r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6eb0a77aa4a20639a06d9621742007c2
d2d03beeb111049117b70d5f3dff3698a671ef8a
62c2da0800bf8efb6bb985b2eb046fa863e0b394681fb2ab187a9c4836fbd320
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62C2DA0800BF8EFB6BB985B2EB046FA863E0B394681FB2AB187A9C4836FBD320"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6538
Expires: Fri, 24 Feb 2023 09:47:56 GMT
Date: Fri, 24 Feb 2023 07:58:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 67fc460ed2f69dde3c410ec607ef3510
ba9f582ec321351e5c06c9b2c381f06b685ef274
85df74fac7d59d76840b6359bac24648fede201c0048f2a8382af6468225ffb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF74FAC7D59D76840B6359BAC24648FEDE201C0048F2A8382AF6468225FFB8"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4745
Expires: Fri, 24 Feb 2023 09:18:03 GMT
Date: Fri, 24 Feb 2023 07:58:58 GMT
Connection: keep-alive
castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
173.254.28.213301 Moved Permanently 260 B URL HTTP/1.1 castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 091c7a6ea853d1e2f3f37ce8a1cf3c6b
3f279cd4366eadd0b0df929f48fd00b8501d7c7f
fdcc40ce3c118868a9b941483cfdbac3f15687f76690b7b339cf4f38da525ea8
Analyzer Verdict Alert fortinet Malware
GET /cc/mnen/polishuk_vs_elsh.htm HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 24 Feb 2023 07:58:58 GMT
Server: Apache
Location: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Content-Length: 260
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 24 Feb 2023 07:54:00 GMT
content-type: application/json
age: 298
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7fb59e5d3cdf08b94e5f41fdeb9aec6c
ff644039db3b9f74d7e2fab10f93581bea10614a
861573a00d75364e15783c5e448c4f8b4da48b38d9beba3ebd33a87f993489a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "861573A00D75364E15783C5E448C4F8B4DA48B38D9BEBA3EBD33A87F993489A5"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10533
Expires: Fri, 24 Feb 2023 10:54:31 GMT
Date: Fri, 24 Feb 2023 07:58:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MYSvJydv8DlogFeRBjFjQUCL4giu2cgVTKiHVkySILeDqzKjcyfnT+/WFrAGyIYr7sronV3S84jwnM3X1N+nGA==
x-amz-request-id: CY0KNCKC47R25V3M
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 24 Feb 2023 07:49:36 GMT
age: 562
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Feb 2023 07:58:58 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Last-Modified, Backoff, Alert, Cache-Control, ETag, Expires, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 24 Feb 2023 07:20:36 GMT
age: 2303
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash df95244896ee9afed731e97c8f1017b6
932190644400247511c84a877253c2651df44b9e
c83ba4a1db1d8e4c4b2eea826c8b03f93135c9ca86be4c2f6e34dee68f932589
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83BA4A1DB1D8E4C4B2EEA826C8B03F93135C9CA86BE4C2F6E34DEE68F932589"
Last-Modified: Thu, 23 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 24 Feb 2023 13:58:59 GMT
Date: Fri, 24 Feb 2023 07:58:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4aaa1f1be68ba53b441e577dcbf8b7c1
618b2e62b7f2feb82093a3706573e18ff9f69827
8d3978b35fd96458b8fff71c9dbb47ab616dfd49d669027fd6c5a52a4e9bafa0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D3978B35FD96458B8FFF71C9DBB47AB616DFD49D669027FD6C5A52A4E9BAFA0"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16410
Expires: Fri, 24 Feb 2023 12:32:29 GMT
Date: Fri, 24 Feb 2023 07:58:59 GMT
Connection: keep-alive
castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
173.254.28.213200 OK 8.1 kB URL HTTP/2 castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (765), with CRLF, LF line terminators
Hash cff86b63dbbfdfcf711a59912aa8816e
f0711375e6abd2d05cbc5aceefca4b3f75129002
c798758d1e2da991386a7a01218f466ebaa9911173ee2081a8a60a9a469a3c6c
Analyzer Verdict Alert fortinet Malware
GET /cc/mnen/polishuk_vs_elsh.htm HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-encoding: gzip
content-length: 8101
content-type: text/html; charset=UTF-8
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 96fba3bf5e22265a335e5e5318e13d7e
f84f0212c5d89d9640aded3a63a99559b9070f15
e13e5c60ad28c5e281a586cbf9ab493d8ad545e605f82dd5192dc1e6f3587f4b
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:58:59 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Tue, 28 Feb 2023 04:28:15 GMT
ETag: "f84f0212c5d89d9640aded3a63a99559b9070f15"
Last-Modified: Fri, 24 Feb 2023 04:28:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3319
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8c7bad40b59-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ffe196b1cb86cdb2ef31aea8e770525e
95ca3a2f195ae69faeab5ace4e71a387adb65cf6
c1cbb47354f40dd6efd20693bab3cbca66f01d9262df722f92b2cf89a20f3229
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 07:58:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/plusone.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/plusone.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1429)
Hash f8971f3ad662af35a2ca6871f8c78482
35a0b814d6ecec8deacc9aea87ce9be62b15d92b
a438d380bab44504b1ff13673a0e041c6ac6645d03926e7f076465d1fe049765
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Fri, 24 Feb 2023 07:58:59 GMT
expires: Fri, 24 Feb 2023 07:58:59 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "9dea963ca1c75dde"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.36.23.49101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.36.23.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bnEoRg3h3REyGh7pojRTFg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OLvNppAqm4rPTIFr6MQ5zxCFIZw=
odnaknopka.ru/images/button.gif
142.132.202.70301 Moved Permanently 178 B URL HTTP/1.1 odnaknopka.ru/images/button.gif
IP 142.132.202.70:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bd2695f4b079c71dbddde3436286fb9c
733c05da132193d6cf1d8e242d12e2525c03bab4
2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b
GET /images/button.gif HTTP/1.1
Host: odnaknopka.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 24 Feb 2023 07:58:59 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://odnaknopka.ru/images/button.gif
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 5babc09a0e4b667b7450c48a11c812c5
6f88fba93170d06c9a7e134ce80fab66f7356352
7f190029961977cb58bc3bba2985d6e96a52fb1607f07ce3323fae56e65934bd
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:58:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 28 Feb 2023 06:40:31 GMT
ETag: "6f88fba93170d06c9a7e134ce80fab66f7356352"
Last-Modified: Fri, 24 Feb 2023 06:40:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2720
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8c808de0b31-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d5a81909f9ba52a4b5b4beca7189f10a
216a773aef7239d68c979f6c24013a31f085c779
79799853ac50d2c9e10b8cfab4a57150b087403209006e166af67164c2630de6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 07:58:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
castanedadzr.ru/style.css
173.254.28.213200 OK 549 B URL HTTP/2 castanedadzr.ru/style.css
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash da5b217082a70b000ea3d33e06b8f5e0
89daef1a8dccbe84dab50e0a7d25195bff91659f
70d89890ba761e0c6868c5ba67ae91ca9c63d45fed87a87807d454dc53e1a150
GET /style.css HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 07 Feb 2023 15:38:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 549
content-type: text/css
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
castanedadzr.ru/images/head1.gif
173.254.28.213200 OK 1.1 kB URL HTTP/2 castanedadzr.ru/images/head1.gif
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 253 x 25\012- data
Hash 23768c10bc892072fd7b0c9bbe6df927
1c007792319e0f998a430812cdce7a9289d971b9
b9052135c9c757a118013820e1b37c4830f31aa8c0a36ad53437ea9051be59af
GET /images/head1.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:10 GMT
accept-ranges: bytes
content-length: 1061
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
castanedadzr.ru/images/head3.gif
173.254.28.213200 OK 1.4 kB URL HTTP/2 castanedadzr.ru/images/head3.gif
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 87a, 316 x 26\012- data
Hash 2f4966ca48b3bc862b05b67c523c948e
1a0ba66cd436bcdb055dede2f56102448a74836b
b131df64b2c81cd8249185312cd5e19d106954556778d9b6a93b6eadbe77ba77
GET /images/head3.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:13 GMT
accept-ranges: bytes
content-length: 1448
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
castanedadzr.ru/images/hh.gif
173.254.28.213200 OK 96 B URL HTTP/2 castanedadzr.ru/images/hh.gif
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 160 x 10\012- data
Hash c8bea683d6ea195a4339ce7817ded873
08c60379d8d3bb350157bbdde225788084ad6ea5
27320ff4f88bc5c8dd54363aa818ac19583454a8dc9e63d56710f3b892a73966
GET /images/hh.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:15 GMT
accept-ranges: bytes
content-length: 96
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
castanedadzr.ru/images/flow.gif
173.254.28.213200 OK 7.4 kB URL HTTP/2 castanedadzr.ru/images/flow.gif
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 87a, 110 x 75\012- data
Hash e9b992634032614bb51dd62eccbfe59d
c13d5b91100f637bc078379fc30817a2d673672a
b63e2d9a09ebeac2b71ab9d48b6fc190b5bc18b349bad650811ee368536e8c91
GET /images/flow.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:09:55 GMT
accept-ranges: bytes
content-length: 7434
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
castanedadzr.ru/images/hv.gif
173.254.28.213200 OK 97 B URL HTTP/2 castanedadzr.ru/images/hv.gif
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 160 x 10\012- data
Hash e9c2d0273256f50848da6e47adfc58af
ebe7d341b643a24542cdbec2fb7741010e132a3b
cb507f394ccdb07b0b299b862b69422713f6ce87354abcd72b39974a2eb877d9
GET /images/hv.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:24 GMT
accept-ranges: bytes
content-length: 97
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
castanedadzr.ru/images/rss.jpg
173.254.28.213200 OK 1.5 kB URL HTTP/2 castanedadzr.ru/images/rss.jpg
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x15, components 3\012- data
Hash a51556b563715f89898a5dad7c095619
6c83b437b73a26aa00f7ce4768c52f9f4097f6a6
b31cc4b6f646e80b3b8cc96ed7bf696e1e389e8e444e6491c21ad075f924aee2
GET /images/rss.jpg HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:11:02 GMT
accept-ranges: bytes
content-length: 1466
content-type: image/jpeg
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
castanedadzr.ru/images/1.gif
173.254.28.213200 OK 45 B URL HTTP/2 castanedadzr.ru/images/1.gif
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 8 x 8\012- data
Hash cad9f902bf2897bb96a5789b0ac59473
b2d90250b3bd313c33c857d38ad46c246d93194a
a5ea039ab3d0ea04fd7029c2fb3b296b657366da23e57c0516c7c46764f8e541
GET /images/1.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:08:38 GMT
accept-ranges: bytes
content-length: 45
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
castanedadzr.ru/images/5.gif
173.254.28.213200 OK 42 B URL HTTP/2 castanedadzr.ru/images/5.gif
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 8 x 8\012- data
Hash 5c1d0d0778aa39ff7556077cb6b6a4ae
7e4817d48ee305ec7d788562ece07eef5dc92ef6
06118628cca19278350e71a71d8a1851b30b6ea6ed16b463a2ab4e8c3ad46e1b
GET /images/5.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:08:43 GMT
accept-ranges: bytes
content-length: 42
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
vk.com/js/api/openapi.js?144
87.240.132.78200 OK 23 kB URL HTTP/2 vk.com/js/api/openapi.js?144
IP 87.240.132.78:0
File type ASCII text, with very long lines (3849)
Hash 6b56e2aa629cc5f334bba9e200af3bfe
1e99707868f45c499400d95e75348c3d7b7686f5
7cb4aa1277e9f29f5c6d21c642b7c08cfce199332e30395c20995847a0db3fab
GET /js/api/openapi.js?144 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:58:59 GMT
content-type: application/x-javascript
content-length: 23318
last-modified: Fri, 02 Dec 2022 07:14:40 GMT
etag: "6389a5e0-5b16"
content-encoding: br
expires: Tue, 28 Feb 2023 07:58:59 GMT
cache-control: max-age=345600
x-frontend: front226205
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
odnaknopka.ru/images/button.gif
142.132.202.70200 OK 1.9 kB URL HTTP/1.1 odnaknopka.ru/images/button.gif
IP 142.132.202.70:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 136 x 16\012- data
Hash 7c26228c2703b09b346be28945a11655
80eea7a2cef823422d70a31e33c1d3f929be1b49
e94098e036c119ec9b75300044c0c17f4d7c33c149a3588abdff073bb1ea6e71
GET /images/button.gif HTTP/1.1
Host: odnaknopka.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 24 Feb 2023 07:58:59 GMT
Content-Type: image/gif
Content-Length: 1917
Last-Modified: Sun, 11 Nov 2012 19:29:26 GMT
Connection: keep-alive
ETag: "509ffc96-77d"
Accept-Ranges: bytes
castanedadzr.ru/images/3.gif
173.254.28.213200 OK 45 B URL HTTP/2 castanedadzr.ru/images/3.gif
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 8 x 8\012- data
Hash d2cb6e9b74acd90c9a1ae7dc23030d55
53815aa12cfbba4e291edc2d3387456dffbdd10b
cb357b8a37b08a9333507fc894fb26849b24040c4f62ab4bfa2ae3e5b4d831fd
GET /images/3.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:08:40 GMT
accept-ranges: bytes
content-length: 45
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
castanedadzr.ru/images/6.gif
173.254.28.213200 OK 42 B URL HTTP/2 castanedadzr.ru/images/6.gif
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 8 x 8\012- data
Hash 9e3cb00f316dbb36cebc1c235de14649
c6c0c23d8894bf4a90ca44e9efc2ec24b2479de5
c2a113058c168c8ec3f22f188c8fcde0b44113fb6c89eb6aa6237bb1e23690e9
GET /images/6.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:08:45 GMT
accept-ranges: bytes
content-length: 42
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
castanedadzr.ru/images/4.gif
173.254.28.213200 OK 45 B URL HTTP/2 castanedadzr.ru/images/4.gif
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 8 x 8\012- data
Hash a4a228fb445b1ec2cdf49cd3745430e1
851a42e4bb9e82eb4ed180a062573bd703784cdd
2173d6ce3cf54539e064ace82a8584abb5ed21a8b4532562430c7776a413b27e
GET /images/4.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:08:42 GMT
accept-ranges: bytes
content-length: 45
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
castanedadzr.ru/images/hh2.gif
173.254.28.213200 OK 97 B URL HTTP/2 castanedadzr.ru/images/hh2.gif
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 160 x 10\012- data
Hash 1eb970db99477a5433bb60013b7a291f
92220184b8a788387a80fc03757ebd6063b47a79
1f5e175eb94df69c17cc993bce2acb3d33cb6d85e72a0974f0083133dbc7e869
GET /images/hh2.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:16 GMT
accept-ranges: bytes
content-length: 97
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
castanedadzr.ru/images/2.gif
173.254.28.213200 OK 45 B URL HTTP/2 castanedadzr.ru/images/2.gif
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 8 x 8\012- data
Hash 12902cacbf37c924c28d01021e660452
a9bf4f8172dd6bc28d1ada037e2028be2cdec405
6247c9eae5d944df1b60f9e9ce014cb91c93b16eec74298e20e1598549ab37ef
GET /images/2.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:08:37 GMT
accept-ranges: bytes
content-length: 45
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
castanedadzr.ru/images/hv2.gif
173.254.28.213200 OK 97 B URL HTTP/2 castanedadzr.ru/images/hv2.gif
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 160 x 10\012- data
Hash afd87e6da64bc25f14ae37667c4dc83b
2dc38830834084e6ff17f6d76c48042d1e7d4bbf
94e634286bcf1f20935108914e5edc1ebc9e924a190794fd5c83a1bce5c05ed5
GET /images/hv2.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:26 GMT
accept-ranges: bytes
content-length: 97
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e7c8cd63a4692ed854db21d0b1ae8ada
1c4d151e2141840197dc0f688cfb3f098baf214f
5cae7615b4c426d62729addfd93b313373285637a5feec4c700209fe0e75a9c8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2125
Cache-Control: max-age=166786
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 07:59:00 GMT
Etag: "63f84e79-1d7"
Expires: Sun, 26 Feb 2023 06:18:46 GMT
Last-Modified: Fri, 24 Feb 2023 05:43:21 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
yastatic.net/share/static/b-share-form-button.png
178.154.131.216200 OK 1.1 kB URL HTTP/2 yastatic.net/share/static/b-share-form-button.png
IP 178.154.131.216:0
File type PNG image data, 6 x 159, 8-bit colormap, non-interlaced\012- data
Hash c100391be309efda6e7e7b3f2cbfa511
3d230df5b3e0066a9efe83b8a2120d3bcc9ab48e
0fabebfd33907918ef76b3063b0139f31b3d08fc80f783cae1beb16a80b35efa
GET /share/static/b-share-form-button.png HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/png
content-length: 1057
access-control-allow-origin: *
cache-control: public, max-age=216009
etag: "c100391be309efda6e7e7b3f2cbfa511"
expires: Sun, 26 Feb 2023 19:55:27 GMT
last-modified: Wed, 24 Oct 2018 16:00:42 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: abb1cbeea0b317ae
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/share/static/b-share-form-button_share__icon.png
178.154.131.216200 OK 531 B URL HTTP/2 yastatic.net/share/static/b-share-form-button_share__icon.png
IP 178.154.131.216:0
File type PNG image data, 20 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash 72e573a824d005d4393c17ae435fa25b
32ab48d79eb74d787dfd2c98bdfe873b4e085712
a099d68e34e33bb313e2b6defc561beefd64db26ffe61d91619d11d877231dde
GET /share/static/b-share-form-button_share__icon.png HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/png
content-length: 531
access-control-allow-origin: *
cache-control: public, max-age=216009
etag: "72e573a824d005d4393c17ae435fa25b"
expires: Sun, 26 Feb 2023 19:56:29 GMT
last-modified: Wed, 24 Oct 2018 16:00:42 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: aee57a505de1a733
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/share/static/b-share-icon.png
178.154.131.216200 OK 4.6 kB URL HTTP/2 yastatic.net/share/static/b-share-icon.png
IP 178.154.131.216:0
File type PNG image data, 16 x 493, 8-bit colormap, non-interlaced\012- data
Hash 24bc3d4a0d287d95c0fb2ec150c1776e
53b50aca31779f1d2082384c113cb8bd12392dca
4518d4c73cc79f597d32c09c25b38ef44da466f502c31e2023d1005f2f899713
GET /share/static/b-share-icon.png HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/png
content-length: 4637
access-control-allow-origin: *
cache-control: public, max-age=216009
etag: "24bc3d4a0d287d95c0fb2ec150c1776e"
expires: Sun, 26 Feb 2023 19:57:36 GMT
last-modified: Wed, 24 Oct 2018 16:00:42 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 10ef427eae430e4a
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/share/static/b-share-popup_down__tail.png
178.154.131.216200 OK 305 B URL HTTP/2 yastatic.net/share/static/b-share-popup_down__tail.png
IP 178.154.131.216:0
File type PNG image data, 21 x 10, 8-bit colormap, non-interlaced\012- data
Hash aa51277c3fccebc88a582e9c81e1424e
03d854b65d4452908a7983a032069b90cbf326b1
23aca3eb9d500bc7291222cb8b42c2b4587c14e93e2d677aeaf6ffd7a97d8036
GET /share/static/b-share-popup_down__tail.png HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/png
content-length: 305
access-control-allow-origin: *
cache-control: public, max-age=216009
etag: "aa51277c3fccebc88a582e9c81e1424e"
expires: Sun, 26 Feb 2023 19:58:18 GMT
last-modified: Wed, 24 Oct 2018 16:00:42 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 5b4749e9377e9f87
accept-ranges: bytes
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?app_id=181319321921423&href=http%3A%2F%2Fwww.castanedadzr.ru%2F&send=false&layout=button_count&width=152&show_faces=true&action=like&colorscheme=light&font&height=21
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?app_id=181319321921423&href=http%3A%2F%2Fwww.castanedadzr.ru%2F&send=false&layout=button_count&width=152&show_faces=true&action=like&colorscheme=light&font&height=21
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?app_id=181319321921423&href=http%3A%2F%2Fwww.castanedadzr.ru%2F&send=false&layout=button_count&width=152&show_faces=true&action=like&colorscheme=light&font&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: TfE+DptPM9FzNuLn/OqbBsurpzdZZujSuzaNxIjg30tqKCZaj27BL3/0QGpDyA0G1Ldo90hevcsTYbubPGU2xw==
content-length: 0
date: Fri, 24 Feb 2023 07:59:00 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
castanedadzr.ru/images/head2.gif
173.254.28.213200 OK 2.0 kB URL HTTP/2 castanedadzr.ru/images/head2.gif
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 87a, 515 x 14\012- data
Hash 0ca30830a9620b989c8424acc8ade3a8
0b9e38fed6a89660ec128620f58b5765f2613cf2
fc9f71924386ddde1990802057848118e6c837f7914def107074d5ddae07d5b4
GET /images/head2.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:11 GMT
accept-ranges: bytes
content-length: 2045
content-type: image/gif
date: Fri, 24 Feb 2023 07:59:00 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b928a6afc798633bc66c84dffd16be09
11beddf4de4460749dc9926b45d10f3d5868cb7a
bb2904cdee979778886ff82489447d6a9eb88b8947fdcfa7e973f0ef5fea7dc5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB2904CDEE979778886FF82489447D6A9EB88B8947FDCFA7E973F0EF5FEA7DC5"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8908
Expires: Fri, 24 Feb 2023 10:27:28 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive
castanedadzr.ru/images/hor.gif
173.254.28.213200 OK 45 B URL HTTP/2 castanedadzr.ru/images/hor.gif
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 8 x 8\012- data
Hash 7083d5d65c79787f3237de4890ae9179
636a18e87c53b4d2e44f17cb8a5673a19520283f
611847b9e313a5c0f8398d96b297970254693b1b4ccb21e8060ef800dd61cf23
GET /images/hor.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:20 GMT
accept-ranges: bytes
content-length: 45
content-type: image/gif
date: Fri, 24 Feb 2023 07:59:00 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e7c8cd63a4692ed854db21d0b1ae8ada
1c4d151e2141840197dc0f688cfb3f098baf214f
5cae7615b4c426d62729addfd93b313373285637a5feec4c700209fe0e75a9c8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2125
Cache-Control: max-age=166786
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 07:59:00 GMT
Etag: "63f84e79-1d7"
Expires: Sun, 26 Feb 2023 06:18:46 GMT
Last-Modified: Fri, 24 Feb 2023 05:43:21 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.acint.net/aci.js
157.90.179.28200 OK 7.8 kB IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1649)
Hash 777eef0db9280e74fe8d3e0e9561da9c
f8316623410b9735dd07b6e12a2f29352c0aa4cd
985dc8f4eb0a0b4629fa8e6d86f741ee8d22b7a0a1f64be2e9e9f2c96c9cf772
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: application/x-javascript
content-length: 7784
last-modified: Thu, 02 Feb 2023 13:55:24 GMT
etag: "63dbc0cc-1e68"
content-encoding: gzip
expires: Fri, 24 Feb 2023 19:59:00 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
castanedadzr.ru/images/bg.gif
173.254.28.213200 OK 3.6 kB URL HTTP/2 castanedadzr.ru/images/bg.gif
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 590 x 330\012- data
Hash c82e1b2c7448ded46f2e6883692cfd23
b94de0057997b397a9bbb92a6aa7d5435d78bab6
c93eafce735c401bd19c607bd958a7d75fe1bd3cb7c6e9821fcdd74340e01669
GET /images/bg.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:09:17 GMT
accept-ranges: bytes
content-length: 3644
content-type: image/gif
date: Fri, 24 Feb 2023 07:59:00 GMT
server: Apache
X-Firefox-Spdy: h2
castanedadzr.ru/images/hor2.gif
173.254.28.213200 OK 45 B URL HTTP/2 castanedadzr.ru/images/hor2.gif
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 8 x 8\012- data
Hash 1e2f0b1d987b0c00795fbf49dbcebc9e
dd617d4035a87c35665826920d29f0e65ec03b11
dc7f0ca8a3df24f96faa4dc1fffee996ef190cc61513bbdb88673b5f4d360db3
GET /images/hor2.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:22 GMT
accept-ranges: bytes
content-length: 45
content-type: image/gif
date: Fri, 24 Feb 2023 07:59:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.5.1&uid=607fb50c-1910-4e3f-9ea3-ad87ee47c80a&dp=10&tz=%2B00%3A00&nc=53429974&u=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&r=&rs=1280x1024&t=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&oE=1&oP=1&dT=2023-02-24T07%3A59%3A35.387&fu=dd4f365b-51cb-45d9-95c7-9c50120d3dd7
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.5.1&uid=607fb50c-1910-4e3f-9ea3-ad87ee47c80a&dp=10&tz=%2B00%3A00&nc=53429974&u=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&r=&rs=1280x1024&t=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&oE=1&oP=1&dT=2023-02-24T07%3A59%3A35.387&fu=dd4f365b-51cb-45d9-95c7-9c50120d3dd7
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.5.1&uid=607fb50c-1910-4e3f-9ea3-ad87ee47c80a&dp=10&tz=%2B00%3A00&nc=53429974&u=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&r=&rs=1280x1024&t=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&oE=1&oP=1&dT=2023-02-24T07%3A59%3A35.387&fu=dd4f365b-51cb-45d9-95c7-9c50120d3dd7 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10
157.90.179.28302 Found 154 B IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Fri, 24-Feb-23 08:09:00 GMT
aid=LgR5GmP4bkQ7wQQ8bcg5AqB343s0P8JyKi7dlu6u4ePAygiI; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
vk.com/widget_like.php?app=5990588&width=100%25&_ver=1&page=0&url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&type=mini&verb=0&color=&title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...&description=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&image=&text=&h=22&startWidth=152&referrer=&186826f432c
87.240.132.78200 OK 4.7 kB URL HTTP/2 vk.com/widget_like.php?app=5990588&width=100%25&_ver=1&page=0&url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&type=mini&verb=0&color=&title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...&description=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&image=&text=&h=22&startWidth=152&referrer=&186826f432c
IP 87.240.132.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with very long lines (5611)
Hash cb252a89d4aecfcb381e3b050468229d
9f0336055b5b767e4abd2d35354292c3e63e6d04
68114dc0658b98c8d5ef6a64ee566573ee543a063e3c8e8931efef11bd4a5074
GET /widget_like.php?app=5990588&width=100%25&_ver=1&page=0&url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&type=mini&verb=0&color=&title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...&description=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&image=&text=&h=22&startWidth=152&referrer=&186826f432c HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/html; charset=windows-1251
content-length: 4734
x-powered-by: KPHP/7.4.113370
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly
remixlang=3; expires=Sat, 24 Feb 2024 08:01:02 GMT; path=/; domain=.vk.com
remixstlid=9086387497535864350_RGCiGWm27z2BQqVKHRcb0nzmjHNzMBWXzgR9zVLSHuD; expires=Sat, 24 Feb 2024 07:59:00 GMT; path=/; domain=.vk.com; secure
remixstid=854141636_oNuPvxroZEzzNwg2q9BSAR8hGzqHKzczqtkJkn7KXIX; expires=Tue, 20 Feb 2024 20:50:05 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-security-policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline'
x-xss-protection: 1; report=/xss_reports
content-encoding: gzip
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
www.castanedadzr.ru/images/mail.gif
173.254.28.213200 OK 182 B URL HTTP/2 www.castanedadzr.ru/images/mail.gif
IP 173.254.28.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 108 x 11\012- data
Hash 95a6f49324a87c3617d4550e76795bd5
08ede7ada5e2ffc4c005409c38b1b63211c72f16
aae3b683e575f4ae38017de859bcbcf5a545ee50a01d60aae780703ff7838dd3
GET /images/mail.gif HTTP/1.1
Host: www.castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:47 GMT
accept-ranges: bytes
content-length: 182
content-type: image/gif
date: Fri, 24 Feb 2023 07:59:00 GMT
server: Apache
X-Firefox-Spdy: h2
vk.com/js/al/lite.js?107
87.240.132.78200 OK 62 kB IP 87.240.132.78:0
File type ISO-8859 text, with very long lines (2839)
Hash 091388f13ac2a18d7ecee39a2a9e9785
83412ca1e6b6b29231b9722b5f4a619f8befc52c
83e34d3b9efd7f0981f9ada9cbbd6e052460bb3e8f465319b2d59d0cbc8318de
GET /js/al/lite.js?107 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/widget_like.php?app=5990588&width=100%25&_ver=1&page=0&url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&type=mini&verb=0&color=&title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...&description=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&image=&text=&h=22&startWidth=152&referrer=&186826f432c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: application/x-javascript
content-length: 61948
last-modified: Fri, 17 Feb 2023 11:25:03 GMT
etag: "63ef640f-f1fc"
content-encoding: br
expires: Tue, 28 Feb 2023 07:59:00 GMT
cache-control: max-age=345600
x-frontend: front226205
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
vk.com/images/upload.gif
87.240.132.78200 OK 230 B IP 87.240.132.78:0
File type GIF image data, version 89a, 32 x 8\012- data
Hash 59cd625f8c2ce03663123d59416378a1
b8d103133aadcdbe532e5642ddce9159b7385e4e
0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202
GET /images/upload.gif HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 230
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
etag: "5f6a5ec8-e6"
expires: Fri, 03 Mar 2023 07:59:00 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
vk.com/js/loader_nav20684873239_3.js
87.240.132.78200 OK 55 kB URL HTTP/2 vk.com/js/loader_nav20684873239_3.js
IP 87.240.132.78:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 74192224436f89e85236e654f32c11c8
589800686b9583cf2d83ca9753b06458c81c61f8
381462b2b35ca43353c84d1b8f59c34f4b6dca7cc0ee49c69d01207108c3830e
GET /js/loader_nav20684873239_3.js HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/widget_like.php?app=5990588&width=100%25&_ver=1&page=0&url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&type=mini&verb=0&color=&title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...&description=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&image=&text=&h=22&startWidth=152&referrer=&186826f432c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/javascript; charset=windows-1251
content-length: 55267
x-powered-by: KPHP/7.4.113370
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly
remixlang=3; expires=Tue, 27 Feb 2024 06:17:38 GMT; path=/; domain=.vk.com
remixstlid=9081883897908599266_NzV48SeaZnmmCSSz509Iz2FHUPUdjxSxxRoN0TNPqBg; expires=Sat, 24 Feb 2024 07:59:00 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-encoding: gzip
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
www.acint.net/oci.js?t=1677225575390
157.90.179.28200 OK 39 kB URL HTTP/2 www.acint.net/oci.js?t=1677225575390
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type ISO-8859 text, with very long lines (32998)
Hash 93fda760ec612437c0f5ed958a0b5710
e833c28f80fd2b895695a40fcb6de87ce776a138
d534af853b5adf76ab8c4502d14c4bb1588fb745a86412ea89cbfbf994de1143
GET /oci.js?t=1677225575390 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: application/x-javascript
last-modified: Mon, 09 Jan 2023 08:01:26 GMT
etag: W/"63bbc9d6-7dac"
content-encoding: gzip
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10&tc=1
157.90.179.28200 OK 5.1 kB URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
Hash e521d4da529ebdb949c636d7f55a7688
a2d37f175d1a7aa7b102f46f8837f602108c2eac
30bcb623950809e469adee2e88465fff49ef6f01f80f23e7a23487826eb883ad
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://castanedadzr.ru/
Connection: keep-alive
Cookie: aid=LgR5GmP4bkQ7wQQ8bcg5AqB343s0P8JyKi7dlu6u4ePAygiI; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1677225540; expires=Sat, 25-Feb-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53v2=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp98v2=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1677225540; expires=Fri, 10-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v3=1677225540; expires=Sat, 11-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148v1=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp217=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp235=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp241=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
st.vk.com/css/al/base.1c25eeb7ac42cd36d08a.css
87.240.132.78200 OK 19 kB URL HTTP/2 st.vk.com/css/al/base.1c25eeb7ac42cd36d08a.css
IP 87.240.132.78:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Hash 717a3435177db8bf42d60f25242a9f33
a9397dc03def6aed560d1fac67e0002d71c7648f
045487821dc9c0b373259ee9f682f4b7629983ead750a51fed79ca52de8b599b
GET /css/al/base.1c25eeb7ac42cd36d08a.css HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/css
content-length: 19325
last-modified: Wed, 08 Feb 2023 11:29:05 GMT
etag: "63e38781-4b7d"
content-encoding: br
expires: Tue, 28 Feb 2023 07:59:00 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
st.vk.com/css/al/lite.ce9567cd8cf121942abf.css
87.240.132.78200 OK 36 kB URL HTTP/2 st.vk.com/css/al/lite.ce9567cd8cf121942abf.css
IP 87.240.132.78:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Hash 57be82da51ac6dd75ebad989c8cfd637
d42f705f20ca8d8227301e913be8d564f92e8442
8107f7b2c4a400b356b2aff5edf62899b6212aab1840e72fd39224039ea67680
GET /css/al/lite.ce9567cd8cf121942abf.css HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/css
content-length: 36072
last-modified: Wed, 22 Feb 2023 15:59:24 GMT
etag: "63f63bdc-8ce8"
content-encoding: br
expires: Tue, 28 Feb 2023 07:59:00 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
st.vk.com/js/api/xdm.js?9
87.240.132.78200 OK 2.8 kB URL HTTP/2 st.vk.com/js/api/xdm.js?9
IP 87.240.132.78:0
Hash 3621f21a6215d1660754d2a2d1947af5
6480e04e1e4a82bf63c1322fe17dbff2037f3e06
3ffe8143f00123797a9a41d9444fce19a8935e6f34378293cb22b8b0705df6ea
GET /js/api/xdm.js?9 HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: application/x-javascript
content-length: 2846
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
etag: "5f6a5ec8-b1e"
content-encoding: br
expires: Tue, 28 Feb 2023 07:59:00 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
st.vk.com/css/al/widgets.77db677e9e50b46b19d2.css
87.240.132.78200 OK 3.7 kB URL HTTP/2 st.vk.com/css/al/widgets.77db677e9e50b46b19d2.css
IP 87.240.132.78:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (23489)
Hash 86ea0be9462d4ccadc6f0f6e9ec0e479
34348acf83ab9349ca71d14cc4eea4bb248aca67
de33f18a6aa2960e125ea026f00b22f30dc6e5995e1930e4c555b99c635a03c7
GET /css/al/widgets.77db677e9e50b46b19d2.css HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/css
content-length: 3690
last-modified: Wed, 01 Feb 2023 14:41:30 GMT
etag: "63da7a1a-e6a"
content-encoding: br
expires: Tue, 28 Feb 2023 07:59:00 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ad369f4b4913b7211a6df1386c2d9bc6
a2265e298f3be6c1ba68e45bda49746ca054e49a
d1ee2b5c8464f8918b33b2ec9178141817e1438638f48c1c2e95fa230c90bccd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3862
Cache-Control: max-age=117750
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 07:59:00 GMT
Etag: "63f78824-118"
Expires: Sat, 25 Feb 2023 16:41:30 GMT
Last-Modified: Thu, 23 Feb 2023 15:37:08 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5c1edb96e86c66da77ade47db26dbce6
a620ee22693daa0949e1622d0b9fd8f11cd34a29
b004064c665204969f06c49e091d78b9b1bc77079585994039719c1d8e5d525a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B004064C665204969F06C49E091D78B9B1BC77079585994039719C1D8E5D525A"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15325
Expires: Fri, 24 Feb 2023 12:14:25 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 4ffa5c9ca0fddd5e61cc44dcee7cf8e3
cc4b0acbddf828e5dd7f4fd8a036350d641f7138
10a58879835888ee23e280f9ac2146bb92e0474cfb6ce614e0c3ca7e246f9937
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 28 Feb 2023 06:12:09 GMT
ETag: "cc4b0acbddf828e5dd7f4fd8a036350d641f7138"
Last-Modified: Fri, 24 Feb 2023 06:12:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2276
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8cc3e0f0b59-OSL
dm-eu.hybrid.ai/match?id=106&vid=1A79042E446EF8633C04C13B0239C86D
37.18.103.21204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=1A79042E446EF8633C04C13B0239C86D
IP 37.18.103.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 24 Feb 2023 07:59:00 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=bd0ccc194455b638584a; Expires=Sat, 24 Feb 2024 07:59:00 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 529
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.acint.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 75fdc803ccd1b6fba9f922d78c7aaa12
9750ec626e80adb01a30d0b1089d6a5e36bd7169
8ba9eca74df6e4c6c21c4f3a30e5b59d1498a6231b9555c489a0505909175ff6
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 28 Feb 2023 06:10:14 GMT
ETag: "9750ec626e80adb01a30d0b1089d6a5e36bd7169"
Last-Modified: Fri, 24 Feb 2023 06:10:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1422
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8cc6c410b31-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 74f3ebde2baa1968054f340aecb8eb3b
b916dd3603cf8244526cac7ce0a9136e39cfcdf8
7e55249ba4b3ff49fc9d3dfa6f68c6eca9a5361e79981ef374cda070cc8c5d71
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E55249BA4B3FF49FC9D3DFA6F68C6ECA9A5361E79981EF374CDA070CC8C5D71"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10297
Expires: Fri, 24 Feb 2023 10:50:37 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
193.3.184.201302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP 193.3.184.201:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=1C03420A446EF8632F00EB000297565F
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDHGP4bkQA6wAvX1aXAoETS+zoid1mlRWKx/lamAVikcOa; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 926544de2d324aa10f42107101a90b75
995de948698eee83546376fe1dc3ace97c644e71
63b27327b3342fc833817cae9c6319abdae34117ac26f6fe9334289eb2383716
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63B27327B3342FC833817CAE9C6319ABDAE34117AC26F6FE9334289EB2383716"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15396
Expires: Fri, 24 Feb 2023 12:15:36 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive
sync.dmp.otm-r.com/match/sape?id=1A79042E446EF8633C04C13B0239C86D
138.201.65.74204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=1A79042E446EF8633C04C13B0239C86D
IP 138.201.65.74:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.17.4
date: Fri, 24 Feb 2023 07:59:00 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
acint.net/match?dp=110&euid=a42d8671dcdd445fa60b71800a944bfc
157.90.179.28200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=a42d8671dcdd445fa60b71800a944bfc
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=a42d8671dcdd445fa60b71800a944bfc HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 59ef82531c67e155b8aced1421d96c52
810c9e47076c8ece1b83b3463e5b9abbfe2877b6
fd7b28816db14dc45ff07acb9ce51ec964d47d3ab6d6ebcdead5376d181d31c1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD7B28816DB14DC45FF07ACB9CE51EC964D47D3AB6D6EBCDEAD5376D181D31C1"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11907
Expires: Fri, 24 Feb 2023 11:17:27 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive
a.utraff.com/sync?ssp=Sape
172.67.217.151204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=Sape
IP 172.67.217.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=Sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Sun, 26 Mar 2023 10:59:00 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Sun, 26 Mar 2023 10:59:00 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcNLTQ7tdpdOuu6Z73gy9cu%2F0NGIJTkiVK%2FKuP5MfK1b%2Fpgj0Rzfim7gOKJNhEt69GBbqXmcJI%2FEG%2F75Fu7aNDnjh6v2Pvkf1Wd3qwCXt5N513sKOKoj%2BI11eH9DeeI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79e6a8cc3ba31c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 201c51b176ba24fcf99330150367a382
d4de8a37cf102c4c931b5ea21c0f606f6b9e2a67
d6f1c581e2e5dc2f457afc21bebe9fde47c9023a88d69ff2ad6edfd6c74fbc56
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6F1C581E2E5DC2F457AFC21BEBE9FDE47C9023A88D69FF2AD6EDFD6C74FBC56"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6636
Expires: Fri, 24 Feb 2023 09:49:36 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive
s.uuidksinc.net/match/396/?remote_uid=1A79042E446EF8633C04C13B0239C86D
31.220.27.155302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=1A79042E446EF8633C04C13B0239C86D
IP 31.220.27.155:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Fri, 24 Feb 2023 07:59:00 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=645N5dDMZgbcrxGoeziW
set-cookie: jcsuuid=645N5dDMZgbcrxGoeziW; expires=Sat, 24 Feb 2024 07:59:00 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 60a4c12c1474e363b8e52ebe6a4cbcb6
2e07ff761c61c2bb405e56183c52c99bc95cc479
b706205770e7c84a9e48592493c27721b6c7862e19763cfff862b7cad11acb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B706205770E7C84A9E48592493C27721B6C7862E19763CFFF862B7CAD11ACB38"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3845
Expires: Fri, 24 Feb 2023 09:03:05 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
185.147.80.35302 Found 74 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP 185.147.80.35:0
File type HTML document, ASCII text
Hash d0c1d949e2d22f8249a419f4c9892c63
8c9ad94c817bace58f6cd9e7fbe8c6affc9974ff
6c553a9cfdb6f624480e9aff3a77139685a7e21338a5d50021613446a77ed55e
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 74
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=XINGNXHZ
Set-Cookie: uid=XINGNXHZ; Expires=Mon, 21 Feb 2033 07:59:00 GMT
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 3ca8fd1ef685f85da53880efdb66162a
5ae612b4f8501762d8cb0bcf50827520b56c6adc
f3fc0f4c5c5d044e7aa5ea022977ef4b0c9b805aa6b656ca70c823a00bde21c8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 21 Feb 2023 23:10:58 GMT
Expires: Tue, 28 Feb 2023 23:10:57 GMT
Etag: "5ae612b4f8501762d8cb0bcf50827520b56c6adc"
Cache-Control: max-age=399716,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79e6a8ccdca2b50b-OSL
mc.yandex.ru/metrika/watch.js
87.250.251.119200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (551)
Hash eac3e9e31b3d1530dd82d2f86b857826
909344515aa194c50eb90bc0f80e7440c0bfbac9
9e651ecbfe861c3ef5481f88cafc7de9e646664e91d4b408ee8ee7c7b9b5b230
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 58157
date: Fri, 24 Feb 2023 07:59:00 GMT
access-control-allow-origin: *
etag: "63f47caa-e32d"
expires: Fri, 24 Feb 2023 08:59:00 GMT
last-modified: Tue, 21 Feb 2023 11:11:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
acint.net/match?dp=14&euid=1C03420A446EF8632F00EB000297565F
157.90.179.28200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=1C03420A446EF8632F00EB000297565F
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=1C03420A446EF8632F00EB000297565F HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
st.vk.com/images/icons/like_widget.png
87.240.132.78200 OK 538 B URL HTTP/2 st.vk.com/images/icons/like_widget.png
IP 87.240.132.78:0
File type PNG image data, 19 x 59, 8-bit/color RGBA, non-interlaced\012- data
Hash 88db15ca955d5c8410cfcb486c31ce12
a5b91356b3c67898db40b623689b5c87cb3de8ab
3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e
GET /images/icons/like_widget.png HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.vk.com/css/al/widgets.77db677e9e50b46b19d2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/png
content-length: 538
last-modified: Tue, 22 Sep 2020 20:29:56 GMT
etag: "5f6a5ec4-21a"
expires: Tue, 28 Feb 2023 07:59:00 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
accept-ranges: bytes
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042E446EF8633C04C13B0239C86D
87.242.89.90200 OK 12 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042E446EF8633C04C13B0239C86D
IP 87.242.89.90:0
File type exported SGML document, ASCII text, with no line terminators
Hash d8932e1cb3ee147415fbf5591a7217ca
97da5b95fb7f60ecd8d9ed0e5a05d83ad5a9c070
c0327cbcde50f1ab8228334a550b947301123d6f6f7d625707cb6d08a1faec35
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/html
content-length: 12
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
etag: "63d8131e-c"
accept-ranges: bytes
server: elb
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 798645d5419251dfa27886d15a0bc02a
a23fe8628e8178996bf7167cc9d6eb1275c30fbe
c5b7498b5b0864ff3e24b5cba8f9d25327ad32dc8a020942a2c21472eaa3e832
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5B7498B5B0864FF3E24B5CBA8F9D25327AD32DC8A020942A2C21472EAA3E832"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6091
Expires: Fri, 24 Feb 2023 09:40:31 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive
pix.bumlam.com/sync/sape/check?sspuid=1A79042E446EF8633C04C13B0239C86D
31.172.81.172302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/check?sspuid=1A79042E446EF8633C04C13B0239C86D
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/check?sspuid=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape
www.acint.net/match?dp=127&euid=645N5dDMZgbcrxGoeziW
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=645N5dDMZgbcrxGoeziW
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=645N5dDMZgbcrxGoeziW HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
nr.bidderstack.com/sape/cm?user_id=1A79042E446EF8633C04C13B0239C86D
23.88.12.13200 OK 44 B URL HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=1A79042E446EF8633C04C13B0239C86D
IP 23.88.12.13:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
GET /sape/cm?user_id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=b9f3f5f8-57b4-4e67-ad3d-e255a99fd30d; domain=.bidderstack.com; path=/; expires=Sat, 24-Feb-2024 07:59:00 GMT;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
sp.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D
167.235.9.235302 Found 0 B URL HTTP/1.1 sp.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D
IP 167.235.9.235:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D HTTP/1.1
Host: sp.ohmy.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Length: 0
Connection: keep-alive
Location: https://www.acint.net/match?dp=217&euid=36a13427-8438-4897-9ae3-e481730c26d2
Set-Cookie: uid=36a13427-8438-4897-9ae3-e481730c26d2.63f86e44.4bbd815b92a66bd3; domain=.ohmy.bid; path=/; expires=Sun, 26-Mar-2023 07:59:00 GMT; SameSite=None; Secure;
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6a1844fe76f6dad0c472bfdba62f0889
6b362c871934488c7096ba6f51e7dba6d8b977bc
191e0a8542955a1bdd6f441006678b3f202de90b20492bc093ed41654b01ab2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E0A8542955A1BDD6F441006678B3F202DE90B20492BC093ED41654B01AB2C"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2557
Expires: Fri, 24 Feb 2023 08:41:37 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3b8bd21edc37e28f4b752de9fb8396d0
c4fc667623c44cf7a024612eef18962caddc7b33
d71c4294a4d3366f84b39804e964f6025daf0a840a604ffb06640166a512ada4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D71C4294A4D3366F84B39804E964F6025DAF0A840A604FFB06640166A512ADA4"
Last-Modified: Fri, 24 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5769
Expires: Fri, 24 Feb 2023 09:35:09 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive
sync.gonet-ads.com/match/sape.js?id=1A79042E446EF8633C04C13B0239C86D
188.42.105.220302 Found 0 B URL HTTP/2 sync.gonet-ads.com/match/sape.js?id=1A79042E446EF8633C04C13B0239C86D
IP 188.42.105.220:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape.js?id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: sync.gonet-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: application/javascript
content-length: 0
location: https://sync.gonet-ads.com/match/sape.js?id=1A79042E446EF8633C04C13B0239C86D&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.acint.net/match?dp=95&euid=XINGNXHZ
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=XINGNXHZ
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=XINGNXHZ HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.programmatica.com/match/RTBSape?id=1A79042E446EF8633C04C13B0239C86D
167.235.117.41302 Found 0 B URL HTTP/2 sync.programmatica.com/match/RTBSape?id=1A79042E446EF8633C04C13B0239C86D
IP 167.235.117.41:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/RTBSape?id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-length: 0
location: https://sync.programmatica.com/match/RTBSape?id=1A79042E446EF8633C04C13B0239C86D&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&s_data=CAIQARjE3OGfBmIgMUE3OTA0MkU0NDZFRjg2MzNDMDRDMTNCMDIzOUM4NkSiARAZFvqgtBkR7aHEACWQyCQ3
31.172.81.172200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARjE3OGfBmIgMUE3OTA0MkU0NDZFRjg2MzNDMDRDMTNCMDIzOUM4NkSiARAZFvqgtBkR7aHEACWQyCQ3
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARjE3OGfBmIgMUE3OTA0MkU0NDZFRjg2MzNDMDRDMTNCMDIzOUM4NkSiARAZFvqgtBkR7aHEACWQyCQ3 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQxOTE2ZmFhMC1iNDE5LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQxOTE2ZmFhMC1iNDE5LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Thu, 19 Feb 2043 07:59:00 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c27dc8b124493de1831a83e287d1428
8cbcc7437171c33d06fa025e4c470226a73eeb28
d5eb3bb3fabe6eceeec57988ff6f99fe2fe03c954b12cf8108088a9be4485c29
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 07:59:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ad369f4b4913b7211a6df1386c2d9bc6
a2265e298f3be6c1ba68e45bda49746ca054e49a
d1ee2b5c8464f8918b33b2ec9178141817e1438638f48c1c2e95fa230c90bccd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3862
Cache-Control: max-age=117750
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 07:59:00 GMT
Etag: "63f78824-118"
Expires: Sat, 25 Feb 2023 16:41:30 GMT
Last-Modified: Thu, 23 Feb 2023 15:37:08 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
sync.upravel.com/sape/sync
148.251.129.43302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP 148.251.129.43:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1677225540725;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1677225540725;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9582327660aa2b874f29c59f163e9162
783ff794c7567d1635db620bc87e528a7930649a
868d017283cab3b87b987eebf60e777031ab7578919af5752afd40f1173b9bb4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "868D017283CAB3B87B987EEBF60E777031AB7578919AF5752AFD40F1173B9BB4"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16344
Expires: Fri, 24 Feb 2023 12:31:24 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive
www.acint.net/oci/?v=0.5.1&uid=607fb50c-1910-4e3f-9ea3-ad87ee47c80a&dp=10&tz=%2B00%3A00&nc=84845752&oid=39e8192718f4ed5a678fc273d654392b
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/oci/?v=0.5.1&uid=607fb50c-1910-4e3f-9ea3-ad87ee47c80a&dp=10&tz=%2B00%3A00&nc=84845752&oid=39e8192718f4ed5a678fc273d654392b
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /oci/?v=0.5.1&uid=607fb50c-1910-4e3f-9ea3-ad87ee47c80a&dp=10&tz=%2B00%3A00&nc=84845752&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=129&euid=c3i8aotadf
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=c3i8aotadf
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=c3i8aotadf HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=217&euid=36a13427-8438-4897-9ae3-e481730c26d2
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=217&euid=36a13427-8438-4897-9ae3-e481730c26d2
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=217&euid=36a13427-8438-4897-9ae3-e481730c26d2 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
cs.agency2.ru/p?ssp=sp&uid=1A79042E446EF8633C04C13B0239C86D
23.111.107.44301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=1A79042E446EF8633C04C13B0239C86D
IP 23.111.107.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=86248e90-f837-4124-957b-da8f23c950a9
Set-Cookie: uuid=86248e90-f837-4124-957b-da8f23c950a9; expires=Thu, 15 Feb 2024 07:59:00 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
sync.adspend.space/sape?uid=1A79042E446EF8633C04C13B0239C86D
212.76.129.181302 Found 149 B URL HTTP/2 sync.adspend.space/sape?uid=1A79042E446EF8633C04C13B0239C86D
IP 212.76.129.181:0
File type HTML document, ASCII text
Hash cb34fd89a961054e7fcd79a1cc386f4c
8a897629980521bc70374eff699e04567ecad42d
43da8395ce7b4aebc4546ffb01e4c862c7c5b83227756824cd8a8fcf897f1881
GET /sape?uid=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/html; charset=utf-8
content-length: 149
location: https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D7e1ddb1b-2fb7-4410-b492-2b142d40b8cd
set-cookie: as-user=7e1ddb1b-2fb7-4410-b492-2b142d40b8cd; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
match.new-programmatic.com/userbind?src=sape&id=1A79042E446EF8633C04C13B0239C86D
217.65.2.150204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=1A79042E446EF8633C04C13B0239C86D
IP 217.65.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash b6da2d9508ae360aa1f7e5466d86edb4
437bf334d6e74802cf72a10919fd4334dfe4f7f6
7ae5b0ef9bf06955ca315dce0f82196dc6e155906cdb92c10b800b2e90f1c0a2
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 28 Feb 2023 05:55:11 GMT
ETag: "437bf334d6e74802cf72a10919fd4334dfe4f7f6"
Last-Modified: Fri, 24 Feb 2023 05:55:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3077
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8cddf490b59-OSL
sync.bumlam.com/?src=sape
31.172.81.172302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQxOTE2ZmFhMC1iNDE5LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQxOTE2ZmFhMC1iNDE5LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Thu, 19 Feb 2043 07:59:00 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=1916faa0-b419-11ed-a1c4-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
match.qtarget.tech/userbind?src=sape&id=1A79042E446EF8633C04C13B0239C86D
95.163.92.180204 No Content 0 B URL HTTP/1.1 match.qtarget.tech/userbind?src=sape&id=1A79042E446EF8633C04C13B0239C86D
IP 95.163.92.180:0
ASN #12695 LLC Digital Network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: match.qtarget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Fri, 24 Feb 2023 12:56:59 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2249
Expires: Fri, 24 Feb 2023 08:36:29 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
5.200.44.122302 Found 503 B URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP 5.200.44.122:0
ASN #48096 Enterprise Cloud Ltd.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=a42d8671dcdd445fa60b71800a944bfc
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=a42d8671dcdd445fa60b71800a944bfc; expires=Fri, 23 Feb 2024 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Fri, 24 Feb 2023 07:58:59 GMT
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/sync_ok?guid=1916faa0-b419-11ed-a1c4-002590c82437
31.172.81.172302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/sync_ok?guid=1916faa0-b419-11ed-a1c4-002590c82437
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/sync_ok?guid=1916faa0-b419-11ed-a1c4-002590c82437 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQxOTE2ZmFhMC1iNDE5LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://1916faa0-b419-11ed-a1c4-002590c82437.n5.sync.bumlam.com/?src=sape
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F137aee85-a8db-4c5c-b88f-0857f7ba3677.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F137aee85-a8db-4c5c-b88f-0857f7ba3677.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34013daae3d217976ee1f5a9b7f339ba
2f772756bec7dea5018de069d66011fea212ac11
6a3cfb5871a65921559de5db2a58cc2de03f7ff9fa7764e3c63958d721de4639
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F137aee85-a8db-4c5c-b88f-0857f7ba3677.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7920
x-amzn-requestid: 0f05642f-9ffc-4778-8c93-591bc16d04c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9M6E7aoAMFl9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbeb-1701df8b471a945211701133;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DqGbw5IZ5QjTdQqoX0ozFMN8qZM2xc7_NwqDtWqz7BFCqAQJtk_Scg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:34:36 GMT
etag: "2f772756bec7dea5018de069d66011fea212ac11"
content-type: image/jpeg
age: 37464
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fcastanedadzr.ru&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__
142.250.74.45200 OK 402 B URL HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fcastanedadzr.ru&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__
IP 142.250.74.45:0
Hash ef24e17522f96c36644a02f67fc20c47
3b750e2ef59730248e542029de81d50dbea4d251
276ce8f3a9f9fa3a2d7c7a2763e0c679cc53838ee0d835c32a00b7c7c4ea7733
GET /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fcastanedadzr.ru&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 24 Feb 2023 07:59:00 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-jyCYKWgOaP41OHoz84mbVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2249
Expires: Fri, 24 Feb 2023 08:36:29 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2249
Expires: Fri, 24 Feb 2023 08:36:29 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive
www.acint.net/match?dp=186&euid=86248e90-f837-4124-957b-da8f23c950a9
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=86248e90-f837-4124-957b-da8f23c950a9
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=86248e90-f837-4124-957b-da8f23c950a9 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 24 Feb 2023 07:59:00 GMT
access-control-allow-origin: *
etag: "63f47caa-2b"
expires: Fri, 24 Feb 2023 08:59:00 GMT
accept-ranges: bytes
last-modified: Tue, 21 Feb 2023 11:11:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
148.251.129.43302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP 148.251.129.43:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1677225540725
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=bbe6be5c-4453-496d-8675-3cc44556a787;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=bbe6be5c-4453-496d-8675-3cc44556a787;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=bbe6be5c-4453-496d-8675-3cc44556a787
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa41846-2966-47c9-ac1f-845e6507fe21.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa41846-2966-47c9-ac1f-845e6507fe21.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d434142b05e07062707138da8999445e
d4796a582b28b1afcb1d7c8d06d78664a62bc880
0baf0e2b4c5975bac7d8543156bdb412cb8a703a768c765a90eedb95fb8ab1ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa41846-2966-47c9-ac1f-845e6507fe21.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6979
x-amzn-requestid: 19ffbbf5-7950-405e-b558-43c6c011785c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9M7FrMIAMFzCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbec-7c65361d479d30c129f9d1d0;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fTd1tIJwblI78XgGewWZ-cmhWhuzELJ9aSKMgTOpTAys_Mehu5mejQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:34:36 GMT
etag: "d4796a582b28b1afcb1d7c8d06d78664a62bc880"
content-type: image/jpeg
age: 37464
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6df093-e4fa-441b-a18d-8d5eb3f8872b.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6df093-e4fa-441b-a18d-8d5eb3f8872b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd41b65d04b02876ca020b4769ca7bcb
aa00f3f35f4826c1987a9ec712b190607e78175b
ab7b9af9a11ef8b8dece802beb9b88998ba07ecbaa5f64a624736ccb972e8f44
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6df093-e4fa-441b-a18d-8d5eb3f8872b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9860
x-amzn-requestid: 5bae7f8c-874f-45d6-908f-97c680037398
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Auq1FHPHIAMFWEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f5be86-5cac87a14c19b36011e5ac6f;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 07:04:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZfmF7f34sOJ1La2RAByS6ZBqDYvBpZ-0mJlJ0Nj9nvG08xttDiwySA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Feb 2023 07:14:18 GMT
age: 2682
etag: "aa00f3f35f4826c1987a9ec712b190607e78175b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a5f3d376fe6a3a78a5d1fe136f962fb
3e9b03cc296e954d63526a4e7e75beea3130fc3b
c8cf4f1c0352102764247e4dc5a2076921e0eaa18bfd110e5b0b97a55c706690
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: 3fd9f8c8-cf10-4222-a2cc-5f18ff7b2e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9D3HqmoAMFeBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbb2-352315613cc0c2bc7eb28e05;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:33:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bGDTF9U77Y1pmqtYk-yDa2GsiRraTcwCOBV-yAzDPT2PvS89NeCtZg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:34:34 GMT
age: 37466
etag: "3e9b03cc296e954d63526a4e7e75beea3130fc3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1422041/1?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1160122693440%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A906020588%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20%2802.02.2007%29%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.251.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/1422041/1?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1160122693440%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A906020588%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20%2802.02.2007%29%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash c89be55ca54b502c8a9a8a24b81e0578
9ffca800eb635e8a612f08d20b87ccc0cbda34b9
106f4931e35e821e910a8a786fbb85ecb0ca2cdabdac3413906cd02ec1fde668
GET /watch/1422041/1?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1160122693440%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A906020588%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20%2802.02.2007%29%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://castanedadzr.ru
Referer: https://castanedadzr.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Fri, 24 Feb 2023 07:59:00 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://castanedadzr.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 24-Feb-2023 07:59:00 GMT
last-modified: Fri, 24-Feb-2023 07:59:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1602664685682%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A487874684%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20%2802.02.2007%29%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr%2814%29mc%28cm-1-tl-1-atb-1%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.251.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1602664685682%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A487874684%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20%2802.02.2007%29%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr%2814%29mc%28cm-1-tl-1-atb-1%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash 7b6c304a8c5dbb0ad1f980ea3c069387
b718b80115dab2bfcc5c794d12784cad1214d92b
1163367e91858899c756c9ed1c9c40e933da0e3c93be80e44a66b6193fd8c464
GET /watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1602664685682%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A487874684%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20%2802.02.2007%29%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr%2814%29mc%28cm-1-tl-1-atb-1%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://castanedadzr.ru
Referer: https://castanedadzr.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Fri, 24 Feb 2023 07:59:00 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://castanedadzr.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 24-Feb-2023 07:59:00 GMT
last-modified: Fri, 24-Feb-2023 07:59:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a98720b-53ac-4018-8bb9-955bb22a9e52.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a98720b-53ac-4018-8bb9-955bb22a9e52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78bcc318c65f1f7b827f7ff792f14595
6bd53a60048a57322c3fc5d12c9f849e38fd2765
d83a699697cb6c728563b667e82a538237472ec86f841b34bc5f7639c94702e8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a98720b-53ac-4018-8bb9-955bb22a9e52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11089
x-amzn-requestid: 8738c63f-1ac3-4ce9-afe7-d5bed232e4b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ax-wyHd6IAMF-WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7119e-1fe3416019806b2550524e41;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 07:11:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xymqCKJ4l9GYOEuebuGELmu8Qq0F8eg6rp790Z4aKV_U8alWeGWfCQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Feb 2023 07:18:27 GMT
age: 2433
etag: "6bd53a60048a57322c3fc5d12c9f849e38fd2765"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c061073-61e1-440d-9b4a-2a79642fa5c9.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c061073-61e1-440d-9b4a-2a79642fa5c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash daa87fe33e37f4179406213c50b0bfc8
0a3b8e72639cbcee63e7204accb95ada77076a11
a4dd63888518de162c44da8a12eb7d2c1c2a0a97f66ea06287e82351fa36f8ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c061073-61e1-440d-9b4a-2a79642fa5c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4190
x-amzn-requestid: 5be79d82-00a6-41ff-931a-b35f1329cb71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9JcEv3IAMFb4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbd5-52bd27793f7ea5312c23b54e;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:34:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: NvWHzUuDnWXz4w1achMnAaWRaIxw9DRi5jGRGRAVlbG5XetQKLca7w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:45:50 GMT
age: 36790
etag: "0a3b8e72639cbcee63e7204accb95ada77076a11"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D7e1ddb1b-2fb7-4410-b492-2b142d40b8cd
212.76.129.181302 Found 102 B URL HTTP/2 sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D7e1ddb1b-2fb7-4410-b492-2b142d40b8cd
IP 212.76.129.181:0
File type HTML document, ASCII text
Hash f214205d827db8b841bbe977c42872ac
df119fdc290d25824ba4821568eb7642265a84a4
cb9745970c75a3a6d393866414a2056fd8f8c4d282a243bb25bf7f1b220722f3
GET /check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D7e1ddb1b-2fb7-4410-b492-2b142d40b8cd HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: as-user=7e1ddb1b-2fb7-4410-b492-2b142d40b8cd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/html; charset=utf-8
content-length: 102
location: https://www.acint.net/match?dp=98&euid=7e1ddb1b-2fb7-4410-b492-2b142d40b8cd
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
sync.gonet-ads.com/match/sape.js?id=1A79042E446EF8633C04C13B0239C86D&chk=1
188.42.105.220200 OK 724 B URL HTTP/2 sync.gonet-ads.com/match/sape.js?id=1A79042E446EF8633C04C13B0239C86D&chk=1
IP 188.42.105.220:0
Hash 70142198186c2359f5bb07f35447eb7b
b79896570a64036e44bc31fffa419f2e6598e2fa
7a66638721eeffa382973a36a277b51f0bc86cc6e878c57a0e7322c8dce522a4
GET /match/sape.js?id=1A79042E446EF8633C04C13B0239C86D&chk=1 HTTP/1.1
Host: sync.gonet-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: application/javascript
vary: Accept-Encoding
set-cookie: pid=NDU0MTJmNTAyNWNjNDE5Yg; expires=Sat, 24 Feb 2024 07:59:00 GMT; domain=.gonet-ads.com; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2
ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
142.250.74.99200 OK 4.3 kB URL HTTP/2 ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (2267)
Hash 3f7502705229ccec9d066c5cd75e6c31
ede1663155afaa5a5213d075e6295c6d839b05c3
2be5113d3022d1819a19f327235d287a2538a03741fc08ccd9d55cc1d78b6282
GET /accounts/o/1832714284-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 4294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 11:50:33 GMT
expires: Fri, 23 Feb 2024 11:50:33 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 16 Feb 2023 21:11:06 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 72507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.acint.net/match?dp=71&euid=bbe6be5c-4453-496d-8675-3cc44556a787
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=bbe6be5c-4453-496d-8675-3cc44556a787
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=bbe6be5c-4453-496d-8675-3cc44556a787 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=98&euid=7e1ddb1b-2fb7-4410-b492-2b142d40b8cd
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=98&euid=7e1ddb1b-2fb7-4410-b492-2b142d40b8cd
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=98&euid=7e1ddb1b-2fb7-4410-b492-2b142d40b8cd HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
top-fwz1.mail.ru/js/code.js
95.163.52.67200 OK 14 kB URL HTTP/2 top-fwz1.mail.ru/js/code.js
IP 95.163.52.67:0
File type ASCII text, with very long lines (729)
Hash 557f853dec4e2eb5512822cf77ed10a4
14d83f93714fe8d59046ac945ce69feb164206ec
4820794d01d6c01c8de3cc025c5d54abf8607c4087649efc54cc20e58bf4287a
GET /js/code.js HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2023 13:29:54 GMT
set-cookie: FTID=1RMYgQ0tkIIF:1677225540:0:::; path=/; expires=Sun, 25-Feb-24 07:59:00 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
etag: W/"63beb9d2-85cc"
expires: Fri, 24 Feb 2023 08:59:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: max-age=3600, private
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 18880e1808370080e86c124fc0f15477
cee3e545df43115cf8bc5b560e2c25b529219c16
8f162b3abb4870796094fcc5a6736023539c294aec20e149c97af1ab39c42337
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 07:59:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
top-fwz1.mail.ru/counter2?js=13;id=2685520;u=https%3A//castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm;st=1677225575835;pid=0;title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...;s=1280*1024;vp=115*22;touch=0;hds=1;frame=1;flash=;sid=f3cf2685e4225077;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1677225576164%3A1677225576166%3A0%3A443e70cec4f5379eaeac0cd0f080e00f;visible=true;_=0.15644349650389733
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/counter2?js=13;id=2685520;u=https%3A//castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm;st=1677225575835;pid=0;title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...;s=1280*1024;vp=115*22;touch=0;hds=1;frame=1;flash=;sid=f3cf2685e4225077;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1677225576164%3A1677225576166%3A0%3A443e70cec4f5379eaeac0cd0f080e00f;visible=true;_=0.15644349650389733
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /counter2?js=13;id=2685520;u=https%3A//castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm;st=1677225575835;pid=0;title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...;s=1280*1024;vp=115*22;touch=0;hds=1;frame=1;flash=;sid=f3cf2685e4225077;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1677225576164%3A1677225576166%3A0%3A443e70cec4f5379eaeac0cd0f080e00f;visible=true;_=0.15644349650389733 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 24 Feb 2023 07:59:01 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIF:1677225541:2685520:::; path=/; expires=Sun, 25-Feb-24 07:59:01 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash feec2ce1852ee076ba11e9ffc9a24d7e
8f0eb85ddfd5b5b34f868a9a4ab618acb3286d51
a00080775e488598b769083a6e965cce70637828b28962c1823c85632ff6d91e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 21 Feb 2023 15:41:06 GMT
Expires: Tue, 28 Feb 2023 15:41:05 GMT
Etag: "8f0eb85ddfd5b5b34f868a9a4ab618acb3286d51"
Cache-Control: max-age=372724,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79e6a8ccdfc8b4f9-OSL
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
159.69.142.212301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP 159.69.142.212:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash a7db88ff6ef4042ae9f5861b2bbf2cce
df61361bbd257f63d5cc0447b4dcae0ebfc354d0
c83aa8312a7ff1d75f7017256b55446378dced2c86c5ef67a3627ed6d8282cd3
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 24 Feb 2023 07:58:59 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=fd943d57-146e-45e2-5d92-ff204ba610a6
serverid: TODO
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 26bf08a587476d1b89da8ea82ac71009
d2aa509500d225cc67911ea08405559503ed64dd
9b0d1394dcda90ecf1414f2f55aa9c1fd193115eac83f19aa23a8a51c4ec52e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B0D1394DCDA90ECF1414F2F55AA9C1FD193115EAC83F19AA23A8A51C4EC52E9"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15565
Expires: Fri, 24 Feb 2023 12:18:26 GMT
Date: Fri, 24 Feb 2023 07:59:01 GMT
Connection: keep-alive
www.acint.net/match?dp=126&euid=fd943d57-146e-45e2-5d92-ff204ba610a6
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=fd943d57-146e-45e2-5d92-ff204ba610a6
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=fd943d57-146e-45e2-5d92-ff204ba610a6 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:01 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
1916faa0-b419-11ed-a1c4-002590c82437.n5.sync.bumlam.com/?src=sape
80.87.198.24302 Found 0 B URL HTTP/2 1916faa0-b419-11ed-a1c4-002590c82437.n5.sync.bumlam.com/?src=sape
IP 80.87.198.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: 1916faa0-b419-11ed-a1c4-002590c82437.n5.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQxOTE2ZmFhMC1iNDE5LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.1
date: Fri, 24 Feb 2023 07:59:01 GMT
content-length: 0
location: https://pix.bumlam.com/sync/sape/done
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/done
31.172.81.172200 OK 43 B URL HTTP/1.1 pix.bumlam.com/sync/sape/done
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQxOTE2ZmFhMC1iNDE5LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 5ce355aaeb35e7c6a43e6b3cb88f841a
dafb99c6c79b862ba223f94f848ec2e13f8c0dcc
9e1aa633721709283cc99de37f8dcf7b2a789583a26582f2c2a48dc8cc10d584
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 28 Feb 2023 06:08:18 GMT
ETag: "dafb99c6c79b862ba223f94f848ec2e13f8c0dcc"
Last-Modified: Fri, 24 Feb 2023 06:08:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1160
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8d0b9ec0b59-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 5ce355aaeb35e7c6a43e6b3cb88f841a
dafb99c6c79b862ba223f94f848ec2e13f8c0dcc
9e1aa633721709283cc99de37f8dcf7b2a789583a26582f2c2a48dc8cc10d584
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 28 Feb 2023 06:08:18 GMT
ETag: "dafb99c6c79b862ba223f94f848ec2e13f8c0dcc"
Last-Modified: Fri, 24 Feb 2023 06:08:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1160
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8d0d9f80b59-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 15c1ff55c278f24d670f2a7437e5fda3
47e97151c742092b0b79de9f0062d0c1e53c971d
a5fb0ee5e2c042c856e5671ab6c9353771400a7f1ad61e6f5f12c2eb911bf755
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 28 Feb 2023 05:26:16 GMT
ETag: "47e97151c742092b0b79de9f0062d0c1e53c971d"
Last-Modified: Fri, 24 Feb 2023 05:26:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1428
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8d0fa080b59-OSL
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
195.209.108.49302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP 195.209.108.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-4875619604; expires=Sun, 23 Feb 2025 07:59:01 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4875619604
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ocsp.globalsign.com/alphasslcasha256g4
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.20.226:0
Hash 6625a483ee651f05b8cd34bc05e7abe5
3614e32954550a8bfed59aed32137c9169f2f270
3da13f8d730e425814ba888003a667696276fa43e72352fee8d2300266897710
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Tue, 28 Feb 2023 04:53:07 GMT
ETag: "3614e32954550a8bfed59aed32137c9169f2f270"
Last-Modified: Fri, 24 Feb 2023 04:53:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3567
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8d11a170b59-OSL
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1A79042E446EF8633C04C13B0239C86D
81.222.128.213200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1A79042E446EF8633C04C13B0239C86D
IP 81.222.128.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash bcecf5f1b1991980c410ce2542e89b21
79e2d3fb1cd4728db00bd69acdfa5e9edafbf7f9
1d3b312167732062743462b1a839490fe8d682734f56e48748ce706890626757
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 22 Feb 2023 02:03:24 GMT
Expires: Wed, 01 Mar 2023 02:03:23 GMT
Etag: "79e2d3fb1cd4728db00bd69acdfa5e9edafbf7f9"
Cache-Control: max-age=410061,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79e6a8d0eb35b50b-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash bcecf5f1b1991980c410ce2542e89b21
79e2d3fb1cd4728db00bd69acdfa5e9edafbf7f9
1d3b312167732062743462b1a839490fe8d682734f56e48748ce706890626757
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 22 Feb 2023 02:03:24 GMT
Expires: Wed, 01 Mar 2023 02:03:23 GMT
Etag: "79e2d3fb1cd4728db00bd69acdfa5e9edafbf7f9"
Cache-Control: max-age=410061,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79e6a8d10c65b4f9-OSL
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 312bbb94512e65ee6a2c3fe8e745fe57
013ca2f01c119fbeb69a3bc70aaaa251d37299c3
b21ca43d281f095cdc1dd919b8c9f9f1763df62a2ed80789107ad31f37889e77
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 23 Feb 2023 16:18:23 GMT
Expires: Thu, 02 Mar 2023 16:18:22 GMT
Etag: "013ca2f01c119fbeb69a3bc70aaaa251d37299c3"
Cache-Control: max-age=602673,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 416
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8d1399ab4eb-OSL
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4875619604
195.209.108.49302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4875619604
IP 195.209.108.49:0
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4875619604 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Sun, 23 Feb 2025 07:59:01 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
77.245.57.72200 OK 0 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Length: 0
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache
ocsp.usertrust.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a61de8f39e5817929c42058cbc6b253b
ae08b19fd27c086894746791dd7711339918f263
83ca110b664d00f3a00dbe5809bf364b6d8451bd2c049b6e6d9519dae6701bef
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Feb 2023 15:11:26 GMT
Expires: Thu, 02 Mar 2023 15:11:25 GMT
Etag: "ae08b19fd27c086894746791dd7711339918f263"
Cache-Control: max-age=603199,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 846
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8d149b1b4eb-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 7ccec9c38d79b8eefa64112ff4b1f485
b12fde04829d4c3bab75205ce6751ae5d54fbadd
b1094bbbd870cff41d5c9d986da7889538dd6343fa9c8b85dfc4c76ce7f2f5c8
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 28 Feb 2023 04:36:07 GMT
ETag: "b12fde04829d4c3bab75205ce6751ae5d54fbadd"
Last-Modified: Fri, 24 Feb 2023 04:36:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1082
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8d15a4f0b59-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash a53dd0446bd4d2160e3eb00da399a2d1
5b1bdde463e2509a8a3fba503a8e0fba553a2247
f0018aad763574600ed3f45af5e4f84b6b8905e77ca47bc6c9fa117fdb160eeb
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 28 Feb 2023 05:59:06 GMT
ETag: "5b1bdde463e2509a8a3fba503a8e0fba553a2247"
Last-Modified: Fri, 24 Feb 2023 05:59:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2291
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8d16adc1c06-OSL
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
tuuid=c5a217e9-c755-5237-a099-9df1c361f3b4; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
ut=Y_huRQAFAUBIwHyIMr7M4qittCltcFaSEaCFLw==; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 35f8e67a3f60b3941a5c10af1239f36f
f93d357c68ad3e426504499490795d304553b6af
ebda62a5184c6f4829718e7429b7c9e0f2a99e8b82867f54bd51b2a64be54183
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBDA62A5184C6F4829718E7429B7C9E0F2A99E8B82867F54BD51B2A64BE54183"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10288
Expires: Fri, 24 Feb 2023 10:50:29 GMT
Date: Fri, 24 Feb 2023 07:59:01 GMT
Connection: keep-alive
ads.betweendigital.com/match?bidder_id=73&external_user_id=1A79042E446EF8633C04C13B0239C86D
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=1A79042E446EF8633C04C13B0239C86D
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=1A79042E446EF8633C04C13B0239C86D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
tuuid=922a51c1-cdfa-5237-89ef-879bea17e9de; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
ut=Y_huRQAFIICQm6zzju8WNdXLS_qAN0FbWB252Q==; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
sape-sync.rutarget.ru/sync
178.170.195.115302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP 178.170.195.115:0
ASN #208677 Cloud technology Limited (Ltd.)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=5uVZZSNpgLs-
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=5uVZZSNpgLs-; Path=/; Domain=.rutarget.ru; Expires=Wed, 23 Aug 2023 07:59:01 GMT; SameSite=None; Secure
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
157.90.179.28302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Fri, 24 Feb 2023 07:59:01 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1CB35A9D446EF863D303877102A05FA2
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
188.42.191.196200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.191.196:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
tuuid=441bff9e-9103-5237-9074-bfb0f38cd1f5; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
ut=Y_huRQAFmZjmXqvDK2ggeCr9JuvNatJcyJnGVA==; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=1A79042E446EF8633C04C13B0239C86D&crf=1
188.42.191.196200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=1A79042E446EF8633C04C13B0239C86D&crf=1
IP 188.42.191.196:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=1A79042E446EF8633C04C13B0239C86D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
tuuid=87c88abe-ec25-5237-b829-1937dbd17772; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
ut=Y_huRQAFrSAZPtPqG2el_W6gX_fTVSl5GtTreQ==; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
mc.yandex.ru/watch/26812653?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1602664685682%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A487874684%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr(14)mc(cm-1-tl-1-atb-1)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/26812653?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1602664685682%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A487874684%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr(14)mc(cm-1-tl-1-atb-1)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch/26812653?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1602664685682%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A487874684%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr(14)mc(cm-1-tl-1-atb-1)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://castanedadzr.ru
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1602664685682%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A487874684%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20%2802.02.2007%29%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr%2814%29mc%28cm-1-tl-1-atb-1%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 24 Feb 2023 07:59:00 GMT
access-control-allow-origin: https://castanedadzr.ru
set-cookie: yabs-sid=2234561561677225540; Path=/; SameSite=None; Secure
i=tXQsEcKHMdoLfwLc9nlMSyIsXLfCohWB98NJhve420RQtHRpUfEpYo4RuCyVFTPTaqH9gvNVQ06FnU4PUlEbCVzAXc0=; Expires=Mon, 21-Feb-2033 07:59:00 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4062473311677225540; Expires=Sat, 24-Feb-2024 07:59:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4062473311677225540; Expires=Sat, 24-Feb-2024 07:59:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1708761540.yc.1677225540#1708761540.yrts.1677225540#1708761540.yrtsi.1677225540; Expires=Sat, 24-Feb-2024 07:59:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 24-Feb-2023 07:59:00 GMT
last-modified: Fri, 24-Feb-2023 07:59:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1CB35A9D446EF863D303877102A05FA2
81.222.128.213200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1CB35A9D446EF863D303877102A05FA2
IP 81.222.128.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=1CB35A9D446EF863D303877102A05FA2 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
ad.mail.ru/cm.gif?p=48&id=1A79042E446EF8633C04C13B0239C86D
95.163.41.56200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=1A79042E446EF8633C04C13B0239C86D
IP 95.163.41.56:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Feb 2023 07:59:01 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=3f8pjS2x5ioF002DxL2cGQ2F:::0-0-0-912c705:CAASEIoXllQtBPHBcu8IQvZRCqkaYF_nmnxGyxP0OMDCBRbGohIXs730JLHY42qWN06c2HInw7_5KGlXI5cR7R9L2vqVErPv5euHm9JE59JhNIlSP1zSW3R7xIF5ioS9tq0B2PZq42s1D_z3Ier1x-WIUsLZZw; path=/; expires=Sun, 25-Feb-24 07:59:01 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Fri, 24 Feb 2023 13:59:01 GMT
cache-control: max-age=21600
last-modified: Fri, 24 Feb 2023 07:59:01 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
www.acint.net/match?dp=104&euid=5uVZZSNpgLs-
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=5uVZZSNpgLs-
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=5uVZZSNpgLs- HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:01 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
tag.digitaltarget.ru/adcm.js
185.15.175.174200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP 185.15.175.174:0
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Fri, 24 Feb 2023 07:35:10 GMT
Connection: keep-alive
ETag: "63f868ae-beb"
Accept-Ranges: bytes
x01.aidata.io/0.gif?pid=9401454&id=1A79042E446EF8633C04C13B0239C86D&bounce=1
89.108.120.68204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=1A79042E446EF8633C04C13B0239C86D&bounce=1
IP 89.108.120.68:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=1A79042E446EF8633C04C13B0239C86D&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 24 Feb 2023 07:59:01 GMT
expires: Fri, 24 Feb 2023 07:59:00 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Fri, 24 Feb 2023 07:59:00 GMT
set-cookie: __upin=zI+BzmVJ62s25cm+owcrRg;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1677225541;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
sm.rtb.mts.ru/p?ssp=sape&id=1A79042E446EF8633C04C13B0239C86D
217.66.147.37301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=1A79042E446EF8633C04C13B0239C86D
IP 217.66.147.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=1A79042E446EF8633C04C13B0239C86D
Set-Cookie: dspid=6ab242a9-730f-4e96-b008-962b1d2f2f9e; expires=Thu, 15 Feb 2024 07:59:01 GMT; domain=.mts.ru; path=/; secure; SameSite=None
px.adhigh.net/p/cm/sape?u=1A79042E446EF8633C04C13B0239C86D
193.232.150.148302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1A79042E446EF8633C04C13B0239C86D
IP 193.232.150.148:0
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 24 Feb 2023 07:59:01 GMT
content-length: 0
x-backend-id: f15-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=0xSoyIi6a3J.AikABlGGgm6_Ow;Path=/;Domain=.adhigh.net;Expires=Sat, 24-Feb-2024 07:59:01 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=1A79042E446EF8633C04C13B0239C86D&bounced=1
X-Firefox-Spdy: h2
sm.rtb.mts.ru/match/second?ssp=30&exu=1A79042E446EF8633C04C13B0239C86D
217.66.147.37200 OK 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=1A79042E446EF8633C04C13B0239C86D
IP 217.66.147.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=30&exu=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
px.adhigh.net/p/cm/sape?u=1A79042E446EF8633C04C13B0239C86D&bounced=1
193.232.150.148200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1A79042E446EF8633C04C13B0239C86D&bounced=1
IP 193.232.150.148:0
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=1A79042E446EF8633C04C13B0239C86D&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 24 Feb 2023 07:59:01 GMT
content-type: image/gif
content-length: 49
x-backend-id: f15-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
tag.digitaltarget.ru/processor.js?i=405164945142993
185.15.175.174200 OK 16 kB URL HTTP/1.1 tag.digitaltarget.ru/processor.js?i=405164945142993
IP 185.15.175.174:0
File type ASCII text, with very long lines (15892), with no line terminators
Hash 736e2fb1da94f3277e3f931048c1b9f3
196387db95a17da825b629de3542eff901b09905
4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc
GET /processor.js?i=405164945142993 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/javascript
Content-Length: 15892
Last-Modified: Fri, 24 Feb 2023 07:35:14 GMT
Connection: keep-alive
ETag: "63f868b2-3e14"
Accept-Ranges: bytes
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b2df9b8515300d4a52cfea191b091c7d
af020b02bc616abafe1f7b0bbc799f6c4aa345df
542ced88e45d59fd1ac53d575eb4825704bbb71c0b58697be50abe21dc9d9b38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "542CED88E45D59FD1AC53D575EB4825704BBB71C0B58697BE50ABE21DC9D9B38"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5708
Expires: Fri, 24 Feb 2023 09:34:09 GMT
Date: Fri, 24 Feb 2023 07:59:01 GMT
Connection: keep-alive
dmg.digitaltarget.ru/1/1093/i/i?i=302385893174594.28812868437519&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.132307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=302385893174594.28812868437519&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=302385893174594.28812868437519&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1677225541781&i=302385893174594.28812868437519&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=tqnke-uNb78RErA7kzUx; Max-Age=93312000; Expires=Sun, 08 Feb 2026 07:59:01 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/1/1093/i/i?i=302385893174594.703174245286360&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.132307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=302385893174594.703174245286360&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=302385893174594.703174245286360&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1677225541782&i=302385893174594.703174245286360&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=tqnke-uNb78REoA7kzmx; Max-Age=93312000; Expires=Sun, 08 Feb 2026 07:59:01 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1677225541781&i=302385893174594.28812868437519&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.132200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1677225541781&i=302385893174594.28812868437519&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1677225541781&i=302385893174594.28812868437519&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1677225541782&i=302385893174594.703174245286360&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.132200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1677225541782&i=302385893174594.703174245286360&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1677225541782&i=302385893174594.703174245286360&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 2
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
www.acint.net/ping/?v=0.5.1&uid=607fb50c-1910-4e3f-9ea3-ad87ee47c80a&dp=10&tz=%2B00%3A00&nc=03900152&dT=2023-02-24T07%3A59%3A38.389
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.5.1&uid=607fb50c-1910-4e3f-9ea3-ad87ee47c80a&dp=10&tz=%2B00%3A00&nc=03900152&dT=2023-02-24T07%3A59%3A38.389
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.5.1&uid=607fb50c-1910-4e3f-9ea3-ad87ee47c80a&dp=10&tz=%2B00%3A00&nc=03900152&dT=2023-02-24T07%3A59%3A38.389 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:03 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1422041?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1160122693440%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A906020588%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/1422041?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1160122693440%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A906020588%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
GET /watch/1422041?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1160122693440%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A906020588%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://castanedadzr.ru
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/1422041/1?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1160122693440%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A906020588%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20%2802.02.2007%29%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 24 Feb 2023 07:59:00 GMT
access-control-allow-origin: https://castanedadzr.ru
set-cookie: yabs-sid=1245979201677225540; Path=/; SameSite=None; Secure
i=VZgeI2HWTIsok7kcVRQqif2ToIqGgWVKWZFqCL1FgNoTvcdtZI8k32wllTmHRMxb1sZ2hI7cTFe5QCF3MS0BGHlnLkg=; Expires=Mon, 21-Feb-2033 07:59:00 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1230058631677225540; Expires=Sat, 24-Feb-2024 07:59:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1230058631677225540; Expires=Sat, 24-Feb-2024 07:59:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1708761540.yc.1677225540#1708761540.yrts.1677225540#1708761540.yrtsi.1677225540; Expires=Sat, 24-Feb-2024 07:59:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 24-Feb-2023 07:59:00 GMT
last-modified: Fri, 24-Feb-2023 07:59:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
yandex.st/share/share.js
178.154.131.216200 OK 0 B IP 178.154.131.216:0
GET /share/share.js HTTP/1.1
Host: yandex.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 24 Feb 2023 07:58:59 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
content-encoding: br
etag: W/"db7132f94e4730c128b638f72b46c899"
expires: Sun, 26 Feb 2023 19:55:57 GMT
last-modified: Wed, 24 Oct 2018 16:00:42 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: e9dc0c3075468f39
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/1A79042E446EF8633C04C13B0239C86D
213.180.204.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/1A79042E446EF8633C04C13B0239C86D
IP 213.180.204.90:0
GET /mapuid/sapeis/1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/1A79042E446EF8633C04C13B0239C86D?redir-setuniq=1
date: Fri, 24 Feb 2023 07:59:01 GMT
set-cookie: yandexuid=309717451677225541; domain=.yandex.ru; path=/; expires=Mon, 21-Feb-2033 07:59:01 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 24 Feb 2023 07:59:01 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 24 Feb 2023 07:59:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
65.108.236.88302 Found 0 B URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP 65.108.236.88:0
ASN #24940 Hetzner Online GmbH
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.23.0
date: Fri, 24 Feb 2023 07:59:00 GMT
x-request-id: cad4cc0b-d492-42ad-8250-6e308d94cf40
set-cookie: bvuid=c3i8aotadf; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=c3i8aotadf; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=c3i8aotadf
X-Firefox-Spdy: h2