84.biqund.com/index/d2?diff=0&utm_source=ogdd&utm_campaign=29857&utm_content=1380&utm_clickid=tkwo48sok084ks84&aurl=https://jifikev.com/7-186pej-e1i-hn1d-bnn?deeplink=https://dagamah.com/9-1iora2-b8r-jn1d-f173?deeplink=https://o.tr1net.com/TEmDgj&subid_1=1380&subid_2=7652&subid_1=1380&subid_2=7652&an=&utm_term=7652&site=&isubs=2
188.114.96.1200 OK 22 kB URL HTTP/1.1 84.biqund.com/index/d2?diff=0&utm_source=ogdd&utm_campaign=29857&utm_content=1380&utm_clickid=tkwo48sok084ks84&aurl=https://jifikev.com/7-186pej-e1i-hn1d-bnn?deeplink=https://dagamah.com/9-1iora2-b8r-jn1d-f173?deeplink=https://o.tr1net.com/TEmDgj&subid_1=1380&subid_2=7652&subid_1=1380&subid_2=7652&an=&utm_term=7652&site=&isubs=2
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12693), with CRLF, LF line terminators
Hash 476e44f0a4a248406b3aca589656b529
19bb203813ed142f2396171ff231edd619674068
104d3b8ca7090731cd0e5be89e6ebf2f664f29d2003160466d467593eb569998
NIDS Severity Alert suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
GET /index/d2?diff=0&utm_source=ogdd&utm_campaign=29857&utm_content=1380&utm_clickid=tkwo48sok084ks84&aurl=https://jifikev.com/7-186pej-e1i-hn1d-bnn?deeplink=https://dagamah.com/9-1iora2-b8r-jn1d-f173?deeplink=https://o.tr1net.com/TEmDgj&subid_1=1380&subid_2=7652&subid_1=1380&subid_2=7652&an=&utm_term=7652&site=&isubs=2 HTTP/1.1
Host: 84.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 12:52:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-transform
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPRiDFAbGEawWlF7CLoOZT9xs31hHaWeT8Ju%2B0accNqdUyYAZiXRhZo2efdV77EK6d5uKF8tJYwb6T%2BpjndJGWIE08iCOKpvpsLxzh30fsOpn%2F6%2B3NfxjIWzwB8q8VkB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79e019be6d5ab517-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 67fc460ed2f69dde3c410ec607ef3510
ba9f582ec321351e5c06c9b2c381f06b685ef274
85df74fac7d59d76840b6359bac24648fede201c0048f2a8382af6468225ffb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF74FAC7D59D76840B6359BAC24648FEDE201C0048F2A8382AF6468225FFB8"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5676
Expires: Thu, 23 Feb 2023 14:27:22 GMT
Date: Thu, 23 Feb 2023 12:52:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6f313739c4c44174fc9a97ac63621b46
319da68d06694330ad9f7901bcde1ca0a6eeac0d
321236ee07769c741890815bc56fd2700ff1974b0534368b9ff2e96320ae4fee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "321236EE07769C741890815BC56FD2700FF1974B0534368B9FF2E96320AE4FEE"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6384
Expires: Thu, 23 Feb 2023 14:39:10 GMT
Date: Thu, 23 Feb 2023 12:52:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7fb59e5d3cdf08b94e5f41fdeb9aec6c
ff644039db3b9f74d7e2fab10f93581bea10614a
861573a00d75364e15783c5e448c4f8b4da48b38d9beba3ebd33a87f993489a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "861573A00D75364E15783C5E448C4F8B4DA48B38D9BEBA3EBD33A87F993489A5"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5283
Expires: Thu, 23 Feb 2023 14:20:49 GMT
Date: Thu, 23 Feb 2023 12:52:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Feb 2023 11:53:56 GMT
content-type: application/json
age: 3530
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: og+L+9mIsHPMUGLfF77hmHWfYksUfuTsOij3FTfqOl6aTpoWR68HWWCM+jZTWuEanfUoxNbTiuSC5P7rTGTyxg==
x-amz-request-id: N8XPQ06Y9RT2BBA8
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Feb 2023 12:49:05 GMT
age: 221
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 12:52:46 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
84.biqund.com/assets/styles/arrow.css?v1
188.114.96.1200 OK 2.1 kB URL HTTP/1.1 84.biqund.com/assets/styles/arrow.css?v1
IP 188.114.96.1:0
Hash 42f2eac8fc2d717d43b63c19404d009d
f160ecec8abed0763a70ab4c412697cb661bb9a7
2c64ecb52bdbe782356e6b4c2763127a375d1114c858011f73455cfd27232efc
GET /assets/styles/arrow.css?v1 HTTP/1.1
Host: 84.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://84.biqund.com/index/d2?diff=0&utm_source=ogdd&utm_campaign=29857&utm_content=1380&utm_clickid=tkwo48sok084ks84&aurl=https://jifikev.com/7-186pej-e1i-hn1d-bnn?deeplink=https://dagamah.com/9-1iora2-b8r-jn1d-f173?deeplink=https://o.tr1net.com/TEmDgj&subid_1=1380&subid_2=7652&subid_1=1380&subid_2=7652&an=&utm_term=7652&site=&isubs=2
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 12:52:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 12:29:48 GMT
ETag: W/"636262bc-1a14"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQo9sRrjPy5fz0ZQHNEKXxQWSTKaTRokhjzN3iuRUi0BRW7ptsLk28OUa8MtUtOamBl9bg4rAlbpNDfsdgslhzpRYL%2FzqScBbPv56kRyRPHcxzE2EVPRZ1uVZGPcALFK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e019c128d6b517-OSL
alt-svc: h2=":443"; ma=60
84.biqund.com/199f8c6.php?utm_source=ogdd&utm_campaign=29857
188.114.96.1200 OK 17 kB URL HTTP/1.1 84.biqund.com/199f8c6.php?utm_source=ogdd&utm_campaign=29857
IP 188.114.96.1:0
File type Unicode text, UTF-8 text, with very long lines (42846), with no line terminators
Hash 671e8353a6488581dd408c2954905b90
113e8c5db5ff113d4eb0c4b7b1f8e516dd5997d0
13125afb040d05352412b5ca59e0da474941a6c5c8616c02301fb1fb5e90eb0b
GET /199f8c6.php?utm_source=ogdd&utm_campaign=29857 HTTP/1.1
Host: 84.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://84.biqund.com/index/d2?diff=0&utm_source=ogdd&utm_campaign=29857&utm_content=1380&utm_clickid=tkwo48sok084ks84&aurl=https://jifikev.com/7-186pej-e1i-hn1d-bnn?deeplink=https://dagamah.com/9-1iora2-b8r-jn1d-f173?deeplink=https://o.tr1net.com/TEmDgj&subid_1=1380&subid_2=7652&subid_1=1380&subid_2=7652&an=&utm_term=7652&site=&isubs=2
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 12:52:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5eYoLeyjAfLgqAJHK5S6M3UESoocUl4yrHMAYfc2RnyPSTjfrsvly7LVYNPfxOLJIWLfKecAKt43ZDIcY20ymGIfh5Nvu5h3G32wjDZwFk0oailYPFTfzA50bz%2FyK0k"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79e019c12c30b51e-OSL
alt-svc: h2=":443"; ma=60
84.biqund.com/download2/img/download-arrow.gif
188.114.96.1404 Not Found 35 B URL HTTP/1.1 84.biqund.com/download2/img/download-arrow.gif
IP 188.114.96.1:0
File type ASCII text, with no line terminators
Hash 196f73187bcbee4f9b8de0873cba3718
ae42246bd5bfd6ab7c0c92311f83adcdf66e8542
9527e03d7a1877187c413ed66b6a82c27751bd15cb04bc1665c260320f2d9f1e
GET /download2/img/download-arrow.gif HTTP/1.1
Host: 84.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://84.biqund.com/index/d2?diff=0&utm_source=ogdd&utm_campaign=29857&utm_content=1380&utm_clickid=tkwo48sok084ks84&aurl=https://jifikev.com/7-186pej-e1i-hn1d-bnn?deeplink=https://dagamah.com/9-1iora2-b8r-jn1d-f173?deeplink=https://o.tr1net.com/TEmDgj&subid_1=1380&subid_2=7652&subid_1=1380&subid_2=7652&an=&utm_term=7652&site=&isubs=2
HTTP/1.1 404 Not Found
Date: Thu, 23 Feb 2023 12:52:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mw0uT6m7Pn0QYRrAF64W%2BHeNphUNJP2%2BzL62RxmYi6bxfZb%2BQ3b3XXrZBoN1OHWyrs3LMYdnXv12ixSq30TUJyNr2nbrWEwdS%2BWUGpzofm%2FFQfwqdssYdB%2FwuDi1qurs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e019c21de4b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash de9405a82e5a31248bc6b02647ff46b6
d5487f8f6f025555615f6bb3a6a72c6e7e415a34
3342d2eca5901d82d11a274e2cb9c46f19bdb61d368ae05215f8aac8a02b1d07
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3342D2ECA5901D82D11A274E2CB9C46F19BDB61D368AE05215F8AAC8A02B1D07"
Last-Modified: Wed, 22 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10872
Expires: Thu, 23 Feb 2023 15:53:59 GMT
Date: Thu, 23 Feb 2023 12:52:47 GMT
Connection: keep-alive
84.biqund.com/favicon.ico
188.114.96.1200 OK 4.0 kB URL HTTP/1.1 84.biqund.com/favicon.ico
IP 188.114.96.1:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash a51793fe0317686ba089709c57a35b1a
61575816c708298644a9c26859edc3a17ae91ebd
b81a8f8301df8f22e0ca12689afd9855d710026631f486c9538fdb08b129b084
GET /favicon.ico HTTP/1.1
Host: 84.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://84.biqund.com/index/d2?diff=0&utm_source=ogdd&utm_campaign=29857&utm_content=1380&utm_clickid=tkwo48sok084ks84&aurl=https://jifikev.com/7-186pej-e1i-hn1d-bnn?deeplink=https://dagamah.com/9-1iora2-b8r-jn1d-f173?deeplink=https://o.tr1net.com/TEmDgj&subid_1=1380&subid_2=7652&subid_1=1380&subid_2=7652&an=&utm_term=7652&site=&isubs=2
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 12:52:47 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 12:29:48 GMT
ETag: W/"636262bc-1007"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vVbAUT8%2F0gCQHnHDO8v9hVjvbUAsVBlfZiJEryHSks4NtaAwmBTk%2FHSND3GaSRJ4gYSW2RzAKUfAk4DaYtUyCYex%2B34sLoCeSvUG7zrHYmm%2Bk%2FTZm0%2F7fTQudYgOpCZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e019c34fc9b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
sartojelius.com/46594
88.208.46.22200 OK 3.2 kB IP 88.208.46.22:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (3244), with no line terminators
Hash 2ff23e01c3680a8df982249d3f0b078f
82418bbb44ea0877a3ca7a358e57e9cb576422dd
bb1d7e12f84d1832d32342688fa36161c49c267c64372cbc8d2a795633dcef95
POST /46594 HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://84.biqund.com/
Content-Type: text/plain;charset=UTF-8
Origin: http://84.biqund.com
Content-Length: 222
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Feb 2023 12:52:47 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://84.biqund.com
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: userid=023cda8b-8f03-45c3-9549-6146506a41e1; expires=Wed, 23-Feb-2028 12:52:47 GMT; Path=/; SameSite=None; Secure
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
sartojelius.com/event/set
88.208.46.22200 OK 20 B URL HTTP/1.1 sartojelius.com/event/set
IP 88.208.46.22:0
ASN #39572 DataWeb Global Group B.V.
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /event/set HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://84.biqund.com/
Content-Type: text/plain;charset=UTF-8
Origin: http://84.biqund.com
Content-Length: 116
Connection: keep-alive
Cookie: userid=023cda8b-8f03-45c3-9549-6146506a41e1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Feb 2023 12:52:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://84.biqund.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Content-Encoding: gzip
84.biqund.com/assets/images/arrow.png
188.114.96.1200 OK 1.5 kB URL HTTP/1.1 84.biqund.com/assets/images/arrow.png
IP 188.114.96.1:0
File type PNG image data, 114 x 135, 8-bit/color RGBA, non-interlaced\012- data
Hash 5205d8e424b5516e3965645163a80dcd
ea5b7794eaecf76c02c55879ad03b98e1f06068b
3795d041425e25372f0d6fcb7a66494c0224d844dd3038458549d05889052f96
GET /assets/images/arrow.png HTTP/1.1
Host: 84.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://84.biqund.com/index/d2?diff=0&utm_source=ogdd&utm_campaign=29857&utm_content=1380&utm_clickid=tkwo48sok084ks84&aurl=https://jifikev.com/7-186pej-e1i-hn1d-bnn?deeplink=https://dagamah.com/9-1iora2-b8r-jn1d-f173?deeplink=https://o.tr1net.com/TEmDgj&subid_1=1380&subid_2=7652&subid_1=1380&subid_2=7652&an=&utm_term=7652&site=&isubs=2
Cookie: pmvid=023cda8b-8f03-45c3-9549-6146506a41e1
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 12:52:47 GMT
Content-Type: image/png
Content-Length: 1477
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 12:29:48 GMT
ETag: "636262bc-5c5"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uq5EwWGMBIgb0d4mX7ssF3EEvQHUuv2geBzm3Sssd%2BUz5WNc0HhIfp%2F2j2rctLrVzaAaUE9XW2lhcmQKWYqUusPMCY8SpTYzI6MRnV47BZPk2PdjezBpSV9JEHqXN5ey"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e019c408edb51e-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Content-Length, Content-Type, Cache-Control, Pragma, Retry-After, ETag, Expires, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Feb 2023 12:20:35 GMT
age: 1932
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
84.biqund.com/download2/img/arrow.png
188.114.96.1200 OK 1.5 kB URL HTTP/1.1 84.biqund.com/download2/img/arrow.png
IP 188.114.96.1:0
File type PNG image data, 114 x 135, 8-bit/color RGBA, non-interlaced\012- data
Hash 5205d8e424b5516e3965645163a80dcd
ea5b7794eaecf76c02c55879ad03b98e1f06068b
3795d041425e25372f0d6fcb7a66494c0224d844dd3038458549d05889052f96
GET /download2/img/arrow.png HTTP/1.1
Host: 84.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://84.biqund.com/index/d2?diff=0&utm_source=ogdd&utm_campaign=29857&utm_content=1380&utm_clickid=tkwo48sok084ks84&aurl=https://jifikev.com/7-186pej-e1i-hn1d-bnn?deeplink=https://dagamah.com/9-1iora2-b8r-jn1d-f173?deeplink=https://o.tr1net.com/TEmDgj&subid_1=1380&subid_2=7652&subid_1=1380&subid_2=7652&an=&utm_term=7652&site=&isubs=2
Cookie: pmvid=023cda8b-8f03-45c3-9549-6146506a41e1
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 12:52:47 GMT
Content-Type: image/png
Content-Length: 1477
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 12:29:48 GMT
ETag: "636262bc-5c5"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zarg8gQJzn6S9oTi16GJ%2BDdA4SKpBlwxO2EBYVVIeZFrjElqAC0UubftpvKFy9k8Bh5kSPE2uz7PiYppV8wAcSSkaQLGEF9rUanjsBf0jTVBVSsuaMIhVfGSkqtEHZ7g"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e019c41d20b517-OSL
alt-svc: h2=":443"; ma=60
sartojelius.com/js/cs?uuid=023cda8b-8f03-45c3-9549-6146506a41e1
88.208.46.22302 Found 0 B URL HTTP/1.1 sartojelius.com/js/cs?uuid=023cda8b-8f03-45c3-9549-6146506a41e1
IP 88.208.46.22:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/cs?uuid=023cda8b-8f03-45c3-9549-6146506a41e1 HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://84.biqund.com/
Cookie: userid=023cda8b-8f03-45c3-9549-6146506a41e1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 23 Feb 2023 12:52:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid=023cda8b-8f03-45c3-9549-6146506a41e1; expires=Sat, 25-Mar-2023 12:52:47 GMT; Path=/; domain=.sartojelius.com; SameSite=None; Secure
Location: https://s.uuidksinc.net/match/1165/?remote_uid=023cda8b-8f03-45c3-9549-6146506a41e1&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3D023cda8b-8f03-45c3-9549-6146506a41e1%26oid%3D%5BUID%5D
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1cd8035d4220a32ffbf79eb9140ad559
2d7b71b18d6868c625eca4046edca14a6f19bcca
32f87e88ec041dee759f5de65c87ecbe50345ff05255cf25687321fe6553fb6e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "32F87E88EC041DEE759F5DE65C87ECBE50345FF05255CF25687321FE6553FB6E"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13869
Expires: Thu, 23 Feb 2023 16:43:56 GMT
Date: Thu, 23 Feb 2023 12:52:47 GMT
Connection: keep-alive
hdtcode.com/event?data=&id=30
31.220.27.155200 OK 0 B URL HTTP/2 hdtcode.com/event?data=&id=30
IP 31.220.27.155:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?data=&id=30 HTTP/1.1
Host: hdtcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://84.biqund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 23 Feb 2023 12:52:47 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 74f3ebde2baa1968054f340aecb8eb3b
b916dd3603cf8244526cac7ce0a9136e39cfcdf8
7e55249ba4b3ff49fc9d3dfa6f68c6eca9a5361e79981ef374cda070cc8c5d71
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E55249BA4B3FF49FC9D3DFA6F68C6ECA9A5361E79981EF374CDA070CC8C5D71"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9385
Expires: Thu, 23 Feb 2023 15:29:12 GMT
Date: Thu, 23 Feb 2023 12:52:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5fa728a339ca32e616d483e61d0aebcd
6a63966de94d16390c8f1e47e5b67fe5bb67f7cd
7e83729d554404e59f1f1ff809ac776d3596487e2b062a1e38af8e29f33c0686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E83729D554404E59F1F1FF809AC776D3596487E2B062A1E38AF8E29F33C0686"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5319
Expires: Thu, 23 Feb 2023 14:21:26 GMT
Date: Thu, 23 Feb 2023 12:52:47 GMT
Connection: keep-alive
s.uuidksinc.net/match/1165/?remote_uid=023cda8b-8f03-45c3-9549-6146506a41e1&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3D023cda8b-8f03-45c3-9549-6146506a41e1%26oid%3D%5BUID%5D
185.196.197.130302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/1165/?remote_uid=023cda8b-8f03-45c3-9549-6146506a41e1&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3D023cda8b-8f03-45c3-9549-6146506a41e1%26oid%3D%5BUID%5D
IP 185.196.197.130:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/1165/?remote_uid=023cda8b-8f03-45c3-9549-6146506a41e1&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3D023cda8b-8f03-45c3-9549-6146506a41e1%26oid%3D%5BUID%5D HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://84.biqund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Thu, 23 Feb 2023 12:52:47 GMT
content-length: 0
location: https://sartojelius.com/js/cs?uuid=023cda8b-8f03-45c3-9549-6146506a41e1&oid=SSL47wBHn7oSOxftUczP
set-cookie: jcsuuid=SSL47wBHn7oSOxftUczP; expires=Fri, 23 Feb 2024 12:52:47 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
sartojelius.com/js/cs?uuid=023cda8b-8f03-45c3-9549-6146506a41e1&oid=SSL47wBHn7oSOxftUczP
88.208.46.22200 OK 43 B URL HTTP/1.1 sartojelius.com/js/cs?uuid=023cda8b-8f03-45c3-9549-6146506a41e1&oid=SSL47wBHn7oSOxftUczP
IP 88.208.46.22:0
ASN #39572 DataWeb Global Group B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /js/cs?uuid=023cda8b-8f03-45c3-9549-6146506a41e1&oid=SSL47wBHn7oSOxftUczP HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://84.biqund.com/
Connection: keep-alive
Cookie: userid=023cda8b-8f03-45c3-9549-6146506a41e1; uuid=023cda8b-8f03-45c3-9549-6146506a41e1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Feb 2023 12:52:47 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: oid=SSL47wBHn7oSOxftUczP; expires=Sat, 25-Mar-2023 12:52:47 GMT; Path=/; domain=.sartojelius.com; SameSite=None; Secure
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
push.services.mozilla.com/
35.86.38.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.86.38.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nAI5wTFTBb3hmfeUicFjUA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zfSGqe4A//Gq//pvXoHJeMgH+V8=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 201c51b176ba24fcf99330150367a382
d4de8a37cf102c4c931b5ea21c0f606f6b9e2a67
d6f1c581e2e5dc2f457afc21bebe9fde47c9023a88d69ff2ad6edfd6c74fbc56
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6F1C581E2E5DC2F457AFC21BEBE9FDE47C9023A88D69FF2AD6EDFD6C74FBC56"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2777
Expires: Thu, 23 Feb 2023 13:39:05 GMT
Date: Thu, 23 Feb 2023 12:52:48 GMT
Connection: keep-alive
z.cdn.adtarget.me/smc?s=22&u=SSL47wBHn7oSOxftUczP
212.32.253.229204 No Content 0 B URL HTTP/2 z.cdn.adtarget.me/smc?s=22&u=SSL47wBHn7oSOxftUczP
IP 212.32.253.229:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smc?s=22&u=SSL47wBHn7oSOxftUczP HTTP/1.1
Host: z.cdn.adtarget.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 23 Feb 2023 12:52:07 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b928a6afc798633bc66c84dffd16be09
11beddf4de4460749dc9926b45d10f3d5868cb7a
bb2904cdee979778886ff82489447d6a9eb88b8947fdcfa7e973f0ef5fea7dc5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB2904CDEE979778886FF82489447D6A9EB88B8947FDCFA7E973F0EF5FEA7DC5"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5080
Expires: Thu, 23 Feb 2023 14:17:28 GMT
Date: Thu, 23 Feb 2023 12:52:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b928a6afc798633bc66c84dffd16be09
11beddf4de4460749dc9926b45d10f3d5868cb7a
bb2904cdee979778886ff82489447d6a9eb88b8947fdcfa7e973f0ef5fea7dc5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB2904CDEE979778886FF82489447D6A9EB88B8947FDCFA7E973F0EF5FEA7DC5"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5080
Expires: Thu, 23 Feb 2023 14:17:28 GMT
Date: Thu, 23 Feb 2023 12:52:48 GMT
Connection: keep-alive
dm-eu.hybrid.ai/match?id=158&vid=SSL47wBHn7oSOxftUczP
37.18.103.22204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=158&vid=SSL47wBHn7oSOxftUczP
IP 37.18.103.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=158&vid=SSL47wBHn7oSOxftUczP HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 23 Feb 2023 12:52:48 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=2f57855540123d86744f; Expires=Fri, 23 Feb 2024 12:52:46 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 506
x-xss-protection: 1; mode=block
access-control-allow-origin: https://uuidksinc.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2
sync.bumlam.com/?src=kadam&uid=SSL47wBHn7oSOxftUczP
31.172.81.160302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=kadam&uid=SSL47wBHn7oSOxftUczP
IP 31.172.81.160:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=kadam&uid=SSL47wBHn7oSOxftUczP HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 23 Feb 2023 12:52:48 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRmOTgxMDhjYS1iMzc4LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 18 Feb 2043 12:52:48 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=kadam&s_data=CAIQARigw92fBmIUU1NMNDd3QkhuN29TT3hmdFVjelCiARD5gQjKs3gR7YbgACWQwGR8
ETag: f98108ca-b378-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 95a38767ee0d5ffb0e302ea4066f0336
4407af3495919406d80d5a9850ff059b7a5dd94c
c2ac8d3d6ffad530e477b3348a1f46a621c3897495ac67f09217a1b7b5d3e3d6
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 12:52:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 27 Feb 2023 09:37:37 GMT
ETag: "4407af3495919406d80d5a9850ff059b7a5dd94c"
Last-Modified: Thu, 23 Feb 2023 09:37:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3097
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e019c938790b55-OSL
www.acint.net/rmatch?dp=191&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D%24%7BUSER_ID%7D
157.90.179.28302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=191&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D%24%7BUSER_ID%7D
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=191&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Thu, 23 Feb 2023 12:52:48 GMT
content-type: text/html
content-length: 154
location: /rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D&dp=191&tc=1
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Thu, 23-Feb-23 13:02:48 GMT
aid=nVqzHGP3YaBxhwPT04RAAhSgEhlzfz5pf/R0VA+7/mmAmPwQ; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/rmatch?dp=192&r=https://d.uuidksinc.net/match/382/?remote_uid=${USER_ID}
157.90.179.28302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=192&r=https://d.uuidksinc.net/match/382/?remote_uid=${USER_ID}
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=192&r=https://d.uuidksinc.net/match/382/?remote_uid=${USER_ID} HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Thu, 23 Feb 2023 12:52:48 GMT
content-type: text/html
content-length: 154
location: /rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F382%2F%3Fremote_uid%3D$%7BUSER_ID%7D&dp=192&tc=1
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Thu, 23-Feb-23 13:02:48 GMT
aid=LgR5GmP3YaARJQQ1A2OBAozj9SbpJ+lFvoLkLl9nJeYyw5/c; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
sync.bumlam.com/?src=kadam&s_data=CAIQARigw92fBmIUU1NMNDd3QkhuN29TT3hmdFVjelCiARD5gQjKs3gR7YbgACWQwGR8
31.172.81.160200 OK 43 B URL HTTP/1.1 sync.bumlam.com/?src=kadam&s_data=CAIQARigw92fBmIUU1NMNDd3QkhuN29TT3hmdFVjelCiARD5gQjKs3gR7YbgACWQwGR8
IP 31.172.81.160:0
ASN #44066 diva-e Datacenters GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /?src=kadam&s_data=CAIQARigw92fBmIUU1NMNDd3QkhuN29TT3hmdFVjelCiARD5gQjKs3gR7YbgACWQwGR8 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: suuid3=IiRmOTgxMDhjYS1iMzc4LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Feb 2023 12:52:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: suuid3=IiRmOTgxMDhjYS1iMzc4LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 18 Feb 2043 12:52:48 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b9b635228e1f860de78ebda98bf4d022
f90a56b162847df70ed1aa1b58a274691a0af1e5
a8e812fe1e09b3818ac7134a43f01e047b983f9d77fffae3b3c50157c83a46b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E812FE1E09B3818AC7134A43F01E047B983F9D77FFFAE3B3C50157C83A46B0"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1695
Expires: Thu, 23 Feb 2023 13:21:03 GMT
Date: Thu, 23 Feb 2023 12:52:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fc4c6e526002f1b1386e4a5800b548e6
0a230e75b5baa684d7e70a5a39882a374ab54ab3
a4e618aff2fac0b73611f2fe63aed3e7f75d994e04da78f16456188d63bd402a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4E618AFF2FAC0B73611F2FE63AED3E7F75D994E04DA78F16456188D63BD402A"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6761
Expires: Thu, 23 Feb 2023 14:45:29 GMT
Date: Thu, 23 Feb 2023 12:52:48 GMT
Connection: keep-alive
www.acint.net/rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F382%2F%3Fremote_uid%3D$%7BUSER_ID%7D&dp=192&tc=1
157.90.179.28302 Found 154 B URL HTTP/2 www.acint.net/rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F382%2F%3Fremote_uid%3D$%7BUSER_ID%7D&dp=192&tc=1
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F382%2F%3Fremote_uid%3D$%7BUSER_ID%7D&dp=192&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgR5GmP3YaARJQQ1A2OBAozj9SbpJ+lFvoLkLl9nJeYyw5/c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 23 Feb 2023 12:52:48 GMT
content-type: text/html
content-length: 154
location: https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F382%252F%253Fremote_uid%253D$%257BUSER_ID%257D&dp=14
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
set-cookie: cSyncDp14v3=1677156768; expires=Sat, 25-Mar-23 12:52:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D&dp=191&tc=1
157.90.179.28302 Found 154 B URL HTTP/2 www.acint.net/rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D&dp=191&tc=1
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D&dp=191&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgR5GmP3YaARJQQ1A2OBAozj9SbpJ+lFvoLkLl9nJeYyw5/c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 23 Feb 2023 12:52:48 GMT
content-type: text/html
content-length: 154
location: https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253D$%257BUSER_ID%257D&dp=14
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
set-cookie: cSyncDp14v3=1677156768; expires=Sat, 25-Mar-23 12:52:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
kimberlite.io/rtb/sync/kadam?u=SSL47wBHn7oSOxftUczP
80.78.249.201307 Temporary Redirect 0 B URL HTTP/1.1 kimberlite.io/rtb/sync/kadam?u=SSL47wBHn7oSOxftUczP
IP 80.78.249.201:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/sync/kadam?u=SSL47wBHn7oSOxftUczP HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 23 Feb 2023 12:52:48 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: u=Y_dhoIjLY9A~e_lphheeyGWlztRdlCmH1Oeon5g; path=/; max-age=7776000; samesite=none; httponly; secure
location: https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F499%252F%253Fremote_uid%253DY_dhoIjLY9A%26n%3D1
referrer-policy: no-referrer
server-timing: app;srv=4;dur=0.0002
ads.go2net.com.ua/adxcm.aspx?ssp=cf718592-a39d-4545-9d43-d632e2426981&redir=1
146.0.227.107302 Found 0 B URL HTTP/1.1 ads.go2net.com.ua/adxcm.aspx?ssp=cf718592-a39d-4545-9d43-d632e2426981&redir=1
IP 146.0.227.107:0
ASN #20773 Host Europe GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adxcm.aspx?ssp=cf718592-a39d-4545-9d43-d632e2426981&redir=1 HTTP/1.1
Host: ads.go2net.com.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 23 Feb 2023 12:52:48 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Xss-Protection: 0
P3p: CP="NID DSP ALL COR"
Location: https://s.uuidksinc.net/match/1642/3e3ab671495f4264a67d6c5e68e96a90
Set-Cookie: am-uid=3e3ab671495f4264a67d6c5e68e96a90; expires=Wed, 24 May 2023 12:52:48 GMT; domain=ads.go2net.com.ua; secure; SameSite=None
Keep-Alive: timeout=25
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b95f70d1b59d347429e1298503161b4
08db01811499f0a82d0936b1bfd181e6e16ee00b
76d2fdc6914173c07ffc92d24acf4df3b315c719393430456e618865b7f3a35d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "76D2FDC6914173C07FFC92D24ACF4DF3B315C719393430456E618865B7F3A35D"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7049
Expires: Thu, 23 Feb 2023 14:50:17 GMT
Date: Thu, 23 Feb 2023 12:52:48 GMT
Connection: keep-alive
s.uuidksinc.net/match/1642/3e3ab671495f4264a67d6c5e68e96a90
185.196.197.130200 OK 74 B URL HTTP/2 s.uuidksinc.net/match/1642/3e3ab671495f4264a67d6c5e68e96a90
IP 185.196.197.130:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /match/1642/3e3ab671495f4264a67d6c5e68e96a90 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: jcsuuid=SSL47wBHn7oSOxftUczP
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 23 Feb 2023 12:52:48 GMT
content-type: image/png
content-length: 74
set-cookie: jcsuuid=SSL47wBHn7oSOxftUczP; expires=Fri, 23 Feb 2024 12:52:48 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
dmpprof.com/matching/external/pixel.gif?sid=14&uid=SSL47wBHn7oSOxftUczP
85.192.12.174200 OK 43 B URL HTTP/2 dmpprof.com/matching/external/pixel.gif?sid=14&uid=SSL47wBHn7oSOxftUczP
IP 85.192.12.174:0
ASN #12695 LLC Digital Network
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /matching/external/pixel.gif?sid=14&uid=SSL47wBHn7oSOxftUczP HTTP/1.1
Host: dmpprof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 23 Feb 2023 12:52:48 GMT
content-type: image/gif
content-length: 43
last-modified: Thu, 23 Feb 2023 12:52:48 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: nmatch=14_SSL47wBHn7oSOxftUczP; expires=Fri, 24 Feb 2023 00:52:48 GMT; path=/; secure; SameSite=None
uid=temp-91.90.42.154-; expires=Thu, 23 Feb 2023 14:52:48 GMT; path=/; secure; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2
rtb.com.ru/kadam-sync?uid=SSL47wBHn7oSOxftUczP
83.222.114.188302 Found 89 B URL HTTP/1.1 rtb.com.ru/kadam-sync?uid=SSL47wBHn7oSOxftUczP
IP 83.222.114.188:0
File type HTML document, ASCII text
Hash c4b0cf59ffc7e3e754e2187d88e2e970
904eee981d7f81fc89871714f97fbbf6c5677aca
aa2e97aab88894176b283cbc875162f14707095c78fb27374f40514327c6f602
GET /kadam-sync?uid=SSL47wBHn7oSOxftUczP HTTP/1.1
Host: rtb.com.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.18.0
Date: Thu, 23 Feb 2023 12:52:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 89
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Location: /sync?noRedirect=&sspKey=60&sspUserID=SSL47wBHn7oSOxftUczP
P3p: CP="rtb.com.ru does not have a P3P policy"
Set-Cookie: as-user=63f761a09ab4d24ed2eda198; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
ads.go2net.com.ua/adxcm.aspx?ssp=8f2d38d9-0167-4593-89f1-85e365d4fb02&redir=1
146.0.227.107302 Found 0 B URL HTTP/1.1 ads.go2net.com.ua/adxcm.aspx?ssp=8f2d38d9-0167-4593-89f1-85e365d4fb02&redir=1
IP 146.0.227.107:0
ASN #20773 Host Europe GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adxcm.aspx?ssp=8f2d38d9-0167-4593-89f1-85e365d4fb02&redir=1 HTTP/1.1
Host: ads.go2net.com.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 23 Feb 2023 12:52:48 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Xss-Protection: 0
P3p: CP="NID DSP ALL COR"
Location: https://s.uuidksinc.net/match/1643/297abf7caed7499ab7eaa9d08f5aadc0
Set-Cookie: am-uid=297abf7caed7499ab7eaa9d08f5aadc0; expires=Wed, 24 May 2023 12:52:48 GMT; domain=ads.go2net.com.ua; secure; SameSite=None
Keep-Alive: timeout=25
ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253D$%257BUSER_ID%257D&dp=14
193.3.184.211302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253D$%257BUSER_ID%257D&dp=14
IP 193.3.184.211:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253D$%257BUSER_ID%257D&dp=14 HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 23 Feb 2023 12:52:48 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/rmatch?dp=14&euid=2C03420AA061F7633800B680028009B0&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDLGP3YaCAtgA4sAmAApp3MmdmuMOFLaqS8M9EbXJx52aw; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
s.uuidksinc.net/match/1643/297abf7caed7499ab7eaa9d08f5aadc0
185.196.197.130200 OK 74 B URL HTTP/2 s.uuidksinc.net/match/1643/297abf7caed7499ab7eaa9d08f5aadc0
IP 185.196.197.130:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /match/1643/297abf7caed7499ab7eaa9d08f5aadc0 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: jcsuuid=SSL47wBHn7oSOxftUczP
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 23 Feb 2023 12:52:48 GMT
content-type: image/png
content-length: 74
set-cookie: jcsuuid=SSL47wBHn7oSOxftUczP; expires=Fri, 23 Feb 2024 12:52:48 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F382%252F%253Fremote_uid%253D$%257BUSER_ID%257D&dp=14
193.3.184.211302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F382%252F%253Fremote_uid%253D$%257BUSER_ID%257D&dp=14
IP 193.3.184.211:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F382%252F%253Fremote_uid%253D$%257BUSER_ID%257D&dp=14 HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 23 Feb 2023 12:52:48 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/rmatch?dp=14&euid=4402420AA061F7633000DC1F02FC9B15&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F382%2F%3Fremote_uid%3D$%7BUSER_ID%7D
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkICRGP3YaAf3AAwFZv8AvEbW0pUYnibrbhEo4hW0512f8pd; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash feec2ce1852ee076ba11e9ffc9a24d7e
8f0eb85ddfd5b5b34f868a9a4ab618acb3286d51
a00080775e488598b769083a6e965cce70637828b28962c1823c85632ff6d91e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 12:52:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 21 Feb 2023 15:41:06 GMT
Expires: Tue, 28 Feb 2023 15:41:05 GMT
Etag: "8f0eb85ddfd5b5b34f868a9a4ab618acb3286d51"
Cache-Control: max-age=441496,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79e019ca7e72b523-OSL
rtb.com.ru/sync?noRedirect=&sspKey=60&sspUserID=SSL47wBHn7oSOxftUczP
83.222.114.188302 Found 1.5 kB URL HTTP/1.1 rtb.com.ru/sync?noRedirect=&sspKey=60&sspUserID=SSL47wBHn7oSOxftUczP
IP 83.222.114.188:0
File type HTML document, ASCII text, with very long lines (1535)
Hash e87ce06f006389f8d6e823427fc59f4c
80fd6dadf51b604cdac7ccb98bb9f04bd03350cc
bd98d6aeafd9cfd1ae808a644fa15a53bc483a161b65f3a7d2629dc7b39be87b
GET /sync?noRedirect=&sspKey=60&sspUserID=SSL47wBHn7oSOxftUczP HTTP/1.1
Host: rtb.com.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: as-user=63f761a09ab4d24ed2eda198
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.18.0
Date: Thu, 23 Feb 2023 12:52:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1537
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Location: https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=63f761a09ab4d24ed2eda198&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D63f761a09ab4d24ed2eda198%26duid%3DSSL47wBHn7oSOxftUczP%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D63f761a09ab4d24ed2eda198%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D63f761a09ab4d24ed2eda198%252526i%25253D3932530790432729065%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D63f761a09ab4d24ed2eda198%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D63f761a09ab4d24ed2eda198%2525252526nc%252525253D7460368047246864103%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D63f761a09ab4d24ed2eda198%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252F66BT5VW9mAupCghmcCqpA4%2525252525253Fsign%2525252525253D326563373%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D63f761a09ab4d24ed2eda198
P3p: CP="rtb.com.ru does not have a P3P policy"
Set-Cookie: as-user=63f761a09ab4d24ed2eda198; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
acint.net/rmatch?dp=14&euid=4402420AA061F7633000DC1F02FC9B15&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F382%2F%3Fremote_uid%3D$%7BUSER_ID%7D
157.90.179.28302 Found 154 B URL HTTP/2 acint.net/rmatch?dp=14&euid=4402420AA061F7633000DC1F02FC9B15&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F382%2F%3Fremote_uid%3D$%7BUSER_ID%7D
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=14&euid=4402420AA061F7633000DC1F02FC9B15&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F382%2F%3Fremote_uid%3D$%7BUSER_ID%7D HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgR5GmP3YaARJQQ1A2OBAozj9SbpJ+lFvoLkLl9nJeYyw5/c; cSyncDp14v3=1677156768
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 23 Feb 2023 12:52:48 GMT
content-type: text/html
content-length: 154
location: https://d.uuidksinc.net/match/382/?remote_uid=1A79042EA061F7633504251102816303
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F499%252F%253Fremote_uid%253DY_dhoIjLY9A%26n%3D1
167.235.33.114301 Moved Permanently 201 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F499%252F%253Fremote_uid%253DY_dhoIjLY9A%26n%3D1
IP 167.235.33.114:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash e75d12f638fa4b7b5db057d4adfccba8
8366a43e071940503bab002fa09e030373993e13
a54189d3042f1d32d71961923e6edf6b31a404b545205161a471bf6cd169ef47
GET /cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F499%252F%253Fremote_uid%253DY_dhoIjLY9A%26n%3D1 HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 23 Feb 2023 12:52:50 GMT
content-type: text/html; charset=utf-8
content-length: 201
location: https://kimberlite.io/rtb/sync/buzzoola?u=76b3cba6-c2ec-4124-5bb0-d3420b086260&f=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F499%2F%3Fremote_uid%3DY_dhoIjLY9A&n=1
serverid: TODO
X-Firefox-Spdy: h2
acint.net/rmatch?dp=14&euid=2C03420AA061F7633800B680028009B0&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D
157.90.179.28302 Found 154 B URL HTTP/2 acint.net/rmatch?dp=14&euid=2C03420AA061F7633800B680028009B0&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D
IP 157.90.179.28:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=14&euid=2C03420AA061F7633800B680028009B0&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgR5GmP3YaARJQQ1A2OBAozj9SbpJ+lFvoLkLl9nJeYyw5/c; cSyncDp14v3=1677156768
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 23 Feb 2023 12:52:48 GMT
content-type: text/html
content-length: 154
location: https://d.uuidksinc.net/match/383/?remote_uid=1A79042EA061F7633504251102816303
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
kimberlite.io/rtb/sync/buzzoola?u=76b3cba6-c2ec-4124-5bb0-d3420b086260&f=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F499%2F%3Fremote_uid%3DY_dhoIjLY9A&n=1
80.78.249.201307 Temporary Redirect 0 B URL HTTP/1.1 kimberlite.io/rtb/sync/buzzoola?u=76b3cba6-c2ec-4124-5bb0-d3420b086260&f=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F499%2F%3Fremote_uid%3DY_dhoIjLY9A&n=1
IP 80.78.249.201:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/sync/buzzoola?u=76b3cba6-c2ec-4124-5bb0-d3420b086260&f=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F499%2F%3Fremote_uid%3DY_dhoIjLY9A&n=1 HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: u=Y_dhoIjLY9A~e_lphheeyGWlztRdlCmH1Oeon5g
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 23 Feb 2023 12:52:48 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: f=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F499%2F%3Fremote_uid%3DY_dhoIjLY9A; max-age=30; samesite=none; httponly; secure
n=2; max-age=30; samesite=none; httponly; secure
location: https://sm.rtb.mts.ru/p?ssp=toptraffic&id=Y_dhoIjLY9A
referrer-policy: no-referrer
server-timing: app;srv=2;dur=0.0002
d.uuidksinc.net/match/383/?remote_uid=1A79042EA061F7633504251102816303
185.196.197.130200 OK 74 B URL HTTP/2 d.uuidksinc.net/match/383/?remote_uid=1A79042EA061F7633504251102816303
IP 185.196.197.130:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /match/383/?remote_uid=1A79042EA061F7633504251102816303 HTTP/1.1
Host: d.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: jcsuuid=SSL47wBHn7oSOxftUczP
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 23 Feb 2023 12:52:48 GMT
content-type: image/png
content-length: 74
X-Firefox-Spdy: h2
d.uuidksinc.net/match/382/?remote_uid=1A79042EA061F7633504251102816303
185.196.197.130200 OK 74 B URL HTTP/2 d.uuidksinc.net/match/382/?remote_uid=1A79042EA061F7633504251102816303
IP 185.196.197.130:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /match/382/?remote_uid=1A79042EA061F7633504251102816303 HTTP/1.1
Host: d.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: jcsuuid=SSL47wBHn7oSOxftUczP
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 23 Feb 2023 12:52:48 GMT
content-type: image/png
content-length: 74
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4733770bf092ca1324e01dff373722a1
1524c31178714c399a4b4751744b261768c41277
26776ee98fd94df1d3adbadb39aaad24b847a689c2119c2ed62a70640f4b5b18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 12:52:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=63f761a09ab4d24ed2eda198&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D63f761a09ab4d24ed2eda198%26duid%3DSSL47wBHn7oSOxftUczP%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D63f761a09ab4d24ed2eda198%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D63f761a09ab4d24ed2eda198%252526i%25253D3932530790432729065%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D63f761a09ab4d24ed2eda198%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D63f761a09ab4d24ed2eda198%2525252526nc%252525253D7460368047246864103%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D63f761a09ab4d24ed2eda198%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252F66BT5VW9mAupCghmcCqpA4%2525252525253Fsign%2525252525253D326563373%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D63f761a09ab4d24ed2eda198
216.58.207.226200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=63f761a09ab4d24ed2eda198&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D63f761a09ab4d24ed2eda198%26duid%3DSSL47wBHn7oSOxftUczP%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D63f761a09ab4d24ed2eda198%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D63f761a09ab4d24ed2eda198%252526i%25253D3932530790432729065%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D63f761a09ab4d24ed2eda198%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D63f761a09ab4d24ed2eda198%2525252526nc%252525253D7460368047246864103%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D63f761a09ab4d24ed2eda198%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252F66BT5VW9mAupCghmcCqpA4%2525252525253Fsign%2525252525253D326563373%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D63f761a09ab4d24ed2eda198
IP 216.58.207.226:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=adspend&google_cm&google_hm=63f761a09ab4d24ed2eda198&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D63f761a09ab4d24ed2eda198%26duid%3DSSL47wBHn7oSOxftUczP%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D63f761a09ab4d24ed2eda198%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D63f761a09ab4d24ed2eda198%252526i%25253D3932530790432729065%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D63f761a09ab4d24ed2eda198%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D63f761a09ab4d24ed2eda198%2525252526nc%252525253D7460368047246864103%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D63f761a09ab4d24ed2eda198%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252F66BT5VW9mAupCghmcCqpA4%2525252525253Fsign%2525252525253D326563373%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D63f761a09ab4d24ed2eda198 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Thu, 23 Feb 2023 12:52:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 9fd7f6ecae96bd20975faa92aa1f4bff
c960ca744c22c3017bc8601571f6da2131979b99
090be7b58216795da627eaba0343bdf755554bbef59ba2c08126b0321ed44ab4
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 12:52:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 20 Feb 2023 04:18:21 GMT
Expires: Mon, 27 Feb 2023 04:18:20 GMT
Etag: "c960ca744c22c3017bc8601571f6da2131979b99"
Cache-Control: max-age=602670,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 414
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e019cc28d2b509-OSL
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4733770bf092ca1324e01dff373722a1
1524c31178714c399a4b4751744b261768c41277
26776ee98fd94df1d3adbadb39aaad24b847a689c2119c2ed62a70640f4b5b18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 12:52:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 9e1e885f91a56ce98f497256478a0d4d
d466b45615eb58481b4a3ed66db82e74e854f894
d5e20b1ff6ddff2befd5354600883a3214087f5ea65cc71d54595e1decfa25ba
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 12:52:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 27 Feb 2023 10:30:21 GMT
ETag: "d466b45615eb58481b4a3ed66db82e74e854f894"
Last-Modified: Thu, 23 Feb 2023 10:30:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2160
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79e019cc6d53b4ff-OSL
kadam-sync.rutarget.ru/sync
87.242.93.185302 Moved Temporarily 0 B URL HTTP/1.1 kadam-sync.rutarget.ru/sync
IP 87.242.93.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: kadam-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 23 Feb 2023 12:52:48 GMT
Content-Length: 0
Connection: close
Location: https://d.uuidksinc.net/match/386/?remote_uid=uk9Kv-IAjMKK
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=uk9Kv-IAjMKK; Path=/; Domain=.rutarget.ru; Expires=Tue, 22 Aug 2023 12:52:48 GMT; SameSite=None; Secure
d.uuidksinc.net/match/386/?remote_uid=uk9Kv-IAjMKK
185.196.197.130200 OK 74 B URL HTTP/2 d.uuidksinc.net/match/386/?remote_uid=uk9Kv-IAjMKK
IP 185.196.197.130:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /match/386/?remote_uid=uk9Kv-IAjMKK HTTP/1.1
Host: d.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: jcsuuid=SSL47wBHn7oSOxftUczP
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 23 Feb 2023 12:52:48 GMT
content-type: image/png
content-length: 74
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b2df9b8515300d4a52cfea191b091c7d
af020b02bc616abafe1f7b0bbc799f6c4aa345df
542ced88e45d59fd1ac53d575eb4825704bbb71c0b58697be50abe21dc9d9b38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "542CED88E45D59FD1AC53D575EB4825704BBB71C0B58697BE50ABE21DC9D9B38"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3927
Expires: Thu, 23 Feb 2023 13:58:15 GMT
Date: Thu, 23 Feb 2023 12:52:48 GMT
Connection: keep-alive
sm.rtb.mts.ru/p?ssp=toptraffic&id=Y_dhoIjLY9A
217.66.147.36301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=toptraffic&id=Y_dhoIjLY9A
IP 217.66.147.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=toptraffic&id=Y_dhoIjLY9A HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 23 Feb 2023 12:52:30 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=59&exu=Y_dhoIjLY9A
Set-Cookie: dspid=dbb92620-661d-4d93-9752-78175fada7fb; expires=Wed, 14 Feb 2024 12:52:48 GMT; domain=.mts.ru; path=/; secure; SameSite=None
fcgi4.gnezdo.ru/cookie_matching/kadam_resell/SSL47wBHn7oSOxftUczP/?redirect=1
93.95.102.105204 No Content 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching/kadam_resell/SSL47wBHn7oSOxftUczP/?redirect=1
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching/kadam_resell/SSL47wBHn7oSOxftUczP/?redirect=1 HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 23 Feb 2023 12:52:48 GMT
set-cookie: uid=XV9maWP3YaAL4aUIMhTLAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
fcgi4.gnezdo.ru/cookie_matching/kadam/SSL47wBHn7oSOxftUczP/?redirect=1
93.95.102.105204 No Content 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching/kadam/SSL47wBHn7oSOxftUczP/?redirect=1
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching/kadam/SSL47wBHn7oSOxftUczP/?redirect=1 HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 23 Feb 2023 12:52:48 GMT
set-cookie: uid=XV9maWP3YaAL4aUIMhTMAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
sm.rtb.mts.ru/match/second?ssp=59&exu=Y_dhoIjLY9A
217.66.147.36200 OK 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=59&exu=Y_dhoIjLY9A
IP 217.66.147.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=59&exu=Y_dhoIjLY9A HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Feb 2023 12:52:30 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
dmg.digitaltarget.ru/1/6573/i/i?a=662&e=SSL47wBHn7oSOxftUczP&i=0.05305655171105372
185.15.175.134307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/6573/i/i?a=662&e=SSL47wBHn7oSOxftUczP&i=0.05305655171105372
IP 185.15.175.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/6573/i/i?a=662&e=SSL47wBHn7oSOxftUczP&i=0.05305655171105372 HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 23 Feb 2023 12:52:48 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1677156768872&a=662&e=SSL47wBHn7oSOxftUczP&i=0.05305655171105372
Set-Cookie: viuserid=nPbNW-dNH-rGk557Fhuu; Max-Age=93312000; Expires=Sat, 07 Feb 2026 12:52:48 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1677156768872&a=662&e=SSL47wBHn7oSOxftUczP&i=0.05305655171105372
185.15.175.134200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1677156768872&a=662&e=SSL47wBHn7oSOxftUczP&i=0.05305655171105372
IP 185.15.175.134:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/6573/i/i?call_source=awg&ts=1677156768872&a=662&e=SSL47wBHn7oSOxftUczP&i=0.05305655171105372 HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Feb 2023 12:52:48 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
uuidksinc.net/matchx
185.196.197.130200 OK 2.1 kB IP 185.196.197.130:0
ASN #39572 DataWeb Global Group B.V.
Hash f68db30a3bb15d91c3dd3fb810634bb9
0eb834d2c3a155fae631b826fb51f9974645564e
819cd57fafdbbde3825a469190af38fe9da0d1b8c898287a7b91ef56625bd1d9
GET /matchx HTTP/1.1
Host: uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://84.biqund.com/
Cookie: jcsuuid=SSL47wBHn7oSOxftUczP
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 23 Feb 2023 12:52:48 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2794
Expires: Thu, 23 Feb 2023 13:39:23 GMT
Date: Thu, 23 Feb 2023 12:52:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2794
Expires: Thu, 23 Feb 2023 13:39:23 GMT
Date: Thu, 23 Feb 2023 12:52:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2794
Expires: Thu, 23 Feb 2023 13:39:23 GMT
Date: Thu, 23 Feb 2023 12:52:49 GMT
Connection: keep-alive
fcgi4.gnezdo.ru/cookie_matching/kadam_resell/SSL47wBHn7oSOxftUczP
93.95.102.105302 Found 503 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching/kadam_resell/SSL47wBHn7oSOxftUczP
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
GET /cookie_matching/kadam_resell/SSL47wBHn7oSOxftUczP HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 23 Feb 2023 12:52:48 GMT
location: https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/SSL47wBHn7oSOxftUczP/?redirect=1
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-credentials: true
set-cookie: uid=XV9maWP3YaAL4aUIMhS5Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e1f8718-617f-4cdb-9fab-ed40cbef6784.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e1f8718-617f-4cdb-9fab-ed40cbef6784.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc56e7499a3e9db178e91df024e668f0
9cc85c16fd4a9d10df5db5ddfc54b0d88999f317
25ffc87e2be6e0dc9ac208aafbefa99bb4c1d6476c1447056b83d462cd182df2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e1f8718-617f-4cdb-9fab-ed40cbef6784.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9686
x-amzn-requestid: f12fd84d-1be7-4b80-842c-e2111aa80806
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ArYFqFzaoAMF2hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f46d57-5a17eba635156fc35184ff0d;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 07:05:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y_b4w77w0mMq2Bzf0p7Ns-2vLEY7A0InmEcu9RxxpmHzJ3QdYLHypg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 07:42:53 GMT
age: 18596
etag: "9cc85c16fd4a9d10df5db5ddfc54b0d88999f317"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16bba10c-0b1a-400c-a0d0-d758645c391d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16bba10c-0b1a-400c-a0d0-d758645c391d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df07040a4f8a9dcdd6a4d8b9f9d35b93
229f7cb923d6ef0dac480883d0af0673437c5c04
46de73176cce2258bd66ca8888dfa9f49f654aecdcd132434137df06091bac85
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16bba10c-0b1a-400c-a0d0-d758645c391d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11631
x-amzn-requestid: 80f4f0f1-d97b-42ca-870d-55db701dae20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqSyG2IoAMFz-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a77-0f4faa41169ffb1231b6dc50;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QD1LY2SJ4n5zOd5BDn34y64EMwAF82vMmOqem7Mg5xFDg61ikltv_Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:46:40 GMT
age: 54369
etag: "229f7cb923d6ef0dac480883d0af0673437c5c04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fcgi4.gnezdo.ru/cookie_matching/kadam/SSL47wBHn7oSOxftUczP
93.95.102.105302 Found 9.7 kB URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching/kadam/SSL47wBHn7oSOxftUczP
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4016fa20fa2642f89d375fcc2855d4b
f1733be34a214e9565208f814dd3990f89cafbcb
74686e6a674433c436bce8c70cecc1a2cde51e82241e8251188ebd587fd4ee18
GET /cookie_matching/kadam/SSL47wBHn7oSOxftUczP HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 23 Feb 2023 12:52:48 GMT
location: https://fcgi4.gnezdo.ru/cookie_matching/kadam/SSL47wBHn7oSOxftUczP/?redirect=1
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-credentials: true
set-cookie: uid=XV9maWP3YaAL4aUIMhTBAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e7cd1e9feb9abc7f7d7f0d5fc7b181f0
cf3ce1808c48e1a86910e16731a044f6cb26275d
426c90298d5a0807b7820d803ce2907268df1195e15d5582eb0ff2f3deeb318c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7734
x-amzn-requestid: fe4dc342-33b6-45f6-984c-2c71dfa0ec13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtX-lGiJoAMFW3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f539f6-489049413f3cb63c537f20d0;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:39:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wrkzZEinm7SD60TVf2-zwKUiJx0nfe6iwy2hLIO_1ia3OPlk21fsMg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:42:20 GMT
age: 54629
etag: "cf3ce1808c48e1a86910e16731a044f6cb26275d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88c218fe-3798-43c5-8809-2324328d021d.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88c218fe-3798-43c5-8809-2324328d021d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 09398f66dadafc0a56352e781ce32d75
c7ae3275e67db3e06ec4fe7eb9482a85831c9ca0
1e896927a179bf57b723a9c01eeb8d349e0f0170ce9fba11955d3b6d8c429528
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88c218fe-3798-43c5-8809-2324328d021d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5142
x-amzn-requestid: 1fb02b0f-c69e-4f4b-a1ed-9f844fe1d7f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Auq2eHN_oAMF_ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f5be8f-1e3702d272e2f3d47083c109;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 07:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qLIEVWV2mnnHieZQ0LsrKDgf0XmF9oXyvvoE2OWG9pmwlRIXCIM-hQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 05:24:11 GMT
age: 26918
etag: "c7ae3275e67db3e06ec4fe7eb9482a85831c9ca0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fbf1945668d4a8c35e68f8d60fd80f56
0553020a82f7a6245a2979d58e1765883a777893
4220c9dea6f77c1775be6ca4d1d133b3d8f1d9caec3cc6e85747b87c7d897a92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5823
x-amzn-requestid: 4b226ac8-c443-4382-ab8e-b618c95a713d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Aq1HSFWvIAMFUAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f43561-7ac4a51e389a6e6b2a9199a5;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 03:07:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: p6v-ksQmtagKBT2hXXL7AVGvhSCwy8wUoi4dWRJPDaSsT7BvBxh4fw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 03:02:20 GMT
age: 35429
etag: "0553020a82f7a6245a2979d58e1765883a777893"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2