Report - castanedadzr.ru/cc/mnen/polishuk_vs

Report Overview

Submitted URL
castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
IP
173.254.28.213
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2023-02-24 07:59:09
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
sync.upravel.com	28097	2017-05-29T11:13:46Z	2023-03-14T06:34:12Z	890 B	1.7 kB	148.251.129.43
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-14T05:09:37Z	413 B	5.9 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-14T05:09:38Z	606 B	127 B	52.36.23.49
yandex.st	46311	2012-05-23T00:19:28Z	2023-03-13T22:09:30Z	359 B	728 B	178.154.131.216
ssp-rtb.sape.ru	31166	2016-02-02T18:01:03Z	2023-03-14T06:34:12Z	447 B	773 B	193.3.184.201
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	56 kB	34.120.237.76
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-14T03:07:50Z	1.4 kB	3.9 kB	104.18.32.68
st.vk.com	41762	2020-12-10T13:09:45Z	2023-03-14T05:33:20Z	2.0 kB	64 kB	87.240.132.78
sp.ohmy.bid	unknown	2022-07-26T17:24:33Z	2023-03-13T08:33:52Z	456 B	412 B	167.235.9.235
ad.mail.ru	7643	2012-06-22T21:38:09Z	2023-03-14T06:34:12Z	412 B	756 B	95.163.41.56
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T18:28:26Z	3.2 kB	15 kB	104.18.20.226
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	647 B	2.4 kB	157.240.200.35
vk.com	2243	2012-05-21T17:01:19Z	2023-03-14T05:31:12Z	4.0 kB	149 kB	87.240.132.78
nr.bidderstack.com	352019	2019-02-11T15:43:50Z	2023-03-14T06:34:12Z	421 B	381 B	23.88.12.13
ads.adlook.me	43352	2018-11-28T13:50:19Z	2023-03-14T06:34:12Z	442 B	828 B	5.200.44.122
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-14T05:09:37Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T18:12:07Z	1.4 kB	2.8 kB	142.250.74.131
sync.gonet-ads.com	unknown	2023-02-03T12:32:31Z	2023-03-13T15:25:00Z	879 B	1.7 kB	188.42.105.220
sync.bumlam.com	3243	2015-08-10T23:04:25Z	2023-03-14T06:34:12Z	988 B	1.2 kB	31.172.81.172
match.qtarget.tech	unknown	2023-01-28T18:26:52Z	2023-03-12T20:22:45Z	426 B	213 B	95.163.92.180
ssp.adriver.ru	12439	2014-01-10T14:39:33Z	2023-03-14T06:34:12Z	881 B	376 B	81.222.128.213
ocsp.usertrust.com	899	2012-05-21T17:43:18Z	2023-03-14T05:24:39Z	684 B	2.0 kB	172.64.155.188
sync.adkernel.com	4993	2017-04-19T11:25:22Z	2023-03-14T06:34:12Z	469 B	158 B	77.245.57.72
ssp.bestssp.com	90974	2017-06-10T10:55:20Z	2023-03-14T07:14:40Z	438 B	361 B	185.147.80.35
mc.yandex.ru	2672	2012-05-21T11:38:30Z	2023-03-14T07:41:14Z	7.3 kB	67 kB	87.250.251.119
sm.rtb.mts.ru	27154	2019-03-26T15:10:01Z	2023-03-14T06:34:12Z	838 B	1.0 kB	217.66.147.37
1916faa0-b419-11ed-a1c4-002590c82437.n5.sync.bumlam.com	unknown			488 B	165 B	80.87.198.24
dm-eu.hybrid.ai	28847	2021-01-25T12:48:59Z	2023-03-14T06:34:12Z	419 B	528 B	37.18.103.21
sync.1dmp.io	10017	2016-02-09T12:52:58Z	2023-03-14T06:34:12Z	502 B	230 B	87.242.89.90
apis.google.com	105	2013-05-06T22:20:21Z	2023-03-14T05:10:55Z	364 B	22 kB	172.217.21.174
cs.agency2.ru	unknown	2022-04-29T16:24:02Z	2023-03-14T06:34:12Z	413 B	721 B	23.111.107.44
sync.dmp.otm-r.com	19534	2017-02-03T08:19:51Z	2023-03-14T08:30:06Z	419 B	134 B	138.201.65.74
accounts.google.com	81	2016-03-20T13:44:49Z	2023-03-14T07:33:12Z	671 B	1.0 kB	142.250.74.45
top-fwz1.mail.ru	8936	2013-04-18T13:48:22Z	2022-05-19T16:25:42Z	1.3 kB	16 kB	95.163.52.67
exchange.buzzoola.com	18389	2014-10-17T17:20:27Z	2023-03-14T08:04:52Z	483 B	382 B	159.69.142.212
an.yandex.ru	2577	2017-01-30T06:11:51Z	2023-03-13T18:45:40Z	413 B	621 B	213.180.204.90
castanedadzr.ru	unknown	2014-11-03T16:52:58Z	2023-02-24T02:33:27Z	9.0 kB	32 kB	173.254.28.213
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T18:13:28Z	782 B	2.4 kB	35.241.9.150
sync.adspend.space	unknown	2022-10-20T08:12:42Z	2023-03-14T06:34:12Z	954 B	993 B	212.76.129.181
ad.adriver.ru	19548	2012-08-31T19:10:27Z	2023-03-13T23:00:20Z	875 B	1.4 kB	195.209.108.49
ads.betweendigital.com	1571	2012-10-30T06:08:04Z	2023-03-14T06:34:12Z	1.9 kB	2.4 kB	188.42.191.196
sape-sync.rutarget.ru	173587	2018-08-07T16:11:47Z	2023-03-14T06:34:12Z	380 B	409 B	178.170.195.115
tag.digitaltarget.ru	98193	2015-07-21T16:24:58Z	2023-03-14T06:34:12Z	745 B	19 kB	185.15.175.174
yastatic.net	72282	2014-03-11T08:15:28Z	2023-03-14T06:07:56Z	1.7 kB	9.5 kB	178.154.131.216
pix.bumlam.com	92002	2022-03-29T11:19:43Z	2023-03-14T06:34:12Z	1.4 kB	2.1 kB	31.172.81.172
a.utraff.com	39874	2019-02-27T11:01:37Z	2023-03-14T06:34:12Z	380 B	1.1 kB	172.67.217.151
www.castanedadzr.ru	unknown	2013-08-31T22:46:56Z	2023-02-03T14:51:32Z	404 B	413 B	173.254.28.213
acint.net	22962	2014-02-14T22:23:16Z	2023-03-14T03:29:59Z	2.5 kB	780 B	157.90.179.28
s.uuidksinc.net	3423	2015-07-20T14:00:35Z	2023-03-14T06:34:12Z	424 B	322 B	31.220.27.155
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-14T05:09:04Z	7.4 kB	20 kB	23.33.119.27
www.acint.net	29072	2014-02-14T22:23:16Z	2023-03-14T07:14:23Z	18 kB	62 kB	157.90.179.28
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-14T05:11:49Z	724 B	3.8 kB	104.18.20.226
x01.aidata.io	12188	2016-03-31T17:36:46Z	2023-03-14T06:34:12Z	444 B	588 B	89.108.120.68
dmg.digitaltarget.ru	21471	2015-04-23T16:50:51Z	2023-03-14T06:34:14Z	2.7 kB	3.2 kB	185.15.175.132
odnaknopka.ru	352891	2012-07-15T18:20:00Z	2023-03-13T00:58:45Z	624 B	2.6 kB	142.132.202.70
px.adhigh.net	10272	2013-01-03T22:02:08Z	2023-03-14T08:30:06Z	848 B	1.0 kB	193.232.150.148
match.new-programmatic.com	33613	2020-02-18T21:50:06Z	2023-03-14T08:04:52Z	434 B	213 B	217.65.2.150
ssl.gstatic.com	unknown	2012-05-23T08:57:57Z	2023-03-14T08:36:16Z	396 B	5.2 kB	142.250.74.99
ssp.bidvol.com	31817	2020-02-22T13:37:29Z	2023-03-14T06:34:12Z	398 B	631 B	65.108.236.88
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-14T08:09:39Z	1.4 kB	2.8 kB	93.184.220.29
sync.programmatica.com	unknown	2022-12-17T02:18:07Z	2023-03-13T08:33:52Z	426 B	330 B	167.235.117.41

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-24 07:59:34	medium	Client IP	Internal IP	ET INFO URL Shortening Service Domain in DNS Lookup (vk .com)
2023-02-24 07:59:34	medium	Client IP	Internal IP	ET INFO URL Shortening Service Domain in DNS Lookup (vk .com)
2023-02-24 07:59:35	medium	Client IP	87.240.132.78	ET INFO Observed URL Shortening Service Domain (vk .com in TLS SNI)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-24	medium	castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm	Malware
2023-02-24	medium	castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm	47 B	2023-03-14	2023-03-14
Pretty URL castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm IP 173.254.28.213 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 09:51:51 Last Seen2023-03-14 09:51:51 Times Seen1 Hash 27e8f9b3ea07480603b95805e888bdda 78e864c26873ec542f998dd5fb818cd3c5d60ded 8c1f485e83fcbc5d68e9ddaee6da78101d90bd085d5c3f564d88414077997856 Loading...

	castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm	45 B	2023-03-12	2024-02-06
Pretty URL castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm IP 173.254.28.213 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:18:03 Last Seen2024-02-06 04:58:49 Times Seen11 Hash 4ec3520e63713bea02a7c971ec706eb3 21fc332acd5a8b516956c85a04f79e31b488d580 3125b85ede207d606c9a67fb0640c21a354b158be6796bc277ea31311a6e6611 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_1?le=scs	106 kB	2023-03-13	2023-03-14
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_1?le=scs IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:23:00 Last Seen2023-03-14 14:01:24 Times Seen1 Hash 96f1e531d687c6a17700f77d2dbec24d df8268577cc8c35ca0ff61243951561aff4aa428 35e3e7f1c6c25cbf2ed7bb30a4aa4c0a2e0075aebb05ece2589c8a50931861fe Loading...

	vk.com/widget_like.php?app=5990588&width=100%25&_ver=1&page=0&url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&type=mini&verb=0&color=&title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...&description=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&image=&text=&h=22&startWidth=152&referrer=&186826f432c	13 B	2023-03-07	2024-04-18
Pretty URL vk.com/widget_like.php?app=5990588&width=100%25&_ver=1&page=0&url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&type=mini&verb=0&color=&title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...&description=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&image=&text=&h=22&startWidth=152&referrer=&186826f432c IP 87.240.132.78 ASN #47541 VKontakte Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:28 Last Seen2024-04-18 04:07:02 Times Seen468 Hash f77b94b5025fa1439bb08ad2e4499445 83388a461e9631b5193bae3dccda7713ff55bad3 54d9884f178a37601340ded9d32a59a5ee8715e13d742baf8cdf77361d679260 Loading...

	ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js	10 kB	2023-03-07	2023-03-17
Pretty URL ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2023-03-17 17:17:05 Times Seen1 Hash 69c93809ee794c3e963df5e9aa5fe99d 53e4fac1a579d5cb826100d4dbe9e890385649ec 0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs	58 kB	2023-03-13	2023-03-14
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:23:00 Last Seen2023-03-14 14:06:21 Times Seen1 Hash 7efd79aa58c87e00d965d29b32bfcde1 3165ae4f10f5a455b5270e4ee87a80c114944110 7b529b766a60ee621ba8dda6053efe27245bc11a0cc565894d109cbbf2cc3dee Loading...

	tag.digitaltarget.ru/adcm.js	3.1 kB	2023-03-07	2023-05-06
Pretty URL tag.digitaltarget.ru/adcm.js IP 185.15.175.174 ASN #43226 SafeData LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2023-05-06 00:46:41 Times Seen299 Hash e7097284185069f52fc736bcd50cda13 1cdfdf2d869841202079ddf91e0a00a8610812e6 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 15:23:17 Times Seen37064909 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	st.vk.com/js/api/xdm.js?9	11 kB	2023-03-07	2023-05-05
Pretty URL st.vk.com/js/api/xdm.js?9 IP 87.240.132.78 ASN #47541 VKontakte Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:28 Last Seen2023-05-05 17:21:57 Times Seen530 Hash 6e1f8245e8ab9cd2aa06a95ffebddae4 1dadf7f2e458ae878758a362e504fdd6957e7f6f ed89697436c213e02c99f290a0f8a3d20c4bde9ccdb2ddf025b0849cdfe11347 Loading...

	vk.com/widget_like.php?app=5990588&width=100%25&_ver=1&page=0&url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&type=mini&verb=0&color=&title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...&description=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&image=&text=&h=22&startWidth=152&referrer=&186826f432c	2.1 kB	2023-03-14	2023-03-14
Pretty URL vk.com/widget_like.php?app=5990588&width=100%25&_ver=1&page=0&url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&type=mini&verb=0&color=&title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...&description=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&image=&text=&h=22&startWidth=152&referrer=&186826f432c IP 87.240.132.78 ASN #47541 VKontakte Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 09:51:51 Last Seen2023-03-14 09:51:51 Times Seen1 Hash 7f51320b07eca186b31201945ea32df2 d65b5ded94c9efb2bae04fa2e4b7a1c532b587fb b289c2e5a64acce347b57e10c6046a28ab4427b41bdd1d6938113cf610ac5d83 Loading...

	apis.google.com/js/rpc:shindig_random.js?onload=init	18 kB	2023-03-13	2023-03-14
Pretty URL apis.google.com/js/rpc:shindig_random.js?onload=init IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:21 Last Seen2023-03-14 14:08:59 Times Seen1 Hash 9a18df4fac73ae8e8b2ff7e90922d1a9 5a3f2b133cbe25f6bbed7a47a24370907517ee3e 4cfbb8c5801c099ba913266fb5da394fcacafcc48bc667112b48444fb6a5d362 Loading...

	top-fwz1.mail.ru/js/code.js	34 kB	2023-03-12	2023-11-12
Pretty URL top-fwz1.mail.ru/js/code.js IP 95.163.52.67 ASN #47764 Mail.Ru LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:29:26 Last Seen2023-11-12 15:57:24 Times Seen374 Hash 4f9e81bfc644d0c514afff102d2609b6 e2cf87aff5f1acf5fcf0b85fdc2dbf9da07e15df 86358469a3188d8dae051045546110638b6c55e8d4ff55859c381ac202ed4769 Loading...

	tag.digitaltarget.ru/processor.js?i=405164945142993	16 kB	2023-03-09	2023-05-06
Pretty URL tag.digitaltarget.ru/processor.js?i=405164945142993 IP 185.15.175.174 ASN #43226 SafeData LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:01:11 Last Seen2023-05-06 00:46:42 Times Seen346 Hash 736e2fb1da94f3277e3f931048c1b9f3 196387db95a17da825b629de3542eff901b09905 4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc Loading...

	yandex.st/share/share.js	54 kB	2023-03-07	2024-04-22
Pretty URL yandex.st/share/share.js IP 178.154.131.216 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:03 Last Seen2024-04-22 00:00:30 Times Seen775 Hash db7132f94e4730c128b638f72b46c899 4af3ebc52a01e5becd92d3f3d59f21c019e62519 944979b576ee52348d5c63d35f566c11df26f70ed15d2ceba61180662a49b114 Loading...

	castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm	585 B	2023-03-14	2023-03-14
Pretty URL castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm IP 173.254.28.213 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 09:51:51 Last Seen2023-03-14 09:51:51 Times Seen1 Hash 52cfa8273c1445fc137ae737526cfeb6 8d0c9708b696a77915a76975436b9317100f468b de9832f3bb3419435696da57afc4e05d116d465f744fd61964dfcbeff0a258cc Loading...

	www.acint.net/aci.js	24 kB	2023-03-13	2023-06-12
Pretty URL www.acint.net/aci.js IP 157.90.179.28 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:07:36 Last Seen2023-06-12 02:52:48 Times Seen787 Hash 8b47c553b5db9d368cda764c4138ada8 e93b817a219fad2762ef75ad6051a4d82afc582b eaba4c606dbd8ce6ad26a8bb999d30e855f8c1c5e194dc675b459c60679e8cb0 Loading...

	www.acint.net/oci.js?t=1677225575390	32 kB	2023-03-12	2024-04-25
Pretty URL www.acint.net/oci.js?t=1677225575390 IP 157.90.179.28 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:09:04 Last Seen2024-04-25 13:10:58 Times Seen2049 Hash c3fa5133b6899a2abb39fb79ed94300f dc1d5c75420b38cd7509a783ed09345d0ff78ac4 66b141eb9ae44c86efc510844a71cf208c02d02abe03af3a7d8cc26736d3e19c Loading...

	www.acint.net/mc/?dp=10&tc=1	199 B	2023-03-14	2023-03-14
Pretty URL www.acint.net/mc/?dp=10&tc=1 IP 157.90.179.28 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 09:51:51 Last Seen2023-03-14 09:51:51 Times Seen1 Hash 750353598cd6b2b9754b3e2c2e1148b2 559d2f4093aae8838d1e4527bc0648dbb17c3d65 2fac30bdbac5e496a60e4d5d4caf5e96005a59f8a158dbdaed8645201705809d Loading...

	vk.com/js/lang3_0.js?27953759	89 kB	2023-03-14	2023-03-14
Pretty URL vk.com/js/lang3_0.js?27953759 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 01:51:56 Last Seen2023-03-14 13:04:37 Times Seen1 Hash c08148adb8948c7ecfa457cd08a749f5 1b409cd60579c44b72aa12369dcc03e08b286a6e 09ffd2c2092496e2bec14f6a18c73922386e853ac63185d0d608f77232b8f776 Loading...

	st.vk.com/js/api/widgets/al_like.js?30	16 kB	2023-03-07	2023-04-30
Pretty URL st.vk.com/js/api/widgets/al_like.js?30 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:28 Last Seen2023-04-30 18:23:51 Times Seen50 Hash cbb56c31df0ee6bc7ac267b6c3f0bfd4 0f46ce6272420983dc7e7f3fd8269d5fed2e5a05 43fe62030092e73be7d24ffff01910b0046174c3e61f2a3a4a01de13bb367a6e Loading...

	apis.google.com/js/plusone.js	55 kB	2023-03-13	2023-03-14
Pretty URL apis.google.com/js/plusone.js IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:30:09 Last Seen2023-03-14 14:13:10 Times Seen1 Hash 16c58379dbc00071e786bbcd4201ba8b 41263545ee7cfe317f627bde06a2113412522b08 6cae3ec13bbff388bc73c59a24021f69f4ca6d901de9912005af469f2d750aa8 Loading...

	vk.com/js/api/openapi.js?144	106 kB	2023-03-08	2023-12-03
Pretty URL vk.com/js/api/openapi.js?144 IP 87.240.132.78 ASN #47541 VKontakte Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:43 Last Seen2023-12-03 16:12:46 Times Seen1261 Hash 6aba827f31cd3750ef56b691f9b5a139 e541e9196dcb954a26bfc211fab774f4cf12365c 2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e Loading...

	castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm	250 B	2023-03-07	2024-04-25
Pretty URL castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm IP 173.254.28.213 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:22 Last Seen2024-04-25 13:10:57 Times Seen619 Hash 537357420024d824760d7686fbdf31fe 5e14660b667fdc602c82300ccf3253afc242e4bb ca2f5769fc415a62dd2cd8af83b9b64604715e602f6de4c7741f9992a7003a29 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs	152 kB	2023-03-13	2023-03-14
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:30:09 Last Seen2023-03-14 14:13:10 Times Seen1 Hash 17f8a13c08d686864cf2e90b3c1f501c fb1b45fee77fcf9292297818da49aed9bea10173 7fc95c63ef763ca78bc62910711282071e88a80e2d744534bbbf9762282f64b1 Loading...

	vk.com/js/al/lite.js?107	269 kB	2023-03-14	2023-03-14
Pretty URL vk.com/js/al/lite.js?107 IP 87.240.132.78 ASN #47541 VKontakte Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 02:41:07 Last Seen2023-03-14 13:04:37 Times Seen1 Hash 2cef3300b38c7a48e1d7299922559517 2874ee1365e3affb9e253152473bb7f735892a28 821f4c5c421edad5446d12071c952054aeed61f269c1682d6636af19ffc99a1b Loading...

	vk.com/widget_like.php?app=5990588&width=100%25&_ver=1&page=0&url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&type=mini&verb=0&color=&title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...&description=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&image=&text=&h=22&startWidth=152&referrer=&186826f432c	6.9 kB	2023-03-14	2023-03-14
Pretty URL vk.com/widget_like.php?app=5990588&width=100%25&_ver=1&page=0&url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&type=mini&verb=0&color=&title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...&description=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&image=&text=&h=22&startWidth=152&referrer=&186826f432c IP 87.240.132.78 ASN #47541 VKontakte Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 09:51:51 Last Seen2023-03-14 09:51:51 Times Seen1 Hash e2ab65f3add2793c482a39500cd8f905 d0d44c2ecd2c189acc51f2a32072a69a7db990ed 7528894f17a6fe73edebdbf267fd16fb0bf8f8c091509819613d139c4f498e34 Loading...

HTTP Transactions (179)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6eb0a77aa4a20639a06d9621742007c2
d2d03beeb111049117b70d5f3dff3698a671ef8a
62c2da0800bf8efb6bb985b2eb046fa863e0b394681fb2ab187a9c4836fbd320

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62C2DA0800BF8EFB6BB985B2EB046FA863E0B394681FB2AB187A9C4836FBD320"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6538
Expires: Fri, 24 Feb 2023 09:47:56 GMT
Date: Fri, 24 Feb 2023 07:58:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
67fc460ed2f69dde3c410ec607ef3510
ba9f582ec321351e5c06c9b2c381f06b685ef274
85df74fac7d59d76840b6359bac24648fede201c0048f2a8382af6468225ffb8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF74FAC7D59D76840B6359BAC24648FEDE201C0048F2A8382AF6468225FFB8"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4745
Expires: Fri, 24 Feb 2023 09:18:03 GMT
Date: Fri, 24 Feb 2023 07:58:58 GMT
Connection: keep-alive

castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm

173.254.28.213

301 Moved Permanently

260 B

URL HTTP/1.1
castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
260 B (260 bytes)
Hash
091c7a6ea853d1e2f3f37ce8a1cf3c6b
3f279cd4366eadd0b0df929f48fd00b8501d7c7f
fdcc40ce3c118868a9b941483cfdbac3f15687f76690b7b339cf4f38da525ea8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /cc/mnen/polishuk_vs_elsh.htm HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 24 Feb 2023 07:58:58 GMT
Server: Apache
Location: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Content-Length: 260
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 24 Feb 2023 07:54:00 GMT
content-type: application/json
age: 298
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7fb59e5d3cdf08b94e5f41fdeb9aec6c
ff644039db3b9f74d7e2fab10f93581bea10614a
861573a00d75364e15783c5e448c4f8b4da48b38d9beba3ebd33a87f993489a5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "861573A00D75364E15783C5E448C4F8B4DA48B38D9BEBA3EBD33A87F993489A5"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10533
Expires: Fri, 24 Feb 2023 10:54:31 GMT
Date: Fri, 24 Feb 2023 07:58:58 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: MYSvJydv8DlogFeRBjFjQUCL4giu2cgVTKiHVkySILeDqzKjcyfnT+/WFrAGyIYr7sronV3S84jwnM3X1N+nGA==
x-amz-request-id: CY0KNCKC47R25V3M
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 24 Feb 2023 07:49:36 GMT
age: 562
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 24 Feb 2023 07:58:58 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Last-Modified, Backoff, Alert, Cache-Control, ETag, Expires, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 24 Feb 2023 07:20:36 GMT
age: 2303
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
df95244896ee9afed731e97c8f1017b6
932190644400247511c84a877253c2651df44b9e
c83ba4a1db1d8e4c4b2eea826c8b03f93135c9ca86be4c2f6e34dee68f932589

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83BA4A1DB1D8E4C4B2EEA826C8B03F93135C9CA86BE4C2F6E34DEE68F932589"
Last-Modified: Thu, 23 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 24 Feb 2023 13:58:59 GMT
Date: Fri, 24 Feb 2023 07:58:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4aaa1f1be68ba53b441e577dcbf8b7c1
618b2e62b7f2feb82093a3706573e18ff9f69827
8d3978b35fd96458b8fff71c9dbb47ab616dfd49d669027fd6c5a52a4e9bafa0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D3978B35FD96458B8FFF71C9DBB47AB616DFD49D669027FD6C5A52A4E9BAFA0"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16410
Expires: Fri, 24 Feb 2023 12:32:29 GMT
Date: Fri, 24 Feb 2023 07:58:59 GMT
Connection: keep-alive

castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm

173.254.28.213

200 OK

8.1 kB

URL HTTP/2
castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (765), with CRLF, LF line terminators
Size
8.1 kB (8101 bytes)
Hash
cff86b63dbbfdfcf711a59912aa8816e
f0711375e6abd2d05cbc5aceefca4b3f75129002
c798758d1e2da991386a7a01218f466ebaa9911173ee2081a8a60a9a469a3c6c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /cc/mnen/polishuk_vs_elsh.htm HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-encoding: gzip
content-length: 8101
content-type: text/html; charset=UTF-8
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.globalsign.com/gseccovsslca2018

104.18.20.226

200 OK

940 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
940 B (940 bytes)
Hash
96fba3bf5e22265a335e5e5318e13d7e
f84f0212c5d89d9640aded3a63a99559b9070f15
e13e5c60ad28c5e281a586cbf9ab493d8ad545e605f82dd5192dc1e6f3587f4b

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:58:59 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Tue, 28 Feb 2023 04:28:15 GMT
ETag: "f84f0212c5d89d9640aded3a63a99559b9070f15"
Last-Modified: Fri, 24 Feb 2023 04:28:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3319
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8c7bad40b59-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ffe196b1cb86cdb2ef31aea8e770525e
95ca3a2f195ae69faeab5ace4e71a387adb65cf6
c1cbb47354f40dd6efd20693bab3cbca66f01d9262df722f92b2cf89a20f3229

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 07:58:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

apis.google.com/js/plusone.js

172.217.21.174

200 OK

21 kB

URL HTTP/2
apis.google.com/js/plusone.js
IP
172.217.21.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1429)
Size
21 kB (20950 bytes)
Hash
f8971f3ad662af35a2ca6871f8c78482
35a0b814d6ecec8deacc9aea87ce9be62b15d92b
a438d380bab44504b1ff13673a0e041c6ac6645d03926e7f076465d1fe049765

HTTP Headers

GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Fri, 24 Feb 2023 07:58:59 GMT
expires: Fri, 24 Feb 2023 07:58:59 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "9dea963ca1c75dde"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.36.23.49

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.36.23.49:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bnEoRg3h3REyGh7pojRTFg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OLvNppAqm4rPTIFr6MQ5zxCFIZw=

odnaknopka.ru/images/button.gif

142.132.202.70

301 Moved Permanently

178 B

URL HTTP/1.1
odnaknopka.ru/images/button.gif
IP
142.132.202.70:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
bd2695f4b079c71dbddde3436286fb9c
733c05da132193d6cf1d8e242d12e2525c03bab4
2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b

HTTP Headers

GET /images/button.gif HTTP/1.1
Host: odnaknopka.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 24 Feb 2023 07:58:59 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://odnaknopka.ru/images/button.gif

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
5babc09a0e4b667b7450c48a11c812c5
6f88fba93170d06c9a7e134ce80fab66f7356352
7f190029961977cb58bc3bba2985d6e96a52fb1607f07ce3323fae56e65934bd

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:58:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 28 Feb 2023 06:40:31 GMT
ETag: "6f88fba93170d06c9a7e134ce80fab66f7356352"
Last-Modified: Fri, 24 Feb 2023 06:40:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2720
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8c808de0b31-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d5a81909f9ba52a4b5b4beca7189f10a
216a773aef7239d68c979f6c24013a31f085c779
79799853ac50d2c9e10b8cfab4a57150b087403209006e166af67164c2630de6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 07:58:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

castanedadzr.ru/style.css

173.254.28.213

200 OK

549 B

URL HTTP/2
castanedadzr.ru/style.css
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
549 B (549 bytes)
Hash
da5b217082a70b000ea3d33e06b8f5e0
89daef1a8dccbe84dab50e0a7d25195bff91659f
70d89890ba761e0c6868c5ba67ae91ca9c63d45fed87a87807d454dc53e1a150

HTTP Headers

GET /style.css HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 07 Feb 2023 15:38:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 549
content-type: text/css
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2

castanedadzr.ru/images/head1.gif

173.254.28.213

200 OK

1.1 kB

URL HTTP/2
castanedadzr.ru/images/head1.gif
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 253 x 25\012- data
Size
1.1 kB (1061 bytes)
Hash
23768c10bc892072fd7b0c9bbe6df927
1c007792319e0f998a430812cdce7a9289d971b9
b9052135c9c757a118013820e1b37c4830f31aa8c0a36ad53437ea9051be59af

HTTP Headers

GET /images/head1.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:10 GMT
accept-ranges: bytes
content-length: 1061
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2

castanedadzr.ru/images/head3.gif

173.254.28.213

200 OK

1.4 kB

URL HTTP/2
castanedadzr.ru/images/head3.gif
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 87a, 316 x 26\012- data
Size
1.4 kB (1448 bytes)
Hash
2f4966ca48b3bc862b05b67c523c948e
1a0ba66cd436bcdb055dede2f56102448a74836b
b131df64b2c81cd8249185312cd5e19d106954556778d9b6a93b6eadbe77ba77

HTTP Headers

GET /images/head3.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:13 GMT
accept-ranges: bytes
content-length: 1448
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2

castanedadzr.ru/images/hh.gif

173.254.28.213

200 OK

96 B

URL HTTP/2
castanedadzr.ru/images/hh.gif
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 160 x 10\012- data
Size
96 B (96 bytes)
Hash
c8bea683d6ea195a4339ce7817ded873
08c60379d8d3bb350157bbdde225788084ad6ea5
27320ff4f88bc5c8dd54363aa818ac19583454a8dc9e63d56710f3b892a73966

HTTP Headers

GET /images/hh.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:15 GMT
accept-ranges: bytes
content-length: 96
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2

castanedadzr.ru/images/flow.gif

173.254.28.213

200 OK

7.4 kB

URL HTTP/2
castanedadzr.ru/images/flow.gif
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 87a, 110 x 75\012- data
Size
7.4 kB (7434 bytes)
Hash
e9b992634032614bb51dd62eccbfe59d
c13d5b91100f637bc078379fc30817a2d673672a
b63e2d9a09ebeac2b71ab9d48b6fc190b5bc18b349bad650811ee368536e8c91

HTTP Headers

GET /images/flow.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:09:55 GMT
accept-ranges: bytes
content-length: 7434
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2

castanedadzr.ru/images/hv.gif

173.254.28.213

200 OK

97 B

URL HTTP/2
castanedadzr.ru/images/hv.gif
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 160 x 10\012- data
Size
97 B (97 bytes)
Hash
e9c2d0273256f50848da6e47adfc58af
ebe7d341b643a24542cdbec2fb7741010e132a3b
cb507f394ccdb07b0b299b862b69422713f6ce87354abcd72b39974a2eb877d9

HTTP Headers

GET /images/hv.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:24 GMT
accept-ranges: bytes
content-length: 97
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2

castanedadzr.ru/images/rss.jpg

173.254.28.213

200 OK

1.5 kB

URL HTTP/2
castanedadzr.ru/images/rss.jpg
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x15, components 3\012- data
Size
1.5 kB (1466 bytes)
Hash
a51556b563715f89898a5dad7c095619
6c83b437b73a26aa00f7ce4768c52f9f4097f6a6
b31cc4b6f646e80b3b8cc96ed7bf696e1e389e8e444e6491c21ad075f924aee2

HTTP Headers

GET /images/rss.jpg HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:11:02 GMT
accept-ranges: bytes
content-length: 1466
content-type: image/jpeg
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2

castanedadzr.ru/images/1.gif

173.254.28.213

200 OK

45 B

URL HTTP/2
castanedadzr.ru/images/1.gif
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 8 x 8\012- data
Size
45 B (45 bytes)
Hash
cad9f902bf2897bb96a5789b0ac59473
b2d90250b3bd313c33c857d38ad46c246d93194a
a5ea039ab3d0ea04fd7029c2fb3b296b657366da23e57c0516c7c46764f8e541

HTTP Headers

GET /images/1.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:08:38 GMT
accept-ranges: bytes
content-length: 45
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2

castanedadzr.ru/images/5.gif

173.254.28.213

200 OK

42 B

URL HTTP/2
castanedadzr.ru/images/5.gif
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 8 x 8\012- data
Size
42 B (42 bytes)
Hash
5c1d0d0778aa39ff7556077cb6b6a4ae
7e4817d48ee305ec7d788562ece07eef5dc92ef6
06118628cca19278350e71a71d8a1851b30b6ea6ed16b463a2ab4e8c3ad46e1b

HTTP Headers

GET /images/5.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:08:43 GMT
accept-ranges: bytes
content-length: 42
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2

vk.com/js/api/openapi.js?144

87.240.132.78

200 OK

23 kB

URL HTTP/2
vk.com/js/api/openapi.js?144
IP
87.240.132.78:0
ASN
#47541 VKontakte Ltd

File type
ASCII text, with very long lines (3849)
Size
23 kB (23318 bytes)
Hash
6b56e2aa629cc5f334bba9e200af3bfe
1e99707868f45c499400d95e75348c3d7b7686f5
7cb4aa1277e9f29f5c6d21c642b7c08cfce199332e30395c20995847a0db3fab

HTTP Headers

GET /js/api/openapi.js?144 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:58:59 GMT
content-type: application/x-javascript
content-length: 23318
last-modified: Fri, 02 Dec 2022 07:14:40 GMT
etag: "6389a5e0-5b16"
content-encoding: br
expires: Tue, 28 Feb 2023 07:58:59 GMT
cache-control: max-age=345600
x-frontend: front226205
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2

odnaknopka.ru/images/button.gif

142.132.202.70

200 OK

1.9 kB

URL HTTP/1.1
odnaknopka.ru/images/button.gif
IP
142.132.202.70:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 136 x 16\012- data
Size
1.9 kB (1917 bytes)
Hash
7c26228c2703b09b346be28945a11655
80eea7a2cef823422d70a31e33c1d3f929be1b49
e94098e036c119ec9b75300044c0c17f4d7c33c149a3588abdff073bb1ea6e71

HTTP Headers

GET /images/button.gif HTTP/1.1
Host: odnaknopka.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 24 Feb 2023 07:58:59 GMT
Content-Type: image/gif
Content-Length: 1917
Last-Modified: Sun, 11 Nov 2012 19:29:26 GMT
Connection: keep-alive
ETag: "509ffc96-77d"
Accept-Ranges: bytes

castanedadzr.ru/images/3.gif

173.254.28.213

200 OK

45 B

URL HTTP/2
castanedadzr.ru/images/3.gif
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 8 x 8\012- data
Size
45 B (45 bytes)
Hash
d2cb6e9b74acd90c9a1ae7dc23030d55
53815aa12cfbba4e291edc2d3387456dffbdd10b
cb357b8a37b08a9333507fc894fb26849b24040c4f62ab4bfa2ae3e5b4d831fd

HTTP Headers

GET /images/3.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:08:40 GMT
accept-ranges: bytes
content-length: 45
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2

castanedadzr.ru/images/6.gif

173.254.28.213

200 OK

42 B

URL HTTP/2
castanedadzr.ru/images/6.gif
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 8 x 8\012- data
Size
42 B (42 bytes)
Hash
9e3cb00f316dbb36cebc1c235de14649
c6c0c23d8894bf4a90ca44e9efc2ec24b2479de5
c2a113058c168c8ec3f22f188c8fcde0b44113fb6c89eb6aa6237bb1e23690e9

HTTP Headers

GET /images/6.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:08:45 GMT
accept-ranges: bytes
content-length: 42
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2

castanedadzr.ru/images/4.gif

173.254.28.213

200 OK

45 B

URL HTTP/2
castanedadzr.ru/images/4.gif
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 8 x 8\012- data
Size
45 B (45 bytes)
Hash
a4a228fb445b1ec2cdf49cd3745430e1
851a42e4bb9e82eb4ed180a062573bd703784cdd
2173d6ce3cf54539e064ace82a8584abb5ed21a8b4532562430c7776a413b27e

HTTP Headers

GET /images/4.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:08:42 GMT
accept-ranges: bytes
content-length: 45
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2

castanedadzr.ru/images/hh2.gif

173.254.28.213

200 OK

97 B

URL HTTP/2
castanedadzr.ru/images/hh2.gif
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 160 x 10\012- data
Size
97 B (97 bytes)
Hash
1eb970db99477a5433bb60013b7a291f
92220184b8a788387a80fc03757ebd6063b47a79
1f5e175eb94df69c17cc993bce2acb3d33cb6d85e72a0974f0083133dbc7e869

HTTP Headers

GET /images/hh2.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:16 GMT
accept-ranges: bytes
content-length: 97
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2

castanedadzr.ru/images/2.gif

173.254.28.213

200 OK

45 B

URL HTTP/2
castanedadzr.ru/images/2.gif
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 8 x 8\012- data
Size
45 B (45 bytes)
Hash
12902cacbf37c924c28d01021e660452
a9bf4f8172dd6bc28d1ada037e2028be2cdec405
6247c9eae5d944df1b60f9e9ce014cb91c93b16eec74298e20e1598549ab37ef

HTTP Headers

GET /images/2.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:08:37 GMT
accept-ranges: bytes
content-length: 45
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2

castanedadzr.ru/images/hv2.gif

173.254.28.213

200 OK

97 B

URL HTTP/2
castanedadzr.ru/images/hv2.gif
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 160 x 10\012- data
Size
97 B (97 bytes)
Hash
afd87e6da64bc25f14ae37667c4dc83b
2dc38830834084e6ff17f6d76c48042d1e7d4bbf
94e634286bcf1f20935108914e5edc1ebc9e924a190794fd5c83a1bce5c05ed5

HTTP Headers

GET /images/hv2.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:26 GMT
accept-ranges: bytes
content-length: 97
content-type: image/gif
date: Fri, 24 Feb 2023 07:58:59 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e7c8cd63a4692ed854db21d0b1ae8ada
1c4d151e2141840197dc0f688cfb3f098baf214f
5cae7615b4c426d62729addfd93b313373285637a5feec4c700209fe0e75a9c8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2125
Cache-Control: max-age=166786
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 07:59:00 GMT
Etag: "63f84e79-1d7"
Expires: Sun, 26 Feb 2023 06:18:46 GMT
Last-Modified: Fri, 24 Feb 2023 05:43:21 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

yastatic.net/share/static/b-share-form-button.png

178.154.131.216

200 OK

1.1 kB

URL HTTP/2
yastatic.net/share/static/b-share-form-button.png
IP
178.154.131.216:0
ASN
#13238 YANDEX LLC

File type
PNG image data, 6 x 159, 8-bit colormap, non-interlaced\012- data
Size
1.1 kB (1057 bytes)
Hash
c100391be309efda6e7e7b3f2cbfa511
3d230df5b3e0066a9efe83b8a2120d3bcc9ab48e
0fabebfd33907918ef76b3063b0139f31b3d08fc80f783cae1beb16a80b35efa

HTTP Headers

GET /share/static/b-share-form-button.png HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/png
content-length: 1057
access-control-allow-origin: *
cache-control: public, max-age=216009
etag: "c100391be309efda6e7e7b3f2cbfa511"
expires: Sun, 26 Feb 2023 19:55:27 GMT
last-modified: Wed, 24 Oct 2018 16:00:42 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: abb1cbeea0b317ae
accept-ranges: bytes
X-Firefox-Spdy: h2

yastatic.net/share/static/b-share-form-button_share__icon.png

178.154.131.216

200 OK

531 B

URL HTTP/2
yastatic.net/share/static/b-share-form-button_share__icon.png
IP
178.154.131.216:0
ASN
#13238 YANDEX LLC

File type
PNG image data, 20 x 17, 8-bit/color RGBA, non-interlaced\012- data
Size
531 B (531 bytes)
Hash
72e573a824d005d4393c17ae435fa25b
32ab48d79eb74d787dfd2c98bdfe873b4e085712
a099d68e34e33bb313e2b6defc561beefd64db26ffe61d91619d11d877231dde

HTTP Headers

GET /share/static/b-share-form-button_share__icon.png HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/png
content-length: 531
access-control-allow-origin: *
cache-control: public, max-age=216009
etag: "72e573a824d005d4393c17ae435fa25b"
expires: Sun, 26 Feb 2023 19:56:29 GMT
last-modified: Wed, 24 Oct 2018 16:00:42 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: aee57a505de1a733
accept-ranges: bytes
X-Firefox-Spdy: h2

yastatic.net/share/static/b-share-icon.png

178.154.131.216

200 OK

4.6 kB

URL HTTP/2
yastatic.net/share/static/b-share-icon.png
IP
178.154.131.216:0
ASN
#13238 YANDEX LLC

File type
PNG image data, 16 x 493, 8-bit colormap, non-interlaced\012- data
Size
4.6 kB (4637 bytes)
Hash
24bc3d4a0d287d95c0fb2ec150c1776e
53b50aca31779f1d2082384c113cb8bd12392dca
4518d4c73cc79f597d32c09c25b38ef44da466f502c31e2023d1005f2f899713

HTTP Headers

GET /share/static/b-share-icon.png HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/png
content-length: 4637
access-control-allow-origin: *
cache-control: public, max-age=216009
etag: "24bc3d4a0d287d95c0fb2ec150c1776e"
expires: Sun, 26 Feb 2023 19:57:36 GMT
last-modified: Wed, 24 Oct 2018 16:00:42 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 10ef427eae430e4a
accept-ranges: bytes
X-Firefox-Spdy: h2

yastatic.net/share/static/b-share-popup_down__tail.png

178.154.131.216

200 OK

305 B

URL HTTP/2
yastatic.net/share/static/b-share-popup_down__tail.png
IP
178.154.131.216:0
ASN
#13238 YANDEX LLC

File type
PNG image data, 21 x 10, 8-bit colormap, non-interlaced\012- data
Size
305 B (305 bytes)
Hash
aa51277c3fccebc88a582e9c81e1424e
03d854b65d4452908a7983a032069b90cbf326b1
23aca3eb9d500bc7291222cb8b42c2b4587c14e93e2d677aeaf6ffd7a97d8036

HTTP Headers

GET /share/static/b-share-popup_down__tail.png HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/png
content-length: 305
access-control-allow-origin: *
cache-control: public, max-age=216009
etag: "aa51277c3fccebc88a582e9c81e1424e"
expires: Sun, 26 Feb 2023 19:58:18 GMT
last-modified: Wed, 24 Oct 2018 16:00:42 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 5b4749e9377e9f87
accept-ranges: bytes
X-Firefox-Spdy: h2

www.facebook.com/plugins/like.php?app_id=181319321921423&href=http%3A%2F%2Fwww.castanedadzr.ru%2F&send=false&layout=button_count&width=152&show_faces=true&action=like&colorscheme=light&font&height=21

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/plugins/like.php?app_id=181319321921423&href=http%3A%2F%2Fwww.castanedadzr.ru%2F&send=false&layout=button_count&width=152&show_faces=true&action=like&colorscheme=light&font&height=21
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /plugins/like.php?app_id=181319321921423&href=http%3A%2F%2Fwww.castanedadzr.ru%2F&send=false&layout=button_count&width=152&show_faces=true&action=like&colorscheme=light&font&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: TfE+DptPM9FzNuLn/OqbBsurpzdZZujSuzaNxIjg30tqKCZaj27BL3/0QGpDyA0G1Ldo90hevcsTYbubPGU2xw==
content-length: 0
date: Fri, 24 Feb 2023 07:59:00 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

castanedadzr.ru/images/head2.gif

173.254.28.213

200 OK

2.0 kB

URL HTTP/2
castanedadzr.ru/images/head2.gif
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 87a, 515 x 14\012- data
Size
2.0 kB (2045 bytes)
Hash
0ca30830a9620b989c8424acc8ade3a8
0b9e38fed6a89660ec128620f58b5765f2613cf2
fc9f71924386ddde1990802057848118e6c837f7914def107074d5ddae07d5b4

HTTP Headers

GET /images/head2.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:11 GMT
accept-ranges: bytes
content-length: 2045
content-type: image/gif
date: Fri, 24 Feb 2023 07:59:00 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b928a6afc798633bc66c84dffd16be09
11beddf4de4460749dc9926b45d10f3d5868cb7a
bb2904cdee979778886ff82489447d6a9eb88b8947fdcfa7e973f0ef5fea7dc5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB2904CDEE979778886FF82489447D6A9EB88B8947FDCFA7E973F0EF5FEA7DC5"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8908
Expires: Fri, 24 Feb 2023 10:27:28 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive

castanedadzr.ru/images/hor.gif

173.254.28.213

200 OK

45 B

URL HTTP/2
castanedadzr.ru/images/hor.gif
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 8 x 8\012- data
Size
45 B (45 bytes)
Hash
7083d5d65c79787f3237de4890ae9179
636a18e87c53b4d2e44f17cb8a5673a19520283f
611847b9e313a5c0f8398d96b297970254693b1b4ccb21e8060ef800dd61cf23

HTTP Headers

GET /images/hor.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:20 GMT
accept-ranges: bytes
content-length: 45
content-type: image/gif
date: Fri, 24 Feb 2023 07:59:00 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e7c8cd63a4692ed854db21d0b1ae8ada
1c4d151e2141840197dc0f688cfb3f098baf214f
5cae7615b4c426d62729addfd93b313373285637a5feec4c700209fe0e75a9c8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2125
Cache-Control: max-age=166786
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 07:59:00 GMT
Etag: "63f84e79-1d7"
Expires: Sun, 26 Feb 2023 06:18:46 GMT
Last-Modified: Fri, 24 Feb 2023 05:43:21 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

www.acint.net/aci.js

157.90.179.28

200 OK

7.8 kB

URL HTTP/2
www.acint.net/aci.js
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (1649)
Size
7.8 kB (7784 bytes)
Hash
777eef0db9280e74fe8d3e0e9561da9c
f8316623410b9735dd07b6e12a2f29352c0aa4cd
985dc8f4eb0a0b4629fa8e6d86f741ee8d22b7a0a1f64be2e9e9f2c96c9cf772

HTTP Headers

GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: application/x-javascript
content-length: 7784
last-modified: Thu, 02 Feb 2023 13:55:24 GMT
etag: "63dbc0cc-1e68"
content-encoding: gzip
expires: Fri, 24 Feb 2023 19:59:00 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2

castanedadzr.ru/images/bg.gif

173.254.28.213

200 OK

3.6 kB

URL HTTP/2
castanedadzr.ru/images/bg.gif
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 590 x 330\012- data
Size
3.6 kB (3644 bytes)
Hash
c82e1b2c7448ded46f2e6883692cfd23
b94de0057997b397a9bbb92a6aa7d5435d78bab6
c93eafce735c401bd19c607bd958a7d75fe1bd3cb7c6e9821fcdd74340e01669

HTTP Headers

GET /images/bg.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:09:17 GMT
accept-ranges: bytes
content-length: 3644
content-type: image/gif
date: Fri, 24 Feb 2023 07:59:00 GMT
server: Apache
X-Firefox-Spdy: h2

castanedadzr.ru/images/hor2.gif

173.254.28.213

200 OK

45 B

URL HTTP/2
castanedadzr.ru/images/hor2.gif
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 8 x 8\012- data
Size
45 B (45 bytes)
Hash
1e2f0b1d987b0c00795fbf49dbcebc9e
dd617d4035a87c35665826920d29f0e65ec03b11
dc7f0ca8a3df24f96faa4dc1fffee996ef190cc61513bbdb88673b5f4d360db3

HTTP Headers

GET /images/hor2.gif HTTP/1.1
Host: castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:22 GMT
accept-ranges: bytes
content-length: 45
content-type: image/gif
date: Fri, 24 Feb 2023 07:59:00 GMT
server: Apache
X-Firefox-Spdy: h2

www.acint.net/hit/?v=0.5.1&uid=607fb50c-1910-4e3f-9ea3-ad87ee47c80a&dp=10&tz=%2B00%3A00&nc=53429974&u=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&r=&rs=1280x1024&t=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&oE=1&oP=1&dT=2023-02-24T07%3A59%3A35.387&fu=dd4f365b-51cb-45d9-95c7-9c50120d3dd7

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/hit/?v=0.5.1&uid=607fb50c-1910-4e3f-9ea3-ad87ee47c80a&dp=10&tz=%2B00%3A00&nc=53429974&u=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&r=&rs=1280x1024&t=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&oE=1&oP=1&dT=2023-02-24T07%3A59%3A35.387&fu=dd4f365b-51cb-45d9-95c7-9c50120d3dd7
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hit/?v=0.5.1&uid=607fb50c-1910-4e3f-9ea3-ad87ee47c80a&dp=10&tz=%2B00%3A00&nc=53429974&u=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&r=&rs=1280x1024&t=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&oE=1&oP=1&dT=2023-02-24T07%3A59%3A35.387&fu=dd4f365b-51cb-45d9-95c7-9c50120d3dd7 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

www.acint.net/mc/?dp=10

157.90.179.28

302 Found

154 B

URL HTTP/2
www.acint.net/mc/?dp=10
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Fri, 24-Feb-23 08:09:00 GMT
aid=LgR5GmP4bkQ7wQQ8bcg5AqB343s0P8JyKi7dlu6u4ePAygiI; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

vk.com/widget_like.php?app=5990588&width=100%25&_ver=1&page=0&url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&type=mini&verb=0&color=&title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...&description=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&image=&text=&h=22&startWidth=152&referrer=&186826f432c

87.240.132.78

200 OK

4.7 kB

URL HTTP/2
vk.com/widget_like.php?app=5990588&width=100%25&_ver=1&page=0&url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&type=mini&verb=0&color=&title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...&description=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&image=&text=&h=22&startWidth=152&referrer=&186826f432c
IP
87.240.132.78:0
ASN
#47541 VKontakte Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with very long lines (5611)
Size
4.7 kB (4734 bytes)
Hash
cb252a89d4aecfcb381e3b050468229d
9f0336055b5b767e4abd2d35354292c3e63e6d04
68114dc0658b98c8d5ef6a64ee566573ee543a063e3c8e8931efef11bd4a5074

HTTP Headers

GET /widget_like.php?app=5990588&width=100%25&_ver=1&page=0&url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&type=mini&verb=0&color=&title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...&description=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&image=&text=&h=22&startWidth=152&referrer=&186826f432c HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/html; charset=windows-1251
content-length: 4734
x-powered-by: KPHP/7.4.113370
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly
remixlang=3; expires=Sat, 24 Feb 2024 08:01:02 GMT; path=/; domain=.vk.com
remixstlid=9086387497535864350_RGCiGWm27z2BQqVKHRcb0nzmjHNzMBWXzgR9zVLSHuD; expires=Sat, 24 Feb 2024 07:59:00 GMT; path=/; domain=.vk.com; secure
remixstid=854141636_oNuPvxroZEzzNwg2q9BSAR8hGzqHKzczqtkJkn7KXIX; expires=Tue, 20 Feb 2024 20:50:05 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-security-policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline'
x-xss-protection: 1; report=/xss_reports
content-encoding: gzip
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2

www.castanedadzr.ru/images/mail.gif

173.254.28.213

200 OK

182 B

URL HTTP/2
www.castanedadzr.ru/images/mail.gif
IP
173.254.28.213:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 108 x 11\012- data
Size
182 B (182 bytes)
Hash
95a6f49324a87c3617d4550e76795bd5
08ede7ada5e2ffc4c005409c38b1b63211c72f16
aae3b683e575f4ae38017de859bcbcf5a545ee50a01d60aae780703ff7838dd3

HTTP Headers

GET /images/mail.gif HTTP/1.1
Host: www.castanedadzr.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
x-frame-options: SAMEORIGIN
last-modified: Tue, 03 Aug 2021 10:10:47 GMT
accept-ranges: bytes
content-length: 182
content-type: image/gif
date: Fri, 24 Feb 2023 07:59:00 GMT
server: Apache
X-Firefox-Spdy: h2

vk.com/js/al/lite.js?107

87.240.132.78

200 OK

62 kB

URL HTTP/2
vk.com/js/al/lite.js?107
IP
87.240.132.78:0
ASN
#47541 VKontakte Ltd

File type
ISO-8859 text, with very long lines (2839)
Size
62 kB (61948 bytes)
Hash
091388f13ac2a18d7ecee39a2a9e9785
83412ca1e6b6b29231b9722b5f4a619f8befc52c
83e34d3b9efd7f0981f9ada9cbbd6e052460bb3e8f465319b2d59d0cbc8318de

HTTP Headers

GET /js/al/lite.js?107 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/widget_like.php?app=5990588&width=100%25&_ver=1&page=0&url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&type=mini&verb=0&color=&title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...&description=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&image=&text=&h=22&startWidth=152&referrer=&186826f432c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: application/x-javascript
content-length: 61948
last-modified: Fri, 17 Feb 2023 11:25:03 GMT
etag: "63ef640f-f1fc"
content-encoding: br
expires: Tue, 28 Feb 2023 07:59:00 GMT
cache-control: max-age=345600
x-frontend: front226205
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2

vk.com/images/upload.gif

87.240.132.78

200 OK

230 B

URL HTTP/2
vk.com/images/upload.gif
IP
87.240.132.78:0
ASN
#47541 VKontakte Ltd

File type
GIF image data, version 89a, 32 x 8\012- data
Size
230 B (230 bytes)
Hash
59cd625f8c2ce03663123d59416378a1
b8d103133aadcdbe532e5642ddce9159b7385e4e
0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202

HTTP Headers

GET /images/upload.gif HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 230
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
etag: "5f6a5ec8-e6"
expires: Fri, 03 Mar 2023 07:59:00 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2

vk.com/js/loader_nav20684873239_3.js

87.240.132.78

200 OK

55 kB

URL HTTP/2
vk.com/js/loader_nav20684873239_3.js
IP
87.240.132.78:0
ASN
#47541 VKontakte Ltd

File type
ASCII text, with very long lines (65536), with no line terminators
Size
55 kB (55267 bytes)
Hash
74192224436f89e85236e654f32c11c8
589800686b9583cf2d83ca9753b06458c81c61f8
381462b2b35ca43353c84d1b8f59c34f4b6dca7cc0ee49c69d01207108c3830e

HTTP Headers

GET /js/loader_nav20684873239_3.js HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/widget_like.php?app=5990588&width=100%25&_ver=1&page=0&url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&type=mini&verb=0&color=&title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...&description=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&image=&text=&h=22&startWidth=152&referrer=&186826f432c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/javascript; charset=windows-1251
content-length: 55267
x-powered-by: KPHP/7.4.113370
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly
remixlang=3; expires=Tue, 27 Feb 2024 06:17:38 GMT; path=/; domain=.vk.com
remixstlid=9081883897908599266_NzV48SeaZnmmCSSz509Iz2FHUPUdjxSxxRoN0TNPqBg; expires=Sat, 24 Feb 2024 07:59:00 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-encoding: gzip
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2

www.acint.net/oci.js?t=1677225575390

157.90.179.28

200 OK

39 kB

URL HTTP/2
www.acint.net/oci.js?t=1677225575390
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
ISO-8859 text, with very long lines (32998)
Size
39 kB (38551 bytes)
Hash
93fda760ec612437c0f5ed958a0b5710
e833c28f80fd2b895695a40fcb6de87ce776a138
d534af853b5adf76ab8c4502d14c4bb1588fb745a86412ea89cbfbf994de1143

HTTP Headers

GET /oci.js?t=1677225575390 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: application/x-javascript
last-modified: Mon, 09 Jan 2023 08:01:26 GMT
etag: W/"63bbc9d6-7dac"
content-encoding: gzip
X-Firefox-Spdy: h2

www.acint.net/mc/?dp=10&tc=1

157.90.179.28

200 OK

5.1 kB

URL HTTP/2
www.acint.net/mc/?dp=10&tc=1
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
5.1 kB (5056 bytes)
Hash
e521d4da529ebdb949c636d7f55a7688
a2d37f175d1a7aa7b102f46f8837f602108c2eac
30bcb623950809e469adee2e88465fff49ef6f01f80f23e7a23487826eb883ad

HTTP Headers

GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://castanedadzr.ru/
Connection: keep-alive
Cookie: aid=LgR5GmP4bkQ7wQQ8bcg5AqB343s0P8JyKi7dlu6u4ePAygiI; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1677225540; expires=Sat, 25-Feb-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53v2=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp98v2=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1677225540; expires=Fri, 10-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v3=1677225540; expires=Sat, 11-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148v1=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp217=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp235=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp241=1677225540; expires=Sun, 26-Mar-23 07:59:00 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2

st.vk.com/css/al/base.1c25eeb7ac42cd36d08a.css

87.240.132.78

200 OK

19 kB

URL HTTP/2
st.vk.com/css/al/base.1c25eeb7ac42cd36d08a.css
IP
87.240.132.78:0
ASN
#47541 VKontakte Ltd

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Size
19 kB (19325 bytes)
Hash
717a3435177db8bf42d60f25242a9f33
a9397dc03def6aed560d1fac67e0002d71c7648f
045487821dc9c0b373259ee9f682f4b7629983ead750a51fed79ca52de8b599b

HTTP Headers

GET /css/al/base.1c25eeb7ac42cd36d08a.css HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/css
content-length: 19325
last-modified: Wed, 08 Feb 2023 11:29:05 GMT
etag: "63e38781-4b7d"
content-encoding: br
expires: Tue, 28 Feb 2023 07:59:00 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2

st.vk.com/css/al/lite.ce9567cd8cf121942abf.css

87.240.132.78

200 OK

36 kB

URL HTTP/2
st.vk.com/css/al/lite.ce9567cd8cf121942abf.css
IP
87.240.132.78:0
ASN
#47541 VKontakte Ltd

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Size
36 kB (36072 bytes)
Hash
57be82da51ac6dd75ebad989c8cfd637
d42f705f20ca8d8227301e913be8d564f92e8442
8107f7b2c4a400b356b2aff5edf62899b6212aab1840e72fd39224039ea67680

HTTP Headers

GET /css/al/lite.ce9567cd8cf121942abf.css HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/css
content-length: 36072
last-modified: Wed, 22 Feb 2023 15:59:24 GMT
etag: "63f63bdc-8ce8"
content-encoding: br
expires: Tue, 28 Feb 2023 07:59:00 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2

st.vk.com/js/api/xdm.js?9

87.240.132.78

200 OK

2.8 kB

URL HTTP/2
st.vk.com/js/api/xdm.js?9
IP
87.240.132.78:0
ASN
#47541 VKontakte Ltd

File type
ASCII text
Size
2.8 kB (2846 bytes)
Hash
3621f21a6215d1660754d2a2d1947af5
6480e04e1e4a82bf63c1322fe17dbff2037f3e06
3ffe8143f00123797a9a41d9444fce19a8935e6f34378293cb22b8b0705df6ea

HTTP Headers

GET /js/api/xdm.js?9 HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: application/x-javascript
content-length: 2846
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
etag: "5f6a5ec8-b1e"
content-encoding: br
expires: Tue, 28 Feb 2023 07:59:00 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2

st.vk.com/css/al/widgets.77db677e9e50b46b19d2.css

87.240.132.78

200 OK

3.7 kB

URL HTTP/2
st.vk.com/css/al/widgets.77db677e9e50b46b19d2.css
IP
87.240.132.78:0
ASN
#47541 VKontakte Ltd

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (23489)
Size
3.7 kB (3690 bytes)
Hash
86ea0be9462d4ccadc6f0f6e9ec0e479
34348acf83ab9349ca71d14cc4eea4bb248aca67
de33f18a6aa2960e125ea026f00b22f30dc6e5995e1930e4c555b99c635a03c7

HTTP Headers

GET /css/al/widgets.77db677e9e50b46b19d2.css HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/css
content-length: 3690
last-modified: Wed, 01 Feb 2023 14:41:30 GMT
etag: "63da7a1a-e6a"
content-encoding: br
expires: Tue, 28 Feb 2023 07:59:00 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
ad369f4b4913b7211a6df1386c2d9bc6
a2265e298f3be6c1ba68e45bda49746ca054e49a
d1ee2b5c8464f8918b33b2ec9178141817e1438638f48c1c2e95fa230c90bccd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3862
Cache-Control: max-age=117750
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 07:59:00 GMT
Etag: "63f78824-118"
Expires: Sat, 25 Feb 2023 16:41:30 GMT
Last-Modified: Thu, 23 Feb 2023 15:37:08 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5c1edb96e86c66da77ade47db26dbce6
a620ee22693daa0949e1622d0b9fd8f11cd34a29
b004064c665204969f06c49e091d78b9b1bc77079585994039719c1d8e5d525a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B004064C665204969F06C49E091D78B9B1BC77079585994039719C1D8E5D525A"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15325
Expires: Fri, 24 Feb 2023 12:14:25 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive

ocsp.globalsign.com/gseccovsslca2018

104.18.20.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
4ffa5c9ca0fddd5e61cc44dcee7cf8e3
cc4b0acbddf828e5dd7f4fd8a036350d641f7138
10a58879835888ee23e280f9ac2146bb92e0474cfb6ce614e0c3ca7e246f9937

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 28 Feb 2023 06:12:09 GMT
ETag: "cc4b0acbddf828e5dd7f4fd8a036350d641f7138"
Last-Modified: Fri, 24 Feb 2023 06:12:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2276
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8cc3e0f0b59-OSL

dm-eu.hybrid.ai/match?id=106&vid=1A79042E446EF8633C04C13B0239C86D

37.18.103.21

204 No Content

0 B

URL HTTP/2
dm-eu.hybrid.ai/match?id=106&vid=1A79042E446EF8633C04C13B0239C86D
IP
37.18.103.21:0
ASN
#205675 Hybrid LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?id=106&vid=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 24 Feb 2023 07:59:00 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=bd0ccc194455b638584a; Expires=Sat, 24 Feb 2024 07:59:00 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 529
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.acint.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
75fdc803ccd1b6fba9f922d78c7aaa12
9750ec626e80adb01a30d0b1089d6a5e36bd7169
8ba9eca74df6e4c6c21c4f3a30e5b59d1498a6231b9555c489a0505909175ff6

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 28 Feb 2023 06:10:14 GMT
ETag: "9750ec626e80adb01a30d0b1089d6a5e36bd7169"
Last-Modified: Fri, 24 Feb 2023 06:10:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1422
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8cc6c410b31-OSL

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
74f3ebde2baa1968054f340aecb8eb3b
b916dd3603cf8244526cac7ce0a9136e39cfcdf8
7e55249ba4b3ff49fc9d3dfa6f68c6eca9a5361e79981ef374cda070cc8c5d71

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E55249BA4B3FF49FC9D3DFA6F68C6ECA9A5361E79981EF374CDA070CC8C5D71"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10297
Expires: Fri, 24 Feb 2023 10:50:37 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive

ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D

193.3.184.201

302 Moved Temporarily

142 B

URL HTTP/1.1
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP
193.3.184.201:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=1C03420A446EF8632F00EB000297565F
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDHGP4bkQA6wAvX1aXAoETS+zoid1mlRWKx/lamAVikcOa; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
926544de2d324aa10f42107101a90b75
995de948698eee83546376fe1dc3ace97c644e71
63b27327b3342fc833817cae9c6319abdae34117ac26f6fe9334289eb2383716

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63B27327B3342FC833817CAE9C6319ABDAE34117AC26F6FE9334289EB2383716"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15396
Expires: Fri, 24 Feb 2023 12:15:36 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive

sync.dmp.otm-r.com/match/sape?id=1A79042E446EF8633C04C13B0239C86D

138.201.65.74

204 No Content

0 B

URL HTTP/2
sync.dmp.otm-r.com/match/sape?id=1A79042E446EF8633C04C13B0239C86D
IP
138.201.65.74:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/sape?id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx/1.17.4
date: Fri, 24 Feb 2023 07:59:00 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

acint.net/match?dp=110&euid=a42d8671dcdd445fa60b71800a944bfc

157.90.179.28

200 OK

43 B

URL HTTP/2
acint.net/match?dp=110&euid=a42d8671dcdd445fa60b71800a944bfc
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=110&euid=a42d8671dcdd445fa60b71800a944bfc HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
59ef82531c67e155b8aced1421d96c52
810c9e47076c8ece1b83b3463e5b9abbfe2877b6
fd7b28816db14dc45ff07acb9ce51ec964d47d3ab6d6ebcdead5376d181d31c1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD7B28816DB14DC45FF07ACB9CE51EC964D47D3AB6D6EBCDEAD5376D181D31C1"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11907
Expires: Fri, 24 Feb 2023 11:17:27 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive

a.utraff.com/sync?ssp=Sape

172.67.217.151

204 No Content

0 B

URL HTTP/2
a.utraff.com/sync?ssp=Sape
IP
172.67.217.151:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync?ssp=Sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Sun, 26 Mar 2023 10:59:00 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Sun, 26 Mar 2023 10:59:00 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcNLTQ7tdpdOuu6Z73gy9cu%2F0NGIJTkiVK%2FKuP5MfK1b%2Fpgj0Rzfim7gOKJNhEt69GBbqXmcJI%2FEG%2F75Fu7aNDnjh6v2Pvkf1Wd3qwCXt5N513sKOKoj%2BI11eH9DeeI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79e6a8cc3ba31c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
201c51b176ba24fcf99330150367a382
d4de8a37cf102c4c931b5ea21c0f606f6b9e2a67
d6f1c581e2e5dc2f457afc21bebe9fde47c9023a88d69ff2ad6edfd6c74fbc56

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6F1C581E2E5DC2F457AFC21BEBE9FDE47C9023A88D69FF2AD6EDFD6C74FBC56"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6636
Expires: Fri, 24 Feb 2023 09:49:36 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive

s.uuidksinc.net/match/396/?remote_uid=1A79042E446EF8633C04C13B0239C86D

31.220.27.155

302 Found

0 B

URL HTTP/2
s.uuidksinc.net/match/396/?remote_uid=1A79042E446EF8633C04C13B0239C86D
IP
31.220.27.155:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/396/?remote_uid=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.19.0
date: Fri, 24 Feb 2023 07:59:00 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=645N5dDMZgbcrxGoeziW
set-cookie: jcsuuid=645N5dDMZgbcrxGoeziW; expires=Sat, 24 Feb 2024 07:59:00 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
60a4c12c1474e363b8e52ebe6a4cbcb6
2e07ff761c61c2bb405e56183c52c99bc95cc479
b706205770e7c84a9e48592493c27721b6c7862e19763cfff862b7cad11acb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B706205770E7C84A9E48592493C27721B6C7862E19763CFFF862B7CAD11ACB38"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3845
Expires: Fri, 24 Feb 2023 09:03:05 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive

ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D

185.147.80.35

302 Found

74 B

URL HTTP/1.1
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP
185.147.80.35:0
ASN
#41722 Miran Ltd.

File type
HTML document, ASCII text
Size
74 B (74 bytes)
Hash
d0c1d949e2d22f8249a419f4c9892c63
8c9ad94c817bace58f6cd9e7fbe8c6affc9974ff
6c553a9cfdb6f624480e9aff3a77139685a7e21338a5d50021613446a77ed55e

HTTP Headers

GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 74
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=XINGNXHZ
Set-Cookie: uid=XINGNXHZ; Expires=Mon, 21 Feb 2033 07:59:00 GMT

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
3ca8fd1ef685f85da53880efdb66162a
5ae612b4f8501762d8cb0bcf50827520b56c6adc
f3fc0f4c5c5d044e7aa5ea022977ef4b0c9b805aa6b656ca70c823a00bde21c8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 21 Feb 2023 23:10:58 GMT
Expires: Tue, 28 Feb 2023 23:10:57 GMT
Etag: "5ae612b4f8501762d8cb0bcf50827520b56c6adc"
Cache-Control: max-age=399716,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79e6a8ccdca2b50b-OSL

mc.yandex.ru/metrika/watch.js

87.250.251.119

200 OK

58 kB

URL HTTP/2
mc.yandex.ru/metrika/watch.js
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (551)
Size
58 kB (58157 bytes)
Hash
eac3e9e31b3d1530dd82d2f86b857826
909344515aa194c50eb90bc0f80e7440c0bfbac9
9e651ecbfe861c3ef5481f88cafc7de9e646664e91d4b408ee8ee7c7b9b5b230

HTTP Headers

GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 58157
date: Fri, 24 Feb 2023 07:59:00 GMT
access-control-allow-origin: *
etag: "63f47caa-e32d"
expires: Fri, 24 Feb 2023 08:59:00 GMT
last-modified: Tue, 21 Feb 2023 11:11:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

acint.net/match?dp=14&euid=1C03420A446EF8632F00EB000297565F

157.90.179.28

200 OK

43 B

URL HTTP/2
acint.net/match?dp=14&euid=1C03420A446EF8632F00EB000297565F
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=14&euid=1C03420A446EF8632F00EB000297565F HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

st.vk.com/images/icons/like_widget.png

87.240.132.78

200 OK

538 B

URL HTTP/2
st.vk.com/images/icons/like_widget.png
IP
87.240.132.78:0
ASN
#47541 VKontakte Ltd

File type
PNG image data, 19 x 59, 8-bit/color RGBA, non-interlaced\012- data
Size
538 B (538 bytes)
Hash
88db15ca955d5c8410cfcb486c31ce12
a5b91356b3c67898db40b623689b5c87cb3de8ab
3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e

HTTP Headers

GET /images/icons/like_widget.png HTTP/1.1
Host: st.vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.vk.com/css/al/widgets.77db677e9e50b46b19d2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: kittenx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/png
content-length: 538
last-modified: Tue, 22 Sep 2020 20:29:56 GMT
etag: "5f6a5ec4-21a"
expires: Tue, 28 Feb 2023 07:59:00 GMT
cache-control: max-age=345600
x-frontend: front226205
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
accept-ranges: bytes
X-Firefox-Spdy: h2

sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042E446EF8633C04C13B0239C86D

87.242.89.90

200 OK

12 B

URL HTTP/2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042E446EF8633C04C13B0239C86D
IP
87.242.89.90:0
ASN
#25532 LLC masterhost

File type
exported SGML document, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
d8932e1cb3ee147415fbf5591a7217ca
97da5b95fb7f60ecd8d9ed0e5a05d83ad5a9c070
c0327cbcde50f1ab8228334a550b947301123d6f6f7d625707cb6d08a1faec35

HTTP Headers

GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/html
content-length: 12
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
etag: "63d8131e-c"
accept-ranges: bytes
server: elb
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
798645d5419251dfa27886d15a0bc02a
a23fe8628e8178996bf7167cc9d6eb1275c30fbe
c5b7498b5b0864ff3e24b5cba8f9d25327ad32dc8a020942a2c21472eaa3e832

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5B7498B5B0864FF3E24B5CBA8F9D25327AD32DC8A020942A2C21472EAA3E832"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6091
Expires: Fri, 24 Feb 2023 09:40:31 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive

pix.bumlam.com/sync/sape/check?sspuid=1A79042E446EF8633C04C13B0239C86D

31.172.81.172

302 Found

0 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/check?sspuid=1A79042E446EF8633C04C13B0239C86D
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/sape/check?sspuid=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape

www.acint.net/match?dp=127&euid=645N5dDMZgbcrxGoeziW

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=127&euid=645N5dDMZgbcrxGoeziW
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=127&euid=645N5dDMZgbcrxGoeziW HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

nr.bidderstack.com/sape/cm?user_id=1A79042E446EF8633C04C13B0239C86D

23.88.12.13

200 OK

44 B

URL HTTP/1.1
nr.bidderstack.com/sape/cm?user_id=1A79042E446EF8633C04C13B0239C86D
IP
23.88.12.13:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
44 B (44 bytes)
Hash
f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

HTTP Headers

GET /sape/cm?user_id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=b9f3f5f8-57b4-4e67-ad3d-e255a99fd30d; domain=.bidderstack.com; path=/; expires=Sat, 24-Feb-2024 07:59:00 GMT;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

sp.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D

167.235.9.235

302 Found

0 B

URL HTTP/1.1
sp.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D
IP
167.235.9.235:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D HTTP/1.1
Host: sp.ohmy.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Length: 0
Connection: keep-alive
Location: https://www.acint.net/match?dp=217&euid=36a13427-8438-4897-9ae3-e481730c26d2
Set-Cookie: uid=36a13427-8438-4897-9ae3-e481730c26d2.63f86e44.4bbd815b92a66bd3; domain=.ohmy.bid; path=/; expires=Sun, 26-Mar-2023 07:59:00 GMT; SameSite=None; Secure;
Access-Control-Allow-Credentials: true

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6a1844fe76f6dad0c472bfdba62f0889
6b362c871934488c7096ba6f51e7dba6d8b977bc
191e0a8542955a1bdd6f441006678b3f202de90b20492bc093ed41654b01ab2c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E0A8542955A1BDD6F441006678B3F202DE90B20492BC093ED41654B01AB2C"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2557
Expires: Fri, 24 Feb 2023 08:41:37 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b8bd21edc37e28f4b752de9fb8396d0
c4fc667623c44cf7a024612eef18962caddc7b33
d71c4294a4d3366f84b39804e964f6025daf0a840a604ffb06640166a512ada4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D71C4294A4D3366F84B39804E964F6025DAF0A840A604FFB06640166A512ADA4"
Last-Modified: Fri, 24 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5769
Expires: Fri, 24 Feb 2023 09:35:09 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive

sync.gonet-ads.com/match/sape.js?id=1A79042E446EF8633C04C13B0239C86D

188.42.105.220

302 Found

0 B

URL HTTP/2
sync.gonet-ads.com/match/sape.js?id=1A79042E446EF8633C04C13B0239C86D
IP
188.42.105.220:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/sape.js?id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: sync.gonet-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: application/javascript
content-length: 0
location: https://sync.gonet-ads.com/match/sape.js?id=1A79042E446EF8633C04C13B0239C86D&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

www.acint.net/match?dp=95&euid=XINGNXHZ

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=95&euid=XINGNXHZ
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=95&euid=XINGNXHZ HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sync.programmatica.com/match/RTBSape?id=1A79042E446EF8633C04C13B0239C86D

167.235.117.41

302 Found

0 B

URL HTTP/2
sync.programmatica.com/match/RTBSape?id=1A79042E446EF8633C04C13B0239C86D
IP
167.235.117.41:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/RTBSape?id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-length: 0
location: https://sync.programmatica.com/match/RTBSape?id=1A79042E446EF8633C04C13B0239C86D&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

sync.bumlam.com/?src=sap1&s_data=CAIQARjE3OGfBmIgMUE3OTA0MkU0NDZFRjg2MzNDMDRDMTNCMDIzOUM4NkSiARAZFvqgtBkR7aHEACWQyCQ3

31.172.81.172

200 OK

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sap1&s_data=CAIQARjE3OGfBmIgMUE3OTA0MkU0NDZFRjg2MzNDMDRDMTNCMDIzOUM4NkSiARAZFvqgtBkR7aHEACWQyCQ3
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sap1&s_data=CAIQARjE3OGfBmIgMUE3OTA0MkU0NDZFRjg2MzNDMDRDMTNCMDIzOUM4NkSiARAZFvqgtBkR7aHEACWQyCQ3 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQxOTE2ZmFhMC1iNDE5LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQxOTE2ZmFhMC1iNDE5LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Thu, 19 Feb 2043 07:59:00 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6c27dc8b124493de1831a83e287d1428
8cbcc7437171c33d06fa025e4c470226a73eeb28
d5eb3bb3fabe6eceeec57988ff6f99fe2fe03c954b12cf8108088a9be4485c29

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 07:59:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
ad369f4b4913b7211a6df1386c2d9bc6
a2265e298f3be6c1ba68e45bda49746ca054e49a
d1ee2b5c8464f8918b33b2ec9178141817e1438638f48c1c2e95fa230c90bccd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3862
Cache-Control: max-age=117750
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 07:59:00 GMT
Etag: "63f78824-118"
Expires: Sat, 25 Feb 2023 16:41:30 GMT
Last-Modified: Thu, 23 Feb 2023 15:37:08 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280

sync.upravel.com/sape/sync

148.251.129.43

302 Found

0 B

URL HTTP/2
sync.upravel.com/sape/sync
IP
148.251.129.43:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1677225540725;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1677225540725;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9582327660aa2b874f29c59f163e9162
783ff794c7567d1635db620bc87e528a7930649a
868d017283cab3b87b987eebf60e777031ab7578919af5752afd40f1173b9bb4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "868D017283CAB3B87B987EEBF60E777031AB7578919AF5752AFD40F1173B9BB4"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16344
Expires: Fri, 24 Feb 2023 12:31:24 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive

www.acint.net/oci/?v=0.5.1&uid=607fb50c-1910-4e3f-9ea3-ad87ee47c80a&dp=10&tz=%2B00%3A00&nc=84845752&oid=39e8192718f4ed5a678fc273d654392b

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/oci/?v=0.5.1&uid=607fb50c-1910-4e3f-9ea3-ad87ee47c80a&dp=10&tz=%2B00%3A00&nc=84845752&oid=39e8192718f4ed5a678fc273d654392b
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /oci/?v=0.5.1&uid=607fb50c-1910-4e3f-9ea3-ad87ee47c80a&dp=10&tz=%2B00%3A00&nc=84845752&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=129&euid=c3i8aotadf

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=129&euid=c3i8aotadf
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=129&euid=c3i8aotadf HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=217&euid=36a13427-8438-4897-9ae3-e481730c26d2

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=217&euid=36a13427-8438-4897-9ae3-e481730c26d2
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=217&euid=36a13427-8438-4897-9ae3-e481730c26d2 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

cs.agency2.ru/p?ssp=sp&uid=1A79042E446EF8633C04C13B0239C86D

23.111.107.44

301 Moved Permanently

0 B

URL HTTP/1.1
cs.agency2.ru/p?ssp=sp&uid=1A79042E446EF8633C04C13B0239C86D
IP
23.111.107.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sp&uid=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=86248e90-f837-4124-957b-da8f23c950a9
Set-Cookie: uuid=86248e90-f837-4124-957b-da8f23c950a9; expires=Thu, 15 Feb 2024 07:59:00 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44

sync.adspend.space/sape?uid=1A79042E446EF8633C04C13B0239C86D

212.76.129.181

302 Found

149 B

URL HTTP/2
sync.adspend.space/sape?uid=1A79042E446EF8633C04C13B0239C86D
IP
212.76.129.181:0
ASN
#42632 MnogoByte LLC

File type
HTML document, ASCII text
Size
149 B (149 bytes)
Hash
cb34fd89a961054e7fcd79a1cc386f4c
8a897629980521bc70374eff699e04567ecad42d
43da8395ce7b4aebc4546ffb01e4c862c7c5b83227756824cd8a8fcf897f1881

HTTP Headers

GET /sape?uid=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/html; charset=utf-8
content-length: 149
location: https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D7e1ddb1b-2fb7-4410-b492-2b142d40b8cd
set-cookie: as-user=7e1ddb1b-2fb7-4410-b492-2b142d40b8cd; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

match.new-programmatic.com/userbind?src=sape&id=1A79042E446EF8633C04C13B0239C86D

217.65.2.150

204 No Content

0 B

URL HTTP/1.1
match.new-programmatic.com/userbind?src=sape&id=1A79042E446EF8633C04C13B0239C86D
IP
217.65.2.150:0
ASN
#3175 Filanco LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userbind?src=sape&id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

ocsp.globalsign.com/gseccovsslca2018

104.18.20.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
b6da2d9508ae360aa1f7e5466d86edb4
437bf334d6e74802cf72a10919fd4334dfe4f7f6
7ae5b0ef9bf06955ca315dce0f82196dc6e155906cdb92c10b800b2e90f1c0a2

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 28 Feb 2023 05:55:11 GMT
ETag: "437bf334d6e74802cf72a10919fd4334dfe4f7f6"
Last-Modified: Fri, 24 Feb 2023 05:55:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3077
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8cddf490b59-OSL

sync.bumlam.com/?src=sape

31.172.81.172

302 Moved Temporarily

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sape
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQxOTE2ZmFhMC1iNDE5LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQxOTE2ZmFhMC1iNDE5LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Thu, 19 Feb 2043 07:59:00 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=1916faa0-b419-11ed-a1c4-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true

match.qtarget.tech/userbind?src=sape&id=1A79042E446EF8633C04C13B0239C86D

95.163.92.180

204 No Content

0 B

URL HTTP/1.1
match.qtarget.tech/userbind?src=sape&id=1A79042E446EF8633C04C13B0239C86D
IP
95.163.92.180:0
ASN
#12695 LLC Digital Network

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userbind?src=sape&id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: match.qtarget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Fri, 24 Feb 2023 12:56:59 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2249
Expires: Fri, 24 Feb 2023 08:36:29 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive

ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D

5.200.44.122

302 Found

503 B

URL HTTP/2
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP
5.200.44.122:0
ASN
#48096 Enterprise Cloud Ltd.

File type
data
Size
503 B (503 bytes)
Hash
fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b

HTTP Headers

GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=a42d8671dcdd445fa60b71800a944bfc
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=a42d8671dcdd445fa60b71800a944bfc; expires=Fri, 23 Feb 2024 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Fri, 24 Feb 2023 07:58:59 GMT
X-Firefox-Spdy: h2

pix.bumlam.com/sync/sape/sync_ok?guid=1916faa0-b419-11ed-a1c4-002590c82437

31.172.81.172

302 Found

0 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/sync_ok?guid=1916faa0-b419-11ed-a1c4-002590c82437
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/sape/sync_ok?guid=1916faa0-b419-11ed-a1c4-002590c82437 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQxOTE2ZmFhMC1iNDE5LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 24 Feb 2023 07:59:00 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://1916faa0-b419-11ed-a1c4-002590c82437.n5.sync.bumlam.com/?src=sape

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F137aee85-a8db-4c5c-b88f-0857f7ba3677.jpeg

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F137aee85-a8db-4c5c-b88f-0857f7ba3677.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7920 bytes)
Hash
34013daae3d217976ee1f5a9b7f339ba
2f772756bec7dea5018de069d66011fea212ac11
6a3cfb5871a65921559de5db2a58cc2de03f7ff9fa7764e3c63958d721de4639

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F137aee85-a8db-4c5c-b88f-0857f7ba3677.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7920
x-amzn-requestid: 0f05642f-9ffc-4778-8c93-591bc16d04c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9M6E7aoAMFl9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbeb-1701df8b471a945211701133;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DqGbw5IZ5QjTdQqoX0ozFMN8qZM2xc7_NwqDtWqz7BFCqAQJtk_Scg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:34:36 GMT
etag: "2f772756bec7dea5018de069d66011fea212ac11"
content-type: image/jpeg
age: 37464
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fcastanedadzr.ru&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__

142.250.74.45

200 OK

402 B

URL HTTP/2
accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fcastanedadzr.ru&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__
IP
142.250.74.45:0
ASN
#15169 GOOGLE

File type
data
Size
402 B (402 bytes)
Hash
ef24e17522f96c36644a02f67fc20c47
3b750e2ef59730248e542029de81d50dbea4d251
276ce8f3a9f9fa3a2d7c7a2763e0c679cc53838ee0d835c32a00b7c7c4ea7733

HTTP Headers

GET /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fcastanedadzr.ru&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 24 Feb 2023 07:59:00 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-jyCYKWgOaP41OHoz84mbVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2249
Expires: Fri, 24 Feb 2023 08:36:29 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2249
Expires: Fri, 24 Feb 2023 08:36:29 GMT
Date: Fri, 24 Feb 2023 07:59:00 GMT
Connection: keep-alive

www.acint.net/match?dp=186&euid=86248e90-f837-4124-957b-da8f23c950a9

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=186&euid=86248e90-f837-4124-957b-da8f23c950a9
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=186&euid=86248e90-f837-4124-957b-da8f23c950a9 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/advert.gif

87.250.251.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 24 Feb 2023 07:59:00 GMT
access-control-allow-origin: *
etag: "63f47caa-2b"
expires: Fri, 24 Feb 2023 08:59:00 GMT
accept-ranges: bytes
last-modified: Tue, 21 Feb 2023 11:11:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0

148.251.129.43

302 Found

0 B

URL HTTP/2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP
148.251.129.43:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1677225540725
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=bbe6be5c-4453-496d-8675-3cc44556a787;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=bbe6be5c-4453-496d-8675-3cc44556a787;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=bbe6be5c-4453-496d-8675-3cc44556a787
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa41846-2966-47c9-ac1f-845e6507fe21.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6979 bytes)
Hash
d434142b05e07062707138da8999445e
d4796a582b28b1afcb1d7c8d06d78664a62bc880
0baf0e2b4c5975bac7d8543156bdb412cb8a703a768c765a90eedb95fb8ab1ec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa41846-2966-47c9-ac1f-845e6507fe21.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6979
x-amzn-requestid: 19ffbbf5-7950-405e-b558-43c6c011785c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9M7FrMIAMFzCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbec-7c65361d479d30c129f9d1d0;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fTd1tIJwblI78XgGewWZ-cmhWhuzELJ9aSKMgTOpTAys_Mehu5mejQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:34:36 GMT
etag: "d4796a582b28b1afcb1d7c8d06d78664a62bc880"
content-type: image/jpeg
age: 37464
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6df093-e4fa-441b-a18d-8d5eb3f8872b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9860 bytes)
Hash
dd41b65d04b02876ca020b4769ca7bcb
aa00f3f35f4826c1987a9ec712b190607e78175b
ab7b9af9a11ef8b8dece802beb9b88998ba07ecbaa5f64a624736ccb972e8f44

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6df093-e4fa-441b-a18d-8d5eb3f8872b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9860
x-amzn-requestid: 5bae7f8c-874f-45d6-908f-97c680037398
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Auq1FHPHIAMFWEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f5be86-5cac87a14c19b36011e5ac6f;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 07:04:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZfmF7f34sOJ1La2RAByS6ZBqDYvBpZ-0mJlJ0Nj9nvG08xttDiwySA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Feb 2023 07:14:18 GMT
age: 2682
etag: "aa00f3f35f4826c1987a9ec712b190607e78175b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9093 bytes)
Hash
2a5f3d376fe6a3a78a5d1fe136f962fb
3e9b03cc296e954d63526a4e7e75beea3130fc3b
c8cf4f1c0352102764247e4dc5a2076921e0eaa18bfd110e5b0b97a55c706690

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: 3fd9f8c8-cf10-4222-a2cc-5f18ff7b2e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9D3HqmoAMFeBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbb2-352315613cc0c2bc7eb28e05;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:33:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bGDTF9U77Y1pmqtYk-yDa2GsiRraTcwCOBV-yAzDPT2PvS89NeCtZg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:34:34 GMT
age: 37466
etag: "3e9b03cc296e954d63526a4e7e75beea3130fc3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

mc.yandex.ru/watch/1422041/1?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1160122693440%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A906020588%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20%2802.02.2007%29%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29

87.250.251.119

200 OK

407 B

URL HTTP/2
mc.yandex.ru/watch/1422041/1?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1160122693440%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A906020588%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20%2802.02.2007%29%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Size
407 B (407 bytes)
Hash
c89be55ca54b502c8a9a8a24b81e0578
9ffca800eb635e8a612f08d20b87ccc0cbda34b9
106f4931e35e821e910a8a786fbb85ecb0ca2cdabdac3413906cd02ec1fde668

HTTP Headers

GET /watch/1422041/1?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1160122693440%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A906020588%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20%2802.02.2007%29%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://castanedadzr.ru
Referer: https://castanedadzr.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 407
date: Fri, 24 Feb 2023 07:59:00 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://castanedadzr.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 24-Feb-2023 07:59:00 GMT
last-modified: Fri, 24-Feb-2023 07:59:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1602664685682%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A487874684%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20%2802.02.2007%29%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr%2814%29mc%28cm-1-tl-1-atb-1%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29

87.250.251.119

200 OK

407 B

URL HTTP/2
mc.yandex.ru/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1602664685682%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A487874684%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20%2802.02.2007%29%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr%2814%29mc%28cm-1-tl-1-atb-1%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Size
407 B (407 bytes)
Hash
7b6c304a8c5dbb0ad1f980ea3c069387
b718b80115dab2bfcc5c794d12784cad1214d92b
1163367e91858899c756c9ed1c9c40e933da0e3c93be80e44a66b6193fd8c464

HTTP Headers

GET /watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1602664685682%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A487874684%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20%2802.02.2007%29%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr%2814%29mc%28cm-1-tl-1-atb-1%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://castanedadzr.ru
Referer: https://castanedadzr.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 407
date: Fri, 24 Feb 2023 07:59:00 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://castanedadzr.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 24-Feb-2023 07:59:00 GMT
last-modified: Fri, 24-Feb-2023 07:59:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a98720b-53ac-4018-8bb9-955bb22a9e52.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11089 bytes)
Hash
78bcc318c65f1f7b827f7ff792f14595
6bd53a60048a57322c3fc5d12c9f849e38fd2765
d83a699697cb6c728563b667e82a538237472ec86f841b34bc5f7639c94702e8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a98720b-53ac-4018-8bb9-955bb22a9e52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11089
x-amzn-requestid: 8738c63f-1ac3-4ce9-afe7-d5bed232e4b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ax-wyHd6IAMF-WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7119e-1fe3416019806b2550524e41;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 07:11:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xymqCKJ4l9GYOEuebuGELmu8Qq0F8eg6rp790Z4aKV_U8alWeGWfCQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Feb 2023 07:18:27 GMT
age: 2433
etag: "6bd53a60048a57322c3fc5d12c9f849e38fd2765"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c061073-61e1-440d-9b4a-2a79642fa5c9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4190 bytes)
Hash
daa87fe33e37f4179406213c50b0bfc8
0a3b8e72639cbcee63e7204accb95ada77076a11
a4dd63888518de162c44da8a12eb7d2c1c2a0a97f66ea06287e82351fa36f8ff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c061073-61e1-440d-9b4a-2a79642fa5c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4190
x-amzn-requestid: 5be79d82-00a6-41ff-931a-b35f1329cb71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9JcEv3IAMFb4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbd5-52bd27793f7ea5312c23b54e;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:34:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: NvWHzUuDnWXz4w1achMnAaWRaIxw9DRi5jGRGRAVlbG5XetQKLca7w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 21:45:50 GMT
age: 36790
etag: "0a3b8e72639cbcee63e7204accb95ada77076a11"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D7e1ddb1b-2fb7-4410-b492-2b142d40b8cd

212.76.129.181

302 Found

102 B

URL HTTP/2
sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D7e1ddb1b-2fb7-4410-b492-2b142d40b8cd
IP
212.76.129.181:0
ASN
#42632 MnogoByte LLC

File type
HTML document, ASCII text
Size
102 B (102 bytes)
Hash
f214205d827db8b841bbe977c42872ac
df119fdc290d25824ba4821568eb7642265a84a4
cb9745970c75a3a6d393866414a2056fd8f8c4d282a243bb25bf7f1b220722f3

HTTP Headers

GET /check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D7e1ddb1b-2fb7-4410-b492-2b142d40b8cd HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: as-user=7e1ddb1b-2fb7-4410-b492-2b142d40b8cd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: text/html; charset=utf-8
content-length: 102
location: https://www.acint.net/match?dp=98&euid=7e1ddb1b-2fb7-4410-b492-2b142d40b8cd
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

sync.gonet-ads.com/match/sape.js?id=1A79042E446EF8633C04C13B0239C86D&chk=1

188.42.105.220

200 OK

724 B

URL HTTP/2
sync.gonet-ads.com/match/sape.js?id=1A79042E446EF8633C04C13B0239C86D&chk=1
IP
188.42.105.220:0
ASN
#0

File type
data
Size
724 B (724 bytes)
Hash
70142198186c2359f5bb07f35447eb7b
b79896570a64036e44bc31fffa419f2e6598e2fa
7a66638721eeffa382973a36a277b51f0bc86cc6e878c57a0e7322c8dce522a4

HTTP Headers

GET /match/sape.js?id=1A79042E446EF8633C04C13B0239C86D&chk=1 HTTP/1.1
Host: sync.gonet-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: application/javascript
vary: Accept-Encoding
set-cookie: pid=NDU0MTJmNTAyNWNjNDE5Yg; expires=Sat, 24 Feb 2024 07:59:00 GMT; domain=.gonet-ads.com; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2

ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js

142.250.74.99

200 OK

4.3 kB

URL HTTP/2
ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2267)
Size
4.3 kB (4294 bytes)
Hash
3f7502705229ccec9d066c5cd75e6c31
ede1663155afaa5a5213d075e6295c6d839b05c3
2be5113d3022d1819a19f327235d287a2538a03741fc08ccd9d55cc1d78b6282

HTTP Headers

GET /accounts/o/1832714284-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 4294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 11:50:33 GMT
expires: Fri, 23 Feb 2024 11:50:33 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 16 Feb 2023 21:11:06 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 72507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.acint.net/match?dp=71&euid=bbe6be5c-4453-496d-8675-3cc44556a787

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=71&euid=bbe6be5c-4453-496d-8675-3cc44556a787
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=71&euid=bbe6be5c-4453-496d-8675-3cc44556a787 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=98&euid=7e1ddb1b-2fb7-4410-b492-2b142d40b8cd

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=98&euid=7e1ddb1b-2fb7-4410-b492-2b142d40b8cd
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=98&euid=7e1ddb1b-2fb7-4410-b492-2b142d40b8cd HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

top-fwz1.mail.ru/js/code.js

95.163.52.67

200 OK

14 kB

URL HTTP/2
top-fwz1.mail.ru/js/code.js
IP
95.163.52.67:0
ASN
#47764 Mail.Ru LLC

File type
ASCII text, with very long lines (729)
Size
14 kB (14123 bytes)
Hash
557f853dec4e2eb5512822cf77ed10a4
14d83f93714fe8d59046ac945ce69feb164206ec
4820794d01d6c01c8de3cc025c5d54abf8607c4087649efc54cc20e58bf4287a

HTTP Headers

GET /js/code.js HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 24 Feb 2023 07:59:00 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2023 13:29:54 GMT
set-cookie: FTID=1RMYgQ0tkIIF:1677225540:0:::; path=/; expires=Sun, 25-Feb-24 07:59:00 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
etag: W/"63beb9d2-85cc"
expires: Fri, 24 Feb 2023 08:59:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: max-age=3600, private
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
18880e1808370080e86c124fc0f15477
cee3e545df43115cf8bc5b560e2c25b529219c16
8f162b3abb4870796094fcc5a6736023539c294aec20e149c97af1ab39c42337

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Feb 2023 07:59:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

top-fwz1.mail.ru/counter2?js=13;id=2685520;u=https%3A//castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm;st=1677225575835;pid=0;title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...;s=1280*1024;vp=115*22;touch=0;hds=1;frame=1;flash=;sid=f3cf2685e4225077;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1677225576164%3A1677225576166%3A0%3A443e70cec4f5379eaeac0cd0f080e00f;visible=true;_=0.15644349650389733

95.163.52.67

200 OK

43 B

URL HTTP/2
top-fwz1.mail.ru/counter2?js=13;id=2685520;u=https%3A//castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm;st=1677225575835;pid=0;title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...;s=1280*1024;vp=115*22;touch=0;hds=1;frame=1;flash=;sid=f3cf2685e4225077;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1677225576164%3A1677225576166%3A0%3A443e70cec4f5379eaeac0cd0f080e00f;visible=true;_=0.15644349650389733
IP
95.163.52.67:0
ASN
#47764 Mail.Ru LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

HTTP Headers

GET /counter2?js=13;id=2685520;u=https%3A//castanedadzr.ru/cc/mnen/polishuk_vs_elsh.htm;st=1677225575835;pid=0;title=%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20I...;s=1280*1024;vp=115*22;touch=0;hds=1;frame=1;flash=;sid=f3cf2685e4225077;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1677225576164%3A1677225576166%3A0%3A443e70cec4f5379eaeac0cd0f080e00f;visible=true;_=0.15644349650389733 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 24 Feb 2023 07:59:01 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIF:1677225541:2685520:::; path=/; expires=Sun, 25-Feb-24 07:59:01 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
feec2ce1852ee076ba11e9ffc9a24d7e
8f0eb85ddfd5b5b34f868a9a4ab618acb3286d51
a00080775e488598b769083a6e965cce70637828b28962c1823c85632ff6d91e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 21 Feb 2023 15:41:06 GMT
Expires: Tue, 28 Feb 2023 15:41:05 GMT
Etag: "8f0eb85ddfd5b5b34f868a9a4ab618acb3286d51"
Cache-Control: max-age=372724,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79e6a8ccdfc8b4f9-OSL

exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D

159.69.142.212

301 Moved Permanently

115 B

URL HTTP/2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP
159.69.142.212:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text
Size
115 B (115 bytes)
Hash
a7db88ff6ef4042ae9f5861b2bbf2cce
df61361bbd257f63d5cc0447b4dcae0ebfc354d0
c83aa8312a7ff1d75f7017256b55446378dced2c86c5ef67a3627ed6d8282cd3

HTTP Headers

GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 24 Feb 2023 07:58:59 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=fd943d57-146e-45e2-5d92-ff204ba610a6
serverid: TODO
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
26bf08a587476d1b89da8ea82ac71009
d2aa509500d225cc67911ea08405559503ed64dd
9b0d1394dcda90ecf1414f2f55aa9c1fd193115eac83f19aa23a8a51c4ec52e9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B0D1394DCDA90ECF1414F2F55AA9C1FD193115EAC83F19AA23A8A51C4EC52E9"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15565
Expires: Fri, 24 Feb 2023 12:18:26 GMT
Date: Fri, 24 Feb 2023 07:59:01 GMT
Connection: keep-alive

www.acint.net/match?dp=126&euid=fd943d57-146e-45e2-5d92-ff204ba610a6

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=126&euid=fd943d57-146e-45e2-5d92-ff204ba610a6
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=126&euid=fd943d57-146e-45e2-5d92-ff204ba610a6 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:01 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

1916faa0-b419-11ed-a1c4-002590c82437.n5.sync.bumlam.com/?src=sape

80.87.198.24

302 Found

0 B

URL HTTP/2
1916faa0-b419-11ed-a1c4-002590c82437.n5.sync.bumlam.com/?src=sape
IP
80.87.198.24:0
ASN
#29182 JSC IOT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape HTTP/1.1
Host: 1916faa0-b419-11ed-a1c4-002590c82437.n5.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQxOTE2ZmFhMC1iNDE5LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.22.1
date: Fri, 24 Feb 2023 07:59:01 GMT
content-length: 0
location: https://pix.bumlam.com/sync/sape/done
X-Firefox-Spdy: h2

pix.bumlam.com/sync/sape/done

31.172.81.172

200 OK

43 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/done
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQxOTE2ZmFhMC1iNDE5LTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
5ce355aaeb35e7c6a43e6b3cb88f841a
dafb99c6c79b862ba223f94f848ec2e13f8c0dcc
9e1aa633721709283cc99de37f8dcf7b2a789583a26582f2c2a48dc8cc10d584

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 28 Feb 2023 06:08:18 GMT
ETag: "dafb99c6c79b862ba223f94f848ec2e13f8c0dcc"
Last-Modified: Fri, 24 Feb 2023 06:08:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1160
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8d0b9ec0b59-OSL

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
5ce355aaeb35e7c6a43e6b3cb88f841a
dafb99c6c79b862ba223f94f848ec2e13f8c0dcc
9e1aa633721709283cc99de37f8dcf7b2a789583a26582f2c2a48dc8cc10d584

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 28 Feb 2023 06:08:18 GMT
ETag: "dafb99c6c79b862ba223f94f848ec2e13f8c0dcc"
Last-Modified: Fri, 24 Feb 2023 06:08:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1160
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8d0d9f80b59-OSL

ocsp.globalsign.com/gseccovsslca2018

104.18.20.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
15c1ff55c278f24d670f2a7437e5fda3
47e97151c742092b0b79de9f0062d0c1e53c971d
a5fb0ee5e2c042c856e5671ab6c9353771400a7f1ad61e6f5f12c2eb911bf755

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 28 Feb 2023 05:26:16 GMT
ETag: "47e97151c742092b0b79de9f0062d0c1e53c971d"
Last-Modified: Fri, 24 Feb 2023 05:26:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1428
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8d0fa080b59-OSL

ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691

195.209.108.49

302 Moved Temporarily

0 B

URL HTTP/1.1
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP
195.209.108.49:0
ASN
#52007 LLC AdRiver

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-4875619604; expires=Sun, 23 Feb 2025 07:59:01 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4875619604
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

ocsp.globalsign.com/alphasslcasha256g4

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/alphasslcasha256g4
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1437 bytes)
Hash
6625a483ee651f05b8cd34bc05e7abe5
3614e32954550a8bfed59aed32137c9169f2f270
3da13f8d730e425814ba888003a667696276fa43e72352fee8d2300266897710

HTTP Headers

POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Tue, 28 Feb 2023 04:53:07 GMT
ETag: "3614e32954550a8bfed59aed32137c9169f2f270"
Last-Modified: Fri, 24 Feb 2023 04:53:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3567
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8d11a170b59-OSL

ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1A79042E446EF8633C04C13B0239C86D

81.222.128.213

200 OK

42 B

URL HTTP/1.1
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1A79042E446EF8633C04C13B0239C86D
IP
81.222.128.213:0
ASN
#20597 PVimpelCom

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cgi-bin/sync.cgi?dsp_id=153&external_id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
bcecf5f1b1991980c410ce2542e89b21
79e2d3fb1cd4728db00bd69acdfa5e9edafbf7f9
1d3b312167732062743462b1a839490fe8d682734f56e48748ce706890626757

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 22 Feb 2023 02:03:24 GMT
Expires: Wed, 01 Mar 2023 02:03:23 GMT
Etag: "79e2d3fb1cd4728db00bd69acdfa5e9edafbf7f9"
Cache-Control: max-age=410061,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79e6a8d0eb35b50b-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
bcecf5f1b1991980c410ce2542e89b21
79e2d3fb1cd4728db00bd69acdfa5e9edafbf7f9
1d3b312167732062743462b1a839490fe8d682734f56e48748ce706890626757

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 22 Feb 2023 02:03:24 GMT
Expires: Wed, 01 Mar 2023 02:03:23 GMT
Etag: "79e2d3fb1cd4728db00bd69acdfa5e9edafbf7f9"
Cache-Control: max-age=410061,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79e6a8d10c65b4f9-OSL

ocsp.usertrust.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
312bbb94512e65ee6a2c3fe8e745fe57
013ca2f01c119fbeb69a3bc70aaaa251d37299c3
b21ca43d281f095cdc1dd919b8c9f9f1763df62a2ed80789107ad31f37889e77

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 23 Feb 2023 16:18:23 GMT
Expires: Thu, 02 Mar 2023 16:18:22 GMT
Etag: "013ca2f01c119fbeb69a3bc70aaaa251d37299c3"
Cache-Control: max-age=602673,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 416
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8d1399ab4eb-OSL

ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4875619604

195.209.108.49

302 Moved Temporarily

40 B

URL HTTP/1.1
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4875619604
IP
195.209.108.49:0
ASN
#52007 LLC AdRiver

File type
ASCII text, with CRLF line terminators
Size
40 B (40 bytes)
Hash
251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b

HTTP Headers

GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4875619604 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Sun, 23 Feb 2025 07:59:01 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D

sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D

77.245.57.72

200 OK

0 B

URL HTTP/1.1
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP
77.245.57.72:0
ASN
#36057 WEBAIR-INTERNET-MTL

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Length: 0
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache

ocsp.usertrust.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
a61de8f39e5817929c42058cbc6b253b
ae08b19fd27c086894746791dd7711339918f263
83ca110b664d00f3a00dbe5809bf364b6d8451bd2c049b6e6d9519dae6701bef

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Feb 2023 15:11:26 GMT
Expires: Thu, 02 Mar 2023 15:11:25 GMT
Etag: "ae08b19fd27c086894746791dd7711339918f263"
Cache-Control: max-age=603199,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 846
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8d149b1b4eb-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
7ccec9c38d79b8eefa64112ff4b1f485
b12fde04829d4c3bab75205ce6751ae5d54fbadd
b1094bbbd870cff41d5c9d986da7889538dd6343fa9c8b85dfc4c76ce7f2f5c8

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 28 Feb 2023 04:36:07 GMT
ETag: "b12fde04829d4c3bab75205ce6751ae5d54fbadd"
Last-Modified: Fri, 24 Feb 2023 04:36:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1082
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8d15a4f0b59-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
a53dd0446bd4d2160e3eb00da399a2d1
5b1bdde463e2509a8a3fba503a8e0fba553a2247
f0018aad763574600ed3f45af5e4f84b6b8905e77ca47bc6c9fa117fdb160eeb

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 28 Feb 2023 05:59:06 GMT
ETag: "5b1bdde463e2509a8a3fba503a8e0fba553a2247"
Last-Modified: Fri, 24 Feb 2023 05:59:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2291
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e6a8d16adc1c06-OSL

ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D

188.42.191.196

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP
188.42.191.196:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
tuuid=c5a217e9-c755-5237-a099-9df1c361f3b4; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
ut=Y_huRQAFAUBIwHyIMr7M4qittCltcFaSEaCFLw==; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
35f8e67a3f60b3941a5c10af1239f36f
f93d357c68ad3e426504499490795d304553b6af
ebda62a5184c6f4829718e7429b7c9e0f2a99e8b82867f54bd51b2a64be54183

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBDA62A5184C6F4829718E7429B7C9E0F2A99E8B82867F54BD51B2A64BE54183"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10288
Expires: Fri, 24 Feb 2023 10:50:29 GMT
Date: Fri, 24 Feb 2023 07:59:01 GMT
Connection: keep-alive

ads.betweendigital.com/match?bidder_id=73&external_user_id=1A79042E446EF8633C04C13B0239C86D

188.42.191.196

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=73&external_user_id=1A79042E446EF8633C04C13B0239C86D
IP
188.42.191.196:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=73&external_user_id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=1A79042E446EF8633C04C13B0239C86D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
tuuid=922a51c1-cdfa-5237-89ef-879bea17e9de; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
ut=Y_huRQAFIICQm6zzju8WNdXLS_qAN0FbWB252Q==; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

sape-sync.rutarget.ru/sync

178.170.195.115

302 Moved Temporarily

0 B

URL HTTP/1.1
sape-sync.rutarget.ru/sync
IP
178.170.195.115:0
ASN
#208677 Cloud technology Limited (Ltd.)

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=5uVZZSNpgLs-
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=5uVZZSNpgLs-; Path=/; Domain=.rutarget.ru; Expires=Wed, 23 Aug 2023 07:59:01 GMT; SameSite=None; Secure

www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D

157.90.179.28

302 Found

154 B

URL HTTP/2
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Fri, 24 Feb 2023 07:59:01 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1CB35A9D446EF863D303877102A05FA2
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1

188.42.191.196

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP
188.42.191.196:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
tuuid=441bff9e-9103-5237-9074-bfb0f38cd1f5; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
ut=Y_huRQAFmZjmXqvDK2ggeCr9JuvNatJcyJnGVA==; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=73&external_user_id=1A79042E446EF8633C04C13B0239C86D&crf=1

188.42.191.196

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=73&external_user_id=1A79042E446EF8633C04C13B0239C86D&crf=1
IP
188.42.191.196:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=73&external_user_id=1A79042E446EF8633C04C13B0239C86D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
tuuid=87c88abe-ec25-5237-b829-1937dbd17772; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
ut=Y_huRQAFrSAZPtPqG2el_W6gX_fTVSl5GtTreQ==; Max-Age=31536000; Expires=Sat, 24 Feb 2024 07:59:01 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

mc.yandex.ru/watch/26812653?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1602664685682%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A487874684%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr(14)mc(cm-1-tl-1-atb-1)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)

87.250.251.119

302 Found

0 B

URL HTTP/2
mc.yandex.ru/watch/26812653?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1602664685682%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A487874684%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr(14)mc(cm-1-tl-1-atb-1)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch/26812653?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1602664685682%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A487874684%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr(14)mc(cm-1-tl-1-atb-1)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://castanedadzr.ru
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: /watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A1602664685682%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A487874684%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20%2802.02.2007%29%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr%2814%29mc%28cm-1-tl-1-atb-1%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 24 Feb 2023 07:59:00 GMT
access-control-allow-origin: https://castanedadzr.ru
set-cookie: yabs-sid=2234561561677225540; Path=/; SameSite=None; Secure
i=tXQsEcKHMdoLfwLc9nlMSyIsXLfCohWB98NJhve420RQtHRpUfEpYo4RuCyVFTPTaqH9gvNVQ06FnU4PUlEbCVzAXc0=; Expires=Mon, 21-Feb-2033 07:59:00 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4062473311677225540; Expires=Sat, 24-Feb-2024 07:59:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4062473311677225540; Expires=Sat, 24-Feb-2024 07:59:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1708761540.yc.1677225540#1708761540.yrts.1677225540#1708761540.yrtsi.1677225540; Expires=Sat, 24-Feb-2024 07:59:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 24-Feb-2023 07:59:00 GMT
last-modified: Fri, 24-Feb-2023 07:59:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1CB35A9D446EF863D303877102A05FA2

81.222.128.213

200 OK

42 B

URL HTTP/1.1
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1CB35A9D446EF863D303877102A05FA2
IP
81.222.128.213:0
ASN
#20597 PVimpelCom

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cgi-bin/sync.cgi?ssp_id=43&external_id=1CB35A9D446EF863D303877102A05FA2 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

ad.mail.ru/cm.gif?p=48&id=1A79042E446EF8633C04C13B0239C86D

95.163.41.56

200 OK

43 B

URL HTTP/2
ad.mail.ru/cm.gif?p=48&id=1A79042E446EF8633C04C13B0239C86D
IP
95.163.41.56:0
ASN
#47764 Mail.Ru LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /cm.gif?p=48&id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 24 Feb 2023 07:59:01 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=3f8pjS2x5ioF002DxL2cGQ2F:::0-0-0-912c705:CAASEIoXllQtBPHBcu8IQvZRCqkaYF_nmnxGyxP0OMDCBRbGohIXs730JLHY42qWN06c2HInw7_5KGlXI5cR7R9L2vqVErPv5euHm9JE59JhNIlSP1zSW3R7xIF5ioS9tq0B2PZq42s1D_z3Ier1x-WIUsLZZw; path=/; expires=Sun, 25-Feb-24 07:59:01 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Fri, 24 Feb 2023 13:59:01 GMT
cache-control: max-age=21600
last-modified: Fri, 24 Feb 2023 07:59:01 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2

www.acint.net/match?dp=104&euid=5uVZZSNpgLs-

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=104&euid=5uVZZSNpgLs-
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=104&euid=5uVZZSNpgLs- HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:01 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

tag.digitaltarget.ru/adcm.js

185.15.175.174

200 OK

3.1 kB

URL HTTP/1.1
tag.digitaltarget.ru/adcm.js
IP
185.15.175.174:0
ASN
#43226 SafeData LLC

File type
ASCII text, with very long lines (3051), with no line terminators
Size
3.1 kB (3051 bytes)
Hash
e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

HTTP Headers

GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Fri, 24 Feb 2023 07:35:10 GMT
Connection: keep-alive
ETag: "63f868ae-beb"
Accept-Ranges: bytes

x01.aidata.io/0.gif?pid=9401454&id=1A79042E446EF8633C04C13B0239C86D&bounce=1

89.108.120.68

204 No Content

0 B

URL HTTP/2
x01.aidata.io/0.gif?pid=9401454&id=1A79042E446EF8633C04C13B0239C86D&bounce=1
IP
89.108.120.68:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0.gif?pid=9401454&id=1A79042E446EF8633C04C13B0239C86D&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 24 Feb 2023 07:59:01 GMT
expires: Fri, 24 Feb 2023 07:59:00 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Fri, 24 Feb 2023 07:59:00 GMT
set-cookie: __upin=zI+BzmVJ62s25cm+owcrRg;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1677225541;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

sm.rtb.mts.ru/p?ssp=sape&id=1A79042E446EF8633C04C13B0239C86D

217.66.147.37

301 Moved Permanently

0 B

URL HTTP/1.1
sm.rtb.mts.ru/p?ssp=sape&id=1A79042E446EF8633C04C13B0239C86D
IP
217.66.147.37:0
ASN
#29209 MTS PJSC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sape&id=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=1A79042E446EF8633C04C13B0239C86D
Set-Cookie: dspid=6ab242a9-730f-4e96-b008-962b1d2f2f9e; expires=Thu, 15 Feb 2024 07:59:01 GMT; domain=.mts.ru; path=/; secure; SameSite=None

px.adhigh.net/p/cm/sape?u=1A79042E446EF8633C04C13B0239C86D

193.232.150.148

302 Found

0 B

URL HTTP/2
px.adhigh.net/p/cm/sape?u=1A79042E446EF8633C04C13B0239C86D
IP
193.232.150.148:0
ASN
#48061 Limited Liability Company GPM Digital Technologies

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/cm/sape?u=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Fri, 24 Feb 2023 07:59:01 GMT
content-length: 0
x-backend-id: f15-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=0xSoyIi6a3J.AikABlGGgm6_Ow;Path=/;Domain=.adhigh.net;Expires=Sat, 24-Feb-2024 07:59:01 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=1A79042E446EF8633C04C13B0239C86D&bounced=1
X-Firefox-Spdy: h2

sm.rtb.mts.ru/match/second?ssp=30&exu=1A79042E446EF8633C04C13B0239C86D

217.66.147.37

200 OK

0 B

URL HTTP/1.1
sm.rtb.mts.ru/match/second?ssp=30&exu=1A79042E446EF8633C04C13B0239C86D
IP
217.66.147.37:0
ASN
#29209 MTS PJSC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/second?ssp=30&exu=1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

px.adhigh.net/p/cm/sape?u=1A79042E446EF8633C04C13B0239C86D&bounced=1

193.232.150.148

200 OK

49 B

URL HTTP/2
px.adhigh.net/p/cm/sape?u=1A79042E446EF8633C04C13B0239C86D&bounced=1
IP
193.232.150.148:0
ASN
#48061 Limited Liability Company GPM Digital Technologies

File type
GIF image data, version 89a, 1 x 1\012- data
Size
49 B (49 bytes)
Hash
889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

HTTP Headers

GET /p/cm/sape?u=1A79042E446EF8633C04C13B0239C86D&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 24 Feb 2023 07:59:01 GMT
content-type: image/gif
content-length: 49
x-backend-id: f15-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2

tag.digitaltarget.ru/processor.js?i=405164945142993

185.15.175.174

200 OK

16 kB

URL HTTP/1.1
tag.digitaltarget.ru/processor.js?i=405164945142993
IP
185.15.175.174:0
ASN
#43226 SafeData LLC

File type
ASCII text, with very long lines (15892), with no line terminators
Size
16 kB (15892 bytes)
Hash
736e2fb1da94f3277e3f931048c1b9f3
196387db95a17da825b629de3542eff901b09905
4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc

HTTP Headers

GET /processor.js?i=405164945142993 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: application/javascript
Content-Length: 15892
Last-Modified: Fri, 24 Feb 2023 07:35:14 GMT
Connection: keep-alive
ETag: "63f868b2-3e14"
Accept-Ranges: bytes

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b2df9b8515300d4a52cfea191b091c7d
af020b02bc616abafe1f7b0bbc799f6c4aa345df
542ced88e45d59fd1ac53d575eb4825704bbb71c0b58697be50abe21dc9d9b38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "542CED88E45D59FD1AC53D575EB4825704BBB71C0B58697BE50ABE21DC9D9B38"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5708
Expires: Fri, 24 Feb 2023 09:34:09 GMT
Date: Fri, 24 Feb 2023 07:59:01 GMT
Connection: keep-alive

dmg.digitaltarget.ru/1/1093/i/i?i=302385893174594.28812868437519&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_noorient

185.15.175.132

307 Temporary Redirect

0 B

URL HTTP/1.1
dmg.digitaltarget.ru/1/1093/i/i?i=302385893174594.28812868437519&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
185.15.175.132:0
ASN
#43226 SafeData LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/1093/i/i?i=302385893174594.28812868437519&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1677225541781&i=302385893174594.28812868437519&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=tqnke-uNb78RErA7kzUx; Max-Age=93312000; Expires=Sun, 08 Feb 2026 07:59:01 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/1/1093/i/i?i=302385893174594.703174245286360&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

185.15.175.132

307 Temporary Redirect

0 B

URL HTTP/1.1
dmg.digitaltarget.ru/1/1093/i/i?i=302385893174594.703174245286360&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
185.15.175.132:0
ASN
#43226 SafeData LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/1093/i/i?i=302385893174594.703174245286360&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1677225541782&i=302385893174594.703174245286360&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=tqnke-uNb78REoA7kzmx; Max-Age=93312000; Expires=Sun, 08 Feb 2026 07:59:01 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1677225541781&i=302385893174594.28812868437519&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_noorient

185.15.175.132

200 OK

64 B

URL HTTP/1.1
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1677225541781&i=302385893174594.28812868437519&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
185.15.175.132:0
ASN
#43226 SafeData LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8

HTTP Headers

GET /awg/custom/1093/i/i?call_source=awg&ts=1677225541781&i=302385893174594.28812868437519&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1677225541782&i=302385893174594.703174245286360&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

185.15.175.132

200 OK

64 B

URL HTTP/1.1
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1677225541782&i=302385893174594.703174245286360&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
185.15.175.132:0
ASN
#43226 SafeData LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8

HTTP Headers

GET /awg/custom/1093/i/i?call_source=awg&ts=1677225541782&i=302385893174594.703174245286360&a=77&e=1A79042E446EF8633C04C13B0239C86D&pref=https%3A%2F%2Fcastanedadzr.ru%2F&c=ss:77.up:1A79042E446EF8633C04C13B0239C86D.sync:up.xdua:du22qvssZKD0p6gpAzhMehHc.xps:xpsuZJvZNXIr45HrImxD12wHF.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Feb 2023 07:59:01 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 2
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

www.acint.net/ping/?v=0.5.1&uid=607fb50c-1910-4e3f-9ea3-ad87ee47c80a&dp=10&tz=%2B00%3A00&nc=03900152&dT=2023-02-24T07%3A59%3A38.389

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/ping/?v=0.5.1&uid=607fb50c-1910-4e3f-9ea3-ad87ee47c80a&dp=10&tz=%2B00%3A00&nc=03900152&dT=2023-02-24T07%3A59%3A38.389
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /ping/?v=0.5.1&uid=607fb50c-1910-4e3f-9ea3-ad87ee47c80a&dp=10&tz=%2B00%3A00&nc=03900152&dT=2023-02-24T07%3A59%3A38.389 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Cookie: aid=nVqzHGP4bkRxhwPTol+gAv+K1uanFy70RXlEGdeFvfpnK5F8; test_cookie=CheckForPermission; cSyncDp7v2=1677225540; cSyncDp14v3=1677225540; cSyncDp17=1677225540; cSyncDp32=1677225540; cSyncDp45v3=1677225540; cSyncDp53v2=1677225540; cSyncDp62=1677225540; cSyncDp67v2=1677225540; cSyncDp68=1677225540; cSyncDp71=1677225540; cSyncDp85=1677225540; cSyncDp95v3=1677225540; cSyncDp98v2=1677225540; cSyncDp101=1677225540; cSyncDp104v2=1677225540; cSyncDp107=1677225540; cSyncDp110=1677225540; cSyncDp125v3=1677225540; cSyncDp126=1677225540; cSyncDp127=1677225540; cSyncDp129=1677225540; cSyncDp136v2=1677225540; cSyncDp146=1677225540; cSyncDp148v1=1677225540; cSyncDp149v2=1677225540; cSyncDp151=1677225540; cSyncDp178=1677225540; cSyncDp186=1677225540; cSyncDp217=1677225540; cSyncDp221=1677225540; cSyncDp235=1677225540; cSyncDp241=1677225540
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Fri, 24 Feb 2023 07:59:03 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.yandex.ru/watch/1422041?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1160122693440%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A906020588%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)

87.250.251.119

302 Found

0 B

URL HTTP/2
mc.yandex.ru/watch/1422041?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1160122693440%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A906020588%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /watch/1422041?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1160122693440%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A906020588%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20(02.02.2007)%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://castanedadzr.ru
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: /watch/1422041/1?wmode=7&page-url=https%3A%2F%2Fcastanedadzr.ru%2Fcc%2Fmnen%2Fpolishuk_vs_elsh.htm&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afp%3A1448%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1160122693440%3Ahid%3A901377012%3Az%3A0%3Ai%3A20230224075936%3Aet%3A1677225576%3Ac%3A1%3Arn%3A906020588%3Arqn%3A1%3Au%3A1677225576654504984%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C572%2C192%2C1%2C372%2C0%2C%2C362%2C14%2C%2C%2C%2C1505%3Aco%3A0%3Ans%3A1677225573729%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1677225576%3At%3A%D0%9E%D1%82%D0%B2%D0%B5%D1%82%20%D0%BD%D0%B0%20%D0%BC%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%92.%D0%9F%D0%BE%D0%BB%D0%B8%D1%89%D1%83%D0%BA%D0%B0%20%2802.02.2007%29%20by%20Ellen%20Night%2C%20or%20Nightmania%2C%20Russia%2C%20Irkutsk&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 24 Feb 2023 07:59:00 GMT
access-control-allow-origin: https://castanedadzr.ru
set-cookie: yabs-sid=1245979201677225540; Path=/; SameSite=None; Secure
i=VZgeI2HWTIsok7kcVRQqif2ToIqGgWVKWZFqCL1FgNoTvcdtZI8k32wllTmHRMxb1sZ2hI7cTFe5QCF3MS0BGHlnLkg=; Expires=Mon, 21-Feb-2033 07:59:00 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1230058631677225540; Expires=Sat, 24-Feb-2024 07:59:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1230058631677225540; Expires=Sat, 24-Feb-2024 07:59:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1708761540.yc.1677225540#1708761540.yrts.1677225540#1708761540.yrtsi.1677225540; Expires=Sat, 24-Feb-2024 07:59:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 24-Feb-2023 07:59:00 GMT
last-modified: Fri, 24-Feb-2023 07:59:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

yandex.st/share/share.js

178.154.131.216

200 OK

0 B

URL HTTP/2
yandex.st/share/share.js
IP
178.154.131.216:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /share/share.js HTTP/1.1
Host: yandex.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://castanedadzr.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 24 Feb 2023 07:58:59 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
content-encoding: br
etag: W/"db7132f94e4730c128b638f72b46c899"
expires: Sun, 26 Feb 2023 19:55:57 GMT
last-modified: Wed, 24 Oct 2018 16:00:42 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: e9dc0c3075468f39
X-Firefox-Spdy: h2

an.yandex.ru/mapuid/sapeis/1A79042E446EF8633C04C13B0239C86D

213.180.204.90

302 Found

0 B

URL HTTP/2
an.yandex.ru/mapuid/sapeis/1A79042E446EF8633C04C13B0239C86D
IP
213.180.204.90:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mapuid/sapeis/1A79042E446EF8633C04C13B0239C86D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/1A79042E446EF8633C04C13B0239C86D?redir-setuniq=1
date: Fri, 24 Feb 2023 07:59:01 GMT
set-cookie: yandexuid=309717451677225541; domain=.yandex.ru; path=/; expires=Mon, 21-Feb-2033 07:59:01 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 24 Feb 2023 07:59:01 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 24 Feb 2023 07:59:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ssp.bidvol.com/usersync?dspcsid=8&redirect=1

65.108.236.88

302 Found

0 B

URL HTTP/2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP
65.108.236.88:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.23.0
date: Fri, 24 Feb 2023 07:59:00 GMT
x-request-id: cad4cc0b-d492-42ad-8250-6e308d94cf40
set-cookie: bvuid=c3i8aotadf; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=c3i8aotadf; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=c3i8aotadf
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL