docka1.ru/avia_perevozki
176.99.4.61200 OK 3.6 kB IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1238), with CRLF, CR, LF line terminators
Hash dd8f150251a7e5651296f477370e905c
a53565d85291d51c9d4d7bb27670175a1fd24b86
6ebadb47ee3dc11fca999f4aa61525d38feee4da8927dff9e7e3771c7ddf8975
Analyzer Verdict Alert fortinet Malware
GET /avia_perevozki HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:18 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3630
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10718
Expires: Thu, 02 Feb 2023 05:38:57 GMT
Date: Thu, 02 Feb 2023 02:40:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9504
Expires: Thu, 02 Feb 2023 05:18:43 GMT
Date: Thu, 02 Feb 2023 02:40:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4736
Expires: Thu, 02 Feb 2023 03:59:15 GMT
Date: Thu, 02 Feb 2023 02:40:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 02:36:03 GMT
content-type: application/json
age: 256
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ErlmOBSa4KvmMVaayns1GW359NQM/er3sN8uDuzX5YPuLzrg7j0Vhi6haG9BM/+BH4L6s6L+keU=
x-amz-request-id: A05MSDXKY3K2ZNTW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 01:51:47 GMT
age: 2912
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:40:19 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
docka1.ru/images/logo.gif
176.99.4.61200 OK 7.1 kB URL HTTP/1.1 docka1.ru/images/logo.gif
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 136 x 106\012- data
Hash 42af3e737a231a91f4495b536743ccee
29e36376c955fa4fc6996d55ffc6a7e373bfe75f
a1daf95cbeed737718e3f414f4b3d061661212c4a63a8a4d9a113f2cabaacb53
GET /images/logo.gif HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/avia_perevozki
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:19 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Sun, 15 Dec 2019 22:23:19 GMT
ETag: "1b98-599c58ace17df"
Accept-Ranges: bytes
Content-Length: 7064
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
pagead2.googlesyndication.com/pagead/show_ads.js
142.250.74.130200 OK 37 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (3594)
Hash cbf3e63c1bdcbb209e2c01b4a0c56501
678491df660a1aac1dd8fe60a650f08cc3cea440
1b8b8505ddadc490a1fecc62f2010bfb1985f8dbb3f6e7146293aa857e098b94
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Thu, 02 Feb 2023 02:40:19 GMT
Expires: Thu, 02 Feb 2023 02:40:19 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 2603019570975955640
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 36590
X-XSS-Protection: 0
docka1.ru/pics/5332_small.jpg
176.99.4.61200 OK 7.5 kB URL HTTP/1.1 docka1.ru/pics/5332_small.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 208x156, components 3\012- data
Hash 14e8dd850ec93df480fe23506e7a17c1
a9bf7ac8eda55caf0e089381d616e650dba43d08
518e90792b534ce81a3fbd0fb2c478a5f18f4e65859a8e40145288467eced572
GET /pics/5332_small.jpg HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/avia_perevozki
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:19 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Fri, 16 Dec 2022 04:54:21 GMT
ETag: "1d27-5efeac351ee61"
Accept-Ranges: bytes
Content-Length: 7463
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
docka1.ru/images/bg_logo.jpg
176.99.4.61200 OK 26 kB URL HTTP/1.1 docka1.ru/images/bg_logo.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 778x144, components 3\012- data
Hash 752413bf8f0902df0bb713d870d0d6cc
8922e1d5ac23e8eedd21680f77181e9372edcbbb
3b25c1745c80448c0412789831c44dba35b6820d15b718ddb977ebd256c77071
GET /images/bg_logo.jpg HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/avia_perevozki
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:19 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Sun, 15 Dec 2019 22:23:19 GMT
ETag: "6544-599c58acd8b3f"
Accept-Ranges: bytes
Content-Length: 25924
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
docka1.ru/pics/3532_small.jpg
176.99.4.61200 OK 10 kB URL HTTP/1.1 docka1.ru/pics/3532_small.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 208x156, components 3\012- data
Hash f7f04ce97f7b46e2dee635df8239d237
93c307eb25df0e87ce8e56fab4a9a42e6f788b05
02e296e39091ebdf2d81e298e3a415ff975bb2def78797ca3302b4986e80c684
GET /pics/3532_small.jpg HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/avia_perevozki
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:19 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Wed, 01 Apr 2020 11:07:05 GMT
ETag: "283a-5a238af415bc9"
Accept-Ranges: bytes
Content-Length: 10298
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
docka1.ru/pics/5378_small.jpg
176.99.4.61200 OK 6.4 kB URL HTTP/1.1 docka1.ru/pics/5378_small.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 208x156, components 3\012- data
Hash d8fc4e9d614e523ef566da9f405afd1f
63c7a370054aec177426f0fe613bda934a148657
edce43a29e3eb99d99588e39ea76593bb82aa242f61cd084345d91116d9bfc10
GET /pics/5378_small.jpg HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/avia_perevozki
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:19 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Thu, 26 Jan 2023 09:34:12 GMT
ETag: "192e-5f32773a19323"
Accept-Ranges: bytes
Content-Length: 6446
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
docka1.ru/pics/4197_small.jpg
176.99.4.61200 OK 6.0 kB URL HTTP/1.1 docka1.ru/pics/4197_small.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 208x156, components 3\012- data
Hash 0e64023d41ceafb29a39e6a51af0ed5b
b1b91a4654ceea576d923f502d958dc241d5d391
106abe92d13e56188e66fe3da9b8f1e6604a3a8d79f8789b8cc1a1056738477f
GET /pics/4197_small.jpg HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/avia_perevozki
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:19 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Tue, 09 Mar 2021 15:47:44 GMT
ETag: "1748-5bd1c78adde2f"
Accept-Ranges: bytes
Content-Length: 5960
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
docka1.ru/pics/3707_small.jpg
176.99.4.61200 OK 10 kB URL HTTP/1.1 docka1.ru/pics/3707_small.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 208x156, components 3\012- data
Hash f7f04ce97f7b46e2dee635df8239d237
93c307eb25df0e87ce8e56fab4a9a42e6f788b05
02e296e39091ebdf2d81e298e3a415ff975bb2def78797ca3302b4986e80c684
GET /pics/3707_small.jpg HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/avia_perevozki
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:19 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Wed, 15 Jul 2020 08:51:26 GMT
ETag: "283a-5aa770778fabf"
Accept-Ranges: bytes
Content-Length: 10298
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
docka1.ru/pics/5375_small.jpg
176.99.4.61200 OK 22 kB URL HTTP/1.1 docka1.ru/pics/5375_small.jpg
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 208x156, components 3\012- data
Hash 2000e0930dabf8815c2d686092eb842a
d22157260790d4a53fb2997b094ccd11ee631c56
37e6ae1f0243c175c115b16df818b7c1c1daa19b96d644d1e89ec7079dd425e4
GET /pics/5375_small.jpg HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/avia_perevozki
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:19 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Thu, 26 Jan 2023 09:27:28 GMT
ETag: "543e-5f3275b819288"
Accept-Ranges: bytes
Content-Length: 21566
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
docka1.ru/images/bg_verh.gif
176.99.4.61200 OK 430 B URL HTTP/1.1 docka1.ru/images/bg_verh.gif
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 778 x 9\012- data
Hash dda863576e31043ee132d7d2eba95936
ce8a6bded10b89311758d918fb8e3b279fce32c2
9567345775957a2ee99160898ef8e7b6546c1a4ddf9b0584ebf9c4fad4b4acd4
GET /images/bg_verh.gif HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/avia_perevozki
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:19 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Sun, 15 Dec 2019 22:23:19 GMT
ETag: "1ae-599c58acdba1f"
Accept-Ranges: bytes
Content-Length: 430
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
docka1.ru/images/bg_sred.gif
176.99.4.61200 OK 108 B URL HTTP/1.1 docka1.ru/images/bg_sred.gif
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 1 x 37\012- data
Hash 1f7bae42917a0cbfd9b9c679312536fe
ead841fecc600cb7048f9ff134e12da8f8f62a72
0472665c384d52f95cd6c7ee6ce6803e17073840bf4133eba33add2587e57973
GET /images/bg_sred.gif HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/avia_perevozki
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:19 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Sun, 15 Dec 2019 22:23:19 GMT
ETag: "6c-599c58acd6bfe"
Accept-Ranges: bytes
Content-Length: 108
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
docka1.ru/images/bg_cat2.gif
176.99.4.61200 OK 166 B URL HTTP/1.1 docka1.ru/images/bg_cat2.gif
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 250 x 1\012- data
Hash 6918f8d167ca7c13972ad164cb6eea43
d464754813a089c8ec63a8ca5a9f3d5b3845ab3e
64fea0d82ffc80afd3a8d3486f9767b4cb1cb65d3565ef1d8fa8ca1309a48402
GET /images/bg_cat2.gif HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/avia_perevozki
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:19 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Sun, 15 Dec 2019 22:23:19 GMT
ETag: "a6-599c58acc819d"
Accept-Ranges: bytes
Content-Length: 166
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
docka1.ru/images/bg_cat.gif
176.99.4.61200 OK 1.3 kB URL HTTP/1.1 docka1.ru/images/bg_cat.gif
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 250 x 54\012- data
Hash 146117d39c554aa61c98920c12730b58
e90432c9e88eccdb8509084474294a498f87ef40
3aa0895804b3628216cb908e26def1f515d2ddbd62b37504ba9e58c6b8a76eae
GET /images/bg_cat.gif HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/avia_perevozki
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:19 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Sun, 15 Dec 2019 22:23:19 GMT
ETag: "50e-599c58acbe55d"
Accept-Ranges: bytes
Content-Length: 1294
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
docka1.ru/images/bg_niz.gif
176.99.4.61200 OK 111 B URL HTTP/1.1 docka1.ru/images/bg_niz.gif
IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type GIF image data, version 89a, 1 x 54\012- data
Hash 1f79a36b7e6e0e0a9642bfbb86340e1a
dba001a2b17efe3c38368fc26c97ac78ac1ad947
ba5e2e2f8f24e7a8397e11d5ae9f53d093b2e8984b8e5adbc7505797057e7f45
GET /images/bg_niz.gif HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/avia_perevozki
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:19 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Sun, 15 Dec 2019 22:23:19 GMT
ETag: "6f-599c58acd0e3e"
Accept-Ranges: bytes
Content-Length: 111
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
st.top100.ru/top100/top100.js
81.19.89.18200 OK 33 kB URL HTTP/1.1 st.top100.ru/top100/top100.js
IP 81.19.89.18:0
ASN #24638 Rambler Internet Holding LLC
File type Unicode text, UTF-8 text, with very long lines (65420), with no line terminators
Hash df534f83fa509c56689ab6b52690e7d8
46c61770f621c2f634d8abc066d7d41b425c4412
c11439cbce07d6c138afe076cecede048c6649f554c6dbb8cf822bf58da25707
GET /top100/top100.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/
HTTP/1.1 200 OK
Server: nginx/1.19.4
Date: Thu, 02 Feb 2023 02:40:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 30 Jan 2023 10:42:42 GMT
x-rgw-object-type: Normal
ETag: W/"85fd0629b4936ca6bd7f6dca635c0da1"
x-amz-request-id: tx000000000000008b67f70-0063db227e-783970ff-default
Expires: Thu, 02 Feb 2023 03:40:19 GMT
Cache-Control: max-age=3600
Set-Cookie: proto_uid=1CIAAJMi22N5V2YcAW5EdgB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Content-Encoding: gzip
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash f31603e38477db611c2a41841c6a5282
5d660cb6a609f4da04accb94aaa037e0d8f168ee
2c5ce599bff03bb4bfe1722417d1bb35503423edb41c508d8efd40f2df82aba5
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 05 Feb 2023 23:30:57 GMT
ETag: "5d660cb6a609f4da04accb94aaa037e0d8f168ee"
Last-Modified: Wed, 01 Feb 2023 23:30:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f8fb95f74b503-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5117915a0a3632d04b72e65ea2a4fe72
2263c7273f623d75b82fb8ca00e5a771956b0d89
cf4eb4156859b45fd6cce69e44a6b4a3cbc777cae9ae3855e431e43510ab34d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF4EB4156859B45FD6CCE69E44A6B4A3CBC777CAE9AE3855E431E43510AB34D5"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5911
Expires: Thu, 02 Feb 2023 04:18:50 GMT
Date: Thu, 02 Feb 2023 02:40:19 GMT
Connection: keep-alive
vse.doski.ru/top.gif?id=68673
185.10.63.173200 OK 2.3 kB URL HTTP/1.1 vse.doski.ru/top.gif?id=68673
IP 185.10.63.173:0
File type GIF image data, version 89a, 88 x 31\012- data
Hash bb668e5a17164c04c036cfeba2666748
2023e2503e73ae07b493aa5934b8bc8c7f9b49c6
ac237f3a6741dae13425b8fe8cd04a3d8ed3227e7f7c8bbde8f13860b2a7c9f1
GET /top.gif?id=68673 HTTP/1.1
Host: vse.doski.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:19 GMT
Server: Apache/2.4.41 (Ubuntu)
Expires: Mon, 1 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Length: 2323
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
www.acint.net/aci.js
157.90.179.28200 OK 7.8 kB IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1649)
Hash 23df47b4330754db70e9c1e32f0092d6
dea956b3a9dad9fa3cc352180be435943e8d0352
0056d5c8969a597094abb6cc9f3a383631ba9c0f13ac620d735f0788807fb4de
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 02:40:19 GMT
content-type: application/x-javascript
content-length: 7757
last-modified: Mon, 09 Jan 2023 08:01:55 GMT
etag: "63bbc9f3-1e4d"
content-encoding: gzip
expires: Thu, 02 Feb 2023 14:40:19 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 01:41:43 GMT
age: 3516
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e755899c25c5cac7cf7b31cde16786ad
0151d41054a4ad7e7ace1bcb657c7a768de9d186
7abf0867609533a6a17a0bf12129b07b0df5df7bffeb475640f8099ca7a2ac4d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5765
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:40:19 GMT
Last-Modified: Thu, 02 Feb 2023 01:04:14 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
www.acint.net/oci.js?t=1675305643915
157.90.179.28302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/oci.js?t=1675305643915
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /oci.js?t=1675305643915 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 02:40:19 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/oci.js?t=1675305643915
www.acint.net/mc/?dp=10
157.90.179.28302 Moved Temporarily 142 B IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 02:40:19 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10
www.acint.net/hit/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=95722624&u=http%3A%2F%2Fdocka1.ru%2Favia_perevozki&r=&rs=1280x1024&t=%D0%90%D0%B2%D0%B8%D0%B0%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B2%D0%BE%D0%B7%D0%BA%D0%B8%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&oE=1&oP=1&dT=2023-02-02T02%3A40%3A43.913&fu=c4b43699-2241-47a6-a9be-66e90cf171c6
157.90.179.28302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/hit/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=95722624&u=http%3A%2F%2Fdocka1.ru%2Favia_perevozki&r=&rs=1280x1024&t=%D0%90%D0%B2%D0%B8%D0%B0%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B2%D0%BE%D0%B7%D0%BA%D0%B8%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&oE=1&oP=1&dT=2023-02-02T02%3A40%3A43.913&fu=c4b43699-2241-47a6-a9be-66e90cf171c6
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /hit/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=95722624&u=http%3A%2F%2Fdocka1.ru%2Favia_perevozki&r=&rs=1280x1024&t=%D0%90%D0%B2%D0%B8%D0%B0%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B2%D0%BE%D0%B7%D0%BA%D0%B8%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&oE=1&oP=1&dT=2023-02-02T02%3A40%3A43.913&fu=c4b43699-2241-47a6-a9be-66e90cf171c6 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 02:40:19 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=95722624&u=http%3A%2F%2Fdocka1.ru%2Favia_perevozki&r=&rs=1280x1024&t=%D0%90%D0%B2%D0%B8%D0%B0%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B2%D0%BE%D0%B7%D0%BA%D0%B8%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&oE=1&oP=1&dT=2023-02-02T02%3A40%3A43.913&fu=c4b43699-2241-47a6-a9be-66e90cf171c6
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 645e18eb96cee5f256105bba3a8c5a7b
7a7c29c6493fa925f9097449264d0856c874e043
41899e1e5115701c2e91849204f92181fe17e35af256365c85764bab703734b3
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 05 Feb 2023 22:52:08 GMT
ETag: "7a7c29c6493fa925f9097449264d0856c874e043"
Last-Modified: Wed, 01 Feb 2023 22:52:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3330
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f8fbbc904b51e-OSL
kraken.rambler.ru/userip
81.19.89.18200 OK 12 B IP 81.19.89.18:0
ASN #24638 Rambler Internet Holding LLC
File type ASCII text, with no line terminators
Hash 35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
GET /userip HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://docka1.ru
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Thu, 02 Feb 2023 02:40:19 GMT
content-type: application/octet-stream
content-length: 12
access-control-allow-origin: http://docka1.ru
x-srv: 2kraken-prod0001.ad.rambler.tech
set-cookie: ruid=1CIAAJMi22OMBuOOAZp+dQB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAJMi22OMBuOOAZp+dQB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10
157.90.179.28302 Found 154 B IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://docka1.ru/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 02 Feb 2023 02:40:19 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Thu, 02-Feb-23 02:50:19 GMT
aid=fwAAAWPbIpMeFwNdHSUTAkqDpeEebCALi5KdT1AFZss1qNDC; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=95722624&u=http%3A%2F%2Fdocka1.ru%2Favia_perevozki&r=&rs=1280x1024&t=%D0%90%D0%B2%D0%B8%D0%B0%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B2%D0%BE%D0%B7%D0%BA%D0%B8%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&oE=1&oP=1&dT=2023-02-02T02%3A40%3A43.913&fu=c4b43699-2241-47a6-a9be-66e90cf171c6
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=95722624&u=http%3A%2F%2Fdocka1.ru%2Favia_perevozki&r=&rs=1280x1024&t=%D0%90%D0%B2%D0%B8%D0%B0%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B2%D0%BE%D0%B7%D0%BA%D0%B8%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&oE=1&oP=1&dT=2023-02-02T02%3A40%3A43.913&fu=c4b43699-2241-47a6-a9be-66e90cf171c6
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=95722624&u=http%3A%2F%2Fdocka1.ru%2Favia_perevozki&r=&rs=1280x1024&t=%D0%90%D0%B2%D0%B8%D0%B0%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B2%D0%BE%D0%B7%D0%BA%D0%B8%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&oE=1&oP=1&dT=2023-02-02T02%3A40%3A43.913&fu=c4b43699-2241-47a6-a9be-66e90cf171c6 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://docka1.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 02:40:19 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=fwAAAWPbIpMeFwNdHSUcAoBB789g4JJAgOiRHpme2155792K; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/oci.js?t=1675305643915
157.90.179.28200 OK 15 kB URL HTTP/2 www.acint.net/oci.js?t=1675305643915
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
Hash a4827af6f8bcf6e97651337bbdbe7a61
89273203137973d4538154e9f3a4907686d956b0
611bc8151b7dcf4f4de56c82b2a338d2ce8f35eee4481dd940d8af2d8b863409
GET /oci.js?t=1675305643915 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://docka1.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 02:40:19 GMT
content-type: application/x-javascript
last-modified: Mon, 09 Jan 2023 08:02:02 GMT
etag: W/"63bbc9fa-7dac"
content-encoding: gzip
X-Firefox-Spdy: h2
docka1.ru/favicon.ico
176.99.4.61404 Not Found 271 B IP 176.99.4.61:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 011a67c36d848d8f1db31ac567bf785b
6129b716dae1d5af6e499a71893a08f2a54a0cd7
056e42f35f486ef34cbd7b6cac9b7800f2fc8f47c8a0230970545b30d75bf131
GET /favicon.ico HTTP/1.1
Host: docka1.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/avia_perevozki
Cookie: adtech_uid=dd6050c3-00f1-4505-b088-98ea934d071f%3Adocka1.ru; top100_id=t1.6960899.147550442.1675305643871; t3_sid_6960899=s1.664181431.1675305643872.1675305643872.1.1; fid=c4b43699-2241-47a6-a9be-66e90cf171c6
HTTP/1.1 404 Not Found
Date: Thu, 02 Feb 2023 02:40:19 GMT
Server: Apache/2.4.25 (Debian)
Content-Length: 271
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:40:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250301/show_ads_impl_with_ama_fy2021.js?client=pub-1087108116253707&plah=docka1.ru&bust=31071928
142.250.74.130200 OK 121 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250301/show_ads_impl_with_ama_fy2021.js?client=pub-1087108116253707&plah=docka1.ru&bust=31071928
IP 142.250.74.130:0
File type ASCII text, with very long lines (3928)
Size 121 kB (120847 bytes)
Hash a05d99ce1cf98f10b86ed6680c5771a2
d94a1598bb9bcb423c83d80fd5572bd75f2d6b50
a48519b4adbb5d61c391a0c1df90bb7a61e09626f4c892cff1bdabf57bf54bfc
GET /pagead/managed/js/adsense/m202301250301/show_ads_impl_with_ama_fy2021.js?client=pub-1087108116253707&plah=docka1.ru&bust=31071928 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 02 Feb 2023 02:40:19 GMT
expires: Thu, 02 Feb 2023 02:40:19 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 15918416614121300308
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 120847
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/?et=pv&v=3.13.6&pid=6960899&tid=t1.6960899.147550442.1675305643871&rid=1675305643.871-979974215&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=276256440966909&aduid=dd6050c3-00f1-4505-b088-98ea934d071f&aduidsc=docka1.ru&stid=664181431_1675305643872&sn=1&sen=1&ce=1&bs=1268x1351&rf&en=UTF-8&pt=%D0%90%D0%B2%D0%B8%D0%B0%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B2%D0%BE%D0%B7%D0%BA%D0%B8%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=http%3A%2F%2Fdocka1.ru%2Favia_perevozki&lv&exp=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=2013036901
81.19.89.18200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/?et=pv&v=3.13.6&pid=6960899&tid=t1.6960899.147550442.1675305643871&rid=1675305643.871-979974215&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=276256440966909&aduid=dd6050c3-00f1-4505-b088-98ea934d071f&aduidsc=docka1.ru&stid=664181431_1675305643872&sn=1&sen=1&ce=1&bs=1268x1351&rf&en=UTF-8&pt=%D0%90%D0%B2%D0%B8%D0%B0%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B2%D0%BE%D0%B7%D0%BA%D0%B8%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=http%3A%2F%2Fdocka1.ru%2Favia_perevozki&lv&exp=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=2013036901
IP 81.19.89.18:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash 10d95efe74b84de86398a30e7b958b79
94daf75996fe1f81c858d619b00d09e9c82b093e
fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6
GET /cnt/?et=pv&v=3.13.6&pid=6960899&tid=t1.6960899.147550442.1675305643871&rid=1675305643.871-979974215&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=276256440966909&aduid=dd6050c3-00f1-4505-b088-98ea934d071f&aduidsc=docka1.ru&stid=664181431_1675305643872&sn=1&sen=1&ce=1&bs=1268x1351&rf&en=UTF-8&pt=%D0%90%D0%B2%D0%B8%D0%B0%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B2%D0%BE%D0%B7%D0%BA%D0%B8%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=http%3A%2F%2Fdocka1.ru%2Favia_perevozki&lv&exp=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=2013036901 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Thu, 02 Feb 2023 02:40:20 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 2kraken-prod0001.ad.rambler.tech
set-cookie: ruid=1CIAAJQi22OqBs+VAaXIcAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAJQi22OqBs+VAaXIcAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6960899&session_id=664181431_1675305643872&session_number=1&session_event_number=1&version=3.13.6&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6960899.147550442.1675305643871&adtech_uid=dd6050c3-00f1-4505-b088-98ea934d071f&adtech_uid_scope=docka1.ru&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=http%3A%2F%2Fdocka1.ru%2Favia_perevozki&request_id=1675305643.871-979974215&event_id=594656440975897&meta=%7B%22title%22%3A%22%D0%90%D0%B2%D0%B8%D0%B0%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B2%D0%BE%D0%B7%D0%BA%D0%B8%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x1351%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=286298824
81.19.89.18200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6960899&session_id=664181431_1675305643872&session_number=1&session_event_number=1&version=3.13.6&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6960899.147550442.1675305643871&adtech_uid=dd6050c3-00f1-4505-b088-98ea934d071f&adtech_uid_scope=docka1.ru&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=http%3A%2F%2Fdocka1.ru%2Favia_perevozki&request_id=1675305643.871-979974215&event_id=594656440975897&meta=%7B%22title%22%3A%22%D0%90%D0%B2%D0%B8%D0%B0%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B2%D0%BE%D0%B7%D0%BA%D0%B8%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x1351%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=286298824
IP 81.19.89.18:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash 10d95efe74b84de86398a30e7b958b79
94daf75996fe1f81c858d619b00d09e9c82b093e
fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6
GET /cnt/v2/?event_type=base&event_name=page_view&project_id=6960899&session_id=664181431_1675305643872&session_number=1&session_event_number=1&version=3.13.6&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6960899.147550442.1675305643871&adtech_uid=dd6050c3-00f1-4505-b088-98ea934d071f&adtech_uid_scope=docka1.ru&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=http%3A%2F%2Fdocka1.ru%2Favia_perevozki&request_id=1675305643.871-979974215&event_id=594656440975897&meta=%7B%22title%22%3A%22%D0%90%D0%B2%D0%B8%D0%B0%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B2%D0%BE%D0%B7%D0%BA%D0%B8%2C%20%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%94%D0%9E%D0%A1%D0%9A%D0%901.RU%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x1351%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=286298824 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Thu, 02 Feb 2023 02:40:20 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 2kraken-prod0001.ad.rambler.tech
set-cookie: ruid=1CIAAJQi22OqBs+VAabIcAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAJQi22OqBs+VAabIcAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
a.utraff.com/sync?ssp=Sape
104.21.59.66204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=Sape
IP 104.21.59.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=Sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 02:40:20 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Sat, 04 Mar 2023 05:40:20 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Sat, 04 Mar 2023 05:40:20 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9prREcwmRy6sIxC2z%2BZ7xdTK1b4i6kMu4jE%2BVfTJDmbjbyKf4pKFulAq5L76rudis1F2oaCWwtwAtB%2BBFHl%2B2dlfv8RB5miyf5YaepDinOv9y0t41zoQpOGmyC6yAY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f8fbce8b40b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dm-eu.hybrid.ai/match?id=106&vid=0100007F9322DB635D03171E0213251D
37.18.103.16204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=0100007F9322DB635D03171E0213251D
IP 37.18.103.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=0100007F9322DB635D03171E0213251D HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 02:40:20 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=2cda6ccf2281beb8864f; Expires=Fri, 02 Feb 2024 02:40:19 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 510
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.acint.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c70fa210db8cb3a65d555bef49e050bc
8a834fe202d34465e13fdaefc7562702097e0fdc
d13d61f106ad0d5b69027daa0e626df63e0aaeac2f46f244f0806bcc90f69e0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D13D61F106AD0D5B69027DAA0E626DF63E0AAEAC2F46F244F0806BCC90F69E0F"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7800
Expires: Thu, 02 Feb 2023 04:50:20 GMT
Date: Thu, 02 Feb 2023 02:40:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 213bf18096690cc57ffe2b030352f8ce
6d09271ba2e35da23eac601cccea7e3ec3b4a604
7969d8481f3db7aa880ccee7fee64582d724455df82d006481ec54816a726d9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7969D8481F3DB7AA880CCEE7FEE64582D724455DF82D006481EC54816A726D9F"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17689
Expires: Thu, 02 Feb 2023 07:35:09 GMT
Date: Thu, 02 Feb 2023 02:40:20 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
185.147.80.35302 Found 74 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP 185.147.80.35:0
File type HTML document, ASCII text
Hash 9dd99d483d3b9930cddaec1119ff8009
b2706b827b08ef3ca64e4f970e6f4657d6c661de
b2f403be3da441d39899f9556b22f6f948530e1302134bc4361f8e21b097a1ad
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 74
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=LPWWHPLB
Set-Cookie: uid=LPWWHPLB; Expires=Sun, 30 Jan 2033 02:40:20 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 96c794fe0eb0984074775ba4e182ed9d
bd6f5a86011fa199bc4197a37fb84079eb487f7e
3f626fa9d03173ededfce2c39da3be2989781484ca87bed7d8a8fd0f68fb051b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F626FA9D03173EDEDFCE2C39DA3BE2989781484CA87BED7D8A8FD0F68FB051B"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13532
Expires: Thu, 02 Feb 2023 06:25:52 GMT
Date: Thu, 02 Feb 2023 02:40:20 GMT
Connection: keep-alive
sync.upravel.com/sape/sync
148.251.236.118302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP 148.251.236.118:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 02:38:54 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1675305620145;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1675305620145;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d5acd22c976d3d94068c9349b497482
be20fc6f4c6c202daf5eae4b1fd892115294a89c
111e5f4b82ed37ac2356e3878e7bdb60a5190475dbbef9a7b2e349c45e10ae13
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "111E5F4B82ED37AC2356E3878E7BDB60A5190475DBBEF9A7B2E349C45E10AE13"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12340
Expires: Thu, 02 Feb 2023 06:06:00 GMT
Date: Thu, 02 Feb 2023 02:40:20 GMT
Connection: keep-alive
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
193.3.184.211302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP 193.3.184.211:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=2C03420A9422DB634500B13802E845CA
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDLGPbIpQ4sQBFykXoAhmRL5F4Se8KfwUK1Q06PcaMx2kl; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
s.uuidksinc.net/match/396/?remote_uid=0100007F9322DB635D03171E0213251D
185.196.197.130302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=0100007F9322DB635D03171E0213251D
IP 185.196.197.130:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=0100007F9322DB635D03171E0213251D HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Thu, 02 Feb 2023 02:40:20 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=s64f9gnPNVSvJkPON6TJ
set-cookie: jcsuuid=s64f9gnPNVSvJkPON6TJ; expires=Fri, 02 Feb 2024 02:40:20 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/match?dp=95&euid=LPWWHPLB
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=LPWWHPLB
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=LPWWHPLB HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPbIpMeFwNdHSUcAoBB789g4JJAgOiRHpme2155792K; cSyncDp7v2=1675305619; cSyncDp14v3=1675305619; cSyncDp17=1675305619; cSyncDp32=1675305619; cSyncDp45v3=1675305619; cSyncDp53v2=1675305619; cSyncDp62=1675305619; cSyncDp67v2=1675305619; cSyncDp68=1675305619; cSyncDp71=1675305619; cSyncDp85=1675305619; cSyncDp95v3=1675305619; cSyncDp98v2=1675305619; cSyncDp101=1675305619; cSyncDp104v2=1675305619; cSyncDp107=1675305619; cSyncDp110=1675305619; cSyncDp125v3=1675305619; cSyncDp126=1675305619; cSyncDp127=1675305619; cSyncDp129=1675305619; cSyncDp136v2=1675305619; cSyncDp146=1675305619; cSyncDp148=1675305619; cSyncDp149v2=1675305619; cSyncDp151=1675305619; cSyncDp178=1675305619; cSyncDp186=1675305619; cSyncDp221=1675305619; cSyncDp235=1675305619
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 02:40:20 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aa8a4de2da89e63bf5d87528f4942f8e
842533601fec8fa0504e9f12a68c638ac83f99f3
acad47db275e28fde5be3477bdb915aca613e8e7a3e04486e52fd47f6463151f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ACAD47DB275E28FDE5BE3477BDB915ACA613E8E7A3E04486E52FD47F6463151F"
Last-Modified: Tue, 31 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8171
Expires: Thu, 02 Feb 2023 04:56:31 GMT
Date: Thu, 02 Feb 2023 02:40:20 GMT
Connection: keep-alive
push.services.mozilla.com/
52.88.112.71101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.112.71:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LbH9q2bOiL6Y4PgZRwHTXg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +yAr23Onx1zSLdgVDs/8MiIoT6Q=
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
148.251.236.118302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP 148.251.236.118:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1675305620145
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 02:38:54 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=4101bcb6-70fa-46aa-a25e-4ee5da797c3f;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=4101bcb6-70fa-46aa-a25e-4ee5da797c3f;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=4101bcb6-70fa-46aa-a25e-4ee5da797c3f
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c38aef777743922d08ac552bdc4b3968
d0f8258c4a8aeb9259973c4492e6c9cf7518e744
a521d1d7702d2f422b03313d0e76e34eda17838bd8e989464e1bd72cbd5c9b34
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A521D1D7702D2F422B03313D0E76E34EDA17838BD8E989464E1BD72CBD5C9B34"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7125
Expires: Thu, 02 Feb 2023 04:39:05 GMT
Date: Thu, 02 Feb 2023 02:40:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c38aef777743922d08ac552bdc4b3968
d0f8258c4a8aeb9259973c4492e6c9cf7518e744
a521d1d7702d2f422b03313d0e76e34eda17838bd8e989464e1bd72cbd5c9b34
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A521D1D7702D2F422B03313D0E76E34EDA17838BD8E989464E1BD72CBD5C9B34"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7125
Expires: Thu, 02 Feb 2023 04:39:05 GMT
Date: Thu, 02 Feb 2023 02:40:20 GMT
Connection: keep-alive
www.acint.net/match?dp=127&euid=s64f9gnPNVSvJkPON6TJ
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=s64f9gnPNVSvJkPON6TJ
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=s64f9gnPNVSvJkPON6TJ HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPbIpMeFwNdHSUcAoBB789g4JJAgOiRHpme2155792K; cSyncDp7v2=1675305619; cSyncDp14v3=1675305619; cSyncDp17=1675305619; cSyncDp32=1675305619; cSyncDp45v3=1675305619; cSyncDp53v2=1675305619; cSyncDp62=1675305619; cSyncDp67v2=1675305619; cSyncDp68=1675305619; cSyncDp71=1675305619; cSyncDp85=1675305619; cSyncDp95v3=1675305619; cSyncDp98v2=1675305619; cSyncDp101=1675305619; cSyncDp104v2=1675305619; cSyncDp107=1675305619; cSyncDp110=1675305619; cSyncDp125v3=1675305619; cSyncDp126=1675305619; cSyncDp127=1675305619; cSyncDp129=1675305619; cSyncDp136v2=1675305619; cSyncDp146=1675305619; cSyncDp148=1675305619; cSyncDp149v2=1675305619; cSyncDp151=1675305619; cSyncDp178=1675305619; cSyncDp186=1675305619; cSyncDp221=1675305619; cSyncDp235=1675305619
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 02:40:20 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=129&euid=5rmm89o38m
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=5rmm89o38m
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=5rmm89o38m HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPbIpMeFwNdHSUcAoBB789g4JJAgOiRHpme2155792K; cSyncDp7v2=1675305619; cSyncDp14v3=1675305619; cSyncDp17=1675305619; cSyncDp32=1675305619; cSyncDp45v3=1675305619; cSyncDp53v2=1675305619; cSyncDp62=1675305619; cSyncDp67v2=1675305619; cSyncDp68=1675305619; cSyncDp71=1675305619; cSyncDp85=1675305619; cSyncDp95v3=1675305619; cSyncDp98v2=1675305619; cSyncDp101=1675305619; cSyncDp104v2=1675305619; cSyncDp107=1675305619; cSyncDp110=1675305619; cSyncDp125v3=1675305619; cSyncDp126=1675305619; cSyncDp127=1675305619; cSyncDp129=1675305619; cSyncDp136v2=1675305619; cSyncDp146=1675305619; cSyncDp148=1675305619; cSyncDp149v2=1675305619; cSyncDp151=1675305619; cSyncDp178=1675305619; cSyncDp186=1675305619; cSyncDp221=1675305619; cSyncDp235=1675305619
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 02:40:20 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ad50fd429d43590d1ef8635ee01498ea
f0917fd3a14ea4f5b1e97dcd534338c5ff06c8af
50edbb5e017eb9381fccaf770b4fc5dc94e970ea2631eec51e180ac69d59a70b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 15:41:07 GMT
Expires: Tue, 07 Feb 2023 15:41:06 GMT
Etag: "f0917fd3a14ea4f5b1e97dcd534338c5ff06c8af"
Cache-Control: max-age=478245,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792f8fbe4d511bfe-OSL
www.acint.net/oci/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=85625228&oid=39e8192718f4ed5a678fc273d654392b
157.90.179.28302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/oci/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=85625228&oid=39e8192718f4ed5a678fc273d654392b
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /oci/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=85625228&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/oci/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=85625228&oid=39e8192718f4ed5a678fc273d654392b
pix.bumlam.com/sync/sape/check?sspuid=0100007F9322DB635D03171E0213251D
31.172.81.159302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/check?sspuid=0100007F9322DB635D03171E0213251D
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/check?sspuid=0100007F9322DB635D03171E0213251D HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 41c364029839520a79591196a4c26564
8f5ad894e16c8cc5b9cc6061126ba5ffdf7d7062
459863eea1989b224ebdddb9cc03fac407706eb62d6e89e49c0ed5b03287bde4
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 05 Feb 2023 23:46:47 GMT
ETag: "8f5ad894e16c8cc5b9cc6061126ba5ffdf7d7062"
Last-Modified: Wed, 01 Feb 2023 23:46:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1047
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f8fbe997eb503-OSL
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F9322DB635D03171E0213251D
87.242.89.90200 OK 12 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F9322DB635D03171E0213251D
IP 87.242.89.90:0
File type exported SGML document, ASCII text, with no line terminators
Hash d8932e1cb3ee147415fbf5591a7217ca
97da5b95fb7f60ecd8d9ed0e5a05d83ad5a9c070
c0327cbcde50f1ab8228334a550b947301123d6f6f7d625707cb6d08a1faec35
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F9322DB635D03171E0213251D HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:40:20 GMT
content-type: text/html
content-length: 12
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
etag: "63d8131e-c"
accept-ranges: bytes
server: elb
X-Firefox-Spdy: h2
www.acint.net/match?dp=71&euid=4101bcb6-70fa-46aa-a25e-4ee5da797c3f
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=4101bcb6-70fa-46aa-a25e-4ee5da797c3f
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=4101bcb6-70fa-46aa-a25e-4ee5da797c3f HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPbIpMeFwNdHSUcAoBB789g4JJAgOiRHpme2155792K; cSyncDp7v2=1675305619; cSyncDp14v3=1675305619; cSyncDp17=1675305619; cSyncDp32=1675305619; cSyncDp45v3=1675305619; cSyncDp53v2=1675305619; cSyncDp62=1675305619; cSyncDp67v2=1675305619; cSyncDp68=1675305619; cSyncDp71=1675305619; cSyncDp85=1675305619; cSyncDp95v3=1675305619; cSyncDp98v2=1675305619; cSyncDp101=1675305619; cSyncDp104v2=1675305619; cSyncDp107=1675305619; cSyncDp110=1675305619; cSyncDp125v3=1675305619; cSyncDp126=1675305619; cSyncDp127=1675305619; cSyncDp129=1675305619; cSyncDp136v2=1675305619; cSyncDp146=1675305619; cSyncDp148=1675305619; cSyncDp149v2=1675305619; cSyncDp151=1675305619; cSyncDp178=1675305619; cSyncDp186=1675305619; cSyncDp221=1675305619; cSyncDp235=1675305619
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 02:40:20 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
acint.net/match?dp=110&euid=7404dece853742b88898484524e59626
157.90.179.28200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=7404dece853742b88898484524e59626
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=7404dece853742b88898484524e59626 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPbIpMeFwNdHSUcAoBB789g4JJAgOiRHpme2155792K; cSyncDp7v2=1675305619; cSyncDp14v3=1675305619; cSyncDp17=1675305619; cSyncDp32=1675305619; cSyncDp45v3=1675305619; cSyncDp53v2=1675305619; cSyncDp62=1675305619; cSyncDp67v2=1675305619; cSyncDp68=1675305619; cSyncDp71=1675305619; cSyncDp85=1675305619; cSyncDp95v3=1675305619; cSyncDp98v2=1675305619; cSyncDp101=1675305619; cSyncDp104v2=1675305619; cSyncDp107=1675305619; cSyncDp110=1675305619; cSyncDp125v3=1675305619; cSyncDp126=1675305619; cSyncDp127=1675305619; cSyncDp129=1675305619; cSyncDp136v2=1675305619; cSyncDp146=1675305619; cSyncDp148=1675305619; cSyncDp149v2=1675305619; cSyncDp151=1675305619; cSyncDp178=1675305619; cSyncDp186=1675305619; cSyncDp221=1675305619; cSyncDp235=1675305619
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 02:40:20 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&uid=0100007F9322DB635D03171E0213251D
31.172.81.158302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=0100007F9322DB635D03171E0213251D
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=0100007F9322DB635D03171E0213251D HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRlZjVjZGI0ZS1hMmEyLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Wed, 28 Jan 2043 02:40:20 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARiUxeyeBmIgMDEwMDAwN0Y5MzIyREI2MzVEMDMxNzFFMDIxMzI1MUSiARDvXNtOoqIR7aHEACWQyCQ3
ETag: ef5cdb4e-a2a2-11ed-a1c4-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
acint.net/match?dp=14&euid=2C03420A9422DB634500B13802E845CA
157.90.179.28200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=2C03420A9422DB634500B13802E845CA
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=2C03420A9422DB634500B13802E845CA HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPbIpMeFwNdHSUcAoBB789g4JJAgOiRHpme2155792K; cSyncDp7v2=1675305619; cSyncDp14v3=1675305619; cSyncDp17=1675305619; cSyncDp32=1675305619; cSyncDp45v3=1675305619; cSyncDp53v2=1675305619; cSyncDp62=1675305619; cSyncDp67v2=1675305619; cSyncDp68=1675305619; cSyncDp71=1675305619; cSyncDp85=1675305619; cSyncDp95v3=1675305619; cSyncDp98v2=1675305619; cSyncDp101=1675305619; cSyncDp104v2=1675305619; cSyncDp107=1675305619; cSyncDp110=1675305619; cSyncDp125v3=1675305619; cSyncDp126=1675305619; cSyncDp127=1675305619; cSyncDp129=1675305619; cSyncDp136v2=1675305619; cSyncDp146=1675305619; cSyncDp148=1675305619; cSyncDp149v2=1675305619; cSyncDp151=1675305619; cSyncDp178=1675305619; cSyncDp186=1675305619; cSyncDp221=1675305619; cSyncDp235=1675305619
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 02:40:20 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 26896c6042f71e76e9612b93ced1f1dc
fd7a548019cc4e48be4129f578c0579e8d127269
fa16e2e7e3c433eb56017508ed7cb011bd0a94e5ca51e5bc20cd87c8ba3ab024
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA16E2E7E3C433EB56017508ED7CB011BD0A94E5CA51E5BC20CD87C8BA3AB024"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4412
Expires: Thu, 02 Feb 2023 03:53:52 GMT
Date: Thu, 02 Feb 2023 02:40:20 GMT
Connection: keep-alive
st.top100.ru/top100/3.13.6/usability.js
81.19.89.18200 OK 3.9 kB URL HTTP/2 st.top100.ru/top100/3.13.6/usability.js
IP 81.19.89.18:0
ASN #24638 Rambler Internet Holding LLC
File type ASCII text, with very long lines (14600), with no line terminators
Hash f1f9f96052de66a84281f4b8ba114325
c5d59ed010bf5426318ed0b6d7411d8046a1d04a
ae5fcfc7a1df3510e807396275277f83eb598145d5c6dda075fb12012111744c
GET /top100/3.13.6/usability.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Thu, 02 Feb 2023 02:40:19 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 30 Jan 2023 10:42:42 GMT
x-rgw-object-type: Normal
etag: W/"e8cd7191520320c30825c4c7c12b0d42"
x-amz-request-id: tx000000000000008b67904-0063db226c-783970ff-default
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
set-cookie: proto_uid=1CIAAJMi22O8BlSYAc8tcwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
167.235.33.115301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP 167.235.33.115:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash 49f1f5a3aab84c4bbfae283c370bcde0
0e3fb2de2a357e9aa493ebf8fc2efbac7ff18dc3
ca8b8487960b0e52f462429e2a4e4af2459ea156fbd4d50db9ec1f5fd224037c
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 02 Feb 2023 02:40:20 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=42012b01-949c-4190-7cb7-83d27971c66f
serverid: TODO
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f44095f8ebc7d211f4ee24d88a703128
97263cb2c5d0237c08bee075fb75c8bddefddf2c
1183ec38cb48e7986d42d545c968616fe9f996f73849f1da6c111eb4ccfbb529
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.acint.net/oci/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=85625228&oid=39e8192718f4ed5a678fc273d654392b
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/oci/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=85625228&oid=39e8192718f4ed5a678fc273d654392b
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /oci/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=85625228&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://docka1.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPbIpMeFwNdHSUcAoBB789g4JJAgOiRHpme2155792K; cSyncDp7v2=1675305619; cSyncDp14v3=1675305619; cSyncDp17=1675305619; cSyncDp32=1675305619; cSyncDp45v3=1675305619; cSyncDp53v2=1675305619; cSyncDp62=1675305619; cSyncDp67v2=1675305619; cSyncDp68=1675305619; cSyncDp71=1675305619; cSyncDp85=1675305619; cSyncDp95v3=1675305619; cSyncDp98v2=1675305619; cSyncDp101=1675305619; cSyncDp104v2=1675305619; cSyncDp107=1675305619; cSyncDp110=1675305619; cSyncDp125v3=1675305619; cSyncDp126=1675305619; cSyncDp127=1675305619; cSyncDp129=1675305619; cSyncDp136v2=1675305619; cSyncDp146=1675305619; cSyncDp148=1675305619; cSyncDp149v2=1675305619; cSyncDp151=1675305619; cSyncDp178=1675305619; cSyncDp186=1675305619; cSyncDp221=1675305619; cSyncDp235=1675305619
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 02:40:20 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bac30724b4d5e7813c3f649da4c1be81
68709ea92544ba83880208fb1a9923010a97652d
319df7ec746969bf3e8b84e1a846d2bb09f3e9f6fd2ef0887989698357ed245f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "319DF7EC746969BF3E8B84E1A846D2BB09F3E9F6FD2EF0887989698357ED245F"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19812
Expires: Thu, 02 Feb 2023 08:10:32 GMT
Date: Thu, 02 Feb 2023 02:40:20 GMT
Connection: keep-alive
partner.googleadservices.com/gampad/cookie.js?domain=docka1.ru&callback=_gfp_s_&client=ca-pub-1087108116253707
142.250.74.66200 OK 249 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=docka1.ru&callback=_gfp_s_&client=ca-pub-1087108116253707
IP 142.250.74.66:0
File type ASCII text, with very long lines (385), with no line terminators
Hash b32e9f2bbeb084d612d94c847396dd89
b51e21f5cf1ac9c5c1433c81825b66d618aab390
a685a28ea65b18b7fc7324a6cf664e37e7cf96630dadc96bf909ba0ee8926e0d
GET /gampad/cookie.js?domain=docka1.ru&callback=_gfp_s_&client=ca-pub-1087108116253707 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 02:40:20 GMT
server: cafe
cache-control: private
content-length: 249
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
match.new-programmatic.com/userbind?src=sape&id=0100007F9322DB635D03171E0213251D
217.65.2.150204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=0100007F9322DB635D03171E0213251D
IP 217.65.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=0100007F9322DB635D03171E0213251D HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
www.acint.net/match?dp=126&euid=42012b01-949c-4190-7cb7-83d27971c66f
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=42012b01-949c-4190-7cb7-83d27971c66f
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=42012b01-949c-4190-7cb7-83d27971c66f HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPbIpMeFwNdHSUcAoBB789g4JJAgOiRHpme2155792K; cSyncDp7v2=1675305619; cSyncDp14v3=1675305619; cSyncDp17=1675305619; cSyncDp32=1675305619; cSyncDp45v3=1675305619; cSyncDp53v2=1675305619; cSyncDp62=1675305619; cSyncDp67v2=1675305619; cSyncDp68=1675305619; cSyncDp71=1675305619; cSyncDp85=1675305619; cSyncDp95v3=1675305619; cSyncDp98v2=1675305619; cSyncDp101=1675305619; cSyncDp104v2=1675305619; cSyncDp107=1675305619; cSyncDp110=1675305619; cSyncDp125v3=1675305619; cSyncDp126=1675305619; cSyncDp127=1675305619; cSyncDp129=1675305619; cSyncDp136v2=1675305619; cSyncDp146=1675305619; cSyncDp148=1675305619; cSyncDp149v2=1675305619; cSyncDp151=1675305619; cSyncDp178=1675305619; cSyncDp186=1675305619; cSyncDp221=1675305619; cSyncDp235=1675305619
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 02:40:20 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=docka1.ru
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=docka1.ru
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=docka1.ru HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 02:40:20 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.globalsign.com/alphasslcasha256g4
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.21.226:0
Hash 2a31c2c1d3f4f5a104e4e54cd12a7e00
e7d3ef1f5735860a6fcc6e75a6eb93b44ed04251
df234ef8beefa48df6eee75094b116507522145da065c7858953fc42e45c54e1
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:28:27 GMT
ETag: "e7d3ef1f5735860a6fcc6e75a6eb93b44ed04251"
Last-Modified: Thu, 02 Feb 2023 00:28:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 374
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f8fbf1a89b51e-OSL
nr.bidderstack.com/sape/cm?user_id=0100007F9322DB635D03171E0213251D
23.88.12.14200 OK 44 B URL HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=0100007F9322DB635D03171E0213251D
IP 23.88.12.14:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
GET /sape/cm?user_id=0100007F9322DB635D03171E0213251D HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8b1a317ae862d4c08b3c555cffcbf29
9d3bd7bdc9705fc54310fc4388636ce9720540b6
70cf4f755cfa9270020afe93954ef4d6a10b26aaa78ca1cdf7df1ad0ebf1691a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70CF4F755CFA9270020AFE93954EF4D6A10B26AAA78CA1CDF7DF1AD0EBF1691A"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=560
Expires: Thu, 02 Feb 2023 02:49:40 GMT
Date: Thu, 02 Feb 2023 02:40:20 GMT
Connection: keep-alive
sync.bumlam.com/?src=sape
31.172.81.158302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRlZjY5OWZiNC1hMmEyLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 28 Jan 2043 02:40:20 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sape&s_data=CAIQARiUxeyeBqIBEO9pn7SiohHthuAAJZDAZHw*
ETag: ef699fb4-a2a2-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
adservice.google.no/adsid/integrator.js?domain=docka1.ru
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=docka1.ru
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=docka1.ru HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 02:40:20 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&s_data=CAIQARiUxeyeBmIgMDEwMDAwN0Y5MzIyREI2MzVEMDMxNzFFMDIxMzI1MUSiARDvXNtOoqIR7aHEACWQyCQ3
31.172.81.158200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARiUxeyeBmIgMDEwMDAwN0Y5MzIyREI2MzVEMDMxNzFFMDIxMzI1MUSiARDvXNtOoqIR7aHEACWQyCQ3
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARiUxeyeBmIgMDEwMDAwN0Y5MzIyREI2MzVEMDMxNzFFMDIxMzI1MUSiARDvXNtOoqIR7aHEACWQyCQ3 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRlZjVjZGI0ZS1hMmEyLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRlZjVjZGI0ZS1hMmEyLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Wed, 28 Jan 2043 02:40:20 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f44095f8ebc7d211f4ee24d88a703128
97263cb2c5d0237c08bee075fb75c8bddefddf2c
1183ec38cb48e7986d42d545c968616fe9f996f73849f1da6c111eb4ccfbb529
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sync.adspend.space/sape?uid=0100007F9322DB635D03171E0213251D
212.76.129.181302 Found 149 B URL HTTP/2 sync.adspend.space/sape?uid=0100007F9322DB635D03171E0213251D
IP 212.76.129.181:0
File type HTML document, ASCII text
Hash 814b1e03addcb6666b6834de418b2a11
3747ece5ca2b6efcdd45284bf94ec075ab487b12
997737161b3d8c3886241fa7acfaa541131d1a1a434b32772fe64d61e5ffe251
GET /sape?uid=0100007F9322DB635D03171E0213251D HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 02 Feb 2023 02:40:20 GMT
content-type: text/html; charset=utf-8
content-length: 149
location: https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3De7c13086-0ca1-4fc0-bb1f-c55ae48e2ded
set-cookie: as-user=e7c13086-0ca1-4fc0-bb1f-c55ae48e2ded; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sync.programmatica.com/match/RTBSape?id=0100007F9322DB635D03171E0213251D
167.235.117.41302 Found 0 B URL HTTP/2 sync.programmatica.com/match/RTBSape?id=0100007F9322DB635D03171E0213251D
IP 167.235.117.41:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/RTBSape?id=0100007F9322DB635D03171E0213251D HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 02:40:20 GMT
content-length: 0
location: https://sync.programmatica.com/match/RTBSape?id=0100007F9322DB635D03171E0213251D&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sync.bumlam.com/?src=sape&s_data=CAIQARiUxeyeBqIBEO9pn7SiohHthuAAJZDAZHw*
31.172.81.158302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape&s_data=CAIQARiUxeyeBqIBEO9pn7SiohHthuAAJZDAZHw*
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape&s_data=CAIQARiUxeyeBqIBEO9pn7SiohHthuAAJZDAZHw* HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRlZjVjZGI0ZS1hMmEyLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sape&s_data=CAIQAhiUxeyeBqIBEO9c206iohHtocQAJZDIJDc*
ETag: ef5cdb4e-a2a2-11ed-a1c4-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
cs.agency2.ru/p?ssp=sp&uid=0100007F9322DB635D03171E0213251D
23.111.107.44301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=0100007F9322DB635D03171E0213251D
IP 23.111.107.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=0100007F9322DB635D03171E0213251D HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=1b23fc0c-eb60-4728-a2f6-56cbd49f90d2
Set-Cookie: uuid=1b23fc0c-eb60-4728-a2f6-56cbd49f90d2; expires=Wed, 24 Jan 2024 02:40:20 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
sync.bumlam.com/?src=sape&s_data=CAIQAhiUxeyeBqIBEO9c206iohHtocQAJZDIJDc*
31.172.81.158302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape&s_data=CAIQAhiUxeyeBqIBEO9c206iohHtocQAJZDIJDc*
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape&s_data=CAIQAhiUxeyeBqIBEO9c206iohHtocQAJZDIJDc* HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRlZjVjZGI0ZS1hMmEyLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRlZjVjZGI0ZS1hMmEyLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Wed, 28 Jan 2043 02:40:20 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=ef5cdb4e-a2a2-11ed-a1c4-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
sync.programmatica.com/match/RTBSape?id=0100007F9322DB635D03171E0213251D&chk=1
167.235.117.41200 OK 43 B URL HTTP/2 sync.programmatica.com/match/RTBSape?id=0100007F9322DB635D03171E0213251D&chk=1
IP 167.235.117.41:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/RTBSape?id=0100007F9322DB635D03171E0213251D&chk=1 HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:40:20 GMT
content-type: image/gif
content-length: 43
set-cookie: pid=NjVlZWQwMzU1Y2VlMjlmOQ; expires=Fri, 02 Aug 2024 02:40:20 GMT; domain=.programmatica.com; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3De7c13086-0ca1-4fc0-bb1f-c55ae48e2ded
212.76.129.181302 Found 102 B URL HTTP/2 sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3De7c13086-0ca1-4fc0-bb1f-c55ae48e2ded
IP 212.76.129.181:0
File type HTML document, ASCII text
Hash 9384f17684e873e2d8cdb2149454d563
60882286e3703ad92dc8de864d7cdaf354638cd9
df657a8f5f764cd89d901f7dc39f499d96e07bcd49b3e1c6795c579c32c6e344
GET /check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3De7c13086-0ca1-4fc0-bb1f-c55ae48e2ded HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: as-user=e7c13086-0ca1-4fc0-bb1f-c55ae48e2ded
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 02 Feb 2023 02:40:20 GMT
content-type: text/html; charset=utf-8
content-length: 102
location: https://www.acint.net/match?dp=98&euid=e7c13086-0ca1-4fc0-bb1f-c55ae48e2ded
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
www.acint.net/match?dp=186&euid=1b23fc0c-eb60-4728-a2f6-56cbd49f90d2
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=1b23fc0c-eb60-4728-a2f6-56cbd49f90d2
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=1b23fc0c-eb60-4728-a2f6-56cbd49f90d2 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPbIpMeFwNdHSUcAoBB789g4JJAgOiRHpme2155792K; cSyncDp7v2=1675305619; cSyncDp14v3=1675305619; cSyncDp17=1675305619; cSyncDp32=1675305619; cSyncDp45v3=1675305619; cSyncDp53v2=1675305619; cSyncDp62=1675305619; cSyncDp67v2=1675305619; cSyncDp68=1675305619; cSyncDp71=1675305619; cSyncDp85=1675305619; cSyncDp95v3=1675305619; cSyncDp98v2=1675305619; cSyncDp101=1675305619; cSyncDp104v2=1675305619; cSyncDp107=1675305619; cSyncDp110=1675305619; cSyncDp125v3=1675305619; cSyncDp126=1675305619; cSyncDp127=1675305619; cSyncDp129=1675305619; cSyncDp136v2=1675305619; cSyncDp146=1675305619; cSyncDp148=1675305619; cSyncDp149v2=1675305619; cSyncDp151=1675305619; cSyncDp178=1675305619; cSyncDp186=1675305619; cSyncDp221=1675305619; cSyncDp235=1675305619
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 02:40:20 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/sync_ok?guid=ef5cdb4e-a2a2-11ed-a1c4-002590c82437
31.172.81.159302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/sync_ok?guid=ef5cdb4e-a2a2-11ed-a1c4-002590c82437
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/sync_ok?guid=ef5cdb4e-a2a2-11ed-a1c4-002590c82437 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRlZjVjZGI0ZS1hMmEyLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://ef5cdb4e-a2a2-11ed-a1c4-002590c82437.n2.sync.bumlam.com/?src=sape
www.acint.net/match?dp=98&euid=e7c13086-0ca1-4fc0-bb1f-c55ae48e2ded
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=98&euid=e7c13086-0ca1-4fc0-bb1f-c55ae48e2ded
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=98&euid=e7c13086-0ca1-4fc0-bb1f-c55ae48e2ded HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPbIpMeFwNdHSUcAoBB789g4JJAgOiRHpme2155792K; cSyncDp7v2=1675305619; cSyncDp14v3=1675305619; cSyncDp17=1675305619; cSyncDp32=1675305619; cSyncDp45v3=1675305619; cSyncDp53v2=1675305619; cSyncDp62=1675305619; cSyncDp67v2=1675305619; cSyncDp68=1675305619; cSyncDp71=1675305619; cSyncDp85=1675305619; cSyncDp95v3=1675305619; cSyncDp98v2=1675305619; cSyncDp101=1675305619; cSyncDp104v2=1675305619; cSyncDp107=1675305619; cSyncDp110=1675305619; cSyncDp125v3=1675305619; cSyncDp126=1675305619; cSyncDp127=1675305619; cSyncDp129=1675305619; cSyncDp136v2=1675305619; cSyncDp146=1675305619; cSyncDp148=1675305619; cSyncDp149v2=1675305619; cSyncDp151=1675305619; cSyncDp178=1675305619; cSyncDp186=1675305619; cSyncDp221=1675305619; cSyncDp235=1675305619
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 02:40:20 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1087108116253707&output=html&h=90&slotname=3140131371&adk=3886122598&adf=1290376886&pi=t.ma~as.3140131371&w=728&lmt=1675305644&url=http%3A%2F%2Fdocka1.ru%2Favia_perevozki&wgl=1&dt=1675305643641&bpp=31&bdt=364&idt=694&shv=r20230131&mjsv=m202301250301&ptt=5&saldr=sa&abxe=1&cookie=ID%3Da570aea0efe135c8-2212152acfda005e%3AT%3D1675305620%3ART%3D1675305620%3AS%3DALNI_MahGfA3wJjZx8qypjQU9nT5LVpaYA&gpic=UID%3D0000099c36f6efd2%3AT%3D1675305620%3ART%3D1675305620%3AS%3DALNI_MYDfFiZvFtDyp9viN9UaWEpNxej4g&correlator=634567352839&frm=20&pv=2&ga_vid=913324614.1675305645&ga_sid=1675305645&ga_hid=1498989014&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=456&ady=44&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31071756%2C31071928&oid=2&pvsid=1249276740053014&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7Cd%7CEe%7C&abl=NS&pfx=0&fu=1024&bc=23&ifi=1&uci=a!1&fsb=1&xpc=u8dfDzvtGh&p=http%3A//docka1.ru&dtd=937
142.250.74.162200 OK 206 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1087108116253707&output=html&h=90&slotname=3140131371&adk=3886122598&adf=1290376886&pi=t.ma~as.3140131371&w=728&lmt=1675305644&url=http%3A%2F%2Fdocka1.ru%2Favia_perevozki&wgl=1&dt=1675305643641&bpp=31&bdt=364&idt=694&shv=r20230131&mjsv=m202301250301&ptt=5&saldr=sa&abxe=1&cookie=ID%3Da570aea0efe135c8-2212152acfda005e%3AT%3D1675305620%3ART%3D1675305620%3AS%3DALNI_MahGfA3wJjZx8qypjQU9nT5LVpaYA&gpic=UID%3D0000099c36f6efd2%3AT%3D1675305620%3ART%3D1675305620%3AS%3DALNI_MYDfFiZvFtDyp9viN9UaWEpNxej4g&correlator=634567352839&frm=20&pv=2&ga_vid=913324614.1675305645&ga_sid=1675305645&ga_hid=1498989014&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=456&ady=44&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31071756%2C31071928&oid=2&pvsid=1249276740053014&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7Cd%7CEe%7C&abl=NS&pfx=0&fu=1024&bc=23&ifi=1&uci=a!1&fsb=1&xpc=u8dfDzvtGh&p=http%3A//docka1.ru&dtd=937
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (430), with no line terminators
Hash c815695e01d4f8176785013cc1ee08c5
2e3d9d4fda763c7610a5d78cecb12e507a22b1af
cb6783cb50bd18c2f0847e8ac3c5718c9a880995a56fb5a849a3bfd7737a374b
GET /pagead/ads?client=ca-pub-1087108116253707&output=html&h=90&slotname=3140131371&adk=3886122598&adf=1290376886&pi=t.ma~as.3140131371&w=728&lmt=1675305644&url=http%3A%2F%2Fdocka1.ru%2Favia_perevozki&wgl=1&dt=1675305643641&bpp=31&bdt=364&idt=694&shv=r20230131&mjsv=m202301250301&ptt=5&saldr=sa&abxe=1&cookie=ID%3Da570aea0efe135c8-2212152acfda005e%3AT%3D1675305620%3ART%3D1675305620%3AS%3DALNI_MahGfA3wJjZx8qypjQU9nT5LVpaYA&gpic=UID%3D0000099c36f6efd2%3AT%3D1675305620%3ART%3D1675305620%3AS%3DALNI_MYDfFiZvFtDyp9viN9UaWEpNxej4g&correlator=634567352839&frm=20&pv=2&ga_vid=913324614.1675305645&ga_sid=1675305645&ga_hid=1498989014&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=456&ady=44&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31071756%2C31071928&oid=2&pvsid=1249276740053014&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7Cd%7CEe%7C&abl=NS&pfx=0&fu=1024&bc=23&ifi=1&uci=a!1&fsb=1&xpc=u8dfDzvtGh&p=http%3A//docka1.ru&dtd=937 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 02 Feb 2023 02:40:20 GMT
server: cafe
content-length: 206
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 02:55:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Feb 2023 02:40:20 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1087108116253707&output=html&h=600&slotname=2458919559&adk=3351374675&adf=4094718428&pi=t.ma~as.2458919559&w=160&lmt=1675305644&url=http%3A%2F%2Fdocka1.ru%2Favia_perevozki&wgl=1&dt=1675305643641&bpp=7&bdt=363&idt=720&shv=r20230131&mjsv=m202301250301&ptt=5&saldr=sa&abxe=1&cookie=ID%3Da570aea0efe135c8-2212152acfda005e%3AT%3D1675305620%3ART%3D1675305620%3AS%3DALNI_MahGfA3wJjZx8qypjQU9nT5LVpaYA&gpic=UID%3D0000099c36f6efd2%3AT%3D1675305620%3ART%3D1675305620%3AS%3DALNI_MYDfFiZvFtDyp9viN9UaWEpNxej4g&prev_slotnames=3140131371&correlator=634567352839&frm=20&pv=1&ga_vid=913324614.1675305645&ga_sid=1675305645&ga_hid=1498989014&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=12&ady=638&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31071756%2C31071928&oid=2&pvsid=1249276740053014&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=EQELrf2zHa&p=http%3A//docka1.ru&dtd=946
142.250.74.162200 OK 205 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1087108116253707&output=html&h=600&slotname=2458919559&adk=3351374675&adf=4094718428&pi=t.ma~as.2458919559&w=160&lmt=1675305644&url=http%3A%2F%2Fdocka1.ru%2Favia_perevozki&wgl=1&dt=1675305643641&bpp=7&bdt=363&idt=720&shv=r20230131&mjsv=m202301250301&ptt=5&saldr=sa&abxe=1&cookie=ID%3Da570aea0efe135c8-2212152acfda005e%3AT%3D1675305620%3ART%3D1675305620%3AS%3DALNI_MahGfA3wJjZx8qypjQU9nT5LVpaYA&gpic=UID%3D0000099c36f6efd2%3AT%3D1675305620%3ART%3D1675305620%3AS%3DALNI_MYDfFiZvFtDyp9viN9UaWEpNxej4g&prev_slotnames=3140131371&correlator=634567352839&frm=20&pv=1&ga_vid=913324614.1675305645&ga_sid=1675305645&ga_hid=1498989014&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=12&ady=638&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31071756%2C31071928&oid=2&pvsid=1249276740053014&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=EQELrf2zHa&p=http%3A//docka1.ru&dtd=946
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (430), with no line terminators
Hash 4e2218e54ff7cd5fe49647c59c4a3ec5
0fb728e01dc6234e6c82ffd3b60a22b1e23f007c
9dabd00d066bb96b05b48cbb921e45525c086ab6ea544e79b710865e4a8e0f02
GET /pagead/ads?client=ca-pub-1087108116253707&output=html&h=600&slotname=2458919559&adk=3351374675&adf=4094718428&pi=t.ma~as.2458919559&w=160&lmt=1675305644&url=http%3A%2F%2Fdocka1.ru%2Favia_perevozki&wgl=1&dt=1675305643641&bpp=7&bdt=363&idt=720&shv=r20230131&mjsv=m202301250301&ptt=5&saldr=sa&abxe=1&cookie=ID%3Da570aea0efe135c8-2212152acfda005e%3AT%3D1675305620%3ART%3D1675305620%3AS%3DALNI_MahGfA3wJjZx8qypjQU9nT5LVpaYA&gpic=UID%3D0000099c36f6efd2%3AT%3D1675305620%3ART%3D1675305620%3AS%3DALNI_MYDfFiZvFtDyp9viN9UaWEpNxej4g&prev_slotnames=3140131371&correlator=634567352839&frm=20&pv=1&ga_vid=913324614.1675305645&ga_sid=1675305645&ga_hid=1498989014&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=12&ady=638&biw=1268&bih=927&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31071756%2C31071928&oid=2&pvsid=1249276740053014&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=23&ifi=3&uci=a!3&fsb=1&xpc=EQELrf2zHa&p=http%3A//docka1.ru&dtd=946 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 02 Feb 2023 02:40:20 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 02:55:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Feb 2023 02:40:20 GMT
cache-control: private
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c26c9d885fe65989ba4f45bfa689c80d
02ebe3e544d04cc2c645b7f2c1f3bf82cf30533b
031f14f6f03d79abbce3ea6477942637731b1bd284baac7430607804fa25e18d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "031F14F6F03D79ABBCE3EA6477942637731B1BD284BAAC7430607804FA25E18D"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1871
Expires: Thu, 02 Feb 2023 03:11:31 GMT
Date: Thu, 02 Feb 2023 02:40:20 GMT
Connection: keep-alive
ef5cdb4e-a2a2-11ed-a1c4-002590c82437.n2.sync.bumlam.com/?src=sape
188.120.241.47302 Found 0 B URL HTTP/2 ef5cdb4e-a2a2-11ed-a1c4-002590c82437.n2.sync.bumlam.com/?src=sape
IP 188.120.241.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: ef5cdb4e-a2a2-11ed-a1c4-002590c82437.n2.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRlZjVjZGI0ZS1hMmEyLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.1
date: Thu, 02 Feb 2023 02:40:20 GMT
content-length: 0
location: https://pix.bumlam.com/sync/sape/done
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/done
31.172.81.159200 OK 43 B URL HTTP/1.1 pix.bumlam.com/sync/sape/done
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRlZjVjZGI0ZS1hMmEyLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
www.acint.net/mc/?dp=10&tc=1
157.90.179.28200 OK 1.8 kB URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
Hash 274d322a01427adfdc5bef97fef5b91f
08fd8a61d783583768a94c7a8d89573c89f57115
f414601bdf56127ada0949b79f585e386deda62ccd0e0028d805e8cf8dd705d7
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://docka1.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPbIpMeFwNdHSUTAkqDpeEebCALi5KdT1AFZss1qNDC
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 02:40:19 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1675305619; expires=Fri, 03-Feb-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53v2=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp98v2=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1675305619; expires=Thu, 16-Feb-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v3=1675305619; expires=Fri, 17-Feb-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp235=1675305619; expires=Sat, 04-Mar-23 02:40:19 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
dmp.gotechnology.io/match/sape?id=0100007F9322DB635D03171E0213251D
142.132.209.136302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=0100007F9322DB635D03171E0213251D
IP 142.132.209.136:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0100007F9322DB635D03171E0213251D HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 02:40:20 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=0100007F9322DB635D03171E0213251D&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
dmp.gotechnology.io/match/sape?id=0100007F9322DB635D03171E0213251D&chk=1
142.132.209.136302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=0100007F9322DB635D03171E0213251D&chk=1
IP 142.132.209.136:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0100007F9322DB635D03171E0213251D&chk=1 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 02:40:20 GMT
content-length: 0
location: https://an.yandex.ru/mapuid/gonetdspis/OTdjNjY2MjA2MGZjYjc2
set-cookie: pid=OTdjNjY2MjA2MGZjYjc2; expires=Fri, 02 Feb 2024 02:40:20 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash b488de3db028e351911981452a9c3ef3
a30257532f2866e11125e9a616d824e6542eb3de
3fa0da5b42be0436a2e15e3e17509ad792122ead12c5403c86c7e35d5cf1cd0c
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:08:28 GMT
ETag: "a30257532f2866e11125e9a616d824e6542eb3de"
Last-Modified: Thu, 02 Feb 2023 00:08:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3487
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f8fc2bc24b51e-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash b488de3db028e351911981452a9c3ef3
a30257532f2866e11125e9a616d824e6542eb3de
3fa0da5b42be0436a2e15e3e17509ad792122ead12c5403c86c7e35d5cf1cd0c
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:08:28 GMT
ETag: "a30257532f2866e11125e9a616d824e6542eb3de"
Last-Modified: Thu, 02 Feb 2023 00:08:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3487
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f8fc2dc33b51e-OSL
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
195.209.108.47302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP 195.209.108.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-6154775065; expires=Sat, 01 Feb 2025 02:40:20 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6154775065
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F9322DB635D03171E0213251D
81.222.128.215200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F9322DB635D03171E0213251D
IP 81.222.128.215:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F9322DB635D03171E0213251D HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash cf2252953577bb7f4f942e53d2c7148a
71e900734f6d3c7844da467e5daf4431096cf507
5a6684643b0f05b3b000ae0172dddeeb260eab8e76e41c349eb08993fe0ed289
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Sun, 05 Feb 2023 22:33:40 GMT
ETag: "71e900734f6d3c7844da467e5daf4431096cf507"
Last-Modified: Wed, 01 Feb 2023 22:33:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1748
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f8fc30c58b51e-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:03:25 GMT
Expires: Wed, 08 Feb 2023 02:03:24 GMT
Etag: "a9569ad568776c896099e2e7b4291dbe7101cb9b"
Cache-Control: max-age=515583,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792f8fc2eeb41bfe-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash cf2252953577bb7f4f942e53d2c7148a
71e900734f6d3c7844da467e5daf4431096cf507
5a6684643b0f05b3b000ae0172dddeeb260eab8e76e41c349eb08993fe0ed289
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Sun, 05 Feb 2023 22:33:40 GMT
ETag: "71e900734f6d3c7844da467e5daf4431096cf507"
Last-Modified: Wed, 01 Feb 2023 22:33:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1748
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f8fc32c77b51e-OSL
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6154775065
195.209.108.47302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6154775065
IP 195.209.108.47:0
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6154775065 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Thu, 02 Feb 2023 02:40:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Sat, 01 Feb 2025 02:40:20 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
ocsp.globalsign.com/alphasslcasha256g4
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.21.226:0
Hash fbb99fdac760c507fd12e08c5a1be1e0
1612710df67abbae72988bbac691cecc0f1fb700
6f293ae885d9844835f977edc264c86c0392798b367d6417fe3503846a9df0ef
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:00:09 GMT
ETag: "1612710df67abbae72988bbac691cecc0f1fb700"
Last-Modified: Thu, 02 Feb 2023 00:00:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1705
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f8fc35c8db51e-OSL
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F9322DB635D03171E0213251D
188.42.34.64302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F9322DB635D03171E0213251D
IP 188.42.34.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=0100007F9322DB635D03171E0213251D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=0100007F9322DB635D03171E0213251D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 02:40:21 GMT; Path=/; Domain=.betweendigital.com
tuuid=4257b144-9710-5221-9332-cfe8f0e9ed7d; Max-Age=31536000; Expires=Fri, 02 Feb 2024 02:40:21 GMT; Path=/; Domain=.betweendigital.com
ut=Y9silQAAMsjS0SwedbbBdMXAPxUCsQnbhHJ12A==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 02:40:21 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9bfb439fb08a32861d09348061be89b1
7c8e9f24fa24ae6a5860bf9b7cc96377089f727b
418cb2a96b67658132868ef799dbe9b55ebe9ca82d9a18d1a06c6868ef8cc54e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "418CB2A96B67658132868EF799DBE9B55EBE9CA82D9A18D1A06C6868EF8CC54E"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8005
Expires: Thu, 02 Feb 2023 04:53:46 GMT
Date: Thu, 02 Feb 2023 02:40:21 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 47104af366e237afec3af30f37af7dba
b24492f724ba1d4395df66bc2e0de1bdabc4264d
59c7255b4bd417487377052a2b4ec75029319525bad73a5ef43dce28d79efbbb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 14:18:45 GMT
Expires: Tue, 07 Feb 2023 14:18:44 GMT
Etag: "b24492f724ba1d4395df66bc2e0de1bdabc4264d"
Cache-Control: max-age=473302,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792f8fc34ed61bfe-OSL
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash c60ca4b761622aee6dac8fcd5a7b47bb
bf27b8a42a03073eb548b79b3adfc1c4a09921ba
55e4d169563b096866bbab23531097fd09fa620a64f56261165cf190aa90aaa7
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 04:18:19 GMT
Expires: Mon, 06 Feb 2023 04:18:18 GMT
Etag: "bf27b8a42a03073eb548b79b3adfc1c4a09921ba"
Cache-Control: max-age=604094,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 560
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f8fc37e691c02-OSL
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
77.245.57.72400 Bad Request 22 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
File type ASCII text, with no line terminators
Hash b0b11e1c78b526b61477f8e9ee540be0
d5e73002987ff54626542b116d98a8f4aa9ee2eb
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 02 Feb 2023 02:40:21 GMT
Content-Length: 22
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 6ec308fb0c90794d7bd43e75bf68e403
2e659f583febcab7a67d9bc0b62b209a203c7166
fe8149939433f42202734475d69113ddab8fafa0ebfe0477bdd4f532f16c168f
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 06 Feb 2023 01:05:30 GMT
ETag: "2e659f583febcab7a67d9bc0b62b209a203c7166"
Last-Modified: Thu, 02 Feb 2023 01:05:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2885
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f8fc39cacb51e-OSL
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
157.90.179.28302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPbIpMeFwNdHSUcAoBB789g4JJAgOiRHpme2155792K; cSyncDp7v2=1675305619; cSyncDp14v3=1675305619; cSyncDp17=1675305619; cSyncDp32=1675305619; cSyncDp45v3=1675305619; cSyncDp53v2=1675305619; cSyncDp62=1675305619; cSyncDp67v2=1675305619; cSyncDp68=1675305619; cSyncDp71=1675305619; cSyncDp85=1675305619; cSyncDp95v3=1675305619; cSyncDp98v2=1675305619; cSyncDp101=1675305619; cSyncDp104v2=1675305619; cSyncDp107=1675305619; cSyncDp110=1675305619; cSyncDp125v3=1675305619; cSyncDp126=1675305619; cSyncDp127=1675305619; cSyncDp129=1675305619; cSyncDp136v2=1675305619; cSyncDp146=1675305619; cSyncDp148=1675305619; cSyncDp149v2=1675305619; cSyncDp151=1675305619; cSyncDp178=1675305619; cSyncDp186=1675305619; cSyncDp221=1675305619; cSyncDp235=1675305619
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 02 Feb 2023 02:40:21 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F9322DB635D03171E021C251D
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 9a973a342ebd65d4c7f5fe9e81c67e20
9fe4e4fdbeb1d1eb129159671396faf467364e7f
508ae12bc0a1e598c9f4d10b188dbeec1eaa4a2f5ddbaae7fed3666780edf004
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:50:52 GMT
ETag: "9fe4e4fdbeb1d1eb129159671396faf467364e7f"
Last-Modified: Thu, 02 Feb 2023 00:50:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3181
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f8fc3acb5b51e-OSL
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F9322DB635D03171E0213251D&crf=1
188.42.34.64200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F9322DB635D03171E0213251D&crf=1
IP 188.42.34.64:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=0100007F9322DB635D03171E0213251D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 02:40:21 GMT; Path=/; Domain=.betweendigital.com
tuuid=2af9a6b6-03ea-5221-8ac9-a2e4e9128071; Max-Age=31536000; Expires=Fri, 02 Feb 2024 02:40:21 GMT; Path=/; Domain=.betweendigital.com
ut=Y9silQAAxzgj0F3vGVRuXSVUrx1g65AZYDVTuw==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 02:40:21 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 2abeed3d85c842b6b3f10f664c14eaa8
4385741662f537c9c21507aeb2f855460ac1a7cb
0fdfd68fb0aca7c4ff8e45dd2ea18f46ab77374124c0f6ea810f0df2a2bd51a8
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:21 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:10:00 GMT
ETag: "4385741662f537c9c21507aeb2f855460ac1a7cb"
Last-Modified: Thu, 02 Feb 2023 00:10:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 656
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f8fc3bcbdb51e-OSL
x01.aidata.io/0.gif?pid=9401454&id=0100007F9322DB635D03171E0213251D
89.108.120.68302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=0100007F9322DB635D03171E0213251D
IP 89.108.120.68:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=0100007F9322DB635D03171E0213251D HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 02:40:20 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=0100007F9322DB635D03171E0213251D&bounce=1
expires: Thu, 02 Feb 2023 02:40:19 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Thu, 02 Feb 2023 02:40:19 GMT
set-cookie: __upin=cCQyOuBA0F0A93qrboBaBg;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675305621;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
tag.digitaltarget.ru/adcm.js
185.15.175.134200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP 185.15.175.134:0
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:40:21 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Thu, 02 Feb 2023 02:34:11 GMT
Connection: keep-alive
ETag: "63db2123-beb"
Accept-Ranges: bytes
sape-sync.rutarget.ru/sync
188.72.107.156302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP 188.72.107.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 02:40:21 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=M85yij69wIuT
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=M85yij69wIuT; Path=/; Domain=.rutarget.ru; Expires=Tue, 01 Aug 2023 02:40:21 GMT; SameSite=None; Secure
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F9322DB635D03171E021C251D
81.222.128.215200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F9322DB635D03171E021C251D
IP 81.222.128.215:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F9322DB635D03171E021C251D HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:40:21 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
sm.rtb.mts.ru/p?ssp=sape&id=0100007F9322DB635D03171E0213251D
217.66.147.41301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=0100007F9322DB635D03171E0213251D
IP 217.66.147.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=0100007F9322DB635D03171E0213251D HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 02:40:21 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F9322DB635D03171E0213251D
Set-Cookie: dspid=b0d7509e-a2d7-4d45-9e5d-819d25fbb941; expires=Wed, 24 Jan 2024 02:40:21 GMT; domain=.mts.ru; path=/; secure; SameSite=None
www.acint.net/match?dp=104&euid=M85yij69wIuT
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=M85yij69wIuT
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=M85yij69wIuT HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPbIpMeFwNdHSUcAoBB789g4JJAgOiRHpme2155792K; cSyncDp7v2=1675305619; cSyncDp14v3=1675305619; cSyncDp17=1675305619; cSyncDp32=1675305619; cSyncDp45v3=1675305619; cSyncDp53v2=1675305619; cSyncDp62=1675305619; cSyncDp67v2=1675305619; cSyncDp68=1675305619; cSyncDp71=1675305619; cSyncDp85=1675305619; cSyncDp95v3=1675305619; cSyncDp98v2=1675305619; cSyncDp101=1675305619; cSyncDp104v2=1675305619; cSyncDp107=1675305619; cSyncDp110=1675305619; cSyncDp125v3=1675305619; cSyncDp126=1675305619; cSyncDp127=1675305619; cSyncDp129=1675305619; cSyncDp136v2=1675305619; cSyncDp146=1675305619; cSyncDp148=1675305619; cSyncDp149v2=1675305619; cSyncDp151=1675305619; cSyncDp178=1675305619; cSyncDp186=1675305619; cSyncDp221=1675305619; cSyncDp235=1675305619
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 02:40:21 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ad.mail.ru/cm.gif?p=48&id=0100007F9322DB635D03171E0213251D
95.163.41.56200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=0100007F9322DB635D03171E0213251D
IP 95.163.41.56:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=0100007F9322DB635D03171E0213251D HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:40:21 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=0RviYN0ZrboF002Ftz3q8P2F:::0-0-0-8f57b55:CAASEAyJAyUsjMuKr-wKQ0BYHpUaYPtD0xiJQEKY9hslrFdZ-7kEbvrZOD9aNc8bGLoR7Cw-rxhoEham2WUxVPTkYoLkvSGVazanKOjx76j_xTpPE1TVJ_BEPNxqaddOdMjdkcZWs76MHljppOnKsRMq2QJK9Q; path=/; expires=Sat, 03-Feb-24 02:40:21 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Thu, 02 Feb 2023 08:40:21 GMT
cache-control: max-age=21600
last-modified: Thu, 02 Feb 2023 02:40:21 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:40:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:03:25 GMT
Expires: Wed, 08 Feb 2023 02:03:24 GMT
Etag: "a9569ad568776c896099e2e7b4291dbe7101cb9b"
Cache-Control: max-age=515582,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792f8fc2f8f20b55-OSL
x01.aidata.io/0.gif?pid=9401454&id=0100007F9322DB635D03171E0213251D&bounce=1
89.108.120.68204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=0100007F9322DB635D03171E0213251D&bounce=1
IP 89.108.120.68:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=0100007F9322DB635D03171E0213251D&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 02 Feb 2023 02:40:21 GMT
expires: Thu, 02 Feb 2023 02:40:20 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Thu, 02 Feb 2023 02:40:20 GMT
set-cookie: __upin=WyDtJ4hHL1u3AESlDRfILg;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675305621;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=0100007F9322DB635D03171E0213251D
193.232.148.143302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0100007F9322DB635D03171E0213251D
IP 193.232.148.143:0
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=0100007F9322DB635D03171E0213251D HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 02:40:21 GMT
content-length: 0
x-backend-id: f4-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=u68cDLBME5w4.AikABlGGD_8Wlg;Path=/;Domain=.adhigh.net;Expires=Fri, 02-Feb-2024 02:40:21 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=0100007F9322DB635D03171E0213251D&bounced=1
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
188.42.34.64302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP 188.42.34.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 02:40:21 GMT; Path=/; Domain=.betweendigital.com
tuuid=cdc077e8-f9f4-5221-8aa4-b765e97f95f0; Max-Age=31536000; Expires=Fri, 02 Feb 2024 02:40:21 GMT; Path=/; Domain=.betweendigital.com
ut=Y9silQACkEBKb5P3intARb4AZ7oLyBz-iO3maQ==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 02:40:21 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/0100007F9322DB635D03171E0213251D?redir-setuniq=1
77.88.21.90200 OK 50 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/0100007F9322DB635D03171E0213251D?redir-setuniq=1
IP 77.88.21.90:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bef53a5c76b7ad469692178eeaeb08d8
aaae1c11fa0b5a086770957c8857d3937ed653e9
be24bb564cc16e1fe9113f63db905a1b7a3a653c6642f0c27d5e823729a99ee3
GET /mapuid/sapeis/0100007F9322DB635D03171E0213251D?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Thu, 02 Feb 2023 02:40:21 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 02:40:21 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 02 Feb 2023 02:40:21 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
188.42.34.64200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.34.64:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 02:40:21 GMT; Path=/; Domain=.betweendigital.com
tuuid=b7c53646-b6c8-5221-8e10-8a64edcba8f1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 02:40:21 GMT; Path=/; Domain=.betweendigital.com
ut=Y9silQADIMiIVVAxmaeaGwfsnYg4NVQD5S3crg==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 02:40:21 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=0100007F9322DB635D03171E0213251D&bounced=1
193.232.148.143200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0100007F9322DB635D03171E0213251D&bounced=1
IP 193.232.148.143:0
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=0100007F9322DB635D03171E0213251D&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:40:21 GMT
content-type: image/gif
content-length: 49
x-backend-id: f4-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
tag.digitaltarget.ru/processor.js?i=350368396651594
185.15.175.134200 OK 16 kB URL HTTP/1.1 tag.digitaltarget.ru/processor.js?i=350368396651594
IP 185.15.175.134:0
File type ASCII text, with very long lines (15892), with no line terminators
Hash 736e2fb1da94f3277e3f931048c1b9f3
196387db95a17da825b629de3542eff901b09905
4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc
GET /processor.js?i=350368396651594 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:40:21 GMT
Content-Type: application/javascript
Content-Length: 15892
Last-Modified: Thu, 02 Feb 2023 02:34:12 GMT
Connection: keep-alive
ETag: "63db2124-3e14"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2529
Expires: Thu, 02 Feb 2023 03:22:30 GMT
Date: Thu, 02 Feb 2023 02:40:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2529
Expires: Thu, 02 Feb 2023 03:22:30 GMT
Date: Thu, 02 Feb 2023 02:40:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2529
Expires: Thu, 02 Feb 2023 03:22:30 GMT
Date: Thu, 02 Feb 2023 02:40:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df4a4906103a8f409c066b1cded71384
22847e3926db3e3d5f6b529297a4abe8b377c3a6
84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 15523
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23ac16a6-b0c6-4c81-9bd1-78ee332bf49a.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23ac16a6-b0c6-4c81-9bd1-78ee332bf49a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ceb09fa3caa0fcda4a6314141e2d019
d08f43956f6859e4c2385231bb5506262257445f
a2100701c69f86920b14714b19ec14db9ebfd91000f0ec2397b8f27d981bc1ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23ac16a6-b0c6-4c81-9bd1-78ee332bf49a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14593
x-amzn-requestid: 796fc590-5a08-4765-b861-e5f707e4d7f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdLoFHQoAMFaAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbe3-3f93635c337e77e453bba394;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gYo5IyA5mM2B5nw6O2QkkZ6-go2CzG8Nwb_pWSixGplAl7LsbmWUiQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:55:43 GMT
age: 17078
etag: "d08f43956f6859e4c2385231bb5506262257445f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ybz4mmNUwsKOkpz6GFm4nLz7iGX5gJ--EiUjqrs8G92GBLn6qaF7IQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:51 GMT
age: 16950
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 91987222-d376-4099-a4e9-5f877b5212be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzO2FSDIAMFktg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce325e-281a7e062ee3039d42ae8f83;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SEH32iK4aCkxhxQyu3fSlW8uVM1Oj5hwnl2U09k_THEOdAqdEeVMJw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:03:43 GMT
age: 16598
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6790e3bf4d10b1ffba32a22dc588c640
cdae35517dfea800134393a1095f44462bc428a5
4f4132588ee7337fff24da64b89e43b277c4ef0a2646acfba37aea08fc0f4256
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9416
x-amzn-requestid: acc48967-4cc1-4bfd-bc33-7bcefd8e6547
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGjqIAMFa2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-1d1cd4de0a30760e792d32e5;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: byLFLKpRZa_blxNi2wh_ft4Ule-zNiZtSih_Quv-9BgKS87Y-wJlTA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:40 GMT
age: 16781
etag: "cdae35517dfea800134393a1095f44462bc428a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41c44051cc3b4c69924df66048e7566b
5c6a12595c3f6005fec4baa84b16575951e72178
72dff70bcb417c088aba013a486e1dbabe099b40fb718a283f1ba220b142b848
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: 1b3ef150-9b12-4b8b-94e6-0d6debbd24ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTDFmPoAMF-UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-0fea883b0ce1a1b933dc2be8;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qON7fRZ1XPCkl7ldiGagd0UcPynLKMzysXr8LZSRvS1ily9cN5w_wA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:22:55 GMT
age: 15446
etag: "5c6a12595c3f6005fec4baa84b16575951e72178"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fc797e4e4215c50a42918f78bf25dd9b
3a9d446065eb8b0d530dab59538a290125b4647b
9fe7badd15d6591176c688dafa284fdf9d8f991109e0c3a9e56a17d8c61efd2e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FE7BADD15D6591176C688DAFA284FDF9D8F991109E0C3A9E56A17D8C61EFD2E"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6087
Expires: Thu, 02 Feb 2023 04:21:48 GMT
Date: Thu, 02 Feb 2023 02:40:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fc797e4e4215c50a42918f78bf25dd9b
3a9d446065eb8b0d530dab59538a290125b4647b
9fe7badd15d6591176c688dafa284fdf9d8f991109e0c3a9e56a17d8c61efd2e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FE7BADD15D6591176C688DAFA284FDF9D8F991109E0C3A9E56A17D8C61EFD2E"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6087
Expires: Thu, 02 Feb 2023 04:21:48 GMT
Date: Thu, 02 Feb 2023 02:40:21 GMT
Connection: keep-alive
dmg.digitaltarget.ru/1/1093/i/i?i=804431424323594.627297558662661&a=77&e=0100007F9322DB635D03171E0213251D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0100007F9322DB635D03171E0213251D.sync:up.xdua:dup6FTLZTS75Qy6F6XxiignL.xps:xpsupOiWpITAVs78ncSjbcnYn.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.157307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=804431424323594.627297558662661&a=77&e=0100007F9322DB635D03171E0213251D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0100007F9322DB635D03171E0213251D.sync:up.xdua:dup6FTLZTS75Qy6F6XxiignL.xps:xpsupOiWpITAVs78ncSjbcnYn.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=804431424323594.627297558662661&a=77&e=0100007F9322DB635D03171E0213251D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0100007F9322DB635D03171E0213251D.sync:up.xdua:dup6FTLZTS75Qy6F6XxiignL.xps:xpsupOiWpITAVs78ncSjbcnYn.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 02 Feb 2023 02:40:21 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675305621423&i=804431424323594.627297558662661&a=77&e=0100007F9322DB635D03171E0213251D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0100007F9322DB635D03171E0213251D.sync:up.xdua:dup6FTLZTS75Qy6F6XxiignL.xps:xpsupOiWpITAVs78ncSjbcnYn.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=eX-VcXmLuzXBAJY7cxlV; Max-Age=93312000; Expires=Sat, 17 Jan 2026 02:40:21 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/1/1093/i/i?i=804431424323594.833846467912399&a=77&e=0100007F9322DB635D03171E0213251D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0100007F9322DB635D03171E0213251D.sync:up.xdua:dup6FTLZTS75Qy6F6XxiignL.xps:xpsupOiWpITAVs78ncSjbcnYn.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.157307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=804431424323594.833846467912399&a=77&e=0100007F9322DB635D03171E0213251D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0100007F9322DB635D03171E0213251D.sync:up.xdua:dup6FTLZTS75Qy6F6XxiignL.xps:xpsupOiWpITAVs78ncSjbcnYn.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=804431424323594.833846467912399&a=77&e=0100007F9322DB635D03171E0213251D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0100007F9322DB635D03171E0213251D.sync:up.xdua:dup6FTLZTS75Qy6F6XxiignL.xps:xpsupOiWpITAVs78ncSjbcnYn.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 02 Feb 2023 02:40:21 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675305621429&i=804431424323594.833846467912399&a=77&e=0100007F9322DB635D03171E0213251D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0100007F9322DB635D03171E0213251D.sync:up.xdua:dup6FTLZTS75Qy6F6XxiignL.xps:xpsupOiWpITAVs78ncSjbcnYn.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=3M7QxK9bULpr6Lx7ydsE; Max-Age=93312000; Expires=Sat, 17 Jan 2026 02:40:21 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675305621429&i=804431424323594.833846467912399&a=77&e=0100007F9322DB635D03171E0213251D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0100007F9322DB635D03171E0213251D.sync:up.xdua:dup6FTLZTS75Qy6F6XxiignL.xps:xpsupOiWpITAVs78ncSjbcnYn.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.157200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675305621429&i=804431424323594.833846467912399&a=77&e=0100007F9322DB635D03171E0213251D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0100007F9322DB635D03171E0213251D.sync:up.xdua:dup6FTLZTS75Qy6F6XxiignL.xps:xpsupOiWpITAVs78ncSjbcnYn.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.157:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1675305621429&i=804431424323594.833846467912399&a=77&e=0100007F9322DB635D03171E0213251D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0100007F9322DB635D03171E0213251D.sync:up.xdua:dup6FTLZTS75Qy6F6XxiignL.xps:xpsupOiWpITAVs78ncSjbcnYn.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:40:21 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675305621423&i=804431424323594.627297558662661&a=77&e=0100007F9322DB635D03171E0213251D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0100007F9322DB635D03171E0213251D.sync:up.xdua:dup6FTLZTS75Qy6F6XxiignL.xps:xpsupOiWpITAVs78ncSjbcnYn.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.157200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675305621423&i=804431424323594.627297558662661&a=77&e=0100007F9322DB635D03171E0213251D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0100007F9322DB635D03171E0213251D.sync:up.xdua:dup6FTLZTS75Qy6F6XxiignL.xps:xpsupOiWpITAVs78ncSjbcnYn.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.157:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1675305621423&i=804431424323594.627297558662661&a=77&e=0100007F9322DB635D03171E0213251D&pref=http%3A%2F%2Fdocka1.ru%2F&c=ss:77.up:0100007F9322DB635D03171E0213251D.sync:up.xdua:dup6FTLZTS75Qy6F6XxiignL.xps:xpsupOiWpITAVs78ncSjbcnYn.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:40:21 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 8
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash b204f3abe06417a75a9703b1ed69bb37
f636ae39c412c40c3737e9c3c99a5e2e30a7e861
209edba54e970905fc4efd62b8736ef3f5d5021ccb82ea63e7ebfe0baf3e1896
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:40:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.193200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 02 Feb 2023 02:40:21 GMT
expires: Thu, 02 Feb 2023 02:40:21 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:40:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
216.58.211.4200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 216.58.211.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash d7146f745c75e01dcc26ac9168b301e0
feb4c96bea67b861540123bdd87ef9235029b16d
a509f4c6c3ebfb62a1f6d7761fbdf0bb016c4534d7e8ad4babd4197d8995d4d1
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://docka1.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 02 Feb 2023 02:40:21 GMT
date: Thu, 02 Feb 2023 02:40:21 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-89lxoDBuJZ5B6tv7r8PJXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.acint.net/ping/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=75243691&dT=2023-02-02T02%3A40%3A46.916
157.90.179.28302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/ping/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=75243691&dT=2023-02-02T02%3A40%3A46.916
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ping/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=75243691&dT=2023-02-02T02%3A40%3A46.916 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://docka1.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 02:40:22 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/ping/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=75243691&dT=2023-02-02T02%3A40%3A46.916
www.acint.net/ping/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=75243691&dT=2023-02-02T02%3A40%3A46.916
157.90.179.28200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=75243691&dT=2023-02-02T02%3A40%3A46.916
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.5.0&uid=ed12922a-c4bb-4102-90ea-173cee435146&dp=10&tz=%2B00%3A00&nc=75243691&dT=2023-02-02T02%3A40%3A46.916 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://docka1.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPbIpMeFwNdHSUcAoBB789g4JJAgOiRHpme2155792K; cSyncDp7v2=1675305619; cSyncDp14v3=1675305619; cSyncDp17=1675305619; cSyncDp32=1675305619; cSyncDp45v3=1675305619; cSyncDp53v2=1675305619; cSyncDp62=1675305619; cSyncDp67v2=1675305619; cSyncDp68=1675305619; cSyncDp71=1675305619; cSyncDp85=1675305619; cSyncDp95v3=1675305619; cSyncDp98v2=1675305619; cSyncDp101=1675305619; cSyncDp104v2=1675305619; cSyncDp107=1675305619; cSyncDp110=1675305619; cSyncDp125v3=1675305619; cSyncDp126=1675305619; cSyncDp127=1675305619; cSyncDp129=1675305619; cSyncDp136v2=1675305619; cSyncDp146=1675305619; cSyncDp148=1675305619; cSyncDp149v2=1675305619; cSyncDp151=1675305619; cSyncDp178=1675305619; cSyncDp186=1675305619; cSyncDp221=1675305619; cSyncDp235=1675305619
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 02:40:22 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/0100007F9322DB635D03171E0213251D
77.88.21.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/0100007F9322DB635D03171E0213251D
IP 77.88.21.90:0
GET /mapuid/sapeis/0100007F9322DB635D03171E0213251D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/0100007F9322DB635D03171E0213251D?redir-setuniq=1
date: Thu, 02 Feb 2023 02:40:21 GMT
set-cookie: yandexuid=9587713471675305621; domain=.yandex.ru; path=/; expires=Sun, 30-Jan-2033 02:40:21 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 02:40:21 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 02 Feb 2023 02:40:21 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/OTdjNjY2MjA2MGZjYjc2
77.88.21.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/OTdjNjY2MjA2MGZjYjc2
IP 77.88.21.90:0
GET /mapuid/gonetdspis/OTdjNjY2MjA2MGZjYjc2 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/gonetdspis/OTdjNjY2MjA2MGZjYjc2?redir-setuniq=1
date: Thu, 02 Feb 2023 02:40:21 GMT
set-cookie: yandexuid=3296768111675305621; domain=.yandex.ru; path=/; expires=Sun, 30-Jan-2033 02:40:21 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 02:40:21 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 02 Feb 2023 02:40:21 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
176.122.21.226302 Found 0 B URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP 176.122.21.226:0
ASN #48096 Enterprise Cloud Ltd.
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=7404dece853742b88898484524e59626
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=7404dece853742b88898484524e59626; expires=Thu, 01 Feb 2024 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Thu, 02 Feb 2023 02:40:19 GMT
X-Firefox-Spdy: h2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
65.109.65.188302 Found 0 B URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP 65.109.65.188:0
ASN #24940 Hetzner Online GmbH
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Thu, 02 Feb 2023 02:40:20 GMT
x-request-id: 531a6777-f0bc-4f94-87d7-3c60897c37c7
set-cookie: bvuid=5rmm89o38m; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=5rmm89o38m; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=5rmm89o38m
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/OTdjNjY2MjA2MGZjYjc2?redir-setuniq=1
77.88.21.90200 OK 0 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/OTdjNjY2MjA2MGZjYjc2?redir-setuniq=1
IP 77.88.21.90:0
GET /mapuid/gonetdspis/OTdjNjY2MjA2MGZjYjc2?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Thu, 02 Feb 2023 02:40:21 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 02:40:21 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 02 Feb 2023 02:40:21 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2