Report - 50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm

Report Overview

Submitted URL
50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-01 13:04:13
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.acint.net	29072	2014-02-14T22:23:16Z	2023-03-13T08:33:52Z	1.0 kB	1.6 kB	193.3.184.226
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	63 kB	34.120.237.76
ssp-rtb.sape.ru	31166	2016-02-02T18:01:03Z	2023-03-13T08:33:52Z	556 B	859 B	193.3.184.212
solta-sync.rutarget.ru	unknown	2022-12-12T12:00:58Z	2023-03-10T10:58:21Z	348 B	411 B	46.243.142.48
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.39.191.93
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-13T05:14:17Z	357 B	1.9 kB	104.18.21.226
dm-eu.hybrid.ai	28847	2021-01-25T12:48:59Z	2023-03-13T06:16:11Z	407 B	528 B	37.18.103.16
kimberlite.io	166512	2017-09-14T07:18:59Z	2023-03-12T20:22:58Z	905 B	983 B	80.78.249.201
rtb.com.ru	26476	2015-11-23T16:25:15Z	2023-03-13T06:07:27Z	400 B	238 B	83.222.114.190
dmpprof.com	19328	2020-05-10T17:06:33Z	2023-03-13T05:57:42Z	425 B	942 B	85.192.12.174
d.uuidksinc.net	807677	2015-07-21T09:00:45Z	2023-03-02T15:04:54Z	886 B	426 B	185.98.54.153
ocsp.usertrust.com	899	2012-05-21T17:43:18Z	2023-03-13T08:38:38Z	684 B	2.0 kB	104.18.32.68
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
dmg.digitaltarget.ru	21471	2015-04-23T16:50:51Z	2023-03-13T06:26:03Z	912 B	1.4 kB	185.15.175.174
fcgi4.gnezdo.ru	69027	2020-06-11T14:55:54Z	2023-03-13T05:57:42Z	1.7 kB	1.8 kB	93.95.102.105
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	5.4 kB	14 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
hdtcode.com	unknown	2019-05-01T19:48:45Z	2023-03-13T07:10:36Z	778 B	544 B	185.196.197.130
sartojelius.com	unknown	2021-12-24T08:04:06Z	2023-03-13T07:10:38Z	2.1 kB	5.8 kB	88.208.46.42
s.uuidksinc.net	3423	2015-07-20T14:00:35Z	2023-03-13T05:57:41Z	631 B	358 B	185.98.54.153
uuidksinc.net	3420	2015-05-31T10:43:35Z	2023-03-13T05:57:41Z	517 B	1.4 kB	185.98.54.153
acint.net	22962	2014-02-14T22:23:16Z	2023-03-13T08:33:52Z	631 B	537 B	193.3.184.226
50.biqund.com	unknown	2022-06-09T13:24:50Z	2023-02-10T19:12:05Z	3.5 kB	52 kB	188.114.97.1
kadam-sync.rutarget.ru	unknown	2017-02-01T20:16:37Z	2023-03-02T15:04:53Z	381 B	415 B	188.72.107.228

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-01 13:04:22	low	188.114.97.1	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0	695 B	2023-03-07	2024-03-29
Pretty URL 50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:17 Last Seen2024-03-29 16:46:43 Times Seen193 Hash 9e8d92218ee3ebc50c02807f95053e1d 471165c67069eb5e4a1a96bf3de5f2da1c8a1dff a7f50ca9fb45ef36eadc0461fd33f27d2f3032fcec793bcc869c43dba2b5bb73 Loading...

	50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0	77 B	2023-03-08	2023-04-02
Pretty URL 50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:15:07 Last Seen2023-04-02 21:18:42 Times Seen11 Hash e0a84365c627d500de4a58d8e0d590ac 379a4ab28f26004ab66dfff739f004ff7eba1c2a bab5d2f5fdb678e12a017d336165de8f48e507774e0d02167ebb76882930d113 Loading...

	50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0	30 kB	2023-03-08	2023-04-05
Pretty URL 50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:34:27 Last Seen2023-04-05 01:43:15 Times Seen50 Hash bf5dc2d632990314fa3957bdb7947884 6a3b42f424a7303c46eeedd22ec858d9790db2f4 8c1d60c3544f3a192dd78007c6b2a1f44fe9c576491f2ca85389d4e02cc94cb3 Loading...

	50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0	2.2 kB	2023-03-07	2024-03-29
Pretty URL 50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:17 Last Seen2024-03-29 16:46:43 Times Seen189 Hash a40976860ec9865090d3e26ffc73cc94 40f16d9869020c5752974e91bd792ba0d1f015e8 65ba0a06506d4e77ec12f1f4f2a2b0709d8a90c5fbf1a56605433347a396f630 Loading...

	50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0	4.8 kB	2023-03-13	2023-03-13
Pretty URL 50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:12:27 Last Seen2023-03-13 14:12:27 Times Seen1 Hash 9a68073952f4b9de771005e80e461079 32f66c4bb312b07877b8b1884860251a6e23c14e 122d6ac3c07a5d7542fe2e042e4c419586aa8cd31b29b4f5e76c8f9188d25cb4 Loading...

	50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0	157 B	2023-03-08	2023-04-02
Pretty URL 50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:15:07 Last Seen2023-04-02 21:18:42 Times Seen11 Hash 95e3361a66cb84959c93cbefa6421e1c 4ded388f5710fc0b8e2ddb171c29d433efd9f3c7 1b9ad7602755dc40a1462979bd7d054550396d070782786f82c3202b1d5e1b4a Loading...

	50.biqund.com/199f8c6.php?utm_source=ogdd&utm_campaign=26670	43 kB	2023-03-12	2023-03-14
Pretty URL 50.biqund.com/199f8c6.php?utm_source=ogdd&utm_campaign=26670 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:21:56 Last Seen2023-03-14 13:41:08 Times Seen1 Hash 3f3c44b4999fc05fd33780711f7c6842 f2c559e2403d0f4fe3948f3a45df5ee950a801e1 a24f46d0467ad0952d3cdf750b194341fa03d469620a090aa54f0c678367ceb7 Loading...

	50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0	1.2 kB	2023-03-13	2023-03-13
Pretty URL 50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:12:27 Last Seen2023-03-13 14:12:27 Times Seen1 Hash 5a1a51d9e7b0b3f4fdd318f5da3646c1 b4bf33d62b344772a8101c7cb6221d1e490d3727 25d2d13b8afc8137d2537a5ae771e0014292cb198cf2baee1e00b26e4d0149a9 Loading...

	uuidksinc.net/matchx	2.1 kB	2023-03-13	2023-03-13
Pretty URL uuidksinc.net/matchx IP 185.98.54.153 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:33:23 Last Seen2023-03-13 15:00:10 Times Seen1 Hash 8b53de2d4f103588726a65083f110df1 316a3b2d0ddd75c492835c7f00b5b74f48a0e8ca da14dc8e21f8c4e3999a3ce18843f65b6bf6eccaa2656ec6bbfab52908becb0a Loading...

HTTP Transactions (61)

URL IP Response Size

50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0

188.114.97.1

200 OK

25 kB

URL HTTP/1.1
50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12693), with CRLF, LF line terminators
Size
25 kB (25279 bytes)
Hash
4a69c89782897401edfaad68bfaf5ee0
84161abd569e3bc6479573f213a158f42826467b
d7b831b5bc069faf90ee9519d85b12244757d89f5e7ed0068faecb27dbc1d799

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1

HTTP Headers

GET /index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0 HTTP/1.1
Host: 50.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 13:04:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-transform
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQSV7%2BLWQA7RGYe%2B9nKcf%2Bp8njTbuQAmOfycMtdXsCrkYTBTaS883yp7HwxE7i9oFmxgcBQrYTBS7zQ2VEMbPttenNBTWkoZrLbjF6ejeFYVPHbn2PpHPwhTuPQoYfbQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ae3f20db7b4e8-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9956
Expires: Wed, 01 Feb 2023 15:49:56 GMT
Date: Wed, 01 Feb 2023 13:04:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17327
Expires: Wed, 01 Feb 2023 17:52:47 GMT
Date: Wed, 01 Feb 2023 13:04:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4931
Expires: Wed, 01 Feb 2023 14:26:11 GMT
Date: Wed, 01 Feb 2023 13:04:00 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 12:36:01 GMT
content-type: application/json
age: 1679
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 8yCSWxzfyIUqg4vCN+8XijbpwadYMKQkLR2hx9qD4XPEe4zGFDAntcsWGbCchH55ENskX+JbcCo=
x-amz-request-id: FR0JBD7EGXNWTDQH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 12:22:40 GMT
age: 2480
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

50.biqund.com/assets/styles/arrow.css?v1

188.114.97.1

200 OK

2.1 kB

URL HTTP/1.1
50.biqund.com/assets/styles/arrow.css?v1
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
2.1 kB (2149 bytes)
Hash
42f2eac8fc2d717d43b63c19404d009d
f160ecec8abed0763a70ab4c412697cb661bb9a7
2c64ecb52bdbe782356e6b4c2763127a375d1114c858011f73455cfd27232efc

HTTP Headers

GET /assets/styles/arrow.css?v1 HTTP/1.1
Host: 50.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 13:04:00 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 12:29:48 GMT
ETag: W/"636262bc-1a14"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uq3pf0Ssf1dJZNJqMEDLTVHejjaZVhiV44gpIdI4CJq7H%2FGbuXIGdoqZ9w4vs3ZW1LY10IANXRcboU3cGsG4392TZoxaMh5PZlxPq6%2BhoeB3eB00NIQQL%2B7ixHEwXoqX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ae3f45873b4e8-OSL
alt-svc: h2=":443"; ma=60

50.biqund.com/199f8c6.php?utm_source=ogdd&utm_campaign=26670

188.114.97.1

200 OK

17 kB

URL HTTP/1.1
50.biqund.com/199f8c6.php?utm_source=ogdd&utm_campaign=26670
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (42846), with no line terminators
Size
17 kB (17297 bytes)
Hash
671e8353a6488581dd408c2954905b90
113e8c5db5ff113d4eb0c4b7b1f8e516dd5997d0
13125afb040d05352412b5ca59e0da474941a6c5c8616c02301fb1fb5e90eb0b

HTTP Headers

GET /199f8c6.php?utm_source=ogdd&utm_campaign=26670 HTTP/1.1
Host: 50.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 13:04:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4P0vToMeYtAd%2BpCxDNuNPD0BjJC2wRgGikziXfuBLfcEVbX%2FmcVTcFV%2B2j92e%2F8uUa%2B8fCalTQJuUlf0X%2Fl1WfmMOSiqXSQ8GhaGPq4tPHtm4M7hoxNNKcM9fuUEESDP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 792ae3f4694fb4ed-OSL
alt-svc: h2=":443"; ma=60

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 13:04:00 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
13407c2147fc2d590f4032f46ed3d723
c719ff7116ddcfc8c9ef85b697387a29800a4b38
1c3873e6eab69fc2f505697b556449a9a2a49164fa6cccfd3d26f429864886c4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C3873E6EAB69FC2F505697B556449A9A2A49164FA6CCCFD3D26F429864886C4"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 01 Feb 2023 19:04:01 GMT
Date: Wed, 01 Feb 2023 13:04:01 GMT
Connection: keep-alive

50.biqund.com/favicon.ico

188.114.97.1

200 OK

4.0 kB

URL HTTP/1.1
50.biqund.com/favicon.ico
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
4.0 kB (4016 bytes)
Hash
a51793fe0317686ba089709c57a35b1a
61575816c708298644a9c26859edc3a17ae91ebd
b81a8f8301df8f22e0ca12689afd9855d710026631f486c9538fdb08b129b084

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 50.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://50.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=hc8s0o8os4488wk8&aurl=https://d6.hotplayer.ru/downloadm/8d08914ff7ba8fae62da8bab36b89643/54701229_456241560/796bc175f275-11faaddb7f0-f00c18475c3/%D0%B4%D0%BE%D0%BB%D0%B1%D0%B0%D1%91%D0%B1%20-%20%D0%92%D0%B8%D0%BA%D1%82%D0%BE%D1%80%20%D0%A6%D0%BE%D0%B9%20%D1%81%D0%B8%D0%B4%D0%B8%D1%82%20%D0%B8%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D1%82%20%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D1%82%D1%8F%D0%B6%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%BC%D0%B8%D0%BD%D1%83%D1%82%D1%8B.mp3?play&an=&utm_term=&site=&isubs=0

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 13:04:01 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 12:29:48 GMT
ETag: W/"636262bc-1007"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZLxkPt9%2Fep%2FvFrRUnK%2FGTHVT3vtkMXJfD72gPCdKZfF8dxfgHEHkuQaR8RWCDvtoNKLKyN5hyGWe6m5mpOd1E9ESn65tt%2B4ph4c3%2F899Z6Y%2BnOmA9RnSSXXorz9gHiz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ae3f70d91b4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

hdtcode.com/event?data=&id=10

185.196.197.130

200 OK

0 B

URL HTTP/2
hdtcode.com/event?data=&id=10
IP
185.196.197.130:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /event?data=&id=10 HTTP/1.1
Host: hdtcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://50.biqund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.19.0
date: Wed, 01 Feb 2023 13:04:01 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 12:41:42 GMT
age: 1339
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15951
Expires: Wed, 01 Feb 2023 17:29:52 GMT
Date: Wed, 01 Feb 2023 13:04:01 GMT
Connection: keep-alive

push.services.mozilla.com/

52.39.191.93

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.191.93:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ziGVrV7QK/Kqjv84im6/+Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gi59wnicBV8Pws2ADPjUI7GxXZ8=

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4d6378025439ab6cf7e61d7bee99ba48
05fadb7f72cc39977ff87736c06d9fc5fb808518
7003004b849ca44e20562fa123519f50cef84313e3a29b43ed0d9380c269cd8b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7003004B849CA44E20562FA123519F50CEF84313E3A29B43ED0D9380C269CD8B"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4406
Expires: Wed, 01 Feb 2023 14:17:27 GMT
Date: Wed, 01 Feb 2023 13:04:01 GMT
Connection: keep-alive

sartojelius.com/13525

88.208.46.42

200 OK

3.2 kB

URL HTTP/1.1
sartojelius.com/13525
IP
88.208.46.42:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with very long lines (3244), with no line terminators
Size
3.2 kB (3244 bytes)
Hash
845d8bf874347dc6bc2f8aeff9010185
a0efb11a60f57e5c26d6837a57813619266d8725
8fb40a89ac3994c986349540c3c769701ed18b647c0eb55de41f50a5252b9291

HTTP Headers

POST /13525 HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://50.biqund.com/
Content-Type: text/plain;charset=UTF-8
Origin: http://50.biqund.com
Content-Length: 238
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:04:01 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://50.biqund.com
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: userid=927863ca-ea2c-431c-b49e-90919c900e24; expires=Tue, 01-Feb-2028 13:04:01 GMT; Path=/; SameSite=None; Secure
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version

sartojelius.com/event/set

88.208.46.42

200 OK

20 B

URL HTTP/1.1
sartojelius.com/event/set
IP
88.208.46.42:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

POST /event/set HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://50.biqund.com/
Content-Type: text/plain;charset=UTF-8
Origin: http://50.biqund.com
Content-Length: 116
Connection: keep-alive
Cookie: userid=927863ca-ea2c-431c-b49e-90919c900e24
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:04:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://50.biqund.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Content-Encoding: gzip

hdtcode.com/event?data=&id=30

185.196.197.130

200 OK

0 B

URL HTTP/2
hdtcode.com/event?data=&id=30
IP
185.196.197.130:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /event?data=&id=30 HTTP/1.1
Host: hdtcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://50.biqund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.0
date: Wed, 01 Feb 2023 13:04:01 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2

sartojelius.com/js/cs?uuid=927863ca-ea2c-431c-b49e-90919c900e24

88.208.46.42

302 Found

0 B

URL HTTP/1.1
sartojelius.com/js/cs?uuid=927863ca-ea2c-431c-b49e-90919c900e24
IP
88.208.46.42:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/cs?uuid=927863ca-ea2c-431c-b49e-90919c900e24 HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://50.biqund.com/
Cookie: userid=927863ca-ea2c-431c-b49e-90919c900e24
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 01 Feb 2023 13:04:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid=927863ca-ea2c-431c-b49e-90919c900e24; expires=Fri, 03-Mar-2023 13:04:01 GMT; Path=/; domain=.sartojelius.com; SameSite=None; Secure
Location: https://s.uuidksinc.net/match/1165/?remote_uid=927863ca-ea2c-431c-b49e-90919c900e24&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3D927863ca-ea2c-431c-b49e-90919c900e24%26oid%3D%5BUID%5D
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
96c794fe0eb0984074775ba4e182ed9d
bd6f5a86011fa199bc4197a37fb84079eb487f7e
3f626fa9d03173ededfce2c39da3be2989781484ca87bed7d8a8fd0f68fb051b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F626FA9D03173EDEDFCE2C39DA3BE2989781484CA87BED7D8A8FD0F68FB051B"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11628
Expires: Wed, 01 Feb 2023 16:17:50 GMT
Date: Wed, 01 Feb 2023 13:04:02 GMT
Connection: keep-alive

s.uuidksinc.net/match/1165/?remote_uid=927863ca-ea2c-431c-b49e-90919c900e24&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3D927863ca-ea2c-431c-b49e-90919c900e24%26oid%3D%5BUID%5D

185.98.54.153

302 Found

0 B

URL HTTP/2
s.uuidksinc.net/match/1165/?remote_uid=927863ca-ea2c-431c-b49e-90919c900e24&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3D927863ca-ea2c-431c-b49e-90919c900e24%26oid%3D%5BUID%5D
IP
185.98.54.153:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/1165/?remote_uid=927863ca-ea2c-431c-b49e-90919c900e24&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3D927863ca-ea2c-431c-b49e-90919c900e24%26oid%3D%5BUID%5D HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://50.biqund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.19.0
date: Wed, 01 Feb 2023 13:04:02 GMT
content-length: 0
location: https://sartojelius.com/js/cs?uuid=927863ca-ea2c-431c-b49e-90919c900e24&oid=zkf2OcPj8ULduFWYB61R
set-cookie: jcsuuid=zkf2OcPj8ULduFWYB61R; expires=Thu, 01 Feb 2024 13:04:02 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

sartojelius.com/js/cs?uuid=927863ca-ea2c-431c-b49e-90919c900e24&oid=zkf2OcPj8ULduFWYB61R

88.208.46.42

200 OK

43 B

URL HTTP/1.1
sartojelius.com/js/cs?uuid=927863ca-ea2c-431c-b49e-90919c900e24&oid=zkf2OcPj8ULduFWYB61R
IP
88.208.46.42:0
ASN
#39572 DataWeb Global Group B.V.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /js/cs?uuid=927863ca-ea2c-431c-b49e-90919c900e24&oid=zkf2OcPj8ULduFWYB61R HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://50.biqund.com/
Connection: keep-alive
Cookie: userid=927863ca-ea2c-431c-b49e-90919c900e24; uuid=927863ca-ea2c-431c-b49e-90919c900e24
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:04:02 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: oid=zkf2OcPj8ULduFWYB61R; expires=Fri, 03-Mar-2023 13:04:02 GMT; Path=/; domain=.sartojelius.com; SameSite=None; Secure
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
89652278d57df78e84e72dd0e7d51c26
4ab91c1e4b8d4fcef372586394de39d570937f5b
6577f347ff70f8031f47e2c7d85307aa32ba164c5189c2f1155f1f96d7df8adc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6577F347FF70F8031F47E2C7D85307AA32BA164C5189C2F1155F1F96D7DF8ADC"
Last-Modified: Mon, 30 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18149
Expires: Wed, 01 Feb 2023 18:06:31 GMT
Date: Wed, 01 Feb 2023 13:04:02 GMT
Connection: keep-alive

uuidksinc.net/matchx

185.98.54.153

200 OK

1.2 kB

URL HTTP/2
uuidksinc.net/matchx
IP
185.98.54.153:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2109)
Size
1.2 kB (1196 bytes)
Hash
77fe7fc22142c92573ac61a8f41e2b8f
37e6340ab2bdd58e67113359675957d5a8e19aa0
1c9f4cd49eda1ab241a1172c64bc746fe71e921671b00d33c1255c13bf2ac221

HTTP Headers

GET /matchx HTTP/1.1
Host: uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://50.biqund.com/
Cookie: jcsuuid=zkf2OcPj8ULduFWYB61R
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.0
date: Wed, 01 Feb 2023 13:04:02 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5117915a0a3632d04b72e65ea2a4fe72
2263c7273f623d75b82fb8ca00e5a771956b0d89
cf4eb4156859b45fd6cce69e44a6b4a3cbc777cae9ae3855e431e43510ab34d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF4EB4156859B45FD6CCE69E44A6B4A3CBC777CAE9AE3855E431E43510AB34D5"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7586
Expires: Wed, 01 Feb 2023 15:10:28 GMT
Date: Wed, 01 Feb 2023 13:04:02 GMT
Connection: keep-alive

ocsp2.globalsign.com/gsalphasha2g2

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
8d386f10f5db29d1eadbc74215e733fa
887bb3fe9673322bced44a23a347e321a542b680
be2db4e4961a2bdf37d469204045354a14dc0d3d3c39e9e66a63079cf509149a

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 13:04:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 05 Feb 2023 12:10:29 GMT
ETag: "887bb3fe9673322bced44a23a347e321a542b680"
Last-Modified: Wed, 01 Feb 2023 12:10:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 637
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ae400b90eb52d-OSL

dm-eu.hybrid.ai/match?id=158&vid=zkf2OcPj8ULduFWYB61R

37.18.103.16

204 No Content

0 B

URL HTTP/2
dm-eu.hybrid.ai/match?id=158&vid=zkf2OcPj8ULduFWYB61R
IP
37.18.103.16:0
ASN
#205675 Hybrid LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?id=158&vid=zkf2OcPj8ULduFWYB61R HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Wed, 01 Feb 2023 13:04:02 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=eaab9b6b3388efa97245; Expires=Thu, 01 Feb 2024 13:04:02 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 503
x-xss-protection: 1; mode=block
access-control-allow-origin: https://uuidksinc.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
79626d0011820c44145b72c01f8e90c6
bcaf2f3d0c327ffcc2a348df65ec7fe0969fbb66
a91bfedf402eed35370b7091b07a465d1d423ddeae2768e75a55fbc940124d83

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A91BFEDF402EED35370B7091B07A465D1D423DDEAE2768E75A55FBC940124D83"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10218
Expires: Wed, 01 Feb 2023 15:54:20 GMT
Date: Wed, 01 Feb 2023 13:04:02 GMT
Connection: keep-alive

www.acint.net/rmatch?dp=191&r=https://d.uuidksinc.net/match/383/?remote_uid=zkf2OcPj8ULduFWYB61R

193.3.184.226

302 Found

154 B

URL HTTP/2
www.acint.net/rmatch?dp=191&r=https://d.uuidksinc.net/match/383/?remote_uid=zkf2OcPj8ULduFWYB61R
IP
193.3.184.226:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=191&r=https://d.uuidksinc.net/match/383/?remote_uid=zkf2OcPj8ULduFWYB61R HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: openresty
date: Wed, 01 Feb 2023 13:04:02 GMT
content-type: text/html
content-length: 154
location: /rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3Dzkf2OcPj8ULduFWYB61R&dp=191&tc=1
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Wed, 01-Feb-23 13:14:02 GMT
aid=CkIDFWPaY0IfMg9FO1FVAnXt15eav6YNvRae8OP/eQmMlKqP; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

kimberlite.io/rtb/sync/kadam?u=zkf2OcPj8ULduFWYB61R

80.78.249.201

307 Temporary Redirect

0 B

URL HTTP/1.1
kimberlite.io/rtb/sync/kadam?u=zkf2OcPj8ULduFWYB61R
IP
80.78.249.201:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rtb/sync/kadam?u=zkf2OcPj8ULduFWYB61R HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 01 Feb 2023 13:04:02 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: u=Y9pjQtmuSWg~Rv8nm9735t6pTcjsQvmFoncLmK0; path=/; max-age=7776000; samesite=none; httponly; secure
f=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F499%2F%3Fremote_uid%3DY9pjQtmuSWg; max-age=30; samesite=none; httponly; secure
n=1; max-age=30; samesite=none; httponly; secure
location: https://solta-sync.rutarget.ru/sync
referrer-policy: no-referrer
server-timing: app;srv=3;dur=0.0004

www.acint.net/rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3Dzkf2OcPj8ULduFWYB61R&dp=191&tc=1

193.3.184.226

302 Found

154 B

URL HTTP/2
www.acint.net/rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3Dzkf2OcPj8ULduFWYB61R&dp=191&tc=1
IP
193.3.184.226:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3Dzkf2OcPj8ULduFWYB61R&dp=191&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPaY0IfMg9FO1FVAnXt15eav6YNvRae8OP/eQmMlKqP
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Wed, 01 Feb 2023 13:04:02 GMT
content-type: text/html
content-length: 154
location: https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253Dzkf2OcPj8ULduFWYB61R&dp=14
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
set-cookie: cSyncDp14v3=1675256642; expires=Fri, 03-Mar-23 13:04:02 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7fb509dcfa9a905c32b0557befb99f28
c8c8adf613687c7983c2cd37ba84359aefdd9092
182466f7f5fe6bb0ad1eb0b7e6ebc023a780b9d170255922082515362597e4f5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "182466F7F5FE6BB0AD1EB0B7E6EBC023A780B9D170255922082515362597E4F5"
Last-Modified: Wed, 01 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18225
Expires: Wed, 01 Feb 2023 18:07:47 GMT
Date: Wed, 01 Feb 2023 13:04:02 GMT
Connection: keep-alive

rtb.com.ru/kadam-sync?uid=zkf2OcPj8ULduFWYB61R

83.222.114.190

204 No Content

0 B

URL HTTP/1.1
rtb.com.ru/kadam-sync?uid=zkf2OcPj8ULduFWYB61R
IP
83.222.114.190:0
ASN
#42632 MnogoByte LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /kadam-sync?uid=zkf2OcPj8ULduFWYB61R HTTP/1.1
Host: rtb.com.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.18.0
Date: Wed, 01 Feb 2023 13:04:02 GMT
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
P3p: CP="rtb.com.ru does not have a P3P policy"

dmpprof.com/matching/external/pixel.gif?sid=14&uid=zkf2OcPj8ULduFWYB61R

85.192.12.174

200 OK

43 B

URL HTTP/2
dmpprof.com/matching/external/pixel.gif?sid=14&uid=zkf2OcPj8ULduFWYB61R
IP
85.192.12.174:0
ASN
#12695 LLC Digital Network

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /matching/external/pixel.gif?sid=14&uid=zkf2OcPj8ULduFWYB61R HTTP/1.1
Host: dmpprof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 01 Feb 2023 13:04:02 GMT
content-type: image/gif
content-length: 43
last-modified: Wed, 01 Feb 2023 13:04:02 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: nmatch=14_zkf2OcPj8ULduFWYB61R; expires=Thu, 02 Feb 2023 01:04:02 GMT; path=/; secure; SameSite=None
uid=temp-91.90.42.154-; expires=Wed, 01 Feb 2023 15:04:02 GMT; path=/; secure; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c70fa210db8cb3a65d555bef49e050bc
8a834fe202d34465e13fdaefc7562702097e0fdc
d13d61f106ad0d5b69027daa0e626df63e0aaeac2f46f244f0806bcc90f69e0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D13D61F106AD0D5B69027DAA0E626DF63E0AAEAC2F46F244F0806BCC90F69E0F"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4197
Expires: Wed, 01 Feb 2023 14:13:59 GMT
Date: Wed, 01 Feb 2023 13:04:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5396
Expires: Wed, 01 Feb 2023 14:33:58 GMT
Date: Wed, 01 Feb 2023 13:04:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5396
Expires: Wed, 01 Feb 2023 14:33:58 GMT
Date: Wed, 01 Feb 2023 13:04:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5396
Expires: Wed, 01 Feb 2023 14:33:58 GMT
Date: Wed, 01 Feb 2023 13:04:02 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 38044
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6819 bytes)
Hash
ec7e808a5e82552c46c3417a5b32b836
f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd
f16d982224dfeb0753eaf9d4eb87d80fd1111f682fd8fa36f3177aad5bf926a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6819
x-amzn-requestid: a0368695-4182-40bd-9a28-c50ae783a7a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRHGnoAMF0Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-624285eb16110b8c2360dec5;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: daAf58GNG6Oy-ov_8TUeXnTcvZyW5eL_qwWz7dapr2Sy_5XSiS-3Mw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:56 GMT
age: 55266
etag: "f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14041 bytes)
Hash
78fe9a77211d6f9a462f625af0c6f9bc
ac0b58423d7578e7a1b60a62220c0a57924dda82
e047466c3ae0a55509f4ace49d0476f94271b5a25e71caa3b06ec468a238b652

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14041
x-amzn-requestid: 2be6655d-3b0e-4e65-b44b-11682610b640
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRGFpIAMFbMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-5554d18d5db235913afa77a2;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jJHVbOXepgkVHjuNJG9wPcMjDcGbAc-NIpv_KUECG6c-AnJZoIW0zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:56 GMT
age: 55266
etag: "ac0b58423d7578e7a1b60a62220c0a57924dda82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8597 bytes)
Hash
27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 13:15:35 GMT
age: 85707
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55af221f-e2a5-4ea0-ba8f-1f045ea1cbb7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8812 bytes)
Hash
7d09523ece9b6da85a1a007c7e2abcb6
a637b08e2fbba31ef60103b2d9fd3c6f96d84b27
811bbd2e85b83dcaa8743a1d7e513fd76b81d4ced2b8aa99c62f9590f20e85a8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55af221f-e2a5-4ea0-ba8f-1f045ea1cbb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8812
x-amzn-requestid: 8c568658-2708-4031-93ff-1654cc17a311
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foeeZGjKIAMFyUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9aac2-4587a6e43c1430ed03d0e69b;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 23:56:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ruezZVYkepU-yrFId_e_dATOHRg8DyX0deLtm7CXt8vvL4cx0QtgNw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 00:13:02 GMT
etag: "a637b08e2fbba31ef60103b2d9fd3c6f96d84b27"
content-type: image/jpeg
age: 46260
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8735 bytes)
Hash
23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XtqfgDxskGIUmZdRj2nrGDpo9KvECk528eLZV29xNx3h7CLOu49mnQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:19 GMT
age: 55303
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253Dzkf2OcPj8ULduFWYB61R&dp=14

193.3.184.212

302 Moved Temporarily

142 B

URL HTTP/1.1
ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253Dzkf2OcPj8ULduFWYB61R&dp=14
IP
193.3.184.212:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253Dzkf2OcPj8ULduFWYB61R&dp=14 HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 01 Feb 2023 13:04:02 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/rmatch?dp=14&euid=1D03420A4263DA634700E142027AE988&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3Dzkf2OcPj8ULduFWYB61R
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDHWPaY0JC4QBHiOl6AvjjPTdCdmOwZQ777hCyfBXzOqCa; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None

acint.net/rmatch?dp=14&euid=1D03420A4263DA634700E142027AE988&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3Dzkf2OcPj8ULduFWYB61R

193.3.184.226

302 Found

154 B

URL HTTP/2
acint.net/rmatch?dp=14&euid=1D03420A4263DA634700E142027AE988&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3Dzkf2OcPj8ULduFWYB61R
IP
193.3.184.226:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=14&euid=1D03420A4263DA634700E142027AE988&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3Dzkf2OcPj8ULduFWYB61R HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPaY0IfMg9FO1FVAnXt15eav6YNvRae8OP/eQmMlKqP; cSyncDp14v3=1675256642
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Wed, 01 Feb 2023 13:04:03 GMT
content-type: text/html
content-length: 154
location: https://d.uuidksinc.net/match/383/?remote_uid=zkf2OcPj8ULduFWYB61R
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7dcdd6a2197107a9404f183a50193d6
aef4cb62a9a3ee93394f113c145a7d21798137e2
90779400159f10469fdf784a3b21e2981a59d03b44a5bb991f98982c65076fc4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "90779400159F10469FDF784A3B21E2981A59D03B44A5BB991F98982C65076FC4"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6082
Expires: Wed, 01 Feb 2023 14:45:25 GMT
Date: Wed, 01 Feb 2023 13:04:03 GMT
Connection: keep-alive

d.uuidksinc.net/match/383/?remote_uid=zkf2OcPj8ULduFWYB61R

185.98.54.153

200 OK

74 B

URL HTTP/2
d.uuidksinc.net/match/383/?remote_uid=zkf2OcPj8ULduFWYB61R
IP
185.98.54.153:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
74 B (74 bytes)
Hash
9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

HTTP Headers

GET /match/383/?remote_uid=zkf2OcPj8ULduFWYB61R HTTP/1.1
Host: d.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: jcsuuid=zkf2OcPj8ULduFWYB61R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.0
date: Wed, 01 Feb 2023 13:04:03 GMT
content-type: image/png
content-length: 74
X-Firefox-Spdy: h2

ocsp.usertrust.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
c60ca4b761622aee6dac8fcd5a7b47bb
bf27b8a42a03073eb548b79b3adfc1c4a09921ba
55e4d169563b096866bbab23531097fd09fa620a64f56261165cf190aa90aaa7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 13:04:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 04:18:19 GMT
Expires: Mon, 06 Feb 2023 04:18:18 GMT
Etag: "bf27b8a42a03073eb548b79b3adfc1c4a09921ba"
Cache-Control: max-age=604094,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1411
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ae403d969b506-OSL

dmg.digitaltarget.ru/1/6573/i/i?a=662&e=zkf2OcPj8ULduFWYB61R&i=0.8143484282371198

185.15.175.174

307 Temporary Redirect

0 B

URL HTTP/1.1
dmg.digitaltarget.ru/1/6573/i/i?a=662&e=zkf2OcPj8ULduFWYB61R&i=0.8143484282371198
IP
185.15.175.174:0
ASN
#43226 SafeData LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/6573/i/i?a=662&e=zkf2OcPj8ULduFWYB61R&i=0.8143484282371198 HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 01 Feb 2023 13:04:03 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1675256643142&a=662&e=zkf2OcPj8ULduFWYB61R&i=0.8143484282371198
Set-Cookie: viuserid=izgeOlebGybeWCi7syqS; Max-Age=93312000; Expires=Fri, 16 Jan 2026 13:04:03 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

ocsp.usertrust.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
c60ca4b761622aee6dac8fcd5a7b47bb
bf27b8a42a03073eb548b79b3adfc1c4a09921ba
55e4d169563b096866bbab23531097fd09fa620a64f56261165cf190aa90aaa7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 13:04:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 04:18:19 GMT
Expires: Mon, 06 Feb 2023 04:18:18 GMT
Etag: "bf27b8a42a03073eb548b79b3adfc1c4a09921ba"
Cache-Control: max-age=604094,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1411
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ae403ce39b4f1-OSL

fcgi4.gnezdo.ru/cookie_matching/kadam_resell/zkf2OcPj8ULduFWYB61R/?redirect=1

93.95.102.105

204 No Content

0 B

URL HTTP/2
fcgi4.gnezdo.ru/cookie_matching/kadam_resell/zkf2OcPj8ULduFWYB61R/?redirect=1
IP
93.95.102.105:0
ASN
#48347 JSC Mediasoft ekspert

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cookie_matching/kadam_resell/zkf2OcPj8ULduFWYB61R/?redirect=1 HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 01 Feb 2023 13:04:03 GMT
set-cookie: uid=XV9maWPaY0M73SUNg6+tAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2

fcgi4.gnezdo.ru/cookie_matching/kadam/zkf2OcPj8ULduFWYB61R/?redirect=1

93.95.102.105

204 No Content

0 B

URL HTTP/2
fcgi4.gnezdo.ru/cookie_matching/kadam/zkf2OcPj8ULduFWYB61R/?redirect=1
IP
93.95.102.105:0
ASN
#48347 JSC Mediasoft ekspert

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cookie_matching/kadam/zkf2OcPj8ULduFWYB61R/?redirect=1 HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 01 Feb 2023 13:04:03 GMT
set-cookie: uid=XV9maWPaY0M73SUNg6+wAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2

solta-sync.rutarget.ru/sync

46.243.142.48

302 Moved Temporarily

0 B

URL HTTP/1.1
solta-sync.rutarget.ru/sync
IP
46.243.142.48:0
ASN
#208677 Cloud technology Limited (Ltd.)

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync HTTP/1.1
Host: solta-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 01 Feb 2023 13:04:03 GMT
Content-Length: 0
Connection: close
Location: https://kimberlite.io/rtb/sync/segmento?u=cUVGh4S6iMIQ
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=cUVGh4S6iMIQ; Path=/; Domain=.rutarget.ru; Expires=Mon, 31 Jul 2023 13:04:03 GMT; SameSite=None; Secure

kadam-sync.rutarget.ru/sync

188.72.107.228

302 Moved Temporarily

0 B

URL HTTP/1.1
kadam-sync.rutarget.ru/sync
IP
188.72.107.228:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync HTTP/1.1
Host: kadam-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 01 Feb 2023 13:04:03 GMT
Content-Length: 0
Connection: close
Location: https://d.uuidksinc.net/match/386/?remote_uid=7sJp0GVBSbx-
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=7sJp0GVBSbx-; Path=/; Domain=.rutarget.ru; Expires=Mon, 31 Jul 2023 13:04:03 GMT; SameSite=None; Secure

dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1675256643142&a=662&e=zkf2OcPj8ULduFWYB61R&i=0.8143484282371198

185.15.175.174

200 OK

64 B

URL HTTP/1.1
dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1675256643142&a=662&e=zkf2OcPj8ULduFWYB61R&i=0.8143484282371198
IP
185.15.175.174:0
ASN
#43226 SafeData LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8

HTTP Headers

GET /awg/custom/6573/i/i?call_source=awg&ts=1675256643142&a=662&e=zkf2OcPj8ULduFWYB61R&i=0.8143484282371198 HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:04:03 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

fcgi4.gnezdo.ru/cookie_matching/kadam_resell/zkf2OcPj8ULduFWYB61R

93.95.102.105

302 Found

74 B

URL HTTP/2
fcgi4.gnezdo.ru/cookie_matching/kadam_resell/zkf2OcPj8ULduFWYB61R
IP
93.95.102.105:0
ASN
#48347 JSC Mediasoft ekspert

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
74 B (74 bytes)
Hash
9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

HTTP Headers

GET /cookie_matching/kadam_resell/zkf2OcPj8ULduFWYB61R HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 01 Feb 2023 13:04:03 GMT
location: https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/zkf2OcPj8ULduFWYB61R/?redirect=1
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-credentials: true
set-cookie: uid=XV9maWPaY0M73SUNg69pAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2

kimberlite.io/rtb/sync/segmento?u=cUVGh4S6iMIQ

80.78.249.201

307 Temporary Redirect

0 B

URL HTTP/1.1
kimberlite.io/rtb/sync/segmento?u=cUVGh4S6iMIQ
IP
80.78.249.201:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rtb/sync/segmento?u=cUVGh4S6iMIQ HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: f=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F499%2F%3Fremote_uid%3DY9pjQtmuSWg; n=1; u=Y9pjQtmuSWg~Rv8nm9735t6pTcjsQvmFoncLmK0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 01 Feb 2023 13:04:03 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
location: https://d.uuidksinc.net/match/499/?remote_uid=Y9pjQtmuSWg
referrer-policy: no-referrer
server-timing: app;srv=3;dur=0.0003

d.uuidksinc.net/match/499/?remote_uid=Y9pjQtmuSWg

185.98.54.153

200 OK

74 B

URL HTTP/2
d.uuidksinc.net/match/499/?remote_uid=Y9pjQtmuSWg
IP
185.98.54.153:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
74 B (74 bytes)
Hash
9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

HTTP Headers

GET /match/499/?remote_uid=Y9pjQtmuSWg HTTP/1.1
Host: d.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: jcsuuid=zkf2OcPj8ULduFWYB61R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.0
date: Wed, 01 Feb 2023 13:04:03 GMT
content-type: image/png
content-length: 74
X-Firefox-Spdy: h2

fcgi4.gnezdo.ru/cookie_matching/kadam/zkf2OcPj8ULduFWYB61R

93.95.102.105

302 Found

0 B

URL HTTP/2
fcgi4.gnezdo.ru/cookie_matching/kadam/zkf2OcPj8ULduFWYB61R
IP
93.95.102.105:0
ASN
#48347 JSC Mediasoft ekspert

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cookie_matching/kadam/zkf2OcPj8ULduFWYB61R HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 01 Feb 2023 13:04:03 GMT
location: https://fcgi4.gnezdo.ru/cookie_matching/kadam/zkf2OcPj8ULduFWYB61R/?redirect=1
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-credentials: true
set-cookie: uid=XV9maWPaY0M73SUNg69rAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML