Report - power-point-soft.ru/

Report Overview

Submitted URL
power-point-soft.ru/
IP
188.40.131.137
ASN
#24940 Hetzner Online GmbH
Submitted
2023-02-02 17:34:21
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
sm.rtb.mts.ru	27154	2019-03-26T15:10:01Z	2023-03-13T08:33:52Z	838 B	1.0 kB	217.66.147.42
sync.bumlam.com	3243	2015-08-10T23:04:25Z	2023-03-13T08:33:52Z	1.4 kB	1.9 kB	31.172.81.172
a.utraff.com	39874	2019-02-27T11:01:37Z	2023-03-13T08:33:52Z	380 B	1.1 kB	104.21.59.66
cs.agency2.ru	unknown	2022-04-29T16:24:02Z	2023-03-13T08:33:52Z	413 B	721 B	23.111.107.44
dmg.digitaltarget.ru	21471	2015-04-23T16:50:51Z	2023-03-13T06:26:03Z	2.7 kB	3.2 kB	185.15.175.148
mc.yandex.ru	2672	2012-05-21T11:38:30Z	2023-03-13T08:16:45Z	3.5 kB	63 kB	87.250.251.119
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	1.7 kB	4.8 kB	104.18.32.68
sync.programmatica.com	unknown	2022-12-17T02:18:07Z	2023-03-13T08:33:52Z	887 B	715 B	167.235.117.42
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-13T05:14:17Z	714 B	3.8 kB	104.18.21.226
acint.net	22962	2014-02-14T22:23:16Z	2023-03-13T08:33:52Z	2.4 kB	780 B	157.90.179.28
counter.yadro.ru	7275	2014-09-09T20:41:17Z	2023-03-13T07:26:53Z	553 B	496 B	88.212.202.52
sync.1dmp.io	10017	2016-02-09T12:52:58Z	2023-03-13T08:33:52Z	502 B	230 B	87.242.89.90
ocsp.usertrust.com	899	2012-05-21T17:43:18Z	2023-03-13T08:38:38Z	342 B	1.0 kB	172.64.155.188
tag.digitaltarget.ru	98193	2015-07-21T16:24:58Z	2023-03-13T08:33:52Z	745 B	19 kB	185.15.175.134
sape-sync.rutarget.ru	173587	2018-08-07T16:11:47Z	2023-03-13T08:33:52Z	380 B	409 B	188.72.109.103
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	8.5 kB	22 kB	23.36.77.32
w.uptolike.com	101818	2013-08-05T15:26:12Z	2023-03-13T07:02:30Z	3.5 kB	20 kB	95.163.114.203
cntrsync.ru	unknown	2022-11-23T19:58:34Z	2023-03-09T05:51:32Z	356 B	319 B	92.63.102.100
ssp.bidvol.com	31817	2020-02-22T13:37:29Z	2023-03-13T08:33:52Z	398 B	2.0 kB	65.109.65.187
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	2.9 kB	14 kB	104.18.21.226
nr.bidderstack.com	352019	2019-02-11T15:43:50Z	2023-03-13T08:33:52Z	421 B	222 B	23.88.12.13
ce1a06c8-a31f-11ed-a1c4-002590c82437.n2.sync.bumlam.com	unknown			488 B	165 B	188.120.241.47
match.new-programmatic.com	33613	2020-02-18T21:50:06Z	2023-03-13T08:33:52Z	434 B	213 B	217.65.2.150
sync.adspend.space	unknown	2022-10-20T08:12:42Z	2023-03-13T08:33:52Z	540 B	389 B	212.76.129.181
ad.mail.ru	7643	2012-06-22T21:38:09Z	2023-03-13T09:01:54Z	412 B	756 B	95.163.41.56
x01.aidata.io	12188	2016-03-31T17:36:46Z	2023-03-13T06:54:15Z	865 B	1.3 kB	89.108.120.68
power-point-soft.ru	unknown	2022-01-10T03:33:08Z	2022-06-13T18:01:05Z	1.4 kB	359 kB	188.40.131.137
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
get.mycounter.ua	492353	2017-01-31T14:43:36Z	2023-03-12T05:58:48Z	820 B	4.8 kB	62.149.0.249
www.acint.net	29072	2014-02-14T22:23:16Z	2023-03-13T08:33:52Z	18 kB	21 kB	157.90.179.28
dm-eu.hybrid.ai	28847	2021-01-25T12:48:59Z	2023-03-13T06:16:11Z	419 B	528 B	37.18.103.21
ads.betweendigital.com	1571	2012-10-30T06:08:04Z	2023-03-13T06:54:29Z	2.8 kB	3.6 kB	188.42.196.115
px.adhigh.net	10272	2013-01-03T22:02:08Z	2023-03-13T06:54:23Z	848 B	1.0 kB	193.232.150.70
sync.dmp.otm-r.com	19534	2017-02-03T08:19:51Z	2023-03-13T08:33:52Z	419 B	134 B	194.55.244.186
s.uuidksinc.net	3423	2015-07-20T14:00:35Z	2023-03-13T05:57:41Z	424 B	322 B	31.220.27.134
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	34.210.191.84
exchange.buzzoola.com	18389	2014-10-17T17:20:27Z	2023-03-13T08:33:52Z	483 B	382 B	116.202.236.172
af.click.ru	135475	2021-12-09T10:15:00Z	2023-03-13T07:02:32Z	365 B	1.2 kB	217.197.112.80
ssp.adriver.ru	12439	2014-01-10T14:39:33Z	2023-03-13T08:33:52Z	881 B	376 B	81.222.128.215
ads.adlook.me	43352	2018-11-28T13:50:19Z	2023-03-13T08:33:52Z	442 B	325 B	5.200.43.243
ssp.bestssp.com	90974	2017-06-10T10:55:20Z	2023-03-13T06:54:27Z	438 B	361 B	185.147.80.35
ad.adriver.ru	19548	2012-08-31T19:10:27Z	2023-03-13T06:54:23Z	875 B	1.4 kB	195.209.108.35
sync.adkernel.com	4993	2017-04-19T11:25:22Z	2023-03-13T05:36:44Z	469 B	190 B	77.245.57.72
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	61 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
ssp-rtb.sape.ru	31166	2016-02-02T18:01:03Z	2023-03-13T08:33:52Z	447 B	773 B	193.3.184.211
sync.upravel.com	28097	2017-05-29T11:13:46Z	2023-03-13T08:33:52Z	890 B	1.7 kB	148.251.78.49
dmp.gotechnology.io	48839	2019-06-17T18:08:58Z	2023-02-25T12:17:28Z	875 B	932 B	142.132.209.138
supraneet.ru	unknown	2022-10-04T18:57:41Z	2023-03-13T07:02:32Z	357 B	319 B	62.109.6.15
an.yandex.ru	2577	2017-01-30T06:11:51Z	2023-03-03T18:27:36Z	413 B	622 B	93.158.134.90
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	682 B	1.2 kB	93.184.220.29
pix.bumlam.com	92002	2022-03-29T11:19:43Z	2023-03-13T08:33:52Z	949 B	1.4 kB	31.172.81.159

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-02 17:34:37	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-02-02 17:34:37	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-02-02 17:34:39	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)
2023-02-02 17:34:39	low	Client IP	Internal IP	ETPRO INFO Observed DNS Query for Ukraine Domain (.ua)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-02	medium	power-point-soft.ru/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	power-point-soft.ru/	7 B	2023-03-07	2023-04-01
Pretty URL power-point-soft.ru/ IP 188.40.131.137 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:13 Last Seen2023-04-01 11:06:56 Times Seen12 Hash 27be9f102a95f9122360337e3b808a50 20ea1430f9fef512f97cd04a08a936c9fb89c2ef 97cd1965a6ec6da89102c2669da9e29a837051d22bb90cd64454dfdc48f579ac Loading...

	power-point-soft.ru/	7 B	2023-03-07	2023-04-01
Pretty URL power-point-soft.ru/ IP 188.40.131.137 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:13 Last Seen2023-04-01 11:06:56 Times Seen12 Hash faa62d9590e9497b775c2f299ff0f323 643d175d9c8ee1f8db92f159bb7e21774e9dc8bb 8d9c901ef4ee2d0011f2975e3ebc5160a39e0240cb7d56ba4f21e24bf35f456b Loading...

	power-point-soft.ru/	7 B	2023-03-07	2023-04-01
Pretty URL power-point-soft.ru/ IP 188.40.131.137 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:13 Last Seen2023-04-01 11:06:56 Times Seen12 Hash f9f244d4adf9a76f52d27b2a427bf2c0 09f5e66628582809911f129bb0570feb690173d5 8935e719104be20377647f2e79abf43ebbba1323834bc8d5308880b57be20ede Loading...

	www.acint.net/oci.js?t=1675359278029	32 kB	2023-03-12	2024-04-19
Pretty URL www.acint.net/oci.js?t=1675359278029 IP 157.90.179.28 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:09:04 Last Seen2024-04-19 15:14:02 Times Seen2030 Hash c3fa5133b6899a2abb39fb79ed94300f dc1d5c75420b38cd7509a783ed09345d0ff78ac4 66b141eb9ae44c86efc510844a71cf208c02d02abe03af3a7d8cc26736d3e19c Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 17:05:57 Times Seen36963227 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84	887 B	2023-03-07	2023-04-05
Pretty URL w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84 IP 95.163.114.203 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:19 Last Seen2023-04-05 02:11:19 Times Seen66 Hash 3a2a0d8bcf50c3cfb56a945079e3ff27 e4ad385cf8fefe0d6227d5e0d98e1ba5769eae52 d5d242e4b1beba556e40d9d709f584ed57f801de0669a5bdae2f2c0598bc0877 Loading...

	power-point-soft.ru/	250 B	2023-03-07	2024-04-19
Pretty URL power-point-soft.ru/ IP 188.40.131.137 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:22 Last Seen2024-04-19 13:21:55 Times Seen612 Hash 537357420024d824760d7686fbdf31fe 5e14660b667fdc602c82300ccf3253afc242e4bb ca2f5769fc415a62dd2cd8af83b9b64604715e602f6de4c7741f9992a7003a29 Loading...

	power-point-soft.ru/	102 B	2023-03-13	2023-03-13
Pretty URL power-point-soft.ru/ IP 188.40.131.137 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:10:18 Last Seen2023-03-13 15:10:18 Times Seen1 Hash c3dc6e1d6eda64605ecc5a5af4fb20f7 3658af3b674408db4313e24f8e2f68c688fcf0a0 a33a7688fea6f863daca3401331fbfc8bde009bd0c160af7b3e0053a8018fea4 Loading...

	af.click.ru/collect_stat.js	913 B	2023-03-07	2024-04-19
Pretty URL af.click.ru/collect_stat.js IP 217.197.112.80 ASN #20655 e-Style ISP LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:20 Last Seen2024-04-19 13:21:56 Times Seen1898 Hash 9531806d16d72f9659eaab01bd09689b 7640f092c2b928c614bb46251477a3c80b3e820b a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa Loading...

	www.acint.net/mc/?dp=10&tc=1	199 B	2023-03-13	2023-03-13
Pretty URL www.acint.net/mc/?dp=10&tc=1 IP 157.90.179.28 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:10:18 Last Seen2023-03-13 15:10:18 Times Seen1 Hash 1bf393bfce585ec9472b989d07327082 acf0c306765976e84e695020e6457a4d7c85d525 000a720f0fcce99671ef7a61f8e4b9151d5b7b8613f97303285401a5506fcc83 Loading...

	power-point-soft.ru/	1.2 kB	2023-03-13	2023-03-13
Pretty URL power-point-soft.ru/ IP 188.40.131.137 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:10:18 Last Seen2023-03-13 15:10:18 Times Seen1 Hash 3d74776d0de6a4770e0d080b2dfe7073 896972f2c132249309898bc463f8e5d7106ef627 911c22f740f1e5633d5769c19f257d5edc41025a408484cf0fcdc72a80b2a2c1 Loading...

	w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_167535927814789	69 B	2023-03-13	2023-03-13
Pretty URL w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_167535927814789 IP 95.163.114.203 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:10:18 Last Seen2023-03-13 15:10:18 Times Seen1 Hash a608ef051d80f1ce98af1cd7dedd2726 e0ba1b2eb065673229bffca30042c02275d4bc16 46ce3efdf7b1c1c6add4822fec5b9f94f2db175dcc93be8898b785dabc6c2852 Loading...

	power-point-soft.ru/	7 B	2023-03-07	2023-04-01
Pretty URL power-point-soft.ru/ IP 188.40.131.137 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:13 Last Seen2023-04-01 11:06:56 Times Seen12 Hash 365944689df7a4488b87a5a3784c1969 99bb0447934b57d901b146b8f361ef23b2d730a2 683bf89602e7a4fcdf67c96ea0ec5212b635119690964126454ffaf5e2f9d3e6 Loading...

	power-point-soft.ru/	306 B	2023-03-13	2023-03-13
Pretty URL power-point-soft.ru/ IP 188.40.131.137 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:10:18 Last Seen2023-03-13 15:10:18 Times Seen1 Hash 50ba7dccdd5f872579b69ed2fbba4a5a e95b92ea6bb98339653651df80489c7b296595f9 b8bfd83289877f5239f54f5cf2bfa48b6427e9e96d1dd5b692e52a0a31a9e507 Loading...

	www.acint.net/aci.js	24 kB	2023-03-13	2023-06-12
Pretty URL www.acint.net/aci.js IP 157.90.179.28 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:07:36 Last Seen2023-06-12 02:52:48 Times Seen787 Hash 8b47c553b5db9d368cda764c4138ada8 e93b817a219fad2762ef75ad6051a4d82afc582b eaba4c606dbd8ce6ad26a8bb999d30e855f8c1c5e194dc675b459c60679e8cb0 Loading...

	tag.digitaltarget.ru/adcm.js	3.1 kB	2023-03-07	2023-05-06
Pretty URL tag.digitaltarget.ru/adcm.js IP 185.15.175.134 ASN #43226 SafeData LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2023-05-06 00:46:41 Times Seen299 Hash e7097284185069f52fc736bcd50cda13 1cdfdf2d869841202079ddf91e0a00a8610812e6 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80 Loading...

	w.uptolike.com/widgets/v1/zp/support.html	15 kB	2023-03-07	2024-04-19
Pretty URL w.uptolike.com/widgets/v1/zp/support.html IP 95.163.114.203 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:19 Last Seen2024-04-19 13:21:55 Times Seen661 Hash b8a26b6e7df1273d31eeb2ee0fb01dff 8f46563c851caa04b2a404e3fb21d6b4bea563c1 744739760dcd2d921ae2974fba5e17f23517a6e4a159ef69d6b4ee0c6445b9a4 Loading...

	get.mycounter.ua/counter2.0.js	3.7 kB	2023-03-07	2024-04-08
Pretty URL get.mycounter.ua/counter2.0.js IP 62.149.0.249 ASN #15497 7heaven LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:13 Last Seen2024-04-08 15:22:00 Times Seen1035 Hash 60dd4a0324b6a778a81131c4dc6b2998 a723d940f991f781044a948e4f423331646bf70a 266a3771ef39c4855333a8ff90d4a48d8c19f2ddb561ceb41a5a8ab4747304f8 Loading...

	power-point-soft.ru/	7 B	2023-03-07	2023-04-01
Pretty URL power-point-soft.ru/ IP 188.40.131.137 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:13 Last Seen2023-04-01 11:06:56 Times Seen12 Hash b4904b27ae5359744d4f486016f4a1e2 2119ef3d4ebfc833d0c4caacbb993a2b1b6ecc16 2ec35c17247503a1d910096c3a351a7af5fb2712668efbf33517ed60e1441ff7 Loading...

	tag.digitaltarget.ru/processor.js?i=351709758292899	16 kB	2023-03-09	2023-05-06
Pretty URL tag.digitaltarget.ru/processor.js?i=351709758292899 IP 185.15.175.134 ASN #43226 SafeData LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:01:11 Last Seen2023-05-06 00:46:42 Times Seen346 Hash 736e2fb1da94f3277e3f931048c1b9f3 196387db95a17da825b629de3542eff901b09905 4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc Loading...

	w.uptolike.com/widgets/v1/extra.js?rnd=0.27363890319271866	4.4 kB	2023-03-12	2023-03-25
Pretty URL w.uptolike.com/widgets/v1/extra.js?rnd=0.27363890319271866 IP 95.163.114.203 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:21:03 Last Seen2023-03-25 23:51:50 Times Seen7 Hash afd66e2139f6dc6aa62adb4341bc6c39 ddface7107d7782e27e202cb2c4de053d426750e a3c40e08badf9b270fa5b32603ffc2bbd24e00b26bd2bafd3737cbd88120418b Loading...

	power-point-soft.ru/	7 B	2023-03-07	2023-04-01
Pretty URL power-point-soft.ru/ IP 188.40.131.137 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:13 Last Seen2023-04-01 11:06:57 Times Seen12 Hash b19ac017931244d0ba1dcf9e9905c1ca 0b4e547d91b4d26c1e6551d7fd44f924914700f4 e9dfb68ad2c615e1968e543d943c2ab4f2eb7cb3454bb3817a9fa86200a4031b Loading...

	w.uptolike.com/widgets/v1/zp.js?pid=lf8c894ad0f8001f6d7e427f4f574ebbd6e149d21d	45 kB	2023-03-13	2023-03-13
Pretty URL w.uptolike.com/widgets/v1/zp.js?pid=lf8c894ad0f8001f6d7e427f4f574ebbd6e149d21d IP 95.163.114.203 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:10:18 Last Seen2023-03-13 15:10:18 Times Seen1 Hash 2d9587a7fcece1f052a5e55ca67eb19c 5c4418c994c9cdde28b4956944e42d449568ea40 0db83cffd06ef38175330d1ee352e63d825ec125edc074ca952ac807686d6f6d Loading...

		Size	First Seen	Last Seen
	#1 Write - 7c6d6a44dbb0881fd68e620999c4e734	526 B	2023-03-07	2024-04-08
Pretty Observations First Seen2023-03-07 12:02:13 Last Seen2024-04-08 15:21:57 Times Seen164 Hash 7c6d6a44dbb0881fd68e620999c4e734 216a07c43ad3fcd949a594c101d24f3a7704696b 69146eb5d4f5e66ef477649dd691d32e134861b6f519898143b47d5d6952437d Loading...

	#2 Write - 7044268fc24a0fd1fb26834b85ad35a1	312 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 15:10:18 Last Seen2023-03-13 15:10:18 Times Seen1 Hash 7044268fc24a0fd1fb26834b85ad35a1 02955e1f9c5a99e92669b1f287b19d596cf0c8ed 2b63a2cd0f80a38b88f8d425a82ce828ff16e67d0ee095494948479330ec5c1f Loading...

HTTP Transactions (149)

URL IP Response Size

power-point-soft.ru/

188.40.131.137

200 OK

20 kB

URL HTTP/1.1
power-point-soft.ru/
IP
188.40.131.137:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1177), with CRLF, LF line terminators
Size
20 kB (19850 bytes)
Hash
97c10cbd5d45d6bb1860179c53b054c0
92d7d566a9039c8028fa1c00c24031ffce0775ea
2fbd7e552c37971b90e80f4ec2eb04fe305bc1e719480f3ae6aef2f53b458dac

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: power-point-soft.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Thu, 02 Feb 2023 17:34:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7872
Expires: Thu, 02 Feb 2023 19:45:22 GMT
Date: Thu, 02 Feb 2023 17:34:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6331
Expires: Thu, 02 Feb 2023 19:19:41 GMT
Date: Thu, 02 Feb 2023 17:34:10 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 16:36:06 GMT
content-type: application/json
age: 3484
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5858
Expires: Thu, 02 Feb 2023 19:11:48 GMT
Date: Thu, 02 Feb 2023 17:34:10 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 24k91+FHIOPCwwMEDhJTcMU/wa3Teazl7nUR+64bsp0k4TBI46wo1CQqaXTkrqe7tFA8RmBunD/9YvLbI+WxcQ==
x-amz-request-id: QEGJBYCAG2F6WN0Y
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 17:23:12 GMT
age: 658
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:34:10 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

power-point-soft.ru/wp-content/themes/whiteplus/style.css

188.40.131.137

200 OK

9.2 kB

URL HTTP/1.1
power-point-soft.ru/wp-content/themes/whiteplus/style.css
IP
188.40.131.137:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
9.2 kB (9179 bytes)
Hash
907eae940967046cd089e0b771215f34
29844ef0e718f845d3cd56293773c50732b3b879
5b9b04d50afeaed86fdb4126cf16a967611785530c6c376b5678c8572bd5cd79

HTTP Headers

GET /wp-content/themes/whiteplus/style.css HTTP/1.1
Host: power-point-soft.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://power-point-soft.ru/

HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Thu, 02 Feb 2023 17:34:10 GMT
Content-Type: text/css
Content-Length: 9179
Last-Modified: Wed, 02 Nov 2022 17:38:37 GMT
Connection: keep-alive
ETag: "6362ab1d-23db"
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
81c829db29f27622e18991cfe5733c7e
ff806425f5006349d91e1bede211298bdfe66d75
22d618df983a0c5692a3f28231d272898719727a3c4fc00fc3b5a248a367bcff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22D618DF983A0C5692A3F28231D272898719727A3C4FC00FC3B5A248A367BCFF"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5793
Expires: Thu, 02 Feb 2023 19:10:43 GMT
Date: Thu, 02 Feb 2023 17:34:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
511c5756affcd18c790682dbd9e5dc43
dc7ad19ae371fc22c49958ff907ce6f727c38dc4
812fce75a6a36e769c9f04896b9258568cf6495f660c950e3949f33b82d4fc13

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "812FCE75A6A36E769C9F04896B9258568CF6495F660C950E3949F33B82D4FC13"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19117
Expires: Thu, 02 Feb 2023 22:52:47 GMT
Date: Thu, 02 Feb 2023 17:34:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d82139609e323e908fac5d93cc352a0
16464d86dbab5ffda5e66d870c5d139ee69f9422
dafce9d952b644da844563623a477eec073d696e74275b56b8329ed44b64aa57

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAFCE9D952B644DA844563623A477EEC073D696E74275B56B8329ED44B64AA57"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13529
Expires: Thu, 02 Feb 2023 21:19:39 GMT
Date: Thu, 02 Feb 2023 17:34:10 GMT
Connection: keep-alive

get.mycounter.ua/counter2.0.js

62.149.0.249

200 OK

3.7 kB

URL HTTP/1.1
get.mycounter.ua/counter2.0.js
IP
62.149.0.249:0
ASN
#15497 7heaven LLC

File type
HTML document, ASCII text
Size
3.7 kB (3653 bytes)
Hash
60dd4a0324b6a778a81131c4dc6b2998
a723d940f991f781044a948e4f423331646bf70a
266a3771ef39c4855333a8ff90d4a48d8c19f2ddb561ceb41a5a8ab4747304f8

HTTP Headers

GET /counter2.0.js HTTP/1.1
Host: get.mycounter.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://power-point-soft.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Thu, 02 Feb 2023 17:34:10 GMT
Content-Type: application/javascript
Content-Length: 3653
Last-Modified: Mon, 11 Jan 2021 22:30:07 GMT
Connection: keep-alive
ETag: "5ffcd16f-e45"
Expires: Thu, 02 Feb 2023 18:34:10 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes

power-point-soft.ru/wp-content/themes/whiteplus/images/header.png

188.40.131.137

200 OK

329 kB

URL HTTP/1.1
power-point-soft.ru/wp-content/themes/whiteplus/images/header.png
IP
188.40.131.137:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 960 x 180, 8-bit/color RGB, non-interlaced\012- data
Size
329 kB (328890 bytes)
Hash
4b2a26d88c10781d50f7cad79afdfd73
b6afe07e7fa7634e63bac96b176719d29c27b37a
eb94fcd81fae9a85d78e424d2440b37c39ccfad07ad52d673c7d12768fe09764

HTTP Headers

GET /wp-content/themes/whiteplus/images/header.png HTTP/1.1
Host: power-point-soft.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://power-point-soft.ru/wp-content/themes/whiteplus/style.css

HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Thu, 02 Feb 2023 17:34:10 GMT
Content-Type: image/png
Content-Length: 328890
Last-Modified: Wed, 02 Nov 2022 17:38:37 GMT
Connection: keep-alive
ETag: "6362ab1d-504ba"
Accept-Ranges: bytes

www.acint.net/aci.js

157.90.179.28

200 OK

7.8 kB

URL HTTP/2
www.acint.net/aci.js
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (1649)
Size
7.8 kB (7784 bytes)
Hash
777eef0db9280e74fe8d3e0e9561da9c
f8316623410b9735dd07b6e12a2f29352c0aa4cd
985dc8f4eb0a0b4629fa8e6d86f741ee8d22b7a0a1f64be2e9e9f2c96c9cf772

HTTP Headers

GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://power-point-soft.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 17:34:10 GMT
content-type: application/x-javascript
content-length: 7784
last-modified: Thu, 02 Feb 2023 13:54:30 GMT
etag: "63dbc096-1e68"
content-encoding: gzip
expires: Fri, 03 Feb 2023 05:34:10 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2

get.mycounter.ua/counter.php?id=174528&w=http%3A//power-point-soft.ru/&s=1280x1024x24&c=1&j=5

62.149.0.249

200 OK

636 B

URL HTTP/1.1
get.mycounter.ua/counter.php?id=174528&w=http%3A//power-point-soft.ru/&s=1280x1024x24&c=1&j=5
IP
62.149.0.249:0
ASN
#15497 7heaven LLC

File type
PNG image data, 88 x 31, 8-bit colormap, non-interlaced\012- data
Size
636 B (636 bytes)
Hash
f3faa194d3fd021659df779cd6bd6e2d
b2ce50f3bcd81080ee715c94d4babcc775a7c596
b15002bb7a614340d19a5fcf3bc9c91252e4bda0b160d82291465aa6a866b94a

HTTP Headers

GET /counter.php?id=174528&w=http%3A//power-point-soft.ru/&s=1280x1024x24&c=1&j=5 HTTP/1.1
Host: get.mycounter.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://power-point-soft.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 636
Connection: keep-alive
Date: Thu, 02 Feb 2023 19:34:10 GMT
Server: MyCounter TCP Server v.2.0.0
Accept-Ranges: bytes
Expires: 0
Cache-control: no-cache

www.acint.net/oci.js?t=1675359278029

157.90.179.28

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/oci.js?t=1675359278029
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /oci.js?t=1675359278029 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://power-point-soft.ru/

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 17:34:10 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/oci.js?t=1675359278029

www.acint.net/mc/?dp=10

157.90.179.28

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/mc/?dp=10
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://power-point-soft.ru/
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 17:34:10 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10

www.acint.net/hit/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=28366412&u=http%3A%2F%2Fpower-point-soft.ru%2F&r=&rs=1280x1024&t=Sportactiviteiten%20und%20Radfahren%20als%20Lebensgef%C3%BChl%20%7C%20power-point-soft.ru%20(2023)&oE=1&oP=1&dT=2023-02-02T17%3A34%3A38.027&fu=f2b20572-8778-4aef-92d9-edff7d25a696

157.90.179.28

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/hit/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=28366412&u=http%3A%2F%2Fpower-point-soft.ru%2F&r=&rs=1280x1024&t=Sportactiviteiten%20und%20Radfahren%20als%20Lebensgef%C3%BChl%20%7C%20power-point-soft.ru%20(2023)&oE=1&oP=1&dT=2023-02-02T17%3A34%3A38.027&fu=f2b20572-8778-4aef-92d9-edff7d25a696
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /hit/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=28366412&u=http%3A%2F%2Fpower-point-soft.ru%2F&r=&rs=1280x1024&t=Sportactiviteiten%20und%20Radfahren%20als%20Lebensgef%C3%BChl%20%7C%20power-point-soft.ru%20(2023)&oE=1&oP=1&dT=2023-02-02T17%3A34%3A38.027&fu=f2b20572-8778-4aef-92d9-edff7d25a696 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://power-point-soft.ru/

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 17:34:10 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=28366412&u=http%3A%2F%2Fpower-point-soft.ru%2F&r=&rs=1280x1024&t=Sportactiviteiten%20und%20Radfahren%20als%20Lebensgef%C3%BChl%20%7C%20power-point-soft.ru%20(2023)&oE=1&oP=1&dT=2023-02-02T17%3A34%3A38.027&fu=f2b20572-8778-4aef-92d9-edff7d25a696

w.uptolike.com/widgets/v1/zp.js?pid=lf8c894ad0f8001f6d7e427f4f574ebbd6e149d21d

95.163.114.203

200 OK

11 kB

URL HTTP/1.1
w.uptolike.com/widgets/v1/zp.js?pid=lf8c894ad0f8001f6d7e427f4f574ebbd6e149d21d
IP
95.163.114.203:0
ASN
#12695 LLC Digital Network

File type
ASCII text, with very long lines (585)
Size
11 kB (11200 bytes)
Hash
942940964c39b3b5933631dbf9a6f2eb
7b23fa6c262967b11170da19813afc41d1430247
7a7b6f7ac45516b5026b77d481a57cd45890ee2ce755a03919c5612a3d0895eb

HTTP Headers

GET /widgets/v1/zp.js?pid=lf8c894ad0f8001f6d7e427f4f574ebbd6e149d21d HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://power-point-soft.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 17:34:10 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: utl_id2=30541013587; Expires=Sat, 01 Feb 2025 17:34:10 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="CKTUxZnhMBAAIKSlkKLhMCikpZCi4TAwAHHw8zgCDGiKP6tmfmL23zA="; Expires=Sat, 01 Feb 2025 17:34:10 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
Cache-Control: max-age=31556926
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip

www.acint.net/mc/?dp=10

157.90.179.28

302 Found

154 B

URL HTTP/2
www.acint.net/mc/?dp=10
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://power-point-soft.ru/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Thu, 02-Feb-23 17:44:11 GMT
aid=fwAAAWPb9BNEWANfBFuYAgclTgBO/Vs1RNah7WUn9S+ftThf; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/hit/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=28366412&u=http%3A%2F%2Fpower-point-soft.ru%2F&r=&rs=1280x1024&t=Sportactiviteiten%20und%20Radfahren%20als%20Lebensgef%C3%BChl%20%7C%20power-point-soft.ru%20(2023)&oE=1&oP=1&dT=2023-02-02T17%3A34%3A38.027&fu=f2b20572-8778-4aef-92d9-edff7d25a696
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hit/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=28366412&u=http%3A%2F%2Fpower-point-soft.ru%2F&r=&rs=1280x1024&t=Sportactiviteiten%20und%20Radfahren%20als%20Lebensgef%C3%BChl%20%7C%20power-point-soft.ru%20(2023)&oE=1&oP=1&dT=2023-02-02T17%3A34%3A38.027&fu=f2b20572-8778-4aef-92d9-edff7d25a696 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://power-point-soft.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=LgR5GmPb9BNDqwPHyzXtAtVYVxiY/rXzviaWhqfi0l9BtayW; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 16:49:05 GMT
age: 2706
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_167535927814789

95.163.114.203

200 OK

83 B

URL HTTP/1.1
w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_167535927814789
IP
95.163.114.203:0
ASN
#12695 LLC Digital Network

File type
ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
675e39e377afea5b9bfc3e2f519bbe17
d0551cc9862405c2d290925c5c3267eba32dc50b
e86bbf3bc843b28637a98d996c6559826a09cf9ea5051a46e77cdecd57621c24

HTTP Headers

GET /widgets/v1/version.js?cb=cb__utl_cb_share_167535927814789 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://power-point-soft.ru/
Cookie: utl_id2=30541013587; utl_dat="CKTUxZnhMBAAIKSlkKLhMCikpZCi4TAwAHHw8zgCDGiKP6tmfmL23zA="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 17:34:11 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 24 Jan 2023 08:31:58 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Set-Cookie: utl_id2=30541013587; Expires=Sat, 01 Feb 2025 17:34:11 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="CKTUxZnhMBAAIKSlkKLhMCikpZCi4TAwAHHw8zgCDGiKP6tmfmL23zA="; Expires=Sat, 01 Feb 2025 17:34:11 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip

power-point-soft.ru/favicon.ico

188.40.131.137

404 Not Found

209 B

URL HTTP/1.1
power-point-soft.ru/favicon.ico
IP
188.40.131.137:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
209 B (209 bytes)
Hash
18ffb59b61525f781cf9251045be575d
bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: power-point-soft.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://power-point-soft.ru/
Cookie: s=1; fid=f2b20572-8778-4aef-92d9-edff7d25a696

HTTP/1.1 404 Not Found
Server: nginx/1.16.1
Date: Thu, 02 Feb 2023 17:34:11 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive

mc.yandex.ru/metrika/watch.js

87.250.251.119

302 Moved temporarily

0 B

URL HTTP/1.1
mc.yandex.ru/metrika/watch.js
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://power-point-soft.ru/

HTTP/1.1 302 Moved temporarily
Content-Length: 0
Location: https://mc.yandex.ru/metrika/watch.js

ocsp2.globalsign.com/gsalphasha2g2

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
f74b71e260a5e4e6a6ea47064b45a86a
d49998534dba400015a360d57e6c364b806817dc
272379906100ea00fcde0033fd40e0b563022759279e43a6a7863cfd964797ce

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:34:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 06 Feb 2023 15:17:52 GMT
ETag: "d49998534dba400015a360d57e6c364b806817dc"
Last-Modified: Thu, 02 Feb 2023 15:17:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3068
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934ad184a84b518-OSL

counter.yadro.ru/hit?t14.6;r;s1280*1024*24;uhttp%3A//power-point-soft.ru/;hSportactiviteiten%20und%20Radfahren%20als%20Lebensgef%FChl%20%7C%20power-point-soft.ru%20%282023%29;0.07746188337997706

88.212.202.52

200 OK

193 B

URL HTTP/1.1
counter.yadro.ru/hit?t14.6;r;s1280*1024*24;uhttp%3A//power-point-soft.ru/;hSportactiviteiten%20und%20Radfahren%20als%20Lebensgef%FChl%20%7C%20power-point-soft.ru%20%282023%29;0.07746188337997706
IP
88.212.202.52:0
ASN
#39134 United Network LLC

File type
GIF image data, version 87a, 88 x 31\012- data
Size
193 B (193 bytes)
Hash
ed74e55595d17d3c3e88817bcdd0458a
9117dcf332052483c97e023f67f484e97c3ed74c
df506c85a2d29ccc1717eba457627ab7e0c09af0c2d6af3f18c6a80e4b98a239

HTTP Headers

GET /hit?t14.6;r;s1280*1024*24;uhttp%3A//power-point-soft.ru/;hSportactiviteiten%20und%20Radfahren%20als%20Lebensgef%FChl%20%7C%20power-point-soft.ru%20%282023%29;0.07746188337997706 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://power-point-soft.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 17:34:11 GMT
Content-Type: image/gif
Content-Length: 193
Connection: keep-alive
Expires: Tue, 01 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d70f1cb18a126c2e00820d9a4c3580d5
9bb09bc547b0c3133ded9285be6a3c1fbb9434f0
d6a83867bb58f8bc2e55f993a8d5e0747da1ead394b66e238de1c2a82730c722

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6A83867BB58F8BC2E55F993A8D5E0747DA1EAD394B66E238DE1C2A82730C722"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14399
Expires: Thu, 02 Feb 2023 21:34:10 GMT
Date: Thu, 02 Feb 2023 17:34:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c70fa210db8cb3a65d555bef49e050bc
8a834fe202d34465e13fdaefc7562702097e0fdc
d13d61f106ad0d5b69027daa0e626df63e0aaeac2f46f244f0806bcc90f69e0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D13D61F106AD0D5B69027DAA0E626DF63E0AAEAC2F46F244F0806BCC90F69E0F"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6372
Expires: Thu, 02 Feb 2023 19:20:23 GMT
Date: Thu, 02 Feb 2023 17:34:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e798950bda0d223c428c68b3bc79c280
ce614125a64c75310142da2a7a0edba425f0fe71
04a09a43fd071a2426aa56f15b14bc65ca366381e00e647de8623351111d374f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04A09A43FD071A2426AA56F15B14BC65CA366381E00E647DE8623351111D374F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4931
Expires: Thu, 02 Feb 2023 18:56:22 GMT
Date: Thu, 02 Feb 2023 17:34:11 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
567a77d32078f8c056112c4b4f4c3aeb
d25a2c066a19b96052c8cf886b9d942df1297cdc
44102bb97a1b5d4d7b29801e622fcbaf459b7b648d3369e09c682782044d3da5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4057
Cache-Control: max-age=169838
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:34:11 GMT
Etag: "63dbd8a8-117"
Expires: Sat, 04 Feb 2023 16:44:49 GMT
Last-Modified: Thu, 02 Feb 2023 15:37:12 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10664
Expires: Thu, 02 Feb 2023 20:31:55 GMT
Date: Thu, 02 Feb 2023 17:34:11 GMT
Connection: keep-alive

ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D

193.3.184.211

302 Moved Temporarily

142 B

URL HTTP/1.1
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP
193.3.184.211:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 17:34:11 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=4502420A13F4DB6348004BC0022E2CED
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkICRWPb9BPASwBI7SwuAqC25QoL5rcNj3rg3a1olaQuYLX6; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None

ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D

185.147.80.35

302 Found

74 B

URL HTTP/1.1
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP
185.147.80.35:0
ASN
#41722 Miran Ltd.

File type
HTML document, ASCII text
Size
74 B (74 bytes)
Hash
ab805d34dd25e26ad7a6ad1b7643e909
57c514f94fb1c90650e6faae78bbed05d14dc271
220e67afbd4a20594a6e54e17fa7bb9adc6d3818482b2280a19e1f7071260813

HTTP Headers

GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Thu, 02 Feb 2023 17:34:11 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 74
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=EOABIGJU
Set-Cookie: uid=EOABIGJU; Expires=Sun, 30 Jan 2033 17:34:11 GMT

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
45e6d7d933f6b26997db5739ce5c133c
6d856ac89dcb8ce84c1fc1e6c6b222c6da86911f
facbebfb075b1127082db3286c31dd544d653749e0fb07c239a2bd68ac7c0cd3

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:34:11 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 06 Feb 2023 13:32:06 GMT
ETag: "6d856ac89dcb8ce84c1fc1e6c6b222c6da86911f"
Last-Modified: Thu, 02 Feb 2023 13:32:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1550
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934ad19ace4b50c-OSL

www.acint.net/oci/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=65925087&oid=39e8192718f4ed5a678fc273d654392b

157.90.179.28

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/oci/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=65925087&oid=39e8192718f4ed5a678fc273d654392b
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /oci/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=65925087&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://power-point-soft.ru/

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 17:34:11 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/oci/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=65925087&oid=39e8192718f4ed5a678fc273d654392b

ocsp2.globalsign.com/gsalphasha2g2

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
7ce6d5f7b26db251a90b7fecd1d24cae
671be8e657de6b65824a7eb1cef6e0946e2e5928
9de9bb27649f92d96ee73ec67c6144a5c4414d8de954a710026c3f55bea4fc85

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:34:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 06 Feb 2023 14:27:57 GMT
ETag: "671be8e657de6b65824a7eb1cef6e0946e2e5928"
Last-Modified: Thu, 02 Feb 2023 14:27:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 119
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934ad19acb1b518-OSL

dm-eu.hybrid.ai/match?id=106&vid=1A79042E13F4DB63C703AB4302ED35CB

37.18.103.21

204 No Content

0 B

URL HTTP/2
dm-eu.hybrid.ai/match?id=106&vid=1A79042E13F4DB63C703AB4302ED35CB
IP
37.18.103.21:0
ASN
#205675 Hybrid LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?id=106&vid=1A79042E13F4DB63C703AB4302ED35CB HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 02 Feb 2023 17:34:11 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=d1c3117b374535b57348; Expires=Fri, 02 Feb 2024 17:34:10 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 507
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.acint.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c38aef777743922d08ac552bdc4b3968
d0f8258c4a8aeb9259973c4492e6c9cf7518e744
a521d1d7702d2f422b03313d0e76e34eda17838bd8e989464e1bd72cbd5c9b34

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A521D1D7702D2F422B03313D0E76E34EDA17838BD8E989464E1BD72CBD5C9B34"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6581
Expires: Thu, 02 Feb 2023 19:23:52 GMT
Date: Thu, 02 Feb 2023 17:34:11 GMT
Connection: keep-alive

www.acint.net/match?dp=129&euid=stewkrltrc

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=129&euid=stewkrltrc
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=129&euid=stewkrltrc HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgR5GmPb9BNDqwPHyzXtAtVYVxiY/rXzviaWhqfi0l9BtayW; cSyncDp7v2=1675359251; cSyncDp14v3=1675359251; cSyncDp17=1675359251; cSyncDp32=1675359251; cSyncDp45v3=1675359251; cSyncDp53v2=1675359251; cSyncDp62=1675359251; cSyncDp67v2=1675359251; cSyncDp68=1675359251; cSyncDp71=1675359251; cSyncDp85=1675359251; cSyncDp95v3=1675359251; cSyncDp98v2=1675359251; cSyncDp101=1675359251; cSyncDp104v2=1675359251; cSyncDp107=1675359251; cSyncDp110=1675359251; cSyncDp125v3=1675359251; cSyncDp126=1675359251; cSyncDp127=1675359251; cSyncDp129=1675359251; cSyncDp136v2=1675359251; cSyncDp146=1675359251; cSyncDp148=1675359251; cSyncDp149v2=1675359251; cSyncDp151=1675359251; cSyncDp178=1675359251; cSyncDp186=1675359251; cSyncDp221=1675359251; cSyncDp235=1675359251
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
51cfb5862bf78d09a0767f42c8ce6977
343dd79322dd325633f06085c247e80f33672de7
1b42170b66a980e2318a0218e42e467044232be0254de130e4ac8594757f25e3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B42170B66A980E2318A0218E42E467044232BE0254DE130E4AC8594757F25E3"
Last-Modified: Tue, 31 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12761
Expires: Thu, 02 Feb 2023 21:06:52 GMT
Date: Thu, 02 Feb 2023 17:34:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d5aa03d944374e364d4fdbb8f9cbf95e
43e3c5a8a5ff027de3c9ad9a41b572e4f33e72f9
483314668ec3c34108277a26d39a4282ce255e416cb5cec43e3d30d5340b8138

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "483314668EC3C34108277A26D39A4282CE255E416CB5CEC43E3D30D5340B8138"
Last-Modified: Wed, 01 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12846
Expires: Thu, 02 Feb 2023 21:08:17 GMT
Date: Thu, 02 Feb 2023 17:34:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29cbed0f6d8c99166782eb19e3b3b40a
a79f0c9f23b25cd341b7810ae7c65b4f2c606193
17b752520814b21a538551090467600dc8cefa1ca4da6f660c8046c729ccf316

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17B752520814B21A538551090467600DC8CEFA1CA4DA6F660C8046C729CCF316"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6358
Expires: Thu, 02 Feb 2023 19:20:09 GMT
Date: Thu, 02 Feb 2023 17:34:11 GMT
Connection: keep-alive

sync.bumlam.com/?src=sap1&uid=1A79042E13F4DB63C703AB4302ED35CB

31.172.81.172

302 Moved Temporarily

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sap1&uid=1A79042E13F4DB63C703AB4302ED35CB
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sap1&uid=1A79042E13F4DB63C703AB4302ED35CB HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 17:34:11 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRjZTFhMDZjOC1hMzFmLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Wed, 28 Jan 2043 17:34:11 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARiT6O-eBmIgMUE3OTA0MkUxM0Y0REI2M0M3MDNBQjQzMDJFRDM1Q0KiARDOGgbIox8R7aHEACWQyCQ3
ETag: ce1a06c8-a31f-11ed-a1c4-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bac30724b4d5e7813c3f649da4c1be81
68709ea92544ba83880208fb1a9923010a97652d
319df7ec746969bf3e8b84e1a846d2bb09f3e9f6fd2ef0887989698357ed245f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "319DF7EC746969BF3E8B84E1A846D2BB09F3E9F6FD2EF0887989698357ED245F"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5070
Expires: Thu, 02 Feb 2023 18:58:41 GMT
Date: Thu, 02 Feb 2023 17:34:11 GMT
Connection: keep-alive

sync.dmp.otm-r.com/match/sape?id=1A79042E13F4DB63C703AB4302ED35CB

194.55.244.186

204 No Content

0 B

URL HTTP/2
sync.dmp.otm-r.com/match/sape?id=1A79042E13F4DB63C703AB4302ED35CB
IP
194.55.244.186:0
ASN
#34959 Kviktel LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/sape?id=1A79042E13F4DB63C703AB4302ED35CB HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx/1.23.2
date: Thu, 02 Feb 2023 17:34:11 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
08ffbd617e3c4fe6363eac8207df7517
9e609b37c80b441d84d4bc50b28679f40bf87d2d
00f9131e6fd8f03c2f2a9bdf857c64a366587907d39826e6b7df365257de63e6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00F9131E6FD8F03C2F2A9BDF857C64A366587907D39826E6B7DF365257DE63E6"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2491
Expires: Thu, 02 Feb 2023 18:15:42 GMT
Date: Thu, 02 Feb 2023 17:34:11 GMT
Connection: keep-alive

www.acint.net/match?dp=95&euid=EOABIGJU

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=95&euid=EOABIGJU
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=95&euid=EOABIGJU HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgR5GmPb9BNDqwPHyzXtAtVYVxiY/rXzviaWhqfi0l9BtayW; cSyncDp7v2=1675359251; cSyncDp14v3=1675359251; cSyncDp17=1675359251; cSyncDp32=1675359251; cSyncDp45v3=1675359251; cSyncDp53v2=1675359251; cSyncDp62=1675359251; cSyncDp67v2=1675359251; cSyncDp68=1675359251; cSyncDp71=1675359251; cSyncDp85=1675359251; cSyncDp95v3=1675359251; cSyncDp98v2=1675359251; cSyncDp101=1675359251; cSyncDp104v2=1675359251; cSyncDp107=1675359251; cSyncDp110=1675359251; cSyncDp125v3=1675359251; cSyncDp126=1675359251; cSyncDp127=1675359251; cSyncDp129=1675359251; cSyncDp136v2=1675359251; cSyncDp146=1675359251; cSyncDp148=1675359251; cSyncDp149v2=1675359251; cSyncDp151=1675359251; cSyncDp178=1675359251; cSyncDp186=1675359251; cSyncDp221=1675359251; cSyncDp235=1675359251
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/mc/?dp=10&tc=1

157.90.179.28

200 OK

1.3 kB

URL HTTP/2
www.acint.net/mc/?dp=10&tc=1
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.3 kB (1282 bytes)
Hash
7e85950f7b310aaf766796ea46b99811
10e49d32804fda22d0cbf1cf84218a3c0ec8fc57
e04210991516d50da06704da8ef580b1b544e2225f70abc322ec07d0c8593531

HTTP Headers

GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://power-point-soft.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgR5GmPb9BNDqwPHyzXtAtVYVxiY/rXzviaWhqfi0l9BtayW
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1675359251; expires=Fri, 03-Feb-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53v2=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp98v2=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1675359251; expires=Thu, 16-Feb-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v3=1675359251; expires=Fri, 17-Feb-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp235=1675359251; expires=Sat, 04-Mar-23 17:34:11 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2

a.utraff.com/sync?ssp=Sape

104.21.59.66

204 No Content

0 B

URL HTTP/2
a.utraff.com/sync?ssp=Sape
IP
104.21.59.66:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync?ssp=Sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Sat, 04 Mar 2023 20:34:11 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Sat, 04 Mar 2023 20:34:11 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xv4E7NLOnfw4%2Fdr3bIAPp6MvhLxybSTR%2F4fgynkh6qlEHDrXOZWP6%2BTDlGy4MKYEK0I9uQ4AA3S33nUsMRBoYBA%2BTWFMyF%2BmdwHUd0WcRZLBLXJ%2Fb1kip8SmusLKa3s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934ad19adf0fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.acint.net/oci/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=65925087&oid=39e8192718f4ed5a678fc273d654392b

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/oci/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=65925087&oid=39e8192718f4ed5a678fc273d654392b
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /oci/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=65925087&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://power-point-soft.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgR5GmPb9BNDqwPHyzXtAtVYVxiY/rXzviaWhqfi0l9BtayW; cSyncDp7v2=1675359251; cSyncDp14v3=1675359251; cSyncDp17=1675359251; cSyncDp32=1675359251; cSyncDp45v3=1675359251; cSyncDp53v2=1675359251; cSyncDp62=1675359251; cSyncDp67v2=1675359251; cSyncDp68=1675359251; cSyncDp71=1675359251; cSyncDp85=1675359251; cSyncDp95v3=1675359251; cSyncDp98v2=1675359251; cSyncDp101=1675359251; cSyncDp104v2=1675359251; cSyncDp107=1675359251; cSyncDp110=1675359251; cSyncDp125v3=1675359251; cSyncDp126=1675359251; cSyncDp127=1675359251; cSyncDp129=1675359251; cSyncDp136v2=1675359251; cSyncDp146=1675359251; cSyncDp148=1675359251; cSyncDp149v2=1675359251; cSyncDp151=1675359251; cSyncDp178=1675359251; cSyncDp186=1675359251; cSyncDp221=1675359251; cSyncDp235=1675359251
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

acint.net/match?dp=14&euid=4502420A13F4DB6348004BC0022E2CED

157.90.179.28

200 OK

43 B

URL HTTP/2
acint.net/match?dp=14&euid=4502420A13F4DB6348004BC0022E2CED
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=14&euid=4502420A13F4DB6348004BC0022E2CED HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgR5GmPb9BNDqwPHyzXtAtVYVxiY/rXzviaWhqfi0l9BtayW; cSyncDp7v2=1675359251; cSyncDp14v3=1675359251; cSyncDp17=1675359251; cSyncDp32=1675359251; cSyncDp45v3=1675359251; cSyncDp53v2=1675359251; cSyncDp62=1675359251; cSyncDp67v2=1675359251; cSyncDp68=1675359251; cSyncDp71=1675359251; cSyncDp85=1675359251; cSyncDp95v3=1675359251; cSyncDp98v2=1675359251; cSyncDp101=1675359251; cSyncDp104v2=1675359251; cSyncDp107=1675359251; cSyncDp110=1675359251; cSyncDp125v3=1675359251; cSyncDp126=1675359251; cSyncDp127=1675359251; cSyncDp129=1675359251; cSyncDp136v2=1675359251; cSyncDp146=1675359251; cSyncDp148=1675359251; cSyncDp149v2=1675359251; cSyncDp151=1675359251; cSyncDp178=1675359251; cSyncDp186=1675359251; cSyncDp221=1675359251; cSyncDp235=1675359251
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

s.uuidksinc.net/match/396/?remote_uid=1A79042E13F4DB63C703AB4302ED35CB

31.220.27.134

302 Found

0 B

URL HTTP/2
s.uuidksinc.net/match/396/?remote_uid=1A79042E13F4DB63C703AB4302ED35CB
IP
31.220.27.134:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/396/?remote_uid=1A79042E13F4DB63C703AB4302ED35CB HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.19.0
date: Thu, 02 Feb 2023 17:34:11 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=7i4TMkGiEeYW4nltJ4wZ
set-cookie: jcsuuid=7i4TMkGiEeYW4nltJ4wZ; expires=Fri, 02 Feb 2024 17:34:11 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

nr.bidderstack.com/sape/cm?user_id=1A79042E13F4DB63C703AB4302ED35CB

23.88.12.13

200 OK

44 B

URL HTTP/1.1
nr.bidderstack.com/sape/cm?user_id=1A79042E13F4DB63C703AB4302ED35CB
IP
23.88.12.13:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
44 B (44 bytes)
Hash
f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

HTTP Headers

GET /sape/cm?user_id=1A79042E13F4DB63C703AB4302ED35CB HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 17:34:11 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Access-Control-Allow-Credentials: true

sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042E13F4DB63C703AB4302ED35CB

87.242.89.90

200 OK

12 B

URL HTTP/2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042E13F4DB63C703AB4302ED35CB
IP
87.242.89.90:0
ASN
#25532 LLC masterhost

File type
exported SGML document, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
d8932e1cb3ee147415fbf5591a7217ca
97da5b95fb7f60ecd8d9ed0e5a05d83ad5a9c070
c0327cbcde50f1ab8228334a550b947301123d6f6f7d625707cb6d08a1faec35

HTTP Headers

GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042E13F4DB63C703AB4302ED35CB HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: text/html
content-length: 12
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
etag: "63d8131e-c"
accept-ranges: bytes
server: elb
X-Firefox-Spdy: h2

ocsp.globalsign.com/alphasslcasha256g4

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/alphasslcasha256g4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1437 bytes)
Hash
4268678e070c993e17d481d84ade98da
d51b699d742476864ae8226b8dc8d1795ee7aec1
f06042fb4cdbcfa5ab58cf2569e4831dd2fd3965dd2c1ae9909dfdd0e599c4bd

HTTP Headers

POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:34:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Mon, 06 Feb 2023 15:40:41 GMT
ETag: "d51b699d742476864ae8226b8dc8d1795ee7aec1"
Last-Modified: Thu, 02 Feb 2023 15:40:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2238
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934ad1a8e5bb50c-OSL

sync.bumlam.com/?src=sap1&s_data=CAIQARiT6O-eBmIgMUE3OTA0MkUxM0Y0REI2M0M3MDNBQjQzMDJFRDM1Q0KiARDOGgbIox8R7aHEACWQyCQ3

31.172.81.172

200 OK

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sap1&s_data=CAIQARiT6O-eBmIgMUE3OTA0MkUxM0Y0REI2M0M3MDNBQjQzMDJFRDM1Q0KiARDOGgbIox8R7aHEACWQyCQ3
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sap1&s_data=CAIQARiT6O-eBmIgMUE3OTA0MkUxM0Y0REI2M0M3MDNBQjQzMDJFRDM1Q0KiARDOGgbIox8R7aHEACWQyCQ3 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRjZTFhMDZjOC1hMzFmLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 17:34:11 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRjZTFhMDZjOC1hMzFmLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Wed, 28 Jan 2043 17:34:11 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

acint.net/match?dp=110&euid=3ddf23e3b5ef435f896f0ac0cbc33cf8

157.90.179.28

200 OK

43 B

URL HTTP/2
acint.net/match?dp=110&euid=3ddf23e3b5ef435f896f0ac0cbc33cf8
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=110&euid=3ddf23e3b5ef435f896f0ac0cbc33cf8 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgR5GmPb9BNDqwPHyzXtAtVYVxiY/rXzviaWhqfi0l9BtayW; cSyncDp7v2=1675359251; cSyncDp14v3=1675359251; cSyncDp17=1675359251; cSyncDp32=1675359251; cSyncDp45v3=1675359251; cSyncDp53v2=1675359251; cSyncDp62=1675359251; cSyncDp67v2=1675359251; cSyncDp68=1675359251; cSyncDp71=1675359251; cSyncDp85=1675359251; cSyncDp95v3=1675359251; cSyncDp98v2=1675359251; cSyncDp101=1675359251; cSyncDp104v2=1675359251; cSyncDp107=1675359251; cSyncDp110=1675359251; cSyncDp125v3=1675359251; cSyncDp126=1675359251; cSyncDp127=1675359251; cSyncDp129=1675359251; cSyncDp136v2=1675359251; cSyncDp146=1675359251; cSyncDp148=1675359251; cSyncDp149v2=1675359251; cSyncDp151=1675359251; cSyncDp178=1675359251; cSyncDp186=1675359251; cSyncDp221=1675359251; cSyncDp235=1675359251
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/watch.js

87.250.251.119

200 OK

58 kB

URL HTTP/2
mc.yandex.ru/metrika/watch.js
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (554)
Size
58 kB (58140 bytes)
Hash
315a601116a9b3b0fbc85feb58375ba4
5d283ed923d0b3beb8a2ec4e80c2958d1d132fbf
251ba0fc04953e3615e7c19a9a10c5d6a4f25cc03bef190f8a5e7c6cd72a991a

HTTP Headers

GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://power-point-soft.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 58140
date: Thu, 02 Feb 2023 17:34:11 GMT
access-control-allow-origin: *
etag: "63c93a4b-e31c"
expires: Thu, 02 Feb 2023 18:34:11 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

match.new-programmatic.com/userbind?src=sape&id=1A79042E13F4DB63C703AB4302ED35CB

217.65.2.150

204 No Content

0 B

URL HTTP/1.1
match.new-programmatic.com/userbind?src=sape&id=1A79042E13F4DB63C703AB4302ED35CB
IP
217.65.2.150:0
ASN
#3175 Filanco LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userbind?src=sape&id=1A79042E13F4DB63C703AB4302ED35CB HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Thu, 02 Feb 2023 17:34:11 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

cs.agency2.ru/p?ssp=sp&uid=1A79042E13F4DB63C703AB4302ED35CB

23.111.107.44

301 Moved Permanently

0 B

URL HTTP/1.1
cs.agency2.ru/p?ssp=sp&uid=1A79042E13F4DB63C703AB4302ED35CB
IP
23.111.107.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sp&uid=1A79042E13F4DB63C703AB4302ED35CB HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 17:34:11 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=7e2a3f49-2f61-458c-8d59-527e9210f7de
Set-Cookie: uuid=7e2a3f49-2f61-458c-8d59-527e9210f7de; expires=Wed, 24 Jan 2024 17:34:11 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44

sync.upravel.com/sape/sync

148.251.78.49

302 Found

0 B

URL HTTP/2
sync.upravel.com/sape/sync
IP
148.251.78.49:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1675359251622;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1675359251622;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

sync.bumlam.com/?src=sape

31.172.81.172

302 Moved Temporarily

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sape
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRjZTFhMDZjOC1hMzFmLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 17:34:11 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRjZTFhMDZjOC1hMzFmLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Wed, 28 Jan 2043 17:34:11 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=ce1a06c8-a31f-11ed-a1c4-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
567a77d32078f8c056112c4b4f4c3aeb
d25a2c066a19b96052c8cf886b9d942df1297cdc
44102bb97a1b5d4d7b29801e622fcbaf459b7b648d3369e09c682782044d3da5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4057
Cache-Control: max-age=169838
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:34:11 GMT
Etag: "63dbd8a8-117"
Expires: Sat, 04 Feb 2023 16:44:49 GMT
Last-Modified: Thu, 02 Feb 2023 15:37:12 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279

sync.programmatica.com/match/RTBSape?id=1A79042E13F4DB63C703AB4302ED35CB

167.235.117.42

302 Found

0 B

URL HTTP/2
sync.programmatica.com/match/RTBSape?id=1A79042E13F4DB63C703AB4302ED35CB
IP
167.235.117.42:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/RTBSape?id=1A79042E13F4DB63C703AB4302ED35CB HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 17:34:11 GMT
content-length: 0
location: https://sync.programmatica.com/match/RTBSape?id=1A79042E13F4DB63C703AB4302ED35CB&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

www.acint.net/match?dp=127&euid=7i4TMkGiEeYW4nltJ4wZ

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=127&euid=7i4TMkGiEeYW4nltJ4wZ
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=127&euid=7i4TMkGiEeYW4nltJ4wZ HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgR5GmPb9BNDqwPHyzXtAtVYVxiY/rXzviaWhqfi0l9BtayW; cSyncDp7v2=1675359251; cSyncDp14v3=1675359251; cSyncDp17=1675359251; cSyncDp32=1675359251; cSyncDp45v3=1675359251; cSyncDp53v2=1675359251; cSyncDp62=1675359251; cSyncDp67v2=1675359251; cSyncDp68=1675359251; cSyncDp71=1675359251; cSyncDp85=1675359251; cSyncDp95v3=1675359251; cSyncDp98v2=1675359251; cSyncDp101=1675359251; cSyncDp104v2=1675359251; cSyncDp107=1675359251; cSyncDp110=1675359251; cSyncDp125v3=1675359251; cSyncDp126=1675359251; cSyncDp127=1675359251; cSyncDp129=1675359251; cSyncDp136v2=1675359251; cSyncDp146=1675359251; cSyncDp148=1675359251; cSyncDp149v2=1675359251; cSyncDp151=1675359251; cSyncDp178=1675359251; cSyncDp186=1675359251; cSyncDp221=1675359251; cSyncDp235=1675359251
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

pix.bumlam.com/sync/sape/sync_ok?guid=ce1a06c8-a31f-11ed-a1c4-002590c82437

31.172.81.159

302 Found

0 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/sync_ok?guid=ce1a06c8-a31f-11ed-a1c4-002590c82437
IP
31.172.81.159:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/sape/sync_ok?guid=ce1a06c8-a31f-11ed-a1c4-002590c82437 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRjZTFhMDZjOC1hMzFmLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Thu, 02 Feb 2023 17:34:11 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://ce1a06c8-a31f-11ed-a1c4-002590c82437.n2.sync.bumlam.com/?src=sape

www.acint.net/match?dp=186&euid=7e2a3f49-2f61-458c-8d59-527e9210f7de

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=186&euid=7e2a3f49-2f61-458c-8d59-527e9210f7de
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=186&euid=7e2a3f49-2f61-458c-8d59-527e9210f7de HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgR5GmPb9BNDqwPHyzXtAtVYVxiY/rXzviaWhqfi0l9BtayW; cSyncDp7v2=1675359251; cSyncDp14v3=1675359251; cSyncDp17=1675359251; cSyncDp32=1675359251; cSyncDp45v3=1675359251; cSyncDp53v2=1675359251; cSyncDp62=1675359251; cSyncDp67v2=1675359251; cSyncDp68=1675359251; cSyncDp71=1675359251; cSyncDp85=1675359251; cSyncDp95v3=1675359251; cSyncDp98v2=1675359251; cSyncDp101=1675359251; cSyncDp104v2=1675359251; cSyncDp107=1675359251; cSyncDp110=1675359251; cSyncDp125v3=1675359251; cSyncDp126=1675359251; cSyncDp127=1675359251; cSyncDp129=1675359251; cSyncDp136v2=1675359251; cSyncDp146=1675359251; cSyncDp148=1675359251; cSyncDp149v2=1675359251; cSyncDp151=1675359251; cSyncDp178=1675359251; cSyncDp186=1675359251; cSyncDp221=1675359251; cSyncDp235=1675359251
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
ad50fd429d43590d1ef8635ee01498ea
f0917fd3a14ea4f5b1e97dcd534338c5ff06c8af
50edbb5e017eb9381fccaf770b4fc5dc94e970ea2631eec51e180ac69d59a70b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:34:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 15:41:07 GMT
Expires: Tue, 07 Feb 2023 15:41:06 GMT
Etag: "f0917fd3a14ea4f5b1e97dcd534338c5ff06c8af"
Cache-Control: max-age=424614,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7934ad19e8acb4e8-OSL

push.services.mozilla.com/

34.210.191.84

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.210.191.84:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FnL61o4nYAI3i3pfC3EWxw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: c2F3dJSNc4kDAVntHiwJ4P+P0+A=

sync.programmatica.com/match/RTBSape?id=1A79042E13F4DB63C703AB4302ED35CB&chk=1

167.235.117.42

200 OK

43 B

URL HTTP/2
sync.programmatica.com/match/RTBSape?id=1A79042E13F4DB63C703AB4302ED35CB&chk=1
IP
167.235.117.42:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /match/RTBSape?id=1A79042E13F4DB63C703AB4302ED35CB&chk=1 HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: image/gif
content-length: 43
set-cookie: pid=MTJhMjdlYzA4ODdiYWY0MA; expires=Fri, 02 Aug 2024 17:34:11 GMT; domain=.programmatica.com; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0

148.251.78.49

302 Found

0 B

URL HTTP/2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP
148.251.78.49:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1675359251622
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=bdfb4ef7-f4e7-4836-9a12-824e68438ac9;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=bdfb4ef7-f4e7-4836-9a12-824e68438ac9;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=bdfb4ef7-f4e7-4836-9a12-824e68438ac9
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D96b4ce59-d765-4b52-a1c9-506d7429ac2e

212.76.129.181

302 Found

102 B

URL HTTP/2
sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D96b4ce59-d765-4b52-a1c9-506d7429ac2e
IP
212.76.129.181:0
ASN
#42632 MnogoByte LLC

File type
HTML document, ASCII text
Size
102 B (102 bytes)
Hash
ccb7ff20c60db3c4ad01b25958b494c9
075997535f5d5711865cb8d48a1921013b57c9a4
6b82239f9bea2f158c530f33049b608d057c6dfb1cf945546290a72243e0b8e6

HTTP Headers

GET /check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D96b4ce59-d765-4b52-a1c9-506d7429ac2e HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: as-user=96b4ce59-d765-4b52-a1c9-506d7429ac2e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: text/html; charset=utf-8
content-length: 102
location: https://www.acint.net/match?dp=98&euid=96b4ce59-d765-4b52-a1c9-506d7429ac2e
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D

116.202.236.172

301 Moved Permanently

115 B

URL HTTP/2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP
116.202.236.172:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text
Size
115 B (115 bytes)
Hash
dcbc24b0a88715d15f2763ba97a6167a
7b8ef32ca746c181ab1ee4c2ce3bb38e069c2a42
578fcd5d71789ed9ee7c47ab3d8eeb4b0f41b656a47549ba737dbf8b2c437b48

HTTP Headers

GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 02 Feb 2023 17:34:10 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=87486f35-652f-402a-4d71-51d9b1ad4bcb
serverid: TODO
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
1afd3517ebc844038700db8c82d69ae3
1327e511903b229cd36c1647fdb71c17d4ce7bdd
ff3430f1affa22881cd632c75d9f51cb97deb53a2cd76f3ee3be5e4b0518192a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:34:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 23:26:49 GMT
Expires: Wed, 08 Feb 2023 23:26:48 GMT
Etag: "1327e511903b229cd36c1647fdb71c17d4ce7bdd"
Cache-Control: max-age=538956,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7934ad1a7ba41c12-OSL

dmp.gotechnology.io/match/sape?id=1A79042E13F4DB63C703AB4302ED35CB

142.132.209.138

302 Found

0 B

URL HTTP/2
dmp.gotechnology.io/match/sape?id=1A79042E13F4DB63C703AB4302ED35CB
IP
142.132.209.138:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/sape?id=1A79042E13F4DB63C703AB4302ED35CB HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 17:34:11 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=1A79042E13F4DB63C703AB4302ED35CB&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

www.acint.net/match?dp=71&euid=bdfb4ef7-f4e7-4836-9a12-824e68438ac9

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=71&euid=bdfb4ef7-f4e7-4836-9a12-824e68438ac9
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=71&euid=bdfb4ef7-f4e7-4836-9a12-824e68438ac9 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgR5GmPb9BNDqwPHyzXtAtVYVxiY/rXzviaWhqfi0l9BtayW; cSyncDp7v2=1675359251; cSyncDp14v3=1675359251; cSyncDp17=1675359251; cSyncDp32=1675359251; cSyncDp45v3=1675359251; cSyncDp53v2=1675359251; cSyncDp62=1675359251; cSyncDp67v2=1675359251; cSyncDp68=1675359251; cSyncDp71=1675359251; cSyncDp85=1675359251; cSyncDp95v3=1675359251; cSyncDp98v2=1675359251; cSyncDp101=1675359251; cSyncDp104v2=1675359251; cSyncDp107=1675359251; cSyncDp110=1675359251; cSyncDp125v3=1675359251; cSyncDp126=1675359251; cSyncDp127=1675359251; cSyncDp129=1675359251; cSyncDp136v2=1675359251; cSyncDp146=1675359251; cSyncDp148=1675359251; cSyncDp149v2=1675359251; cSyncDp151=1675359251; cSyncDp178=1675359251; cSyncDp186=1675359251; cSyncDp221=1675359251; cSyncDp235=1675359251
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=98&euid=96b4ce59-d765-4b52-a1c9-506d7429ac2e

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=98&euid=96b4ce59-d765-4b52-a1c9-506d7429ac2e
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=98&euid=96b4ce59-d765-4b52-a1c9-506d7429ac2e HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgR5GmPb9BNDqwPHyzXtAtVYVxiY/rXzviaWhqfi0l9BtayW; cSyncDp7v2=1675359251; cSyncDp14v3=1675359251; cSyncDp17=1675359251; cSyncDp32=1675359251; cSyncDp45v3=1675359251; cSyncDp53v2=1675359251; cSyncDp62=1675359251; cSyncDp67v2=1675359251; cSyncDp68=1675359251; cSyncDp71=1675359251; cSyncDp85=1675359251; cSyncDp95v3=1675359251; cSyncDp98v2=1675359251; cSyncDp101=1675359251; cSyncDp104v2=1675359251; cSyncDp107=1675359251; cSyncDp110=1675359251; cSyncDp125v3=1675359251; cSyncDp126=1675359251; cSyncDp127=1675359251; cSyncDp129=1675359251; cSyncDp136v2=1675359251; cSyncDp146=1675359251; cSyncDp148=1675359251; cSyncDp149v2=1675359251; cSyncDp151=1675359251; cSyncDp178=1675359251; cSyncDp186=1675359251; cSyncDp221=1675359251; cSyncDp235=1675359251
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=126&euid=87486f35-652f-402a-4d71-51d9b1ad4bcb

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=126&euid=87486f35-652f-402a-4d71-51d9b1ad4bcb
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=126&euid=87486f35-652f-402a-4d71-51d9b1ad4bcb HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgR5GmPb9BNDqwPHyzXtAtVYVxiY/rXzviaWhqfi0l9BtayW; cSyncDp7v2=1675359251; cSyncDp14v3=1675359251; cSyncDp17=1675359251; cSyncDp32=1675359251; cSyncDp45v3=1675359251; cSyncDp53v2=1675359251; cSyncDp62=1675359251; cSyncDp67v2=1675359251; cSyncDp68=1675359251; cSyncDp71=1675359251; cSyncDp85=1675359251; cSyncDp95v3=1675359251; cSyncDp98v2=1675359251; cSyncDp101=1675359251; cSyncDp104v2=1675359251; cSyncDp107=1675359251; cSyncDp110=1675359251; cSyncDp125v3=1675359251; cSyncDp126=1675359251; cSyncDp127=1675359251; cSyncDp129=1675359251; cSyncDp136v2=1675359251; cSyncDp146=1675359251; cSyncDp148=1675359251; cSyncDp149v2=1675359251; cSyncDp151=1675359251; cSyncDp178=1675359251; cSyncDp186=1675359251; cSyncDp221=1675359251; cSyncDp235=1675359251
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.yandex.ru/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fpower-point-soft.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A685%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1583033386696%3Ahid%3A526889513%3Az%3A0%3Ai%3A20230202173438%3Aet%3A1675359279%3Ac%3A1%3Arn%3A991169429%3Arqn%3A1%3Au%3A1675359279254876066%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A114%2C40%2C68%2C39%2C-8%2C0%2C%2C597%2C1%2C%2C%2C%2C850%3Aco%3A0%3Ans%3A1675359277126%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675359279%3At%3ASportactiviteiten%20und%20Radfahren%20als%20Lebensgef%C3%BChl%20%7C%20power-point-soft.ru%20%282023%29&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29

87.250.251.119

200 OK

407 B

URL HTTP/2
mc.yandex.ru/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fpower-point-soft.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A685%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1583033386696%3Ahid%3A526889513%3Az%3A0%3Ai%3A20230202173438%3Aet%3A1675359279%3Ac%3A1%3Arn%3A991169429%3Arqn%3A1%3Au%3A1675359279254876066%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A114%2C40%2C68%2C39%2C-8%2C0%2C%2C597%2C1%2C%2C%2C%2C850%3Aco%3A0%3Ans%3A1675359277126%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675359279%3At%3ASportactiviteiten%20und%20Radfahren%20als%20Lebensgef%C3%BChl%20%7C%20power-point-soft.ru%20%282023%29&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Size
407 B (407 bytes)
Hash
1166c92971a9bb3c503b21b2fafd54f3
1441b5b3906c07be9cbb86b276b871900551f071
4710b00afc62a30a27ce7b79c08de31e14eafa453a253ce68e5d5f71728a503c

HTTP Headers

GET /watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fpower-point-soft.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A685%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1583033386696%3Ahid%3A526889513%3Az%3A0%3Ai%3A20230202173438%3Aet%3A1675359279%3Ac%3A1%3Arn%3A991169429%3Arqn%3A1%3Au%3A1675359279254876066%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A114%2C40%2C68%2C39%2C-8%2C0%2C%2C597%2C1%2C%2C%2C%2C850%3Aco%3A0%3Ans%3A1675359277126%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675359279%3At%3ASportactiviteiten%20und%20Radfahren%20als%20Lebensgef%C3%BChl%20%7C%20power-point-soft.ru%20%282023%29&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://power-point-soft.ru
Referer: http://power-point-soft.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 407
date: Thu, 02 Feb 2023 17:34:11 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://power-point-soft.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 17:34:11 GMT
last-modified: Thu, 02-Feb-2023 17:34:11 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

dmp.gotechnology.io/match/sape?id=1A79042E13F4DB63C703AB4302ED35CB&chk=1

142.132.209.138

302 Found

0 B

URL HTTP/2
dmp.gotechnology.io/match/sape?id=1A79042E13F4DB63C703AB4302ED35CB&chk=1
IP
142.132.209.138:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/sape?id=1A79042E13F4DB63C703AB4302ED35CB&chk=1 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 17:34:11 GMT
content-length: 0
location: https://ads.betweendigital.com/match?bidder_id=98&external_user_id=MTM2ODcxMzQxNGViZTliNQ
set-cookie: pid=MTM2ODcxMzQxNGViZTliNQ; expires=Fri, 02 Feb 2024 17:34:11 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

mc.yandex.ru/watch/23414332?wmode=7&page-url=http%3A%2F%2Fpower-point-soft.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A685%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1583033386696%3Ahid%3A526889513%3Az%3A0%3Ai%3A20230202173438%3Aet%3A1675359279%3Ac%3A1%3Arn%3A991169429%3Arqn%3A1%3Au%3A1675359279254876066%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A114%2C40%2C68%2C39%2C-8%2C0%2C%2C597%2C1%2C%2C%2C%2C850%3Aco%3A0%3Ans%3A1675359277126%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675359279%3At%3ASportactiviteiten%20und%20Radfahren%20als%20Lebensgef%C3%BChl%20%7C%20power-point-soft.ru%20(2023)&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)

87.250.251.119

302 Found

43 B

URL HTTP/2
mc.yandex.ru/watch/23414332?wmode=7&page-url=http%3A%2F%2Fpower-point-soft.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A685%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1583033386696%3Ahid%3A526889513%3Az%3A0%3Ai%3A20230202173438%3Aet%3A1675359279%3Ac%3A1%3Arn%3A991169429%3Arqn%3A1%3Au%3A1675359279254876066%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A114%2C40%2C68%2C39%2C-8%2C0%2C%2C597%2C1%2C%2C%2C%2C850%3Aco%3A0%3Ans%3A1675359277126%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675359279%3At%3ASportactiviteiten%20und%20Radfahren%20als%20Lebensgef%C3%BChl%20%7C%20power-point-soft.ru%20(2023)&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /watch/23414332?wmode=7&page-url=http%3A%2F%2Fpower-point-soft.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A685%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1583033386696%3Ahid%3A526889513%3Az%3A0%3Ai%3A20230202173438%3Aet%3A1675359279%3Ac%3A1%3Arn%3A991169429%3Arqn%3A1%3Au%3A1675359279254876066%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A114%2C40%2C68%2C39%2C-8%2C0%2C%2C597%2C1%2C%2C%2C%2C850%3Aco%3A0%3Ans%3A1675359277126%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675359279%3At%3ASportactiviteiten%20und%20Radfahren%20als%20Lebensgef%C3%BChl%20%7C%20power-point-soft.ru%20(2023)&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://power-point-soft.ru
Connection: keep-alive
Referer: http://power-point-soft.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: /watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fpower-point-soft.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A685%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1583033386696%3Ahid%3A526889513%3Az%3A0%3Ai%3A20230202173438%3Aet%3A1675359279%3Ac%3A1%3Arn%3A991169429%3Arqn%3A1%3Au%3A1675359279254876066%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A114%2C40%2C68%2C39%2C-8%2C0%2C%2C597%2C1%2C%2C%2C%2C850%3Aco%3A0%3Ans%3A1675359277126%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675359279%3At%3ASportactiviteiten%20und%20Radfahren%20als%20Lebensgef%C3%BChl%20%7C%20power-point-soft.ru%20%282023%29&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Thu, 02 Feb 2023 17:34:11 GMT
access-control-allow-origin: http://power-point-soft.ru
set-cookie: yabs-sid=1842102321675359251; Path=/; SameSite=None; Secure
i=P0LZpz5dB2Zoc8tnfpvWa9pkSFuF9NW6lCSlaESsPn3iO7BorQAsKCPny4Ttnc1TDkX3NCzuVb+oxeWacHAxShXya0s=; Expires=Sun, 30-Jan-2033 17:34:09 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=3929555141675359251; Expires=Fri, 02-Feb-2024 17:34:11 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3929555141675359251; Expires=Fri, 02-Feb-2024 17:34:11 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706895251.yc.1675359251#1706895251.yrts.1675359251#1706895251.yrtsi.1675359251; Expires=Fri, 02-Feb-2024 17:34:11 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 17:34:11 GMT
last-modified: Thu, 02-Feb-2023 17:34:11 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
db7e0be65c783c07cac86e8e9e040ddb
917c3c0c522f73baf8f2f5715d3325598dbb939a
7b9f9540b486e157a1eb57236f3e8ffe5f279bed4c28e5da356147de7bf9f726

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B9F9540B486E157A1EB57236F3E8FFE5F279BED4C28E5DA356147DE7BF9F726"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8304
Expires: Thu, 02 Feb 2023 19:52:35 GMT
Date: Thu, 02 Feb 2023 17:34:11 GMT
Connection: keep-alive

ce1a06c8-a31f-11ed-a1c4-002590c82437.n2.sync.bumlam.com/?src=sape

188.120.241.47

302 Found

0 B

URL HTTP/2
ce1a06c8-a31f-11ed-a1c4-002590c82437.n2.sync.bumlam.com/?src=sape
IP
188.120.241.47:0
ASN
#29182 JSC IOT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape HTTP/1.1
Host: ce1a06c8-a31f-11ed-a1c4-002590c82437.n2.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRjZTFhMDZjOC1hMzFmLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.22.1
date: Thu, 02 Feb 2023 17:34:12 GMT
content-length: 0
location: https://pix.bumlam.com/sync/sape/done
X-Firefox-Spdy: h2

ssp.bidvol.com/usersync?dspcsid=8&redirect=1

65.109.65.187

302 Found

1.4 kB

URL HTTP/2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP
65.109.65.187:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
1.4 kB (1414 bytes)
Hash
de1edbf6c2e72ad5dad045166ded9b5d
545b47fc661c08ab271de84e6628f0b32e7ade7f
998a2bba2ba9d52371c9d9e18ecc1ec9efbe0ca12827ec77f57dd1329a6766f2

HTTP Headers

GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.22.0
date: Thu, 02 Feb 2023 17:34:11 GMT
x-request-id: 511c4fc0-eb02-487c-a692-527eb6bdb21c
set-cookie: bvuid=stewkrltrc; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=stewkrltrc; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=stewkrltrc
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
de1edbf6c2e72ad5dad045166ded9b5d
545b47fc661c08ab271de84e6628f0b32e7ade7f
998a2bba2ba9d52371c9d9e18ecc1ec9efbe0ca12827ec77f57dd1329a6766f2

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 06 Feb 2023 15:18:21 GMT
ETag: "545b47fc661c08ab271de84e6628f0b32e7ade7f"
Last-Modified: Thu, 02 Feb 2023 15:18:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2832
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934ad1d9a5eb50c-OSL

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
4a0fb2ecf0cc3bb3c853a5c15b49b3af
cb16c40f0700745d8c1c637cb6c365ab98513ca4
cf5640020c51ce1f049046af6f0b54201c597f406d6ad838cf256b17cf784f76

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 06 Feb 2023 13:37:42 GMT
ETag: "cb16c40f0700745d8c1c637cb6c365ab98513ca4"
Last-Modified: Thu, 02 Feb 2023 13:37:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1287
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934ad1dca8cb50c-OSL

pix.bumlam.com/sync/sape/done

31.172.81.159

200 OK

43 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/done
IP
31.172.81.159:0
ASN
#44066 diva-e Datacenters GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRjZTFhMDZjOC1hMzFmLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1A79042E13F4DB63C703AB4302ED35CB

81.222.128.215

200 OK

42 B

URL HTTP/1.1
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1A79042E13F4DB63C703AB4302ED35CB
IP
81.222.128.215:0
ASN
#20597 PVimpelCom

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cgi-bin/sync.cgi?dsp_id=153&external_id=1A79042E13F4DB63C703AB4302ED35CB HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691

195.209.108.35

302 Moved Temporarily

0 B

URL HTTP/1.1
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP
195.209.108.35:0
ASN
#52007 LLC AdRiver

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-5651594387; expires=Sat, 01 Feb 2025 17:34:12 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5651594387
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:03:25 GMT
Expires: Wed, 08 Feb 2023 02:03:24 GMT
Etag: "a9569ad568776c896099e2e7b4291dbe7101cb9b"
Cache-Control: max-age=461951,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7934ad1db862b4e8-OSL

ocsp.globalsign.com/alphasslcasha256g4

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/alphasslcasha256g4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1437 bytes)
Hash
688afff42071b54175ffd34ee15df6f2
90578e5d10514834e6aeaf435429bfb50d6382dd
5a2a9c1c59ecb64f0b4724cb593ebb72ccafe4f94f8ba630ad1bdaa448c0f16c

HTTP Headers

POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Mon, 06 Feb 2023 14:56:38 GMT
ETag: "90578e5d10514834e6aeaf435429bfb50d6382dd"
Last-Modified: Thu, 02 Feb 2023 14:56:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1106
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934ad1dfadbb50c-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:03:25 GMT
Expires: Wed, 08 Feb 2023 02:03:24 GMT
Etag: "a9569ad568776c896099e2e7b4291dbe7101cb9b"
Cache-Control: max-age=461951,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7934ad1ddf461c12-OSL

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

938 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
938 B (938 bytes)
Hash
f378a675bc6c96ee218d6b036aa1c0c7
4f94f03c0d4849c1df332387313afc190e350945
37242502c0a76c8d2ba2c67fac2ebcb10c6dcc11ae0df8b976c1f4e25e3977f0

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Mon, 06 Feb 2023 15:13:22 GMT
ETag: "4f94f03c0d4849c1df332387313afc190e350945"
Last-Modified: Thu, 02 Feb 2023 15:13:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 93
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934ad1e1af1b50c-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9bfb439fb08a32861d09348061be89b1
7c8e9f24fa24ae6a5860bf9b7cc96377089f727b
418cb2a96b67658132868ef799dbe9b55ebe9ca82d9a18d1a06c6868ef8cc54e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "418CB2A96B67658132868EF799DBE9B55EBE9CA82D9A18D1A06C6868EF8CC54E"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7189
Expires: Thu, 02 Feb 2023 19:34:01 GMT
Date: Thu, 02 Feb 2023 17:34:12 GMT
Connection: keep-alive

sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D

77.245.57.72

400 Bad Request

22 B

URL HTTP/1.1
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP
77.245.57.72:0
ASN
#36057 WEBAIR-INTERNET-MTL

File type
ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
b0b11e1c78b526b61477f8e9ee540be0
d5e73002987ff54626542b116d98a8f4aa9ee2eb
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

HTTP Headers

GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Length: 22
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache

ads.betweendigital.com/match?bidder_id=73&external_user_id=1A79042E13F4DB63C703AB4302ED35CB

188.42.196.115

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=73&external_user_id=1A79042E13F4DB63C703AB4302ED35CB
IP
188.42.196.115:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=73&external_user_id=1A79042E13F4DB63C703AB4302ED35CB HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=1A79042E13F4DB63C703AB4302ED35CB&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 17:34:12 GMT; Path=/; Domain=.betweendigital.com
tuuid=4be6bd1f-854f-5221-8343-6cf7e09898e3; Max-Age=31536000; Expires=Fri, 02 Feb 2024 17:34:12 GMT; Path=/; Domain=.betweendigital.com
ut=Y9v0FAACwwjO4150NApsLykKLWxm8nkckkhzZw==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 17:34:12 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=98&external_user_id=MTM2ODcxMzQxNGViZTliNQ

188.42.196.115

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=98&external_user_id=MTM2ODcxMzQxNGViZTliNQ
IP
188.42.196.115:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=98&external_user_id=MTM2ODcxMzQxNGViZTliNQ HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=98&external_user_id=MTM2ODcxMzQxNGViZTliNQ&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 17:34:12 GMT; Path=/; Domain=.betweendigital.com
tuuid=cae35c2a-4e1d-5221-a4e6-f32ec73d073a; Max-Age=31536000; Expires=Fri, 02 Feb 2024 17:34:12 GMT; Path=/; Domain=.betweendigital.com
ut=Y9v0FAAC1pD0uNYFC_N26ybNiYoLiCrE9ag3cA==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 17:34:12 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5651594387

195.209.108.35

302 Moved Temporarily

40 B

URL HTTP/1.1
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5651594387
IP
195.209.108.35:0
ASN
#52007 LLC AdRiver

File type
ASCII text, with CRLF line terminators
Size
40 B (40 bytes)
Hash
251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b

HTTP Headers

GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5651594387 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Sat, 01 Feb 2025 17:34:12 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
fd41dd67f374e93d52a9cd373d7fe48e
8084fcfdd4deac0bfe192201c1097c42bcc80d82
2c468bdcf33f4b51c32a7a5236c31431f3ecd9545ffff75337cd8c093da73198

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 06 Feb 2023 15:45:45 GMT
ETag: "8084fcfdd4deac0bfe192201c1097c42bcc80d82"
Last-Modified: Thu, 02 Feb 2023 15:45:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2312
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934ad1e4b30b50c-OSL

ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D

188.42.196.115

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP
188.42.196.115:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 17:34:12 GMT; Path=/; Domain=.betweendigital.com
tuuid=334f03f7-009b-5221-a28f-7cb7c15488a3; Max-Age=31536000; Expires=Fri, 02 Feb 2024 17:34:12 GMT; Path=/; Domain=.betweendigital.com
ut=Y9v0FAADCViRoVO2ZyoIvsfzYJSwfdnJbIoN7Q==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 17:34:12 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
a07b8cf2ab55f7a72c0a06ee19c89010
ee7ff6dd70a9fc3c60b5ce0e7ae728b012f9ea47
4adf2e08fd7ad48401a04fa4e2566a6be6597375096a3da4bd723b5e04d60272

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 06 Feb 2023 16:07:51 GMT
ETag: "ee7ff6dd70a9fc3c60b5ce0e7ae728b012f9ea47"
Last-Modified: Thu, 02 Feb 2023 16:07:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2084
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934ad1e5b43b50c-OSL

ocsp.usertrust.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
51ab5a8626b70c7594e57366f659f93d
b306da2759928ddd7895083be1196fae9f634197
2eb603282049d073ffcd2928301736eb6d72e02c0ea9e4a884e103c73debd5de

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 16:18:21 GMT
Expires: Thu, 09 Feb 2023 16:18:20 GMT
Etag: "b306da2759928ddd7895083be1196fae9f634197"
Cache-Control: max-age=604041,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 656
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934ad1e6ff10b69-OSL

ad.mail.ru/cm.gif?p=48&id=1A79042E13F4DB63C703AB4302ED35CB

95.163.41.56

200 OK

43 B

URL HTTP/2
ad.mail.ru/cm.gif?p=48&id=1A79042E13F4DB63C703AB4302ED35CB
IP
95.163.41.56:0
ASN
#47764 Mail.Ru LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /cm.gif?p=48&id=1A79042E13F4DB63C703AB4302ED35CB HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:34:12 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=2rOBSg1V5jYF0022WP0mi4IF:::0-0-0-8f64cd4:CAASEGmEwqJaeo8dICV5Fa8enycaYF9eanI2_XTHfp2wusUyXy-2G24NYQPXXW3lb5afPTpLJnov-iciRVa2YD7bGIGYblojfPz27KQlGx-l6U6fbODdsQ2C8uISXhrpOLX7g26YbztTfBzeuwSxqp0wKe8UHA; path=/; expires=Sat, 03-Feb-24 17:34:12 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Thu, 02 Feb 2023 23:34:12 GMT
cache-control: max-age=21600
last-modified: Thu, 02 Feb 2023 17:34:12 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=98&external_user_id=MTM2ODcxMzQxNGViZTliNQ&crf=1

188.42.196.115

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=98&external_user_id=MTM2ODcxMzQxNGViZTliNQ&crf=1
IP
188.42.196.115:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=98&external_user_id=MTM2ODcxMzQxNGViZTliNQ&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 17:34:12 GMT; Path=/; Domain=.betweendigital.com
tuuid=df3a8428-f027-5221-84a3-3d58e778c94c; Max-Age=31536000; Expires=Fri, 02 Feb 2024 17:34:12 GMT; Path=/; Domain=.betweendigital.com
ut=Y9v0FAADbuihcDfEVPWw5xB9G1OPuuLUloiweg==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 17:34:12 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=73&external_user_id=1A79042E13F4DB63C703AB4302ED35CB&crf=1

188.42.196.115

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=73&external_user_id=1A79042E13F4DB63C703AB4302ED35CB&crf=1
IP
188.42.196.115:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=73&external_user_id=1A79042E13F4DB63C703AB4302ED35CB&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 17:34:12 GMT; Path=/; Domain=.betweendigital.com
tuuid=e3c9ad3d-5668-5221-a989-35e6ca52c1f2; Max-Age=31536000; Expires=Fri, 02 Feb 2024 17:34:12 GMT; Path=/; Domain=.betweendigital.com
ut=Y9v0FAADbugQjkgKpKN39Yfby28DEXHLU09pGg==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 17:34:12 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1

188.42.196.115

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP
188.42.196.115:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 17:34:12 GMT; Path=/; Domain=.betweendigital.com
tuuid=b5e16882-5e33-5221-9107-58e2f2dcacf6; Max-Age=31536000; Expires=Fri, 02 Feb 2024 17:34:12 GMT; Path=/; Domain=.betweendigital.com
ut=Y9v0FAADobCk8Kioar-eI42hrrMKTdqhrCP6cQ==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 17:34:12 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

tag.digitaltarget.ru/adcm.js

185.15.175.134

200 OK

3.1 kB

URL HTTP/1.1
tag.digitaltarget.ru/adcm.js
IP
185.15.175.134:0
ASN
#43226 SafeData LLC

File type
ASCII text, with very long lines (3051), with no line terminators
Size
3.1 kB (3051 bytes)
Hash
e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

HTTP Headers

GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Thu, 02 Feb 2023 17:04:13 GMT
Connection: keep-alive
ETag: "63dbed0d-beb"
Accept-Ranges: bytes

www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D

157.90.179.28

302 Found

154 B

URL HTTP/2
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgR5GmPb9BNDqwPHyzXtAtVYVxiY/rXzviaWhqfi0l9BtayW; cSyncDp7v2=1675359251; cSyncDp14v3=1675359251; cSyncDp17=1675359251; cSyncDp32=1675359251; cSyncDp45v3=1675359251; cSyncDp53v2=1675359251; cSyncDp62=1675359251; cSyncDp67v2=1675359251; cSyncDp68=1675359251; cSyncDp71=1675359251; cSyncDp85=1675359251; cSyncDp95v3=1675359251; cSyncDp98v2=1675359251; cSyncDp101=1675359251; cSyncDp104v2=1675359251; cSyncDp107=1675359251; cSyncDp110=1675359251; cSyncDp125v3=1675359251; cSyncDp126=1675359251; cSyncDp127=1675359251; cSyncDp129=1675359251; cSyncDp136v2=1675359251; cSyncDp146=1675359251; cSyncDp148=1675359251; cSyncDp149v2=1675359251; cSyncDp151=1675359251; cSyncDp178=1675359251; cSyncDp186=1675359251; cSyncDp221=1675359251; cSyncDp235=1675359251
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Thu, 02 Feb 2023 17:34:12 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1A79042E13F4DB63C703AB4302ED35CB
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sm.rtb.mts.ru/p?ssp=sape&id=1A79042E13F4DB63C703AB4302ED35CB

217.66.147.42

301 Moved Permanently

0 B

URL HTTP/1.1
sm.rtb.mts.ru/p?ssp=sape&id=1A79042E13F4DB63C703AB4302ED35CB
IP
217.66.147.42:0
ASN
#29209 MTS PJSC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sape&id=1A79042E13F4DB63C703AB4302ED35CB HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=1A79042E13F4DB63C703AB4302ED35CB
Set-Cookie: dspid=cd5f8a30-3ec1-4235-8024-ab95b4c05674; expires=Wed, 24 Jan 2024 17:34:12 GMT; domain=.mts.ru; path=/; secure; SameSite=None

sape-sync.rutarget.ru/sync

188.72.109.103

302 Moved Temporarily

0 B

URL HTTP/1.1
sape-sync.rutarget.ru/sync
IP
188.72.109.103:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=aeJRkaj24cpr
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=aeJRkaj24cpr; Path=/; Domain=.rutarget.ru; Expires=Tue, 01 Aug 2023 17:34:12 GMT; SameSite=None; Secure

ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1A79042E13F4DB63C703AB4302ED35CB

81.222.128.215

200 OK

42 B

URL HTTP/1.1
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1A79042E13F4DB63C703AB4302ED35CB
IP
81.222.128.215:0
ASN
#20597 PVimpelCom

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cgi-bin/sync.cgi?ssp_id=43&external_id=1A79042E13F4DB63C703AB4302ED35CB HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

www.acint.net/match?dp=104&euid=aeJRkaj24cpr

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=104&euid=aeJRkaj24cpr
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=104&euid=aeJRkaj24cpr HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgR5GmPb9BNDqwPHyzXtAtVYVxiY/rXzviaWhqfi0l9BtayW; cSyncDp7v2=1675359251; cSyncDp14v3=1675359251; cSyncDp17=1675359251; cSyncDp32=1675359251; cSyncDp45v3=1675359251; cSyncDp53v2=1675359251; cSyncDp62=1675359251; cSyncDp67v2=1675359251; cSyncDp68=1675359251; cSyncDp71=1675359251; cSyncDp85=1675359251; cSyncDp95v3=1675359251; cSyncDp98v2=1675359251; cSyncDp101=1675359251; cSyncDp104v2=1675359251; cSyncDp107=1675359251; cSyncDp110=1675359251; cSyncDp125v3=1675359251; cSyncDp126=1675359251; cSyncDp127=1675359251; cSyncDp129=1675359251; cSyncDp136v2=1675359251; cSyncDp146=1675359251; cSyncDp148=1675359251; cSyncDp149v2=1675359251; cSyncDp151=1675359251; cSyncDp178=1675359251; cSyncDp186=1675359251; cSyncDp221=1675359251; cSyncDp235=1675359251
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 17:34:12 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sm.rtb.mts.ru/match/second?ssp=30&exu=1A79042E13F4DB63C703AB4302ED35CB

217.66.147.42

200 OK

0 B

URL HTTP/1.1
sm.rtb.mts.ru/match/second?ssp=30&exu=1A79042E13F4DB63C703AB4302ED35CB
IP
217.66.147.42:0
ASN
#29209 MTS PJSC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/second?ssp=30&exu=1A79042E13F4DB63C703AB4302ED35CB HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

px.adhigh.net/p/cm/sape?u=1A79042E13F4DB63C703AB4302ED35CB

193.232.150.70

302 Found

0 B

URL HTTP/2
px.adhigh.net/p/cm/sape?u=1A79042E13F4DB63C703AB4302ED35CB
IP
193.232.150.70:0
ASN
#48061 Limited Liability Company GPM Digital Technologies

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/cm/sape?u=1A79042E13F4DB63C703AB4302ED35CB HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 17:34:12 GMT
content-length: 0
x-backend-id: f14-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=uxHvGIc9wMlf.AikABlGGEzFvYA;Path=/;Domain=.adhigh.net;Expires=Fri, 02-Feb-2024 17:34:12 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=1A79042E13F4DB63C703AB4302ED35CB&bounced=1
X-Firefox-Spdy: h2

tag.digitaltarget.ru/processor.js?i=351709758292899

185.15.175.134

200 OK

16 kB

URL HTTP/1.1
tag.digitaltarget.ru/processor.js?i=351709758292899
IP
185.15.175.134:0
ASN
#43226 SafeData LLC

File type
ASCII text, with very long lines (15892), with no line terminators
Size
16 kB (15892 bytes)
Hash
736e2fb1da94f3277e3f931048c1b9f3
196387db95a17da825b629de3542eff901b09905
4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc

HTTP Headers

GET /processor.js?i=351709758292899 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: application/javascript
Content-Length: 15892
Last-Modified: Thu, 02 Feb 2023 17:04:14 GMT
Connection: keep-alive
ETag: "63dbed0e-3e14"
Accept-Ranges: bytes

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
47104af366e237afec3af30f37af7dba
b24492f724ba1d4395df66bc2e0de1bdabc4264d
59c7255b4bd417487377052a2b4ec75029319525bad73a5ef43dce28d79efbbb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 14:18:45 GMT
Expires: Tue, 07 Feb 2023 14:18:44 GMT
Etag: "b24492f724ba1d4395df66bc2e0de1bdabc4264d"
Cache-Control: max-age=419671,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7934ad1def03b4fa-OSL

px.adhigh.net/p/cm/sape?u=1A79042E13F4DB63C703AB4302ED35CB&bounced=1

193.232.150.70

200 OK

49 B

URL HTTP/2
px.adhigh.net/p/cm/sape?u=1A79042E13F4DB63C703AB4302ED35CB&bounced=1
IP
193.232.150.70:0
ASN
#48061 Limited Liability Company GPM Digital Technologies

File type
GIF image data, version 89a, 1 x 1\012- data
Size
49 B (49 bytes)
Hash
889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

HTTP Headers

GET /p/cm/sape?u=1A79042E13F4DB63C703AB4302ED35CB&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:34:12 GMT
content-type: image/gif
content-length: 49
x-backend-id: f14-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2

x01.aidata.io/0.gif?pid=9401454&id=1A79042E13F4DB63C703AB4302ED35CB

89.108.120.68

302 Found

0 B

URL HTTP/2
x01.aidata.io/0.gif?pid=9401454&id=1A79042E13F4DB63C703AB4302ED35CB
IP
89.108.120.68:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0.gif?pid=9401454&id=1A79042E13F4DB63C703AB4302ED35CB HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 17:34:12 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=1A79042E13F4DB63C703AB4302ED35CB&bounce=1
expires: Thu, 02 Feb 2023 17:34:11 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Thu, 02 Feb 2023 17:34:11 GMT
set-cookie: __upin=GFjtbaBJPpdeKYWgeN2XTw;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675359252;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

x01.aidata.io/0.gif?pid=9401454&id=1A79042E13F4DB63C703AB4302ED35CB&bounce=1

89.108.120.68

204 No Content

0 B

URL HTTP/2
x01.aidata.io/0.gif?pid=9401454&id=1A79042E13F4DB63C703AB4302ED35CB&bounce=1
IP
89.108.120.68:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0.gif?pid=9401454&id=1A79042E13F4DB63C703AB4302ED35CB&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Thu, 02 Feb 2023 17:34:12 GMT
expires: Thu, 02 Feb 2023 17:34:11 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Thu, 02 Feb 2023 17:34:11 GMT
set-cookie: __upin=4Eie+cpC2iqe3wWprQfhfw;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675359252;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fda91fa23cb10f30886b8eeb9f707e2
6f7a61ea7e4c4529997bd00f12e97930a632f8c5
b3540cb1284fe60c7bc16e069e88439b8bfe80058aeb10131e6199cfd97ac3c7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3540CB1284FE60C7BC16E069E88439B8BFE80058AEB10131E6199CFD97AC3C7"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2055
Expires: Thu, 02 Feb 2023 18:08:27 GMT
Date: Thu, 02 Feb 2023 17:34:12 GMT
Connection: keep-alive

dmg.digitaltarget.ru/1/1093/i/i?i=191757164790892.82736746463020&a=77&e=1A79042E13F4DB63C703AB4302ED35CB&pref=http%3A%2F%2Fpower-point-soft.ru%2F&c=ss:77.up:1A79042E13F4DB63C703AB4302ED35CB.sync:up.xdua:duRJ_muX1dB78YD7AFNf0JSd.xps:xpszr3OsDpaWeEyvq01vD4xcw.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

185.15.175.148

307 Temporary Redirect

0 B

URL HTTP/1.1
dmg.digitaltarget.ru/1/1093/i/i?i=191757164790892.82736746463020&a=77&e=1A79042E13F4DB63C703AB4302ED35CB&pref=http%3A%2F%2Fpower-point-soft.ru%2F&c=ss:77.up:1A79042E13F4DB63C703AB4302ED35CB.sync:up.xdua:duRJ_muX1dB78YD7AFNf0JSd.xps:xpszr3OsDpaWeEyvq01vD4xcw.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
185.15.175.148:0
ASN
#43226 SafeData LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/1093/i/i?i=191757164790892.82736746463020&a=77&e=1A79042E13F4DB63C703AB4302ED35CB&pref=http%3A%2F%2Fpower-point-soft.ru%2F&c=ss:77.up:1A79042E13F4DB63C703AB4302ED35CB.sync:up.xdua:duRJ_muX1dB78YD7AFNf0JSd.xps:xpszr3OsDpaWeEyvq01vD4xcw.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675359252542&i=191757164790892.82736746463020&a=77&e=1A79042E13F4DB63C703AB4302ED35CB&pref=http%3A%2F%2Fpower-point-soft.ru%2F&c=ss:77.up:1A79042E13F4DB63C703AB4302ED35CB.sync:up.xdua:duRJ_muX1dB78YD7AFNf0JSd.xps:xpszr3OsDpaWeEyvq01vD4xcw.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=fQ-9lCELUs38wyT7.iKC; Max-Age=93312000; Expires=Sat, 17 Jan 2026 17:34:12 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/1/1093/i/i?i=191757164790892.444998849884372&a=77&e=1A79042E13F4DB63C703AB4302ED35CB&pref=http%3A%2F%2Fpower-point-soft.ru%2F&c=ss:77.up:1A79042E13F4DB63C703AB4302ED35CB.sync:up.xdua:duRJ_muX1dB78YD7AFNf0JSd.xps:xpszr3OsDpaWeEyvq01vD4xcw.dn:acint__net.adcm:hit.tg:adcmjs_noorient

185.15.175.148

307 Temporary Redirect

0 B

URL HTTP/1.1
dmg.digitaltarget.ru/1/1093/i/i?i=191757164790892.444998849884372&a=77&e=1A79042E13F4DB63C703AB4302ED35CB&pref=http%3A%2F%2Fpower-point-soft.ru%2F&c=ss:77.up:1A79042E13F4DB63C703AB4302ED35CB.sync:up.xdua:duRJ_muX1dB78YD7AFNf0JSd.xps:xpszr3OsDpaWeEyvq01vD4xcw.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
185.15.175.148:0
ASN
#43226 SafeData LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/1093/i/i?i=191757164790892.444998849884372&a=77&e=1A79042E13F4DB63C703AB4302ED35CB&pref=http%3A%2F%2Fpower-point-soft.ru%2F&c=ss:77.up:1A79042E13F4DB63C703AB4302ED35CB.sync:up.xdua:duRJ_muX1dB78YD7AFNf0JSd.xps:xpszr3OsDpaWeEyvq01vD4xcw.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675359252547&i=191757164790892.444998849884372&a=77&e=1A79042E13F4DB63C703AB4302ED35CB&pref=http%3A%2F%2Fpower-point-soft.ru%2F&c=ss:77.up:1A79042E13F4DB63C703AB4302ED35CB.sync:up.xdua:duRJ_muX1dB78YD7AFNf0JSd.xps:xpszr3OsDpaWeEyvq01vD4xcw.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=.CsYUMgbGzz.Aq77-BrA; Max-Age=93312000; Expires=Sat, 17 Jan 2026 17:34:12 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675359252542&i=191757164790892.82736746463020&a=77&e=1A79042E13F4DB63C703AB4302ED35CB&pref=http%3A%2F%2Fpower-point-soft.ru%2F&c=ss:77.up:1A79042E13F4DB63C703AB4302ED35CB.sync:up.xdua:duRJ_muX1dB78YD7AFNf0JSd.xps:xpszr3OsDpaWeEyvq01vD4xcw.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

185.15.175.148

200 OK

64 B

URL HTTP/1.1
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675359252542&i=191757164790892.82736746463020&a=77&e=1A79042E13F4DB63C703AB4302ED35CB&pref=http%3A%2F%2Fpower-point-soft.ru%2F&c=ss:77.up:1A79042E13F4DB63C703AB4302ED35CB.sync:up.xdua:duRJ_muX1dB78YD7AFNf0JSd.xps:xpszr3OsDpaWeEyvq01vD4xcw.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
185.15.175.148:0
ASN
#43226 SafeData LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8

HTTP Headers

GET /awg/custom/1093/i/i?call_source=awg&ts=1675359252542&i=191757164790892.82736746463020&a=77&e=1A79042E13F4DB63C703AB4302ED35CB&pref=http%3A%2F%2Fpower-point-soft.ru%2F&c=ss:77.up:1A79042E13F4DB63C703AB4302ED35CB.sync:up.xdua:duRJ_muX1dB78YD7AFNf0JSd.xps:xpszr3OsDpaWeEyvq01vD4xcw.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 3
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675359252547&i=191757164790892.444998849884372&a=77&e=1A79042E13F4DB63C703AB4302ED35CB&pref=http%3A%2F%2Fpower-point-soft.ru%2F&c=ss:77.up:1A79042E13F4DB63C703AB4302ED35CB.sync:up.xdua:duRJ_muX1dB78YD7AFNf0JSd.xps:xpszr3OsDpaWeEyvq01vD4xcw.dn:acint__net.adcm:hit.tg:adcmjs_noorient

185.15.175.148

200 OK

64 B

URL HTTP/1.1
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675359252547&i=191757164790892.444998849884372&a=77&e=1A79042E13F4DB63C703AB4302ED35CB&pref=http%3A%2F%2Fpower-point-soft.ru%2F&c=ss:77.up:1A79042E13F4DB63C703AB4302ED35CB.sync:up.xdua:duRJ_muX1dB78YD7AFNf0JSd.xps:xpszr3OsDpaWeEyvq01vD4xcw.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
185.15.175.148:0
ASN
#43226 SafeData LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8

HTTP Headers

GET /awg/custom/1093/i/i?call_source=awg&ts=1675359252547&i=191757164790892.444998849884372&a=77&e=1A79042E13F4DB63C703AB4302ED35CB&pref=http%3A%2F%2Fpower-point-soft.ru%2F&c=ss:77.up:1A79042E13F4DB63C703AB4302ED35CB.sync:up.xdua:duRJ_muX1dB78YD7AFNf0JSd.xps:xpszr3OsDpaWeEyvq01vD4xcw.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 2
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84

95.163.114.203

200 OK

624 B

URL HTTP/1.1
w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
IP
95.163.114.203:0
ASN
#12695 LLC Digital Network

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (511)
Size
624 B (624 bytes)
Hash
db0f291b1ee364d9de4ad30906fac72a
46ae53e00d5964e1fbd0d75c0483f4718db48e8e
9b2a1dadf125f7367489db7e4bd8c22b34ec3126220422467b0de51f0274f64d

HTTP Headers

GET /widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://power-point-soft.ru/
Cookie: utl_id2=30541013587; utl_dat="CKTUxZnhMBAAIKSlkKLhMCikpZCi4TAwAHHw8zgCDGiKP6tmfmL23zA="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Thu, 02 Feb 2023 18:04:12 GMT
Content-Encoding: gzip

w.uptolike.com/widgets/v1/extra.js?rnd=0.27363890319271866

95.163.114.203

200 OK

1.9 kB

URL HTTP/1.1
w.uptolike.com/widgets/v1/extra.js?rnd=0.27363890319271866
IP
95.163.114.203:0
ASN
#12695 LLC Digital Network

File type
ASCII text, with very long lines (645)
Size
1.9 kB (1871 bytes)
Hash
e7c3a4c9c87fbdd3f44a4cb24e857750
fcaeda7d22aceacc0cd314bf42a9b19e6ad1df61
08e35fa03776aefe0d2c5977f644d525091aa3b529c1183dd50c79b460f0538a

HTTP Headers

GET /widgets/v1/extra.js?rnd=0.27363890319271866 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://power-point-soft.ru/
Cookie: utl_id2=30541013587; utl_dat="CKTUxZnhMBAAIKSlkKLhMCikpZCi4TAwAHHw8zgCDGiKP6tmfmL23zA="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 24 Jan 2023 08:31:58 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Set-Cookie: utl_id2=30541013587; Expires=Sat, 01 Feb 2025 17:34:12 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="CKTUxZnhMBAAIKSlkKLhMCikpZCi4TAwAHHw8zgCDGiKP6tmfmL23zA="; Expires=Sat, 01 Feb 2025 17:34:12 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip

w.uptolike.com/widgets/v1/zp/imp?pid=lf8c894ad0f8001f6d7e427f4f574ebbd6e149d21d&fl=false&sw=1280&sh=1024&vw=1280&vh=939&vp=fa410499-0776-44ad-b7f9-2ffadd861348&ttl=U3BvcnRhY3Rpdml0ZWl0ZW4lMjB1bmQlMjBSYWRmYWhyZW4lMjBhbHMlMjBMZWJlbnNnZWYlQzMlQkNobCUyMCU3QyUyMHBvd2VyLXBvaW50LXNvZnQucnUlMjAoMjAyMyk%3D&url=http%3A%2F%2Fpower-point-soft.ru%2F&rnd=0.5707172445756994

95.163.114.203

204 No Content

0 B

URL HTTP/1.1
w.uptolike.com/widgets/v1/zp/imp?pid=lf8c894ad0f8001f6d7e427f4f574ebbd6e149d21d&fl=false&sw=1280&sh=1024&vw=1280&vh=939&vp=fa410499-0776-44ad-b7f9-2ffadd861348&ttl=U3BvcnRhY3Rpdml0ZWl0ZW4lMjB1bmQlMjBSYWRmYWhyZW4lMjBhbHMlMjBMZWJlbnNnZWYlQzMlQkNobCUyMCU3QyUyMHBvd2VyLXBvaW50LXNvZnQucnUlMjAoMjAyMyk%3D&url=http%3A%2F%2Fpower-point-soft.ru%2F&rnd=0.5707172445756994
IP
95.163.114.203:0
ASN
#12695 LLC Digital Network

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /widgets/v1/zp/imp?pid=lf8c894ad0f8001f6d7e427f4f574ebbd6e149d21d&fl=false&sw=1280&sh=1024&vw=1280&vh=939&vp=fa410499-0776-44ad-b7f9-2ffadd861348&ttl=U3BvcnRhY3Rpdml0ZWl0ZW4lMjB1bmQlMjBSYWRmYWhyZW4lMjBhbHMlMjBMZWJlbnNnZWYlQzMlQkNobCUyMCU3QyUyMHBvd2VyLXBvaW50LXNvZnQucnUlMjAoMjAyMyk%3D&url=http%3A%2F%2Fpower-point-soft.ru%2F&rnd=0.5707172445756994 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
Cookie: utl_id2=30541013587; utl_dat="CKTUxZnhMBAAIKSlkKLhMCikpZCi4TAwAHHw8zgCDGiKP6tmfmL23zA="
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 204 No Content
Server: nginx
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9f572cd9d9218fc5d8212478b8b397f2
bc60b5486782f77543fc14e75ab5edc068876075
0e984c8405c0b9de1b4fe494313c18b5d1421c3bd7ff9d0deb4eda6e070e7ed0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E984C8405C0B9DE1B4FE494313C18B5D1421C3BD7FF9D0DEB4EDA6E070E7ED0"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2162
Expires: Thu, 02 Feb 2023 18:10:14 GMT
Date: Thu, 02 Feb 2023 17:34:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c09c06868579a1ca37d3de42052a48f6
b3fef4dcc3505685183007ca1c11a4cb9aa46793
aef05f77dd36b148c03009e3ace416715870bc7d038c4ad2c87afb5b3709c76d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEF05F77DD36B148C03009E3ACE416715870BC7D038C4AD2C87AFB5B3709C76D"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14123
Expires: Thu, 02 Feb 2023 21:29:35 GMT
Date: Thu, 02 Feb 2023 17:34:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
588b55a6ff4ea33c48d0fcb3b960b279
62b1da435f5c40d3f4a97d339c2f6c8aad072f5b
a18b65fca9ac4e9446d91b9bda522eaa91aa155241814e25c49fa1526b776597

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A18B65FCA9AC4E9446D91B9BDA522EAA91AA155241814E25C49FA1526B776597"
Last-Modified: Thu, 02 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10660
Expires: Thu, 02 Feb 2023 20:31:52 GMT
Date: Thu, 02 Feb 2023 17:34:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10626
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:34:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10626
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:34:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10626
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:34:13 GMT
Connection: keep-alive

supraneet.ru/minus/

62.109.6.15

200 OK

0 B

URL HTTP/1.1
supraneet.ru/minus/
IP
62.109.6.15:0
ASN
#29182 JSC IOT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /minus/ HTTP/1.1
Host: supraneet.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://power-point-soft.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.13.12
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Last-Modified: Thursday, 02-Feb-2023 17:34:12 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

af.click.ru/collect_stat.js

217.197.112.80

200 OK

913 B

URL HTTP/1.1
af.click.ru/collect_stat.js
IP
217.197.112.80:0
ASN
#20655 e-Style ISP LLC

File type
ASCII text
Size
913 B (913 bytes)
Hash
9531806d16d72f9659eaab01bd09689b
7640f092c2b928c614bb46251477a3c80b3e820b
a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa

HTTP Headers

GET /collect_stat.js HTTP/1.1
Host: af.click.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://power-point-soft.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 17:34:12 GMT
Content-Type: application/javascript
Content-Length: 913
Last-Modified: Fri, 18 Nov 2022 09:50:15 GMT
Connection: keep-alive
ETag: "63775557-391"
Accept-Ranges: bytes

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3cca56-2e75-4efc-8090-c33c65a99f80.jpeg

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3cca56-2e75-4efc-8090-c33c65a99f80.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8944 bytes)
Hash
b9af1fd56c0de8f128ddce88d49c1b4d
e3bb3d4950f7c0267f4476eef21872da332831aa
908153182f76362ff329803d9c11c06c66181e85e8e51dabd927f1f1ac630d5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3cca56-2e75-4efc-8090-c33c65a99f80.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8944
x-amzn-requestid: 07495184-ede8-485c-94e8-5302ec348ea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: freiLHRPoAMFYbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dade0d-275437a54eceb40e302a7f55;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:47:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 86qoRJHXcrnBGi3REMF5q3ANzKdqEs5F3yFUBmiIt6SCbBVnhGe2Kw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:58:57 GMT
age: 70516
etag: "e3bb3d4950f7c0267f4476eef21872da332831aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11367 bytes)
Hash
395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H1HIK6zdv95V96NxqSfHCqYtDQNPZ9NLAwG5oM5mwRr3nAUR0BPxlg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:25:11 GMT
age: 68942
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15857 bytes)
Hash
4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:28:37 GMT
age: 36336
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8642 bytes)
Hash
0f85742f336de59ca88f7f964a8b33f4
0fc7177f8cb06421a8807e93989f651bda743567
fbd5fd39c39c218b0fa956f8cb8050cbdbfcb109a92303f6175d73cc8c339526

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8642
x-amzn-requestid: 79840c68-3e99-428d-9c01-9e4a93a34486
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdUzH1-oAMFiwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc1e-5bb93c5126aaff474900da63;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Mc8C-oesi4njIn2K2f56GKuyt6erRJAqCU-B4InhTD8oIoqo4s5-Fg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:43 GMT
age: 69330
etag: "0fc7177f8cb06421a8807e93989f651bda743567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5356 bytes)
Hash
7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 69318
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4814 bytes)
Hash
86664b4d1fc27ba7b5bff8a245604326
b8c7ef73101a497b6c78ad59aafe66a391fdc3fa
e4596faadf14051299036a79632951d90183dd0635293687edef11985799a752

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4814
x-amzn-requestid: 90da23ab-2c54-40ec-8e26-bdf4eeb1e27b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKWFpvoAMFyPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-70c4cb89413ed6bd44731d76;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: htcecPD3kYwCPwPPCqgVuXnCuKo6TTKntzaB2xFID5fvBXpZQe463A==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:59:38 GMT
age: 70475
etag: "b8c7ef73101a497b6c78ad59aafe66a391fdc3fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cntrsync.ru/alt.js

92.63.102.100

200 OK

0 B

URL HTTP/1.1
cntrsync.ru/alt.js
IP
92.63.102.100:0
ASN
#29182 JSC IOT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /alt.js HTTP/1.1
Host: cntrsync.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://power-point-soft.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.13.12
Date: Thu, 02 Feb 2023 17:34:13 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Last-Modified: Thursday, 02-Feb-2023 17:34:13 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

w.uptolike.com/widgets/v1/zp/support.html

95.163.114.203

200 OK

3.8 kB

URL HTTP/1.1
w.uptolike.com/widgets/v1/zp/support.html
IP
95.163.114.203:0
ASN
#12695 LLC Digital Network

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
3.8 kB (3799 bytes)
Hash
a4af8c67ad0a2a6f681a742faca4463e
50794dee2e25cb8ec2187256750e00dc3231faa7
10ace92ddcb397879ff3569155caf7c3e28c3b4ee8c35eaddb48af927520ecf5

HTTP Headers

GET /widgets/v1/zp/support.html HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://power-point-soft.ru/
Cookie: utl_id2=30541013587; utl_dat="CKTUxZnhMBAAIKSlkKLhMCikpZCi4TAwAHHw8zgCDGiKP6tmfmL23zA="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 17:34:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Thu, 02 Feb 2023 18:04:13 GMT
Content-Encoding: gzip

www.acint.net/ping/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=68780086&dT=2023-02-02T17%3A34%3A41.028

157.90.179.28

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/ping/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=68780086&dT=2023-02-02T17%3A34%3A41.028
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /ping/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=68780086&dT=2023-02-02T17%3A34%3A41.028 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://power-point-soft.ru/

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 17:34:13 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/ping/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=68780086&dT=2023-02-02T17%3A34%3A41.028

www.acint.net/ping/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=68780086&dT=2023-02-02T17%3A34%3A41.028

157.90.179.28

200 OK

43 B

URL HTTP/2
www.acint.net/ping/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=68780086&dT=2023-02-02T17%3A34%3A41.028
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /ping/?v=0.5.1&uid=e77468b5-bedd-49b6-9621-a6dece44ede6&dp=10&tz=%2B00%3A00&nc=68780086&dT=2023-02-02T17%3A34%3A41.028 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://power-point-soft.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgR5GmPb9BNDqwPHyzXtAtVYVxiY/rXzviaWhqfi0l9BtayW; cSyncDp7v2=1675359251; cSyncDp14v3=1675359251; cSyncDp17=1675359251; cSyncDp32=1675359251; cSyncDp45v3=1675359251; cSyncDp53v2=1675359251; cSyncDp62=1675359251; cSyncDp67v2=1675359251; cSyncDp68=1675359251; cSyncDp71=1675359251; cSyncDp85=1675359251; cSyncDp95v3=1675359251; cSyncDp98v2=1675359251; cSyncDp101=1675359251; cSyncDp104v2=1675359251; cSyncDp107=1675359251; cSyncDp110=1675359251; cSyncDp125v3=1675359251; cSyncDp126=1675359251; cSyncDp127=1675359251; cSyncDp129=1675359251; cSyncDp136v2=1675359251; cSyncDp146=1675359251; cSyncDp148=1675359251; cSyncDp149v2=1675359251; cSyncDp151=1675359251; cSyncDp178=1675359251; cSyncDp186=1675359251; cSyncDp221=1675359251; cSyncDp235=1675359251
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 17:34:13 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/oci.js?t=1675359278029

157.90.179.28

200 OK

0 B

URL HTTP/2
www.acint.net/oci.js?t=1675359278029
IP
157.90.179.28:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /oci.js?t=1675359278029 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://power-point-soft.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 17:34:11 GMT
content-type: application/x-javascript
last-modified: Mon, 09 Jan 2023 08:01:26 GMT
etag: W/"63bbc9d6-7dac"
content-encoding: gzip
X-Firefox-Spdy: h2

an.yandex.ru/mapuid/sapeis/1A79042E13F4DB63C703AB4302ED35CB

93.158.134.90

302 Found

0 B

URL HTTP/2
an.yandex.ru/mapuid/sapeis/1A79042E13F4DB63C703AB4302ED35CB
IP
93.158.134.90:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mapuid/sapeis/1A79042E13F4DB63C703AB4302ED35CB HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/1A79042E13F4DB63C703AB4302ED35CB?redir-setuniq=1
date: Thu, 02 Feb 2023 17:34:12 GMT
set-cookie: yandexuid=7073561531675359252; domain=.yandex.ru; path=/; expires=Sun, 30-Jan-2033 17:34:12 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 17:34:12 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 02 Feb 2023 17:34:12 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D

5.200.43.243

302 Found

0 B

URL HTTP/2
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP
5.200.43.243:0
ASN
#48096 Enterprise Cloud Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=3ddf23e3b5ef435f896f0ac0cbc33cf8
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=3ddf23e3b5ef435f896f0ac0cbc33cf8; expires=Thu, 01 Feb 2024 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Thu, 02 Feb 2023 17:34:11 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL