA25E18D"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11533
Expires: Sat, 04 Feb 2023 04:58:48 GMT
Date: Sat, 04 Feb 2023 01:46:35 GMT
Connection: keep-alive
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1087108116253707&output=html&h=600&slotname=2458919559&adk=3351374675&adf=4094718428&pi=t.ma~as.2458919559&w=160&lmt=1675475228&url=http%3A%2F%2Fdocka1.ru%2Frashodnie_materiali&wgl=1&dt=1675475228033&bpp=7&bdt=413&idt=721&shv=r20230201&mjsv=m202301170101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3140131371&correlator=5416665197261&frm=20&pv=1&ga_vid=1172739831.1675475229&ga_sid=1675475229&ga_hid=887083735&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=12&ady=638&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071722%2C31071755%2C44779794&oid=2&pvsid=684672648324066&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=IgTkCaCJwG&p=http%3A//docka1.ru&dtd=957
142.250.74.34200 OK 209 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1087108116253707&output=html&h=600&slotname=2458919559&adk=3351374675&adf=4094718428&pi=t.ma~as.2458919559&w=160&lmt=1675475228&url=http%3A%2F%2Fdocka1.ru%2Frashodnie_materiali&wgl=1&dt=1675475228033&bpp=7&bdt=413&idt=721&shv=r20230201&mjsv=m202301170101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3140131371&correlator=5416665197261&frm=20&pv=1&ga_vid=1172739831.1675475229&ga_sid=1675475229&ga_hid=887083735&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=12&ady=638&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071722%2C31071755%2C44779794&oid=2&pvsid=684672648324066&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=IgTkCaCJwG&p=http%3A//docka1.ru&dtd=957
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (430), with no line terminators
Hash a3dcaaf60a562cf60afb36e41828b950
8aa65cd43b8cd42c860fffcc065d064cd7202333
e7ba378b41a3c24b6bdd0afff9ad5d973ee3f7551e1cea76b88bf807257ab3c7
GET /pagead/ads?client=ca-pub-1087108116253707&output=html&h=600&slotname=2458919559&adk=3351374675&adf=4094718428&pi=t.ma~as.2458919559&w=160&lmt=1675475228&url=http%3A%2F%2Fdocka1.ru%2Frashodnie_materiali&wgl=1&dt=1675475228033&bpp=7&bdt=413&idt=721&shv=r20230201&mjsv=m202301170101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3140131371&correlator=5416665197261&frm=20&pv=1&ga_vid=1172739831.1675475229&ga_sid=1675475229&ga_hid=887083735&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=12&ady=638&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071722%2C31071755%2C44779794&oid=2&pvsid=684672648324066&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=IgTkCaCJwG&p=http%3A//docka1.ru&dtd=957 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 04 Feb 2023 01:46:35 GMT
server: cafe
content-length: 209
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 02:01:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 04 Feb 2023 01:46:35 GMT
cache-control: private
X-Firefox-Spdy: h2
dmp.gotechnology.io/match/sape?id=0A0909B0FAB8DD636D03C61B0297DF0D
167.235.32.7302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=0A0909B0FAB8DD636D03C61B0297DF0D
IP 167.235.32.7:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 01:46:35 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=0A0909B0FAB8DD636D03C61B0297DF0D&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1087108116253707&output=html&h=90&slotname=3140131371&adk=3886122598&adf=1290376886&pi=t.ma~as.3140131371&w=728&lmt=1675475228&url=http%3A%2F%2Fdocka1.ru%2Frashodnie_materiali&wgl=1&dt=1675475228033&bpp=28&bdt=412&idt=708&shv=r20230201&mjsv=m202301170101&ptt=5&saldr=sa&abxe=1&correlator=5416665197261&frm=20&pv=2&ga_vid=1172739831.1675475229&ga_sid=1675475229&ga_hid=887083735&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=456&ady=44&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071722%2C31071755%2C44779794&oid=2&pvsid=684672648324066&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7Cd%7CEe%7C&abl=NS&pfx=0&fu=1024&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wEK3dVMHT7&p=http%3A//docka1.ru&dtd=948
142.250.74.34200 OK 205 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1087108116253707&output=html&h=90&slotname=3140131371&adk=3886122598&adf=1290376886&pi=t.ma~as.3140131371&w=728&lmt=1675475228&url=http%3A%2F%2Fdocka1.ru%2Frashodnie_materiali&wgl=1&dt=1675475228033&bpp=28&bdt=412&idt=708&shv=r20230201&mjsv=m202301170101&ptt=5&saldr=sa&abxe=1&correlator=5416665197261&frm=20&pv=2&ga_vid=1172739831.1675475229&ga_sid=1675475229&ga_hid=887083735&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=456&ady=44&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071722%2C31071755%2C44779794&oid=2&pvsid=684672648324066&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7Cd%7CEe%7C&abl=NS&pfx=0&fu=1024&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wEK3dVMHT7&p=http%3A//docka1.ru&dtd=948
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (430), with no line terminators
Hash 855db9bfb1ac4842caffae9711646d0c
3a0a8b2df497cd2303bd0ca9f91208f4225d5e3f
8c59a325d4042ee95f8ec4a33e1a3cf86ed9789c5cfabdc8bd46ffb5170c310d
GET /pagead/ads?client=ca-pub-1087108116253707&output=html&h=90&slotname=3140131371&adk=3886122598&adf=1290376886&pi=t.ma~as.3140131371&w=728&lmt=1675475228&url=http%3A%2F%2Fdocka1.ru%2Frashodnie_materiali&wgl=1&dt=1675475228033&bpp=28&bdt=412&idt=708&shv=r20230201&mjsv=m202301170101&ptt=5&saldr=sa&abxe=1&correlator=5416665197261&frm=20&pv=2&ga_vid=1172739831.1675475229&ga_sid=1675475229&ga_hid=887083735&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=456&ady=44&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071722%2C31071755%2C44779794&oid=2&pvsid=684672648324066&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7Cd%7CEe%7C&abl=NS&pfx=0&fu=1024&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wEK3dVMHT7&p=http%3A//docka1.ru&dtd=948 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 04 Feb 2023 01:46:35 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 02:01:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 04 Feb 2023 01:46:35 GMT
cache-control: private
X-Firefox-Spdy: h2
c20cf16a-a42d-11ed-a1c4-002590c82437.n3.sync.bumlam.com/?src=sape
188.120.245.54302 Found 0 B URL HTTP/2 c20cf16a-a42d-11ed-a1c4-002590c82437.n3.sync.bumlam.com/?src=sape
IP 188.120.245.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: c20cf16a-a42d-11ed-a1c4-002590c82437.n3.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRjMjBjZjE2YS1hNDJkLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.1
date: Sat, 04 Feb 2023 01:46:35 GMT
content-length: 0
location: https://pix.bumlam.com/sync/sape/done
X-Firefox-Spdy: h2
dmp.gotechnology.io/match/sape?id=0A0909B0FAB8DD636D03C61B0297DF0D&chk=1
167.235.32.7302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=0A0909B0FAB8DD636D03C61B0297DF0D&chk=1
IP 167.235.32.7:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0A0909B0FAB8DD636D03C61B0297DF0D&chk=1 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 01:46:35 GMT
content-length: 0
location: https://an.yandex.ru/mapuid/gonetdspis/NDY3MjJhZjJkNGY1ODQ4Nw
set-cookie: pid=NDY3MjJhZjJkNGY1ODQ4Nw; expires=Sun, 04 Feb 2024 01:46:35 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/done
31.172.81.160200 OK 43 B URL HTTP/1.1 pix.bumlam.com/sync/sape/done
IP 31.172.81.160:0
ASN #44066 diva-e Datacenters GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRjMjBjZjE2YS1hNDJkLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 01:46:35 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ocsp.globalsign.com/gsgccr3dvtlsca2020
151.101.66.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 151.101.66.133:0
Hash 30f7268b2fef92e91f3d44c18cf85f4c
a75947348ca32801e29a720d3dc44d115718d042
2afcfdc6275af06fc297e14dfce04cf0c87f0bb7e5d34485a93f455d66a2964e
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1414
Server: nginx
Content-Type: application/ocsp-response
Expires: Wed, 08 Feb 2023 01:28:30 GMT
ETag: "a75947348ca32801e29a720d3dc44d115718d042"
Last-Modified: Sat, 04 Feb 2023 01:28:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 04 Feb 2023 01:46:35 GMT
Age: 1084
X-Served-By: cache-qpg1268-QPG, cache-bma1648-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 11
X-Timer: S1675475196.897916,VS0,VE0
ocsp.globalsign.com/gsgccr3dvtlsca2020
151.101.66.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 151.101.66.133:0
Hash 30f7268b2fef92e91f3d44c18cf85f4c
a75947348ca32801e29a720d3dc44d115718d042
2afcfdc6275af06fc297e14dfce04cf0c87f0bb7e5d34485a93f455d66a2964e
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1414
Server: nginx
Content-Type: application/ocsp-response
Expires: Wed, 08 Feb 2023 01:28:30 GMT
ETag: "a75947348ca32801e29a720d3dc44d115718d042"
Last-Modified: Sat, 04 Feb 2023 01:28:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 04 Feb 2023 01:46:35 GMT
Age: 1084
X-Served-By: cache-qpg1268-QPG, cache-bma1648-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 12
X-Timer: S1675475196.907323,VS0,VE0
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
195.209.108.48302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP 195.209.108.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Sat, 04 Feb 2023 01:46:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-5375941361; expires=Mon, 03 Feb 2025 01:46:35 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5375941361
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0A0909B0FAB8DD636D03C61B0297DF0D
81.222.128.215200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0A0909B0FAB8DD636D03C61B0297DF0D
IP 81.222.128.215:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 01:46:35 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
ocsp.globalsign.com/gseccovsslca2018
151.101.66.133200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 151.101.66.133:0
Hash 3eca0731e4077529c84bde0f2abec056
250e5904c674b7ee32af5f5ff87a436c23fcaa7a
e81bede9b6a8c6edadafb55398c77f41758e86f1ed1264544dc015700af39bbe
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 940
Server: nginx
Content-Type: application/ocsp-response
Expires: Tue, 07 Feb 2023 23:06:46 GMT
ETag: "250e5904c674b7ee32af5f5ff87a436c23fcaa7a"
Last-Modified: Fri, 03 Feb 2023 23:06:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 04 Feb 2023 01:46:35 GMT
Age: 928
X-Served-By: cache-qpg1232-QPG, cache-bma1648-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 26
X-Timer: S1675475196.956066,VS0,VE0
ocsp.globalsign.com/alphasslcasha256g4
151.101.66.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 151.101.66.133:0
Hash 82488928f9e2647a4e08e90ed855bdeb
5f7935d98f1bec2d8dc2694ca37336a3fe0b1d48
c986310ebfe26c93b82e9527f2e8e7c37a8e582360ac9a8607cef8c8a093bcf1
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1437
Server: nginx
Content-Type: application/ocsp-response
Expires: Tue, 07 Feb 2023 23:37:26 GMT
ETag: "5f7935d98f1bec2d8dc2694ca37336a3fe0b1d48"
Last-Modified: Fri, 03 Feb 2023 23:37:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 04 Feb 2023 01:46:35 GMT
Age: 2391
X-Served-By: cache-qpg1236-QPG, cache-bma1648-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 3, 4
X-Timer: S1675475196.968203,VS0,VE0
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5375941361
195.209.108.48302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5375941361
IP 195.209.108.48:0
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5375941361 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Sat, 04 Feb 2023 01:46:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Mon, 03 Feb 2025 01:46:35 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
77.245.57.72400 Bad Request 22 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
File type ASCII text, with no line terminators
Hash b0b11e1c78b526b61477f8e9ee540be0
d5e73002987ff54626542b116d98a8f4aa9ee2eb
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 400 Bad Request
Server: nginx
Date: Sat, 04 Feb 2023 01:46:35 GMT
Content-Length: 22
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache
ocsp.globalsign.com/gseccovsslca2018
151.101.66.133200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 151.101.66.133:0
Hash 0fdeb457aeb5a98c707e2509722f321e
154746f099ab1c0d46cac3ecd387e17605a4475e
7eaa18b122a4f1ac1f3816b3fc0b93d09fafe50268705cfb180d117f979d2f69
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 940
Server: nginx
Content-Type: application/ocsp-response
Expires: Tue, 07 Feb 2023 23:14:44 GMT
ETag: "154746f099ab1c0d46cac3ecd387e17605a4475e"
Last-Modified: Fri, 03 Feb 2023 23:14:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 04 Feb 2023 01:46:36 GMT
Age: 1830
X-Served-By: cache-qpg1272-QPG, cache-bma1648-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 3, 34
X-Timer: S1675475196.005801,VS0,VE0
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 51ab5a8626b70c7594e57366f659f93d
b306da2759928ddd7895083be1196fae9f634197
2eb603282049d073ffcd2928301736eb6d72e02c0ea9e4a884e103c73debd5de
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 16:18:21 GMT
Expires: Thu, 09 Feb 2023 16:18:20 GMT
Etag: "b306da2759928ddd7895083be1196fae9f634197"
Cache-Control: max-age=604041,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 913
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793fbbc7188db51e-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09905a9da2b8c534b2a2339f7ed3ea0f
c9757e32b8d0032fe15e166141f832a9133d575f
48f74cadddfc2aaa06f4831abb571ce1717243a159508098f25922762d694c15
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F74CADDDFC2AAA06F4831ABB571CE1717243A159508098F25922762D694C15"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16763
Expires: Sat, 04 Feb 2023 06:25:59 GMT
Date: Sat, 04 Feb 2023 01:46:36 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
151.101.66.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.66.133:0
Hash a6863fdff9d596a58e2ae938aca7be3a
ebbba90cc313074da12181fda063b561d8624184
5551824253e684f4adc0f511c7afe8dd56b70c6eee4b1a6eab5b485bb9b1cbac
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Wed, 08 Feb 2023 01:00:39 GMT
ETag: "ebbba90cc313074da12181fda063b561d8624184"
Last-Modified: Sat, 04 Feb 2023 01:00:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 04 Feb 2023 01:46:36 GMT
Age: 2756
X-Served-By: cache-qpg1221-QPG, cache-bma1648-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 10
X-Timer: S1675475196.030048,VS0,VE0
ocsp.globalsign.com/gsrsaovsslca2018
151.101.66.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.66.133:0
Hash f794d3286ea72703af8f13c8f3aa168c
6d7011e3347c2f29890a77e639f5f09510022731
c2705f1edc31f31d9226a967bd33df90615f873a73c2595d807b47b3be00e5f4
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Wed, 08 Feb 2023 00:34:29 GMT
ETag: "6d7011e3347c2f29890a77e639f5f09510022731"
Last-Modified: Sat, 04 Feb 2023 00:34:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 04 Feb 2023 01:46:36 GMT
Age: 1944
X-Served-By: cache-qpg1234-QPG, cache-bma1648-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 3, 8
X-Timer: S1675475196.042582,VS0,VE0
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
176.9.9.10302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmPduPobxgNtDd+XAkfGZW5jBnOnWsuhmhisUN+PbZwg; cSyncDp7v2=1675475195; cSyncDp14v3=1675475195; cSyncDp17=1675475195; cSyncDp32=1675475195; cSyncDp45v3=1675475195; cSyncDp53v2=1675475195; cSyncDp62=1675475195; cSyncDp67v2=1675475195; cSyncDp68=1675475195; cSyncDp71=1675475195; cSyncDp85=1675475195; cSyncDp95v3=1675475195; cSyncDp98v2=1675475195; cSyncDp101=1675475195; cSyncDp104v2=1675475195; cSyncDp107=1675475195; cSyncDp110=1675475195; cSyncDp125v3=1675475195; cSyncDp126=1675475195; cSyncDp127=1675475195; cSyncDp129=1675475195; cSyncDp136v2=1675475195; cSyncDp146=1675475195; cSyncDp148=1675475195; cSyncDp149v2=1675475195; cSyncDp151=1675475195; cSyncDp178=1675475195; cSyncDp186=1675475195; cSyncDp221=1675475195; cSyncDp235=1675475195
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sat, 04 Feb 2023 01:46:36 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0A0909B0FAB8DD636D03C61B0297DF0D
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ad.mail.ru/cm.gif?p=48&id=0A0909B0FAB8DD636D03C61B0297DF0D
95.163.41.56200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=0A0909B0FAB8DD636D03C61B0297DF0D
IP 95.163.41.56:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:46:36 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=0CaeE_1t30oF0023450945oF:::0-0-0-8f811bc:CAASEFHhisVUFvpCeupw3ATR0-EaYOtTgqkeq8AuBOvT-CJ3J9oqGEuk4zGNn4APMcrddMw1HNC5vjzyHZYc8sCkwzs_tJB_O8pVFirsV7Bk4xQ4KTCjky1wOL4dGLPLmpnBgk8fPyGMeJzw4ssd2OQ3-V_sIg; path=/; expires=Mon, 05-Feb-24 01:46:36 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Sat, 04 Feb 2023 07:46:36 GMT
cache-control: max-age=21600
last-modified: Sat, 04 Feb 2023 01:46:36 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:03:25 GMT
Expires: Wed, 08 Feb 2023 02:03:24 GMT
Etag: "a9569ad568776c896099e2e7b4291dbe7101cb9b"
Cache-Control: max-age=346007,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793fbbc68ea7b505-OSL
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0A0909B0FAB8DD636D03C61B0297DF0D
81.222.128.215200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0A0909B0FAB8DD636D03C61B0297DF0D
IP 81.222.128.215:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 01:46:36 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
sape-sync.rutarget.ru/sync
46.243.172.93302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP 46.243.172.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Feb 2023 01:46:36 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=v0Z24UmbXXyC
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=v0Z24UmbXXyC; Path=/; Domain=.rutarget.ru; Expires=Thu, 03 Aug 2023 01:46:36 GMT; SameSite=None; Secure
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:03:25 GMT
Expires: Wed, 08 Feb 2023 02:03:24 GMT
Etag: "a9569ad568776c896099e2e7b4291dbe7101cb9b"
Cache-Control: max-age=346007,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793fbbc6a9f1b4f7-OSL
tag.digitaltarget.ru/adcm.js
185.15.175.158200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP 185.15.175.158:0
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 01:46:36 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Sat, 04 Feb 2023 01:34:21 GMT
Connection: keep-alive
ETag: "63ddb61d-beb"
Accept-Ranges: bytes
sm.rtb.mts.ru/p?ssp=sape&id=0A0909B0FAB8DD636D03C61B0297DF0D
217.66.147.40301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=0A0909B0FAB8DD636D03C61B0297DF0D
IP 217.66.147.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 01:56:12 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=0A0909B0FAB8DD636D03C61B0297DF0D
Set-Cookie: dspid=dd6dc4e1-01c9-4984-9f8d-b9752cc0f132; expires=Fri, 26 Jan 2024 01:46:36 GMT; domain=.mts.ru; path=/; secure; SameSite=None
ads.betweendigital.com/match?bidder_id=73&external_user_id=0A0909B0FAB8DD636D03C61B0297DF0D
188.42.34.64302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0A0909B0FAB8DD636D03C61B0297DF0D
IP 188.42.34.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=0A0909B0FAB8DD636D03C61B0297DF0D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sun, 04 Feb 2024 01:46:36 GMT; Path=/; Domain=.betweendigital.com
tuuid=a0e577f4-3806-5223-9dfb-6cbffe26d443; Max-Age=31536000; Expires=Sun, 04 Feb 2024 01:46:36 GMT; Path=/; Domain=.betweendigital.com
ut=Y924_AABV8BHjSuVGhkMLYSBT5DaUJVFn1HlEg==; Max-Age=31536000; Expires=Sun, 04 Feb 2024 01:46:36 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
188.42.34.64302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP 188.42.34.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sun, 04 Feb 2024 01:46:36 GMT; Path=/; Domain=.betweendigital.com
tuuid=ffe452a5-8475-5223-8d15-b623eec80edf; Max-Age=31536000; Expires=Sun, 04 Feb 2024 01:46:36 GMT; Path=/; Domain=.betweendigital.com
ut=Y924_AABY3jXfbJnAgvybwOq4zWdDtvnG2Z9xw==; Max-Age=31536000; Expires=Sun, 04 Feb 2024 01:46:36 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=0A0909B0FAB8DD636D03C61B0297DF0D
194.190.76.34302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0A0909B0FAB8DD636D03C61B0297DF0D
IP 194.190.76.34:0
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 01:46:36 GMT
content-length: 0
x-backend-id: f8-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=MIftYRq1qOH.AikABlGGGhqYuQ;Path=/;Domain=.adhigh.net;Expires=Sun, 04-Feb-2024 01:46:36 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=0A0909B0FAB8DD636D03C61B0297DF0D&bounced=1
X-Firefox-Spdy: h2
www.acint.net/match?dp=104&euid=v0Z24UmbXXyC
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=v0Z24UmbXXyC
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=v0Z24UmbXXyC HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmPduPobxgNtDd+XAkfGZW5jBnOnWsuhmhisUN+PbZwg; cSyncDp7v2=1675475195; cSyncDp14v3=1675475195; cSyncDp17=1675475195; cSyncDp32=1675475195; cSyncDp45v3=1675475195; cSyncDp53v2=1675475195; cSyncDp62=1675475195; cSyncDp67v2=1675475195; cSyncDp68=1675475195; cSyncDp71=1675475195; cSyncDp85=1675475195; cSyncDp95v3=1675475195; cSyncDp98v2=1675475195; cSyncDp101=1675475195; cSyncDp104v2=1675475195; cSyncDp107=1675475195; cSyncDp110=1675475195; cSyncDp125v3=1675475195; cSyncDp126=1675475195; cSyncDp127=1675475195; cSyncDp129=1675475195; cSyncDp136v2=1675475195; cSyncDp146=1675475195; cSyncDp148=1675475195; cSyncDp149v2=1675475195; cSyncDp151=1675475195; cSyncDp178=1675475195; cSyncDp186=1675475195; cSyncDp221=1675475195; cSyncDp235=1675475195
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 01:46:36 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=0A0909B0FAB8DD636D03C61B0297DF0D&crf=1
188.42.34.64200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0A0909B0FAB8DD636D03C61B0297DF0D&crf=1
IP 188.42.34.64:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=0A0909B0FAB8DD636D03C61B0297DF0D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sun, 04 Feb 2024 01:46:36 GMT; Path=/; Domain=.betweendigital.com
tuuid=d1ae3f77-a167-5223-af6c-e64eccb15eb2; Max-Age=31536000; Expires=Sun, 04 Feb 2024 01:46:36 GMT; Path=/; Domain=.betweendigital.com
ut=Y924_AAB8BjIwWhN2KpD_5s8WSfXjcCM1k09VA==; Max-Age=31536000; Expires=Sun, 04 Feb 2024 01:46:36 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
188.42.34.64200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.34.64:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sun, 04 Feb 2024 01:46:36 GMT; Path=/; Domain=.betweendigital.com
tuuid=22d111e7-6e74-5223-ab72-c7e1c8af7f1d; Max-Age=31536000; Expires=Sun, 04 Feb 2024 01:46:36 GMT; Path=/; Domain=.betweendigital.com
ut=Y924_AAB9ABOQKFDm6xR99wWRX1NPU0cqztU8g==; Max-Age=31536000; Expires=Sun, 04 Feb 2024 01:46:36 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
sm.rtb.mts.ru/match/second?ssp=30&exu=0A0909B0FAB8DD636D03C61B0297DF0D
217.66.147.40200 OK 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=0A0909B0FAB8DD636D03C61B0297DF0D
IP 217.66.147.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=30&exu=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 01:56:12 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
px.adhigh.net/p/cm/sape?u=0A0909B0FAB8DD636D03C61B0297DF0D&bounced=1
194.190.76.34200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0A0909B0FAB8DD636D03C61B0297DF0D&bounced=1
IP 194.190.76.34:0
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=0A0909B0FAB8DD636D03C61B0297DF0D&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:46:36 GMT
content-type: image/gif
content-length: 49
x-backend-id: f8-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/NDY3MjJhZjJkNGY1ODQ4Nw?redir-setuniq=1
93.158.134.90200 OK 16 kB URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/NDY3MjJhZjJkNGY1ODQ4Nw?redir-setuniq=1
IP 93.158.134.90:0
Hash 096b56669bde932c4762a5cab154ed2d
5e3034215aeb94a7a10b321e6843fbe1d0d302c3
973e86c89bc3d8362b46dfab4298390aa740ff7fadf582c6b3e3b83f12fd7106
GET /mapuid/gonetdspis/NDY3MjJhZjJkNGY1ODQ4Nw?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sat, 04 Feb 2023 01:46:36 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 01:46:36 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sat, 04 Feb 2023 01:46:36 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fda91fa23cb10f30886b8eeb9f707e2
6f7a61ea7e4c4529997bd00f12e97930a632f8c5
b3540cb1284fe60c7bc16e069e88439b8bfe80058aeb10131e6199cfd97ac3c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3540CB1284FE60C7BC16E069E88439B8BFE80058AEB10131E6199CFD97AC3C7"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8752
Expires: Sat, 04 Feb 2023 04:12:28 GMT
Date: Sat, 04 Feb 2023 01:46:36 GMT
Connection: keep-alive
dmg.digitaltarget.ru/1/1093/i/i?i=891668454731304.410466839948498&a=77&e=0A0909B0FAB8DD636D03C61B0297DF0D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0A0909B0FAB8DD636D03C61B0297DF0D.sync:up.xdua:du4SIKSVIEu32m7vwxwF3N1X.xps:xpslqJUVx1eO4kQ18Bbn90w2R.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.147307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=891668454731304.410466839948498&a=77&e=0A0909B0FAB8DD636D03C61B0297DF0D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0A0909B0FAB8DD636D03C61B0297DF0D.sync:up.xdua:du4SIKSVIEu32m7vwxwF3N1X.xps:xpslqJUVx1eO4kQ18Bbn90w2R.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=891668454731304.410466839948498&a=77&e=0A0909B0FAB8DD636D03C61B0297DF0D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0A0909B0FAB8DD636D03C61B0297DF0D.sync:up.xdua:du4SIKSVIEu32m7vwxwF3N1X.xps:xpslqJUVx1eO4kQ18Bbn90w2R.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Sat, 04 Feb 2023 01:46:36 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675475196360&i=891668454731304.410466839948498&a=77&e=0A0909B0FAB8DD636D03C61B0297DF0D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0A0909B0FAB8DD636D03C61B0297DF0D.sync:up.xdua:du4SIKSVIEu32m7vwxwF3N1X.xps:xpslqJUVx1eO4kQ18Bbn90w2R.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=0.W30WpbXsoh0Tv77SSz; Max-Age=93312000; Expires=Mon, 19 Jan 2026 01:46:36 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 47104af366e237afec3af30f37af7dba
b24492f724ba1d4395df66bc2e0de1bdabc4264d
59c7255b4bd417487377052a2b4ec75029319525bad73a5ef43dce28d79efbbb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:46:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 14:18:45 GMT
Expires: Tue, 07 Feb 2023 14:18:44 GMT
Etag: "b24492f724ba1d4395df66bc2e0de1bdabc4264d"
Cache-Control: max-age=303727,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793fbbc68934b521-OSL
dmg.digitaltarget.ru/1/1093/i/i?i=891668454731304.750883733676491&a=77&e=0A0909B0FAB8DD636D03C61B0297DF0D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0A0909B0FAB8DD636D03C61B0297DF0D.sync:up.xdua:du4SIKSVIEu32m7vwxwF3N1X.xps:xpslqJUVx1eO4kQ18Bbn90w2R.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.147307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=891668454731304.750883733676491&a=77&e=0A0909B0FAB8DD636D03C61B0297DF0D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0A0909B0FAB8DD636D03C61B0297DF0D.sync:up.xdua:du4SIKSVIEu32m7vwxwF3N1X.xps:xpslqJUVx1eO4kQ18Bbn90w2R.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=891668454731304.750883733676491&a=77&e=0A0909B0FAB8DD636D03C61B0297DF0D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0A0909B0FAB8DD636D03C61B0297DF0D.sync:up.xdua:du4SIKSVIEu32m7vwxwF3N1X.xps:xpslqJUVx1eO4kQ18Bbn90w2R.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Sat, 04 Feb 2023 01:46:36 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675475196363&i=891668454731304.750883733676491&a=77&e=0A0909B0FAB8DD636D03C61B0297DF0D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0A0909B0FAB8DD636D03C61B0297DF0D.sync:up.xdua:du4SIKSVIEu32m7vwxwF3N1X.xps:xpslqJUVx1eO4kQ18Bbn90w2R.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=3OrJqiPL.qekRqd7Dirj; Max-Age=93312000; Expires=Mon, 19 Jan 2026 01:46:36 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
x01.aidata.io/0.gif?pid=9401454&id=0A0909B0FAB8DD636D03C61B0297DF0D
89.108.120.76302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=0A0909B0FAB8DD636D03C61B0297DF0D
IP 89.108.120.76:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 01:46:36 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=0A0909B0FAB8DD636D03C61B0297DF0D&bounce=1
expires: Sat, 04 Feb 2023 01:46:35 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Sat, 04 Feb 2023 01:46:35 GMT
set-cookie: __upin=YB5hkW1K/scu+zabBRDijg;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675475196;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675475196360&i=891668454731304.410466839948498&a=77&e=0A0909B0FAB8DD636D03C61B0297DF0D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0A0909B0FAB8DD636D03C61B0297DF0D.sync:up.xdua:du4SIKSVIEu32m7vwxwF3N1X.xps:xpslqJUVx1eO4kQ18Bbn90w2R.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.147200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675475196360&i=891668454731304.410466839948498&a=77&e=0A0909B0FAB8DD636D03C61B0297DF0D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0A0909B0FAB8DD636D03C61B0297DF0D.sync:up.xdua:du4SIKSVIEu32m7vwxwF3N1X.xps:xpslqJUVx1eO4kQ18Bbn90w2R.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.147:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1675475196360&i=891668454731304.410466839948498&a=77&e=0A0909B0FAB8DD636D03C61B0297DF0D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0A0909B0FAB8DD636D03C61B0297DF0D.sync:up.xdua:du4SIKSVIEu32m7vwxwF3N1X.xps:xpslqJUVx1eO4kQ18Bbn90w2R.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 01:46:36 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
x01.aidata.io/0.gif?pid=9401454&id=0A0909B0FAB8DD636D03C61B0297DF0D&bounce=1
89.108.120.76204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=0A0909B0FAB8DD636D03C61B0297DF0D&bounce=1
IP 89.108.120.76:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=0A0909B0FAB8DD636D03C61B0297DF0D&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 04 Feb 2023 01:46:36 GMT
expires: Sat, 04 Feb 2023 01:46:35 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Sat, 04 Feb 2023 01:46:35 GMT
set-cookie: __upin=NTjNbfxAmLP9ape+jyKSNg;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675475196;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675475196363&i=891668454731304.750883733676491&a=77&e=0A0909B0FAB8DD636D03C61B0297DF0D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0A0909B0FAB8DD636D03C61B0297DF0D.sync:up.xdua:du4SIKSVIEu32m7vwxwF3N1X.xps:xpslqJUVx1eO4kQ18Bbn90w2R.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.147200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675475196363&i=891668454731304.750883733676491&a=77&e=0A0909B0FAB8DD636D03C61B0297DF0D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0A0909B0FAB8DD636D03C61B0297DF0D.sync:up.xdua:du4SIKSVIEu32m7vwxwF3N1X.xps:xpslqJUVx1eO4kQ18Bbn90w2R.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.147:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1675475196363&i=891668454731304.750883733676491&a=77&e=0A0909B0FAB8DD636D03C61B0297DF0D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0A0909B0FAB8DD636D03C61B0297DF0D.sync:up.xdua:du4SIKSVIEu32m7vwxwF3N1X.xps:xpslqJUVx1eO4kQ18Bbn90w2R.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 01:46:36 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 707bbc8a805b920528f43d3b19e9e41f
d33afb3c6b479050987b8ffa9ca64f574656af87
2e840eb2feba7a5a9c565c16c78c0c4ecbaa6273b9c77d97548b4d5c58ae2011
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:46:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.193200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 04 Feb 2023 01:46:36 GMT
expires: Sat, 04 Feb 2023 01:46:36 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
216.58.207.193200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 08:42:42 GMT
expires: Fri, 02 Feb 2024 08:42:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 147834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
5.200.50.170302 Found 503 B URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP 5.200.50.170:0
ASN #48096 Enterprise Cloud Ltd.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=b35928804f8b4156a2524c9c42437241
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=b35928804f8b4156a2524c9c42437241; expires=Sat, 03 Feb 2024 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Sat, 04 Feb 2023 01:46:35 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2756
Expires: Sat, 04 Feb 2023 02:32:32 GMT
Date: Sat, 04 Feb 2023 01:46:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2756
Expires: Sat, 04 Feb 2023 02:32:32 GMT
Date: Sat, 04 Feb 2023 01:46:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2756
Expires: Sat, 04 Feb 2023 02:32:32 GMT
Date: Sat, 04 Feb 2023 01:46:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 518bba9a8770e8ff15229a68be5bddc3
139f944b3f4279e640901f7a6b993f1a49b51a22
0591e73dec2190752677f06525bc993dc8c7a5aa20984a5eda64c323188e2b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9743
x-amzn-requestid: b6c1caa9-72e4-476f-9c3d-4a746c410ba3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHLJoAMF_TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-1289ef383fbad59621eda6d0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nIp2nUVnamnoTpFwrN1L4K1dqjYvcDGuV2yFqYskkXb14k72AZsjMg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:08:41 GMT
age: 13075
etag: "139f944b3f4279e640901f7a6b993f1a49b51a22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65cd12302c9ca5468dbc9a98155970e0
a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1
8463155faca74f13ec4500fed98289d8bfbdc4a989d1cb7580736018eadf1000
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7992
x-amzn-requestid: ba4f95d9-6081-4b34-955c-bbe8e7b2335c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEEjGsdIAMF84w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8083-7666baa66ccdec9b5fec8736;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A3c6sSs_b8KkREPa26a8X9NTEZpHGDjElR9hT-NXwg6dYpeuRNZXfA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
etag: "a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1"
content-type: image/jpeg
age: 12975
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ac51fd6789cbe19c2d484c9022b0e39
bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9
300b5e50cb910f9f4905ee7313d98763b68f85f5874db499cc94469fb14cabfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9500
x-amzn-requestid: 8fe94388-e8d9-4329-b73a-e9a356df76bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9QEA1IAMF3Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8054-51f954ac4bec16d1055e38f5;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FkTJ6wQ4eFYBPDyS0l5vLeWvHHiQIx-cYyFzT4ggHJ8M5Gg3dozFxQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:30:36 GMT
age: 11760
etag: "bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b7r7phj8i49RMSuWufxF1L34K9udWa0mJ4dY12izM9ofwAuCFBGEZQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:05 GMT
age: 14311
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b5c35cdff2fb0758db780212b0b1f77
edbb557a3bf57128467335685aebbd4831d802f8
e0fa59843073ba8bd171c66610bc1b3d59a1a94c4991e6023507b9453ca0edba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9349
x-amzn-requestid: ecd1913d-7dbe-4ffd-ba85-0549aab51a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyayOGPlIAMFQ7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dda4da-6a9b8d146155fa8b6c1c02d6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:20:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jGBEz2d-SXXPBZhwlJgR4w248y-NY2c-18euLre5PULjWUIfhfUmNQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 00:20:43 GMT
etag: "edbb557a3bf57128467335685aebbd4831d802f8"
content-type: image/jpeg
age: 5153
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F549d8f22-b421-4fad-867d-64232284ffaf.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F549d8f22-b421-4fad-867d-64232284ffaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9409d3b4b0f8f973d9acab2b744d8dd0
15431d807c3fe818a9b363f1c725c1860e939799
ddde1e1c8faef040370396ccda3a5090e64b63a1bddbe642c128d66849c1caa4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F549d8f22-b421-4fad-867d-64232284ffaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8148
x-amzn-requestid: a9d4782b-b24e-4b72-9994-b9efa680c2fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEEOHxIoAMFvUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8081-1d17982c4fe45adf0704f4c4;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VkajXQ1KEbO3T3sVDkH6XLx7pKr5cnHC2QOsR1EvKa7-8WPQrVFbXw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
etag: "15431d807c3fe818a9b363f1c725c1860e939799"
content-type: image/jpeg
age: 12975
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:46:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
an.yandex.ru/mapuid/sapeis/0A0909B0FAB8DD636D03C61B0297DF0D
93.158.134.90302 Found 533 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/0A0909B0FAB8DD636D03C61B0297DF0D
IP 93.158.134.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash e507a372caef39229f5005bf04c10841
fdd5e135ed164ed9508eb12462fbb28a7f5eec6c
17eb3075c6c50e2dfeda12c9594a848f6dba3dc238c06403004b22dfbd8b37c6
GET /mapuid/sapeis/0A0909B0FAB8DD636D03C61B0297DF0D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/0A0909B0FAB8DD636D03C61B0297DF0D?redir-setuniq=1
date: Sat, 04 Feb 2023 01:46:35 GMT
set-cookie: yandexuid=1369161181675475195; domain=.yandex.ru; path=/; expires=Tue, 01-Feb-2033 01:46:35 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 01:46:35 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sat, 04 Feb 2023 01:46:35 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.acint.net/ping/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=99115026&dT=2023-02-04T01%3A47%3A11.245
176.9.9.10302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/ping/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=99115026&dT=2023-02-04T01%3A47%3A11.245
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ping/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=99115026&dT=2023-02-04T01%3A47%3A11.245 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Sat, 04 Feb 2023 01:46:37 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/ping/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=99115026&dT=2023-02-04T01%3A47%3A11.245
www.acint.net/ping/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=99115026&dT=2023-02-04T01%3A47%3A11.245
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=99115026&dT=2023-02-04T01%3A47%3A11.245
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.5.1&uid=49b5f564-2158-4947-aef4-8a88d0ced3a8&dp=10&tz=%2B00%3A00&nc=99115026&dT=2023-02-04T01%3A47%3A11.245 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://docka1.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmPduPobxgNtDd+XAkfGZW5jBnOnWsuhmhisUN+PbZwg; cSyncDp7v2=1675475195; cSyncDp14v3=1675475195; cSyncDp17=1675475195; cSyncDp32=1675475195; cSyncDp45v3=1675475195; cSyncDp53v2=1675475195; cSyncDp62=1675475195; cSyncDp67v2=1675475195; cSyncDp68=1675475195; cSyncDp71=1675475195; cSyncDp85=1675475195; cSyncDp95v3=1675475195; cSyncDp98v2=1675475195; cSyncDp101=1675475195; cSyncDp104v2=1675475195; cSyncDp107=1675475195; cSyncDp110=1675475195; cSyncDp125v3=1675475195; cSyncDp126=1675475195; cSyncDp127=1675475195; cSyncDp129=1675475195; cSyncDp136v2=1675475195; cSyncDp146=1675475195; cSyncDp148=1675475195; cSyncDp149v2=1675475195; cSyncDp151=1675475195; cSyncDp178=1675475195; cSyncDp186=1675475195; cSyncDp221=1675475195; cSyncDp235=1675475195
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 04 Feb 2023 01:46:37 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
st.top100.ru/top100/3.13.6/usability.js
81.19.89.18200 OK 0 B URL HTTP/2 st.top100.ru/top100/3.13.6/usability.js
IP 81.19.89.18:0
ASN #24638 Rambler Internet Holding LLC
GET /top100/3.13.6/usability.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sat, 04 Feb 2023 01:46:34 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 30 Jan 2023 10:42:42 GMT
x-rgw-object-type: Normal
etag: W/"e8cd7191520320c30825c4c7c12b0d42"
x-amz-request-id: tx000000000000009e2349a-0063ddb8a2-783970ff-default
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
set-cookie: proto_uid=1CIAAPq43WMgmtsYAfsxQgB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/0A0909B0FAB8DD636D03C61B0297DF0D?redir-setuniq=1
93.158.134.90200 OK 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/0A0909B0FAB8DD636D03C61B0297DF0D?redir-setuniq=1
IP 93.158.134.90:0
GET /mapuid/sapeis/0A0909B0FAB8DD636D03C61B0297DF0D?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sat, 04 Feb 2023 01:46:36 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 01:46:36 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sat, 04 Feb 2023 01:46:36 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/NDY3MjJhZjJkNGY1ODQ4Nw
93.158.134.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/NDY3MjJhZjJkNGY1ODQ4Nw
IP 93.158.134.90:0
GET /mapuid/gonetdspis/NDY3MjJhZjJkNGY1ODQ4Nw HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/gonetdspis/NDY3MjJhZjJkNGY1ODQ4Nw?redir-setuniq=1
date: Sat, 04 Feb 2023 01:46:36 GMT
set-cookie: yandexuid=6156763831675475196; domain=.yandex.ru; path=/; expires=Tue, 01-Feb-2033 01:46:36 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 01:46:36 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sat, 04 Feb 2023 01:46:36 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2