hd.lordserial2.me/templates/lordfun/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL GET HTTP/3 hd.lordserial2.me/templates/lordfun/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /templates/lordfun/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hd.lordserial2.me/146-kasl-sv-13.html
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 27 Nov 2023 02:01:47 GMT
content-type: font/woff2
content-length: 77160
last-modified: Tue, 06 Sep 2022 06:42:38 GMT
etag: "6316ebde-12d68"
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ajxckNBl2ybms2DWeiq2XpvywZQi%2FSi0My2eixGa09AgRCK%2FC3opncuinXX6ZW9MzzWx4KhPkTtJ%2B3tGwRBoHpNOiFp0wvVTL7Pot73980wPpLmXYNQ7O%2F89fUhOl4zo0nokg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82c6c9094d7056c1-OSL
alt-svc: h3=":443"; ma=86400
api.bedemp2.ws/embed/movie/455
200 OK 24 kB URL GET HTTP/1.1 api.bedemp2.ws/embed/movie/455
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.bedemp2.ws
Fingerprint1E:BC:1C:6B:1F:54:72:B3:A2:BC:9F:2F:AF:EC:F1:3F:36:36:D3:F6
ValidityTue, 31 Oct 2023 14:00:37 GMT - Mon, 29 Jan 2024 14:00:36 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (49343)
Hash 2662bef3b373f545a448698eeac0fe2a
e105890e8d88350824817951f1b1ed5661788ee5
fd6ce5f2649a229151a4133944eda651d1964e90f6af62cbf761158238f3717b
GET /embed/movie/455 HTTP/1.1
Host: api.bedemp2.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:48 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Expires: 1970-01-01 00:00:00
Pragma: no-cache
Set-Cookie: _uid=bde3df73-209c-4541-afdf-8b15add05a06; Path=/; Domain=bedemp2.ws; Max-Age=31104000; Secure
Vary: *
Content-Encoding: gzip
api.bedemp2.ws/cdn.js
200 OK 4.6 kB IP
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerLet's Encrypt
Subject*.bedemp2.ws
Fingerprint1E:BC:1C:6B:1F:54:72:B3:A2:BC:9F:2F:AF:EC:F1:3F:36:36:D3:F6
ValidityTue, 31 Oct 2023 14:00:37 GMT - Mon, 29 Jan 2024 14:00:36 GMT
File type ASCII text, with very long lines (14026), with no line terminators
Hash a81f8cb9127ebc541cfe5d8fa444dadb
be16ea0d77bd967771b6668970b9f66bb45daa21
71a2a5087e0df99887785f7890f0320446e336aa298211b5cf6ee5a151ef5091
GET /cdn.js HTTP/1.1
Host: api.bedemp2.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.bedemp2.ws/embed/movie/455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Last-Modified: Tue, 16 May 2023 12:42:04 GMT
Content-Encoding: gzip
hd.lordserial2.me/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
200 OK 202 kB URL GET HTTP/3 hd.lordserial2.me/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
File type ASCII text, with very long lines (7334), with no line terminators
Size 202 kB (201899 bytes)
Hash 98849825bab824546bb3c729b6ab72b7
02ce0865106241e81f717b0343f0555d678a8945
57adc1aba45cdc484c3056452f09b547b2dfbf9df1aedc7d9df5eabd5b40f744
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103; viewed_ids=146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oh2uag6M4DdCWYmP7JVbvWKpQdHiu8AP7gbqkRfR6QpVptSmDqcMGvCsMwez0RKmtj7GnXYdXQcydH8m%2Fz%2FyEs588SRFz74UXBjpeRhJZc4fDxAeAmbEP1PccX45TE4CZz6PHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c90cce8b56c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
s.myangular.life/player?cat=frame&hit=sub&host=api
200 OK 0 B URL GET HTTP/1.1 s.myangular.life/player?cat=frame&hit=sub&host=api
IP
ASN #24940 Hetzner Online GmbH
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerSectigo Limited
Subjects.myangular.life
Fingerprint3A:21:0F:72:24:43:49:14:06:28:C6:D0:A6:10:6B:D7:B2:EA:5A:66
ValidityTue, 04 Apr 2023 00:00:00 GMT - Sat, 04 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player?cat=frame&hit=sub&host=api HTTP/1.1
Host: s.myangular.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.bedemp2.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:48 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
vast.playmatic.video/vast.php?format=7&jsv=1.0&partner_id=8459371
200 OK 80 B URL POST HTTP/1.1 vast.playmatic.video/vast.php?format=7&jsv=1.0&partner_id=8459371
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subjectvast.playmatic.video
Fingerprint74:F3:80:77:BE:73:B2:65:AA:35:3E:A8:10:8F:B4:C8:B7:19:35:C2
ValiditySat, 28 Oct 2023 13:51:28 GMT - Fri, 26 Jan 2024 13:51:27 GMT
File type HTML document, ASCII text, with no line terminators
Hash f68e1549c6af686623fe6854fc863dde
ec80575f0562498fc197dc7148c4384050ef2298
9feb7b830608e95374df9ce7b85e99edc9544f595308c85d543b3d860fd3645f
POST /vast.php?format=7&jsv=1.0&partner_id=8459371 HTTP/1.1
Host: vast.playmatic.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 27 Nov 2023 02:01:48 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/8.2.11
Set-Cookie: cookie_work=1701050508; expires=Thu, 24 Nov 2033 02:01:48 GMT; Max-Age=315360000; path=/; domain=playmatic.video; secure; SameSite=None
Access-Control-Allow-Origin: https://hd.lordserial2.me
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
api.bedemp2.ws/js/listen-player.js
200 OK 852 B URL GET HTTP/1.1 api.bedemp2.ws/js/listen-player.js
IP
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerLet's Encrypt
Subject*.bedemp2.ws
Fingerprint1E:BC:1C:6B:1F:54:72:B3:A2:BC:9F:2F:AF:EC:F1:3F:36:36:D3:F6
ValidityTue, 31 Oct 2023 14:00:37 GMT - Mon, 29 Jan 2024 14:00:36 GMT
Hash 0c0c3ebb01863cdbdf9e28b04ea6dbf1
ed4ec6ff3f636ec975ffef955f9aca9dd748bb1d
897015208642232bd542da553dadd5104e30f4a106a3e7bfb522d85569575155
GET /js/listen-player.js HTTP/1.1
Host: api.bedemp2.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.bedemp2.ws/embed/movie/455
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Expires: 1970-01-01 00:00:00
Last-Modified: Tue, 13 Sep 2022 16:24:05 GMT
Pragma: no-cache
Vary: *
Content-Encoding: gzip
s.myangular.life/player?cat=support&hit=u8&description=yes
200 OK 0 B URL GET HTTP/1.1 s.myangular.life/player?cat=support&hit=u8&description=yes
IP
ASN #24940 Hetzner Online GmbH
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerSectigo Limited
Subjects.myangular.life
Fingerprint3A:21:0F:72:24:43:49:14:06:28:C6:D0:A6:10:6B:D7:B2:EA:5A:66
ValidityTue, 04 Apr 2023 00:00:00 GMT - Sat, 04 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player?cat=support&hit=u8&description=yes HTTP/1.1
Host: s.myangular.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.bedemp2.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:48 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
ads.digitalcaramel.com/js/lordserial2.me.js?ts=1701050511312
200 OK 96 kB URL GET HTTP/2 ads.digitalcaramel.com/js/lordserial2.me.js?ts=1701050511312
IP
ASN #24940 Hetzner Online GmbH
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subjectdigitalcaramel.com
Fingerprint2E:22:56:4A:B4:36:55:CF:F5:24:6A:BF:6F:90:8F:29:B8:E7:C1:89
ValiditySun, 22 Oct 2023 03:56:43 GMT - Sat, 20 Jan 2024 03:56:42 GMT
File type gzip compressed data, from Unix\012- data
Hash df6d7bca5082807f251c64fbafd7ec86
85008fde4768dd518521da331603135a413a2601
c3784ff2079d6ddef99cd94935d0f0b9d05e2ea30a2426057686a1958802a6ba
GET /js/lordserial2.me.js?ts=1701050511312 HTTP/1.1
Host: ads.digitalcaramel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 01 Nov 2023 06:44:57 GMT
vary: Accept-Encoding
etag: W/"6541f3e9-d32"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15724800; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
vak345.com/cs/202311270501.js?v=647a534f9f5fb9ced25ee7db57ef9c72&_t=1701050511487.487
200 OK 35 kB URL GET HTTP/3 vak345.com/cs/202311270501.js?v=647a534f9f5fb9ced25ee7db57ef9c72&_t=1701050511487.487
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF4:50:2C:D7:5C:84:E6:10:5D:32:80:62:FC:FE:E8:A0:40:4B:99:C4
ValidityFri, 10 Mar 2023 00:00:00 GMT - Sat, 09 Mar 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (56997), with no line terminators
Hash 6ac9363a071341a117aa9bafe016a837
458df6d094017a8cc3296bc780e914a9b615b562
7af5661b8cc24c78eb7edddeb405705c2e785ec3c084ee39b8c0fbd790681e19
GET /cs/202311270501.js?v=647a534f9f5fb9ced25ee7db57ef9c72&_t=1701050511487.487 HTTP/1.1
Host: vak345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-movieads-udata: cache
x-yac-source: Yac
x-movieads-setup: combo
x-movieads-country: NO
cf-cache-status: BYPASS
set-cookie: sky_uuid=679cbb0c-528e-4a6d-8a41-ddc81340b4b3; expires=Tue, 26-Nov-2024 02:01:47 GMT; Max-Age=31536000; path=/; SameSite=None;Secure
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BKe6ZZmHG6RvYuxHF1ueEaCRA3rLQP4r0hYU%2FjjuqNYBf7lnXG7dLzF4Wb9Y1WhqIzcHEnNE3opHlMHimMCsw4tCyh7CBXn9RkiQ%2Fp0gjasd2Gyaa4w1qizOiuJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c90ada49b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
hd.lordserial2.me/uploads/posts/2022-03/409640_1646822003.jpg
200 OK 58 kB URL GET HTTP/3 hd.lordserial2.me/uploads/posts/2022-03/409640_1646822003.jpg
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 200x300, components 3\012- data
Hash 5b516956bde286f8399b7caa7648461b
55112c171882e0cde409a19a4f815b8355bceb9f
a78ffee722a18e9100cb9aabf67e337b59198092fb95dbaeb68fae085efeccb7
GET /uploads/posts/2022-03/409640_1646822003.jpg HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/146-kasl-sv-13.html
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 27 Nov 2023 02:01:47 GMT
content-type: image/jpeg
last-modified: Tue, 06 Sep 2022 06:42:38 GMT
vary: Accept-Encoding
etag: W/"6316ebde-3af7"
cache-control: max-age=31536000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FoFijJQ5e9fVqcWBsf9ysTstNui%2BEhSF0Wk9sQG7YWhsDLA4o07CPPFVwa9NB5AeSsv9ScrnPP4POvY%2BQ%2F%2F6gkMdvH6HWvwTg40alhFPloFIgF7kGXRcm8bnjEUfEbEhzJu9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c9094d7956c1-OSL
alt-svc: h3=":443"; ma=86400
hd.lordserial2.me/cdn-cgi/challenge-platform/scripts/jsd/main.js
302 Found 64 kB URL GET HTTP/3 hd.lordserial2.me/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
File type gzip compressed data, from Unix\012- data
Hash 154b5acb9a1d627906986b4deeedeb32
96bda9397e886f8152bbd570336b13a53bfc65bf
bdcf52d02d7fa3f5f16519a21e04504c59404a29251f7af4d6e60034338b1885
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103; viewed_ids=146
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Mon, 27 Nov 2023 02:01:48 GMT
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin: *
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AyGIPDC81icfywIqkiALwMjD%2BxdUqHvJJyHzWn%2Bw2AW%2FDS2DscwpOQ778118a4vkaB8HjzQ81%2FpVwBDwwpKMcUB29fL45cD2xcoMFVXh%2BFmDqrydFwqOumCmZ8e1fIIkTyBsXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c90b9e2656c1-OSL
alt-svc: h3=":443"; ma=86400
s.myangular.life/player?cat=support&hit=wasm&description=wasm%20dc
200 OK 0 B URL GET HTTP/1.1 s.myangular.life/player?cat=support&hit=wasm&description=wasm%20dc
IP
ASN #24940 Hetzner Online GmbH
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerSectigo Limited
Subjects.myangular.life
Fingerprint3A:21:0F:72:24:43:49:14:06:28:C6:D0:A6:10:6B:D7:B2:EA:5A:66
ValidityTue, 04 Apr 2023 00:00:00 GMT - Sat, 04 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player?cat=support&hit=wasm&description=wasm%20dc HTTP/1.1
Host: s.myangular.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.bedemp2.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:48 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
s.myangular.life/player?cat=support&hit=async&description=yes
200 OK 0 B URL GET HTTP/1.1 s.myangular.life/player?cat=support&hit=async&description=yes
IP
ASN #24940 Hetzner Online GmbH
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerSectigo Limited
Subjects.myangular.life
Fingerprint3A:21:0F:72:24:43:49:14:06:28:C6:D0:A6:10:6B:D7:B2:EA:5A:66
ValidityTue, 04 Apr 2023 00:00:00 GMT - Sat, 04 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player?cat=support&hit=async&description=yes HTTP/1.1
Host: s.myangular.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.bedemp2.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:48 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
s.myangular.life/ws?cdn
0 B IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerSectigo Limited
Subjects.myangular.life
Fingerprint3A:21:0F:72:24:43:49:14:06:28:C6:D0:A6:10:6B:D7:B2:EA:5A:66
ValidityTue, 04 Apr 2023 00:00:00 GMT - Sat, 04 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws?cdn HTTP/1.1
Host: s.myangular.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://api.bedemp2.ws
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PyxGM//Un+ISpSPPWJZEaA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Mon, 27 Nov 2023 02:01:48 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 08vi3NDGhtJmN1QZZZQ5Clh3J10=
yastatic.net/partner-code-bundles/916425/592482b4e461e94ac1a0.js
200 OK 3.6 kB URL GET HTTP/2 yastatic.net/partner-code-bundles/916425/592482b4e461e94ac1a0.js
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.yastatic-net.ru
FingerprintD9:64:E0:F2:39:AC:36:DB:9A:A3:3D:E4:27:E4:0B:F5:5B:5B:E3:A0
ValidityMon, 10 Jul 2023 13:25:28 GMT - Sun, 07 Jan 2024 20:59:59 GMT
File type ASCII text, with very long lines (9173)
Hash 0fd165280f0f769225f8961ba8263d4a
959123e83b17ae9b9e90d0fe9bdac2d9f20bbc4e
e59f2f0399bb8809c8c3ce5fe03a40261d71db5cb2d53d1e6a160feb3e13c63f
GET /partner-code-bundles/916425/592482b4e461e94ac1a0.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.17.9
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: text/javascript; charset=utf-8
content-length: 3560
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "12cad137a639774e747ecb8f4ef06710"
expires: Wed, 26 Nov 2053 08:33:57 GMT
last-modified: Sat, 25 Nov 2023 11:30:18 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
code.moviead55.ru/go/cinit?cn=vhd&rnd=1701050508
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=vhd&rnd=1701050508
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=vhd&rnd=1701050508 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 27 Nov 2023 02:01:48 GMT
content-length: 0
location: https://a.videohead.tech/sync?ssp=44
set-cookie: sky_uuid=db153baf-38a7-4312-7657-d3de5108e8c5; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
code.moviead55.ru/go/cinit?cn=gtnt&rnd=1701050508
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=gtnt&rnd=1701050508
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=gtnt&rnd=1701050508 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 27 Nov 2023 02:01:48 GMT
content-length: 0
location: https://px.adhigh.net/p/cm/skyadvert?u=67a02960-f36b-a69f-6d84-1576ea9a1f3f
set-cookie: sky_uuid=67a02960-f36b-a69f-6d84-1576ea9a1f3f; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
code.moviead55.ru/go/cinit?cn=btwcookie&rnd=1701050508
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=btwcookie&rnd=1701050508
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=btwcookie&rnd=1701050508 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 27 Nov 2023 02:01:48 GMT
content-length: 0
location: https://ads.betweendigital.com/match?bidder_id=34348&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbtwcookie%26bid%3D%24%7BUSER_ID%7D
set-cookie: sky_uuid=b78facc7-8d64-99a1-23f1-dfb45ab91420; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
code.moviead55.ru/go/cinit?cn=ohmybid&rnd=1701050508
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=ohmybid&rnd=1701050508
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=ohmybid&rnd=1701050508 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 27 Nov 2023 02:01:48 GMT
content-length: 0
location: https://match.ohmy.bid/cm?ssp=skyadv&redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dohmybid%26bid%3D%24%7BUUID%7D
set-cookie: sky_uuid=aedaa43e-004a-b4ca-21a6-5d3b7a17326e; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
code.moviead55.ru/go/cinit?cn=sapecookie&rnd=1701050508
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=sapecookie&rnd=1701050508
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=sapecookie&rnd=1701050508 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 27 Nov 2023 02:01:48 GMT
content-length: 0
location: https://www.acint.net/rmatch?dp=167&euid=11a631af-808b-fac3-03a3-2abc326115a2&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D%24%7BUSER_ID%7D
set-cookie: sky_uuid=11a631af-808b-fac3-03a3-2abc326115a2; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
code.moviead55.ru/go/cinit?cn=hbrdcookie2&rnd=1701050508
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=hbrdcookie2&rnd=1701050508
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=hbrdcookie2&rnd=1701050508 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 27 Nov 2023 02:01:48 GMT
content-length: 0
location: https://dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrdcookie2%26bid%3D%24%7BVID%7D
set-cookie: sky_uuid=42bb0e90-e3c9-dac4-6c67-fe54528be5b0; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/venom-player@0.2.86/dist/theme-classic.js
200 OK 5.7 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/venom-player@0.2.86/dist/theme-classic.js
IP
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type ASCII text, with very long lines (15451), with no line terminators
Hash 210c3f63bba6881ea3787a533af7cca0
5f3766edd39ae2502c8ee06bb3630cc447f6f216
b4e7dc4a29652ef34ede138da2d02209e51d9f3f2a8c07d5e891a85fca16a822
GET /npm/venom-player@0.2.86/dist/theme-classic.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://api.bedemp2.ws
DNT: 1
Connection: keep-alive
Referer: https://api.bedemp2.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.2.86
x-jsd-version-type: version
etag: W/"3c5b-Xzdm7dOa4lAsjuBrs2MMxEf28hY"
content-encoding: br
accept-ranges: bytes
date: Mon, 27 Nov 2023 02:01:48 GMT
age: 4582421
x-served-by: cache-fra-eddf8230100-FRA, cache-bma1651-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5651
X-Firefox-Spdy: h2
code.moviead55.ru/go/cinit?cn=solta&rnd=1701050508
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=solta&rnd=1701050508
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=solta&rnd=1701050508 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 27 Nov 2023 02:01:48 GMT
content-length: 0
location: https://kimberlite.io/rtb/sync/skyadvert?u=54b719ed-130a-e0f2-33a0-43d9b10244cc
set-cookie: sky_uuid=54b719ed-130a-e0f2-33a0-43d9b10244cc; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
hd.lordserial2.me/cdn-cgi/challenge-platform/h/g/jsd/r/82c6c906ede356a5
200 OK 1 B URL POST HTTP/3 hd.lordserial2.me/cdn-cgi/challenge-platform/h/g/jsd/r/82c6c906ede356a5
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
File type very short file (no magic)
Hash eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
POST /cdn-cgi/challenge-platform/h/g/jsd/r/82c6c906ede356a5 HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12208
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/146-kasl-sv-13.html
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103; viewed_ids=146; _ma=82eb872c-f7d7-41b3-9039-71554fb4ce85
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=zn4A8GCd.QIcD9fAq_bDmMMPDwcN90.QAFzlUWdrS8M-1701050508-0-1-730ca2d2.73a07051.5b213570-0.2.1701050508; path=/; expires=Tue, 26-Nov-24 02:01:48 GMT; domain=.lordserial2.me; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3em%2F404g1KimCmOFnsSbtBJB0ptUXWEw8%2FdZ2ankJh5CM6L3LjNjKU7yX50N9iyKMHuiMSYTLguyb%2BETBw%2Bntt%2FCFmxDUI2hF%2FIWuVcVVlV7EZd%2BFCqmazp%2FFLOyZWPscLLQqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c90f6f8e56c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
yastatic.net/partner-code-bundles/916425/90c7bb268594abd0bd74.js
200 OK 24 kB URL GET HTTP/2 yastatic.net/partner-code-bundles/916425/90c7bb268594abd0bd74.js
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.yastatic-net.ru
FingerprintD9:64:E0:F2:39:AC:36:DB:9A:A3:3D:E4:27:E4:0B:F5:5B:5B:E3:A0
ValidityMon, 10 Jul 2023 13:25:28 GMT - Sun, 07 Jan 2024 20:59:59 GMT
File type ASCII text, with very long lines (65494)
Hash 0b10333dc75cc0accf5f83c63dd1c7cf
e7ee89f3a9b38e6cb6cea7b6ad1a7eff6030e697
fa8b240fe98efa97446504fd81ecfce85030306c6c7af652ef96cc3b3b6ddd2d
GET /partner-code-bundles/916425/90c7bb268594abd0bd74.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: text/javascript; charset=utf-8
content-length: 24524
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "9f194165c01f48537600e0b33a379b43"
expires: Wed, 26 Nov 2053 08:33:52 GMT
last-modified: Sat, 25 Nov 2023 11:30:18 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/safeframe-bundles/0.83/host.js
200 OK 8.9 kB URL GET HTTP/2 yastatic.net/safeframe-bundles/0.83/host.js
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.yastatic-net.ru
FingerprintD9:64:E0:F2:39:AC:36:DB:9A:A3:3D:E4:27:E4:0B:F5:5B:5B:E3:A0
ValidityMon, 10 Jul 2023 13:25:28 GMT - Sun, 07 Jan 2024 20:59:59 GMT
File type ASCII text, with very long lines (33703), with no line terminators
Hash 2435549eac66915d7464ee7b9efce038
e390598fb192583622a8ea079d5c96dffdb34fb5
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
GET /safeframe-bundles/0.83/host.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: text/javascript; charset=utf-8
content-length: 8878
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "f80882bf67cf261aa08d636da095149a"
expires: Wed, 26 Nov 2053 08:34:05 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
code.moviead55.ru/go/cinit?cn=gonetbid&rnd=1701050508
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=gonetbid&rnd=1701050508
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=gonetbid&rnd=1701050508 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 27 Nov 2023 02:01:48 GMT
content-length: 0
location: https://sync.gonet-ads.com/match/SkyAdvert?id=31c5015b-57b7-d9bf-1d40-21c8f86df1dc
set-cookie: sky_uuid=31c5015b-57b7-d9bf-1d40-21c8f86df1dc; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
code.moviead55.ru/go/cinit?cn=bzcookie&rnd=1701050508
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=bzcookie&rnd=1701050508
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=bzcookie&rnd=1701050508 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 27 Nov 2023 02:01:48 GMT
content-length: 0
location: https://exchange.buzzoola.com/cookiesync/redirect/skyadvert?redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbzcookie%26bid%3D%24%7BUUID%7D
set-cookie: sky_uuid=8f45397b-71c8-b16f-d071-022b3b252c81; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/916425/7da69d276dd1890815a9.js
200 OK 15 kB URL GET HTTP/2 yastatic.net/partner-code-bundles/916425/7da69d276dd1890815a9.js
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.yastatic-net.ru
FingerprintD9:64:E0:F2:39:AC:36:DB:9A:A3:3D:E4:27:E4:0B:F5:5B:5B:E3:A0
ValidityMon, 10 Jul 2023 13:25:28 GMT - Sun, 07 Jan 2024 20:59:59 GMT
File type ASCII text, with very long lines (60313)
Hash bb45fa2c2a584bacf1df0ef5578406b7
924560b45b93401dec52d9998f2565cce53e4fc8
a6a3b1b01642f557afc02f2c9d8ea202d26ace9170e19f9b9b46f15849d1f9c1
GET /partner-code-bundles/916425/7da69d276dd1890815a9.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: text/javascript; charset=utf-8
content-length: 14838
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "3668fd7c505665ff1631ba9240c2da90"
expires: Wed, 26 Nov 2053 08:33:52 GMT
last-modified: Sat, 25 Nov 2023 11:30:18 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
code.moviead55.ru/go/cinit?cn=otclkbid&rnd=1701050508
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=otclkbid&rnd=1701050508
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=otclkbid&rnd=1701050508 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 27 Nov 2023 02:01:48 GMT
content-length: 0
location: https://otclick-adv.ru/core/match.gif?s=30&reference=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dotclkbid%26bid%3D%23%7BUID%7D
set-cookie: sky_uuid=4a1fa77d-b73b-2cf8-a5cb-9d982c07fc37; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/916425/c31e0c04632804a7f1a5.js
200 OK 117 kB URL GET HTTP/2 yastatic.net/partner-code-bundles/916425/c31e0c04632804a7f1a5.js
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.yastatic-net.ru
FingerprintD9:64:E0:F2:39:AC:36:DB:9A:A3:3D:E4:27:E4:0B:F5:5B:5B:E3:A0
ValidityMon, 10 Jul 2023 13:25:28 GMT - Sun, 07 Jan 2024 20:59:59 GMT
File type ASCII text, with very long lines (65497)
Size 117 kB (117302 bytes)
Hash a5a89f131f23870db9279f4ad56d302e
2ff8a1707338bd37ae58bc6f713b13e298184f1d
7437c02e9df1ef73382fa4358c15982d77a7216fb81db693e55e40b8c8fdaf59
GET /partner-code-bundles/916425/c31e0c04632804a7f1a5.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: text/javascript; charset=utf-8
content-length: 117302
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "1354166639660b8519a502598ceffb4f"
expires: Wed, 26 Nov 2053 08:33:52 GMT
last-modified: Sat, 25 Nov 2023 11:30:19 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/916425/880e434fae29fa7bdec0.js
200 OK 8.7 kB URL GET HTTP/2 yastatic.net/partner-code-bundles/916425/880e434fae29fa7bdec0.js
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.yastatic-net.ru
FingerprintD9:64:E0:F2:39:AC:36:DB:9A:A3:3D:E4:27:E4:0B:F5:5B:5B:E3:A0
ValidityMon, 10 Jul 2023 13:25:28 GMT - Sun, 07 Jan 2024 20:59:59 GMT
File type ASCII text, with very long lines (31080)
Hash c37f395e93a9ca75ccdbfecd0919f434
5a0bc3667e12124b9930908472f6bee694b8b6fc
1188443d24f6a6d7ba5e5a954bf044ed946c493dc4e4178e624769e8547ebbe4
GET /partner-code-bundles/916425/880e434fae29fa7bdec0.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.17.9
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: text/javascript; charset=utf-8
content-length: 8701
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "f74f94c7749b94862a7eff4ea4b21ff8"
expires: Wed, 26 Nov 2053 08:34:05 GMT
last-modified: Sat, 25 Nov 2023 11:30:18 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/916425/20d7f4beb302b86f3532.js
200 OK 7.9 kB URL GET HTTP/2 yastatic.net/partner-code-bundles/916425/20d7f4beb302b86f3532.js
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.yastatic-net.ru
FingerprintD9:64:E0:F2:39:AC:36:DB:9A:A3:3D:E4:27:E4:0B:F5:5B:5B:E3:A0
ValidityMon, 10 Jul 2023 13:25:28 GMT - Sun, 07 Jan 2024 20:59:59 GMT
File type ASCII text, with very long lines (24505)
Hash a2afbaca0111402bc89a9dc7d6f2a290
b53920b16d10c754627f341d36f3e344fb6a103e
87c55f46a7dcc6c7c2b794142a65a1b7871bc50aa39770bb54887f93620543df
GET /partner-code-bundles/916425/20d7f4beb302b86f3532.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.17.9
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: text/javascript; charset=utf-8
content-length: 7949
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "b7d777bf9da13413ddae1a164a651a2d"
expires: Wed, 26 Nov 2053 08:33:52 GMT
last-modified: Sat, 25 Nov 2023 11:30:18 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/916425/ed98de085e4a5e38713e.js
200 OK 4.8 kB URL GET HTTP/2 yastatic.net/partner-code-bundles/916425/ed98de085e4a5e38713e.js
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.yastatic-net.ru
FingerprintD9:64:E0:F2:39:AC:36:DB:9A:A3:3D:E4:27:E4:0B:F5:5B:5B:E3:A0
ValidityMon, 10 Jul 2023 13:25:28 GMT - Sun, 07 Jan 2024 20:59:59 GMT
File type ASCII text, with very long lines (14270)
Hash 21e1faa9a8b736eb28335f650c05fc3b
3834bd44062af1a1a5900a7bbb6ccb0b6d659860
11e783f59620c61937ff22d35ba27ce4a3fab3dd1b269898e930bbea01ff98de
GET /partner-code-bundles/916425/ed98de085e4a5e38713e.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.17.9
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: text/javascript; charset=utf-8
content-length: 4772
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "8288b303847eb4a2e03c4a98519e1c5b"
expires: Wed, 26 Nov 2053 08:33:52 GMT
last-modified: Sat, 25 Nov 2023 11:30:19 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
200 OK 26 kB URL GET HTTP/2 yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.yastatic-net.ru
FingerprintD9:64:E0:F2:39:AC:36:DB:9A:A3:3D:E4:27:E4:0B:F5:5B:5B:E3:A0
ValidityMon, 10 Jul 2023 13:25:28 GMT - Sun, 07 Jan 2024 20:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 26004, version 1.0\012- data
Hash 7f0cdaf91230f9789ca4162aedff612e
965de571aa794dab64076c3cc64dc8894b843f23
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
GET /s3/home/fonts/ys/3/text-variable-full.woff2 HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hd.lordserial2.me/
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.17.9
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: font/woff2
content-length: 26004
access-control-allow-origin: *
cache-control: public, max-age=31556952
etag: "7f0cdaf91230f9789ca4162aedff612e"
expires: Tue, 26 Nov 2024 07:47:17 GMT
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
x-nginx-request-id: 0ab175a42e2bb31a
accept-ranges: bytes
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=167
302 Found 154 B IP
ASN #24940 Hetzner Online GmbH
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintD1:98:D5:B7:91:FF:E3:AC:0C:2E:5F:9E:20:DE:E5:45:A8:C2:0E:B1
ValidityTue, 31 Oct 2023 03:36:00 GMT - Mon, 29 Jan 2024 03:35:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=167 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Mon, 27 Nov 2023 02:01:49 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=167&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Mon, 27-Nov-23 02:11:49 GMT
aid=fwAAAWVj+I1O8w5JHx05Atx0oclONd1yRR40oWn5aIemzdPj; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/venom-player@0.2.86/dist/189.js
200 OK 143 kB URL GET HTTP/3 cdn.jsdelivr.net/npm/venom-player@0.2.86/dist/189.js
IP
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 143 kB (142555 bytes)
Hash ea5b3848f4922f116f42e286c2a09ea2
8e3950a1b871be2027f3f9f5b4fe0fa30fe97f47
5b812741df3698efa4c953adc84499a05a572f7a6f2ab7731c8c7774aa51e57c
GET /npm/venom-player@0.2.86/dist/189.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://api.bedemp2.ws
DNT: 1
Connection: keep-alive
Referer: https://api.bedemp2.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 142555
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.2.86
x-jsd-version-type: version
etag: W/"7f90d-jjlQobhxviAn8/n1tP4Pow/pf0c"
content-encoding: br
accept-ranges: bytes
date: Mon, 27 Nov 2023 02:01:49 GMT
age: 2330726
x-served-by: cache-fra-etou8220077-FRA, cache-bma1665-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn.jsdelivr.net/npm/venom-player@0.2.86/dist/dash.js
200 OK 84 B URL GET HTTP/3 cdn.jsdelivr.net/npm/venom-player@0.2.86/dist/dash.js
IP
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type ASCII text, with no line terminators
Hash 84eee3ca3b339eebee1fa872f1ece64a
ac28843b7fcdc5023f65c747e51f009562b1c478
94a1443f69cfc9942e6a9d2ed2fc644702e271683b2e703f9adf65113a430ed5
GET /npm/venom-player@0.2.86/dist/dash.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://api.bedemp2.ws
DNT: 1
Connection: keep-alive
Referer: https://api.bedemp2.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 84
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.2.86
x-jsd-version-type: version
etag: W/"71-rCiEO3/NxQI/ZcdH5R8AlWKxxHg"
content-encoding: br
accept-ranges: bytes
date: Mon, 27 Nov 2023 02:01:49 GMT
age: 4582422
x-served-by: cache-fra-etou8220030-FRA, cache-bma1665-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
api.stiven-king.com/storage.html
200 OK 426 B URL GET HTTP/1.1 api.stiven-king.com/storage.html
IP
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerLet's Encrypt
Subject*.stiven-king.com
FingerprintA5:D2:DD:E9:E4:81:45:1B:AD:29:61:50:C3:6A:18:61:28:DE:6F:8A
ValidityFri, 29 Sep 2023 04:00:49 GMT - Thu, 28 Dec 2023 04:00:48 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6f0af5eceb02df06d9771a821c7f1c03
e3fadc9c79be329c255348417a56bc438ad27810
0a92085060d2e4bffd6140b5f99fcec79ec0f82eaf5a41d16873d9c19ce00b7b
GET /storage.html HTTP/1.1
Host: api.stiven-king.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.bedemp2.ws/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:49 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 12 Sep 2023 14:48:52 GMT
ETag: W/"65007a54-369"
Content-Encoding: gzip
www.acint.net/rmatch?dp=167&euid=11a631af-808b-fac3-03a3-2abc326115a2&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D%24%7BUSER_ID%7D
302 Found 154 B URL GET HTTP/2 www.acint.net/rmatch?dp=167&euid=11a631af-808b-fac3-03a3-2abc326115a2&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D%24%7BUSER_ID%7D
IP
ASN #24940 Hetzner Online GmbH
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintD1:98:D5:B7:91:FF:E3:AC:0C:2E:5F:9E:20:DE:E5:45:A8:C2:0E:B1
ValidityTue, 31 Oct 2023 03:36:00 GMT - Mon, 29 Jan 2024 03:35:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=167&euid=11a631af-808b-fac3-03a3-2abc326115a2&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 27 Nov 2023 02:01:49 GMT
content-type: text/html
content-length: 154
location: /rmatch?r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D&dp=167&tc=1&euid=11a631af-808b-fac3-03a3-2abc326115a2
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Mon, 27-Nov-23 02:11:49 GMT
aid=fwAAAWVj+I1O8w5JHx1JAgKl8zlwgCWXNxsmefX90I41kwyY; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
a.videohead.tech/sync?ssp=44
204 No Content 0 B URL GET HTTP/2 a.videohead.tech/sync?ssp=44
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectvideohead.tech
FingerprintAC:24:7F:38:6B:35:E3:94:CB:F9:41:85:4E:11:82:9B:AB:92:22:D2
ValiditySun, 26 Nov 2023 10:34:15 GMT - Sat, 24 Feb 2024 10:34:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=44 HTTP/1.1
Host: a.videohead.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Mon, 27 Nov 2023 02:01:49 GMT
content-type: text/plain
set-cookie: prevhead=1; Expires=Wed, 27 Dec 2023 02:01:49 GMT; Domain=videohead.tech; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hQZ9Qy1RZaON%2ByE4Q79tmpnv6EQfG9ESkzSdvRjBT%2FumDwwzPX0Jo%2FeFW9YjjVX%2Fqffb0B7kifTOvMZw7PgGbP52g0lUa5z8E5ihWxuEnXwycCjGtNKqvlNBSrLqgmfc6xC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c913fedb5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
s.myangular.life/player?cat=frame&hit=embed&sub=embed&type=diff&label=other&host=lordserial2.me
200 OK 0 B URL GET HTTP/1.1 s.myangular.life/player?cat=frame&hit=embed&sub=embed&type=diff&label=other&host=lordserial2.me
IP
ASN #24940 Hetzner Online GmbH
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerSectigo Limited
Subjects.myangular.life
Fingerprint3A:21:0F:72:24:43:49:14:06:28:C6:D0:A6:10:6B:D7:B2:EA:5A:66
ValidityTue, 04 Apr 2023 00:00:00 GMT - Sat, 04 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player?cat=frame&hit=embed&sub=embed&type=diff&label=other&host=lordserial2.me HTTP/1.1
Host: s.myangular.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.bedemp2.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:49 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
t8.zcvh.net/v1/ws
0 B IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/ws HTTP/1.1
Host: t8.zcvh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://api.bedemp2.ws
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XYYzoEcEHql99sf5z0ut5w==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Mon, 27 Nov 2023 02:01:49 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: W35M5ReZ3L5/DIkVN8parysAMzA=
ssp-rtb.sape.ru/adfoxhb
200 OK 11 B IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.sape.ru
FingerprintF9:61:5C:64:81:FD:57:C2:4A:BD:6B:12:D4:7E:02:5E:83:8E:3E:40
ValiditySun, 08 Oct 2023 01:41:50 GMT - Sat, 06 Jan 2024 01:41:49 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 9cc989d2e211083e0a170316914f1d06
392cd18d051f72b887529ac2998da54749f1338f
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
POST /adfoxhb HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 358
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 27 Nov 2023 02:01:49 GMT
Content-Type: application/json
Content-Length: 11
Connection: keep-alive
Access-Control-Allow-Origin: https://hd.lordserial2.me
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST
X-YaSpanId: c088543b44165fac
X-YaRequestId: 0294ea775d1247dab14f30e79e9904f6
X-YaTraceId: 5f2a9d671f93438d97f0227d26e7d1af
Set-Cookie: sspuid=CkIDTmVj+I2bEwA0wRzqAqn6XMdE6IKHJUkuUU/xM6Oyp0DR; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
otclick-adv.ru/core/match.gif?s=30&reference=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dotclkbid%26bid%3D%23%7BUID%7D
302 Found 124 B URL GET HTTP/2 otclick-adv.ru/core/match.gif?s=30&reference=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dotclkbid%26bid%3D%23%7BUID%7D
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subjectotclick.ru
Fingerprint3A:7D:83:98:7E:DD:BF:D7:8A:A8:6E:FB:B0:9E:9F:DF:A9:37:C8:54
ValidityMon, 02 Oct 2023 16:11:22 GMT - Sun, 31 Dec 2023 16:11:21 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c73e35f73ed5c795c70cf66e99088b7c
63a9ffe5d0e5b4070819b95ef564a58d8a3a3a1c
80034a9712f07e6b0577c7e5bf6d5d718736593e7d21c81dd1a3cbdb4eb860de
GET /core/match.gif?s=30&reference=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dotclkbid%26bid%3D%23%7BUID%7D HTTP/1.1
Host: otclick-adv.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.24.0
date: Mon, 27 Nov 2023 02:01:49 GMT
content-length: 124
location: https://code.moviead55.ru/go/csync?cn=otclkbid&bid=VUG31mKFfTelneA
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUG31mKFfTelneA; expires=Thu, 24-Nov-2033 02:01:49 GMT; domain=otclick-adv.ru; path=/core; SameSite=None; Secure
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.acint.net/rmatch?r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D&dp=167&tc=1&euid=11a631af-808b-fac3-03a3-2abc326115a2
302 Found 154 B URL GET HTTP/2 www.acint.net/rmatch?r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D&dp=167&tc=1&euid=11a631af-808b-fac3-03a3-2abc326115a2
IP
ASN #24940 Hetzner Online GmbH
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintD1:98:D5:B7:91:FF:E3:AC:0C:2E:5F:9E:20:DE:E5:45:A8:C2:0E:B1
ValidityTue, 31 Oct 2023 03:36:00 GMT - Mon, 29 Jan 2024 03:35:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D&dp=167&tc=1&euid=11a631af-808b-fac3-03a3-2abc326115a2 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: test_cookie=CheckForPermission; aid=fwAAAWVj+I1O8w5JHx1JAgKl8zlwgCWXNxsmefX90I41kwyY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 27 Nov 2023 02:01:49 GMT
content-type: text/html
content-length: 154
location: https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fcode.moviead55.ru%252Fgo%252Fcsync%253Fcn%253Dsapecookie%2526bid%253D$%257BUSER_ID%257D&dp=14
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
set-cookie: cSyncDp14v4=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrdcookie2%26bid%3D%24%7BVID%7D
302 Found 0 B URL GET HTTP/2 dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrdcookie2%26bid%3D%24%7BVID%7D
IP
ASN #58272 LeaderTelecom B.V.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerSectigo Limited
Subject*.hybrid.ai
Fingerprint40:F9:88:C5:EF:2B:26:9C:61:DC:CC:ED:B1:67:03:F4:E2:CC:B7:C8
ValidityThu, 14 Sep 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrdcookie2%26bid%3D%24%7BVID%7D HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 27 Nov 2023 02:01:49 GMT
content-length: 0
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
location: https://code.moviead55.ru/go/csync?cn=hbrdcookie2&bid=a2ce112f40850d383642
set-cookie: vid=a2ce112f40850d383642; Expires=Tue, 26 Nov 2024 02:01:48 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 524
x-xss-protection: 1; mode=block
access-control-allow-origin: https://hd.lordserial2.me
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2
match.ohmy.bid/cm?ssp=skyadv&redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dohmybid%26bid%3D%24%7BUUID%7D
302 Found 0 B URL GET HTTP/2 match.ohmy.bid/cm?ssp=skyadv&redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dohmybid%26bid%3D%24%7BUUID%7D
IP
ASN #24940 Hetzner Online GmbH
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subjectmatch.ohmy.bid
Fingerprint9E:80:FE:F1:53:4B:43:82:19:E2:9C:5A:93:AF:43:96:5D:6C:7B:69
ValidityFri, 24 Nov 2023 20:06:51 GMT - Thu, 22 Feb 2024 20:06:50 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?ssp=skyadv&redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dohmybid%26bid%3D%24%7BUUID%7D HTTP/1.1
Host: match.ohmy.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Mon, 27 Nov 2023 02:01:49 GMT
content-length: 0
bidder: bid-23
location: https://code.moviead55.ru/go/csync?cn=ohmybid&bid=f1626fd8-daf4-45d1-8eb1-3c415ced7786
set-cookie: uid=f1626fd8-daf4-45d1-8eb1-3c415ced7786.6563f88d.cfa5d97cafe7ea45; domain=.ohmy.bid; path=/; expires=Wed, 27-Dec-2023 02:01:49 GMT; SameSite=None; Secure;
access-control-allow-credentials: true
X-Firefox-Spdy: h2
yhb.p.otm-r.com/yhb
200 OK 11 B IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.p.otm-r.com
FingerprintD6:A5:0F:D1:7C:BD:32:44:FA:DC:D7:1C:CE:C3:43:FB:5A:7B:F1:08
ValidityWed, 22 Feb 2023 14:51:57 GMT - Mon, 25 Mar 2024 14:51:56 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 9cc989d2e211083e0a170316914f1d06
392cd18d051f72b887529ac2998da54749f1338f
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
POST /yhb HTTP/1.1
Host: yhb.p.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 356
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.23.2
date: Mon, 27 Nov 2023 02:01:49 GMT
content-type: text/plain; charset=utf-8
content-length: 11
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordserial2.me
set-cookie: mpid=NjU2M2Y4OGQwOWUwYWJiMQ==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
vary: Origin
X-Firefox-Spdy: h2
ssp.bidvol.com/rtb/pl999
200 OK 11 B IP
ASN #24940 Hetzner Online GmbH
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subjectssp.bidvol.com
Fingerprint40:DB:53:6B:41:DC:4B:32:C0:EE:F6:09:5C:13:AF:5C:EF:90:56:90
ValidityThu, 09 Nov 2023 10:21:37 GMT - Wed, 07 Feb 2024 10:21:36 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 9cc989d2e211083e0a170316914f1d06
392cd18d051f72b887529ac2998da54749f1338f
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
POST /rtb/pl999 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 356
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.22.0
date: Mon, 27 Nov 2023 02:01:49 GMT
content-type: application/json; charset=utf-8
content-length: 11
x-request-id: 8bd64994-21a3-46c1-9991-c32aef40a4ed
access-control-allow-origin: https://hd.lordserial2.me
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
set-cookie: bvuid=t14um1wp3s; Max-Age=2147483647; Domain=.bidvol.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=t14um1wp3s; Max-Age=2147483647; Domain=.bidvol.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
kimberlite.io/rtb/bid/hb/adfox
200 OK 7.5 kB URL POST HTTP/1.1 kimberlite.io/rtb/bid/hb/adfox
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.kimberlite.io
Fingerprint94:44:D9:27:EE:9B:5F:DE:36:07:ED:BA:1A:1D:62:2A:31:B6:43:72
ValidityFri, 10 Mar 2023 07:40:01 GMT - Wed, 10 Apr 2024 07:40:00 GMT
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (15750), with no line terminators
Hash 37bc397f9fe490ddc1c96b5627ab8848
2aa0b55f2387e7b70437c8441395292dce888149
2a702b24ff9ef297f92bf646a998b8623bc63988bd92d0e0f7977703c5b723c6
POST /rtb/bid/hb/adfox HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 362
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:49 GMT
Content-Type: application/json
Content-Length: 7512
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordserial2.me
set-cookie: u=ZWP4jRuyoq4~Y5P2yQgXk4OdZsMTXZahsXBGHSE; path=/; max-age=7776000; samesite=none; httponly; secure
content-encoding: gzip
server-timing: app;srv=0;dur=0.1309
sync.dmp.otm-r.com/match/skyadvert
204 No Content 0 B URL GET HTTP/2 sync.dmp.otm-r.com/match/skyadvert
IP
ASN #24940 Hetzner Online GmbH
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.dmp.otm-r.com
FingerprintC6:A2:9D:82:0D:D1:C1:2D:A4:ED:7F:05:13:52:5B:94:6B:10:58:D6
ValidityMon, 19 Jun 2023 10:50:51 GMT - Sat, 20 Jul 2024 10:50:50 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/skyadvert HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.17.4
date: Mon, 27 Nov 2023 02:01:49 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
kimberlite.io/rtb/sync/skyadvert?u=54b719ed-130a-e0f2-33a0-43d9b10244cc
307 Temporary Redirect 0 B URL GET HTTP/1.1 kimberlite.io/rtb/sync/skyadvert?u=54b719ed-130a-e0f2-33a0-43d9b10244cc
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.kimberlite.io
Fingerprint94:44:D9:27:EE:9B:5F:DE:36:07:ED:BA:1A:1D:62:2A:31:B6:43:72
ValidityFri, 10 Mar 2023 07:40:01 GMT - Wed, 10 Apr 2024 07:40:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/sync/skyadvert?u=54b719ed-130a-e0f2-33a0-43d9b10244cc HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Mon, 27 Nov 2023 02:01:49 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
location: https://code.moviead55.ru/go/csync?cn=solta&bid=ZWP4jRwhI48
set-cookie: u=ZWP4jRwhI48~1GUOJMWfRsk1a1xyyWBHjzxao4I; path=/; max-age=7776000; samesite=none; httponly; secure
n=; max-age=0; samesite=none; httponly; secure
referrer-policy: no-referrer
server-timing: app;srv=8;dur=0.0001
sync.gonet-ads.com/match/SkyAdvert?id=31c5015b-57b7-d9bf-1d40-21c8f86df1dc
200 OK 43 B URL GET HTTP/2 sync.gonet-ads.com/match/SkyAdvert?id=31c5015b-57b7-d9bf-1d40-21c8f86df1dc
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerSectigo Limited
Subject*.gonet-ads.com
Fingerprint2B:BE:BF:75:0A:67:AA:2D:FA:0A:7F:92:F4:37:AE:9B:DD:47:68:2D
ValidityWed, 07 Jun 2023 00:00:00 GMT - Tue, 11 Jun 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/SkyAdvert?id=31c5015b-57b7-d9bf-1d40-21c8f86df1dc HTTP/1.1
Host: sync.gonet-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:49 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
pbs.alfasense.com/yandex/auction
200 OK 11 B URL POST HTTP/1.1 pbs.alfasense.com/yandex/auction
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.com
Fingerprint92:58:B8:97:87:98:3A:5B:01:DA:24:13:D3:B2:D4:AF:F5:07:AE:9E
ValiditySat, 10 Dec 2022 23:58:10 GMT - Thu, 11 Jan 2024 23:58:09 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 9cc989d2e211083e0a170316914f1d06
392cd18d051f72b887529ac2998da54749f1338f
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
POST /yandex/auction HTTP/1.1
Host: pbs.alfasense.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 354
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Nov 2023 02:01:49 GMT
Content-Type: application/json
Content-Length: 11
Connection: keep-alive
access-control-max-age: 0
x-dsp-4__status: 204
pragma: no-cache
uuid: a14a68aa-c576-48d4-a0b2-391a8dddb6d5
x-dsp-8__status: 204
cache-control: no-cache, no-store, must-revalidate
x-geo-cityid: 4000000055
expires: 0
x-dsp-22__status: 204
x-dsp-24__status: 204
x-dsp-28__status: 204
Access-Control-Allow-Origin: https://hd.lordserial2.me
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.115.84
Accept-Ranges: bytes
code.moviead55.ru/go/jmap?v=647a534f9f5fb9ced25ee7db57ef9c72&sid=ap&cp.referer=https%253A%252F%252Fhd.lordserial2.me%252F146-kasl-sv-13.html&it=1&tq=2&cp.cb=03a2386f-aa86-2534-ba0f-31e34f375e66&session=f5b01794-8165-45bc-8d01-7849ce9a33ee&position=pre&vt=100&ostream=true&isp=0&suri=https%253A%252F%252Fhd.lordserial2.me%252F146-kasl-sv-13.html&rnd=1701050513205&raw=yes
200 OK 2 B URL GET HTTP/2 code.moviead55.ru/go/jmap?v=647a534f9f5fb9ced25ee7db57ef9c72&sid=ap&cp.referer=https%253A%252F%252Fhd.lordserial2.me%252F146-kasl-sv-13.html&it=1&tq=2&cp.cb=03a2386f-aa86-2534-ba0f-31e34f375e66&session=f5b01794-8165-45bc-8d01-7849ce9a33ee&position=pre&vt=100&ostream=true&isp=0&suri=https%253A%252F%252Fhd.lordserial2.me%252F146-kasl-sv-13.html&rnd=1701050513205&raw=yes
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /go/jmap?v=647a534f9f5fb9ced25ee7db57ef9c72&sid=ap&cp.referer=https%253A%252F%252Fhd.lordserial2.me%252F146-kasl-sv-13.html&it=1&tq=2&cp.cb=03a2386f-aa86-2534-ba0f-31e34f375e66&session=f5b01794-8165-45bc-8d01-7849ce9a33ee&position=pre&vt=100&ostream=true&isp=0&suri=https%253A%252F%252Fhd.lordserial2.me%252F146-kasl-sv-13.html&rnd=1701050513205&raw=yes HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: sky_uuid=4a1fa77d-b73b-2cf8-a5cb-9d982c07fc37
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:49 GMT
content-type: application/json;charset=UTF-8
content-length: 2
x-movieads-cors-qex: Referer
x-movieads-path: /
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordserial2.me
x-go-country: NO
x-movieads-udata: cache,parsed,53527
x-movieads-plc: 0
x-movieads-ark: true
x-movieads-qmc: NO
x-movieads-alc: 2
x-movieads-ctvs: 2
server-timing: uData;dur=0.0000, initBuilder;dur=0.0000, queueSort;dur=0.0000, jmapParams;dur=0.0000, qManager;dur=0.0000, getAnyQueue;dur=0.0000, queuesMerge;dur=0.0000, getJson;dur=0.0000, keyValidation;dur=0.0000, attachTracking;dur=0.0000, corsParams;dur=0.0000, wmData;dur=0.0000, optProc;dur=0.0000, buildTagsQueue;dur=0.0000, getLinks;dur=0.0000, range_links;dur=0.0000
x-movieads-country: NO
X-Firefox-Spdy: h2
code.moviead55.ru/go/csync?cn=otclkbid&bid=VUG31mKFfTelneA
200 OK 0 B URL GET HTTP/2 code.moviead55.ru/go/csync?cn=otclkbid&bid=VUG31mKFfTelneA
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/csync?cn=otclkbid&bid=VUG31mKFfTelneA HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: sky_uuid=4a1fa77d-b73b-2cf8-a5cb-9d982c07fc37
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:49 GMT
content-type: image/jpeg
content-length: 0
set-cookie: otclkbid=VUG31mKFfTelneA; max-age=86400; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fcode.moviead55.ru%252Fgo%252Fcsync%253Fcn%253Dsapecookie%2526bid%253D$%257BUSER_ID%257D&dp=14
302 Moved Temporarily 142 B URL GET HTTP/1.1 ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fcode.moviead55.ru%252Fgo%252Fcsync%253Fcn%253Dsapecookie%2526bid%253D$%257BUSER_ID%257D&dp=14
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.sape.ru
FingerprintF9:61:5C:64:81:FD:57:C2:4A:BD:6B:12:D4:7E:02:5E:83:8E:3E:40
ValiditySun, 08 Oct 2023 01:41:50 GMT - Sat, 06 Jan 2024 01:41:49 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fcode.moviead55.ru%252Fgo%252Fcsync%253Fcn%253Dsapecookie%2526bid%253D$%257BUSER_ID%257D&dp=14 HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: sspuid=CkIDTmVj+I2bEwA0wRzqAqn6XMdE6IKHJUkuUU/xM6Oyp0DR
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Mon, 27 Nov 2023 02:01:49 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/rmatch?dp=14&euid=4E03420A8DF863653400139B02EA1CC1&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
code.moviead55.ru/go/csync?cn=hbrdcookie2&bid=a2ce112f40850d383642
200 OK 0 B URL GET HTTP/2 code.moviead55.ru/go/csync?cn=hbrdcookie2&bid=a2ce112f40850d383642
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/csync?cn=hbrdcookie2&bid=a2ce112f40850d383642 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: sky_uuid=4a1fa77d-b73b-2cf8-a5cb-9d982c07fc37
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:49 GMT
content-type: image/jpeg
content-length: 0
set-cookie: hbrdcookie2=a2ce112f40850d383642; max-age=86400; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
code.moviead55.ru/go/csync?cn=ohmybid&bid=f1626fd8-daf4-45d1-8eb1-3c415ced7786
200 OK 0 B URL GET HTTP/2 code.moviead55.ru/go/csync?cn=ohmybid&bid=f1626fd8-daf4-45d1-8eb1-3c415ced7786
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/csync?cn=ohmybid&bid=f1626fd8-daf4-45d1-8eb1-3c415ced7786 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: sky_uuid=4a1fa77d-b73b-2cf8-a5cb-9d982c07fc37
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:49 GMT
content-type: image/jpeg
content-length: 0
set-cookie: ohmybid=f1626fd8-daf4-45d1-8eb1-3c415ced7786; max-age=86400; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
hye1eaipby4w.takedwn.ws/x-en-x/khqakBE0Ya8cky8aRn8akn8cka81nESBnEObyn83khQ5kBEuMWlw
200 OK 42 kB URL GET HTTP/1.1 hye1eaipby4w.takedwn.ws/x-en-x/khqakBE0Ya8cky8aRn8akn8cka81nESBnEObyn83khQ5kBEuMWlw
IP
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerSectigo Limited
Subject*.takedwn.ws
Fingerprint10:FE:92:D9:53:67:C4:4D:D3:64:8C:31:29:59:C5:F4:1A:DC:AC:92
ValidityTue, 26 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT
File type XML 1.0 document text\012- XML document, ASCII text
Hash 732a5d229c41c7f845249999a5febf15
7a2f52acd5f3f992a53175ab43f00413097ae91e
e4837dc07489673102522063d12bf5c7d75231f92c0e8d191dddcb4706d3c7e3
GET /x-en-x/khqakBE0Ya8cky8aRn8akn8cka81nESBnEObyn83khQ5kBEuMWlw HTTP/1.1
Host: hye1eaipby4w.takedwn.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.bedemp2.ws/
Origin: https://api.bedemp2.ws
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:49 GMT
Content-Type: application/dash+xml
Content-Length: 42148
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Vary: *
Expires: 1970-01-01 00:00:00
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Accept-Ranges: bytes
exchange.buzzoola.com/ssp/adfox
307 Temporary Redirect 0 B URL POST HTTP/2 exchange.buzzoola.com/ssp/adfox
IP
ASN #24940 Hetzner Online GmbH
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ssp/adfox HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 360
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
server: nginx
date: Mon, 27 Nov 2023 02:01:49 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
access-control-allow-origin: https://hd.lordserial2.me
access-control-expose-headers: Set-Cookie, Etag
location: /ssp/adfox?set_buzzoola_cookie=t
set-cookie: uuid=84857c0c-460c-462c-6f35-7f64a7be6a1e; Path=/; Domain=exchange.buzzoola.com; Expires=Wed, 27 Dec 2023 02:01:49 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2
hd.lordserial2.me/templates/lordfun/js/libs.js?v=1.3
200 OK 5.0 kB URL GET HTTP/3 hd.lordserial2.me/templates/lordfun/js/libs.js?v=1.3
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
File type Unicode text, UTF-8 text, with very long lines (6179)
Hash e07b058db46a9fa727772a8b4ff4d323
4029197679d1b7f874ea2c41554d6d66c7d7d824
8ce153b05bd479a236abc466a1a5d23e0b43a4a644a908c9022141f4929bd522
GET /templates/lordfun/js/libs.js?v=1.3 HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/146-kasl-sv-13.html
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 27 Nov 2023 02:01:47 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=14169
etag: W/"64a4a6e1-3759"
last-modified: Tue, 04 Jul 2023 23:10:25 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5631
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BV6Q9XdGevjTp5vsZBSTZmjanVhWVvYqaO7A%2FbX9mw4DlTbTRF9hf2iKYzNxP50F7JIrRc5dUZ7aSxs%2Fq3b6U98vbtb47xDbn5BBy0Gr6qvt%2FyyAXS5Qc3rEp8ugUP5dMvnXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c9095d8356c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
code.moviead55.ru/go/csync?cn=solta&bid=ZWP4jRwhI48
200 OK 0 B URL GET HTTP/2 code.moviead55.ru/go/csync?cn=solta&bid=ZWP4jRwhI48
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/csync?cn=solta&bid=ZWP4jRwhI48 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: sky_uuid=4a1fa77d-b73b-2cf8-a5cb-9d982c07fc37; otclkbid=VUG31mKFfTelneA; hbrdcookie2=a2ce112f40850d383642; ohmybid=f1626fd8-daf4-45d1-8eb1-3c415ced7786
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: image/jpeg
content-length: 0
set-cookie: solta=ZWP4jRwhI48; max-age=86400; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/redirect/skyadvert?redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbzcookie%26bid%3D%24%7BUUID%7D
301 Moved Permanently 126 B URL GET HTTP/2 exchange.buzzoola.com/cookiesync/redirect/skyadvert?redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbzcookie%26bid%3D%24%7BUUID%7D
IP
ASN #24940 Hetzner Online GmbH
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
File type HTML document, ASCII text
Hash 00440677b264c1856272c058b4c0b252
cbfb7821f812a705cdff7b8e2b685d8ebe675cdb
bbeec8f507423dba9fadd0b687571ad3fee509a420bde3ffdd01814d2a3e4926
GET /cookiesync/redirect/skyadvert?redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbzcookie%26bid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: text/html; charset=utf-8
content-length: 126
location: https://code.moviead55.ru/go/csync?cn=bzcookie&bid=0595ada9-a835-4e1d-6786-6c3b23cbc810
serverid: TODO
X-Firefox-Spdy: h2
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
302 Moved Temporarily 142 B URL GET HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.sape.ru
FingerprintF9:61:5C:64:81:FD:57:C2:4A:BD:6B:12:D4:7E:02:5E:83:8E:3E:40
ValiditySun, 08 Oct 2023 01:41:50 GMT - Sat, 06 Jan 2024 01:41:49 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: sspuid=CkIDTmVj+I2bEwA0wRzqAqn6XMdE6IKHJUkuUU/xM6Oyp0DR
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Mon, 27 Nov 2023 02:01:50 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=4E03420A8DF863653400139B02EA1CC1
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
dm-eu.hybrid.ai/match?id=106&vid=0100007F8DF86365490EF34E02491D1F
302 Found 0 B URL GET HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=0100007F8DF86365490EF34E02491D1F
IP
ASN #58272 LeaderTelecom B.V.
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerSectigo Limited
Subject*.hybrid.ai
Fingerprint40:F9:88:C5:EF:2B:26:9C:61:DC:CC:ED:B1:67:03:F4:E2:CC:B7:C8
ValidityThu, 14 Sep 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=0100007F8DF86365490EF34E02491D1F HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: vid=a2ce112f40850d383642
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Mon, 27 Nov 2023 02:01:50 GMT
content-length: 0
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
location: https://x01.aidata.io/0.gif?pid=TARGETIX
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 535
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.acint.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2
sync.gonet-ads.com/match/sape.js?id=0100007F8DF86365490EF34E02491D1F
200 OK 43 B URL GET HTTP/2 sync.gonet-ads.com/match/sape.js?id=0100007F8DF86365490EF34E02491D1F
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerSectigo Limited
Subject*.gonet-ads.com
Fingerprint2B:BE:BF:75:0A:67:AA:2D:FA:0A:7F:92:F4:37:AE:9B:DD:47:68:2D
ValidityWed, 07 Jun 2023 00:00:00 GMT - Tue, 11 Jun 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/sape.js?id=0100007F8DF86365490EF34E02491D1F HTTP/1.1
Host: sync.gonet-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
code.moviead55.ru/go/bn?key=647a534f9f5fb9ced25ee7db57ef9c72&cp.adsource=AdG_cr_bn&vt=[vt]&w=300&h=250&cp.referer=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html&fid=dccf19bcc42f1680&cp.tanc=
215 B URL code.moviead55.ru/go/bn?key=647a534f9f5fb9ced25ee7db57ef9c72&cp.adsource=AdG_cr_bn&vt=[vt]&w=300&h=250&cp.referer=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html&fid=dccf19bcc42f1680&cp.tanc=
IP
ASN #6681 Rozetka Sp. z o.o.
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
File type gzip compressed data, from Unix\012- data
Hash 383e5076059eb25274f5d7c0a58172fd
9c249e8048231c80882eee12760c24e08e8f29a7
d7657368e95680b4fdcf1b4af376193c3bcb8171bbc54183db9d94cd1562b505
GET /go/bn?key=647a534f9f5fb9ced25ee7db57ef9c72&cp.adsource=AdG_cr_bn&vt=[vt]&w=300&h=250&cp.referer=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html&fid=dccf19bcc42f1680&cp.tanc= HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: sky_uuid=4a1fa77d-b73b-2cf8-a5cb-9d982c07fc37
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:49 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
x-movieads-path: /
x-movieads-referrer: https://hd.lordserial2.me/
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordserial2.me
x-movieads-udata: cache,parsed,110223
x-cache-source: Yac
x-movieads-mrc: no
x-movieads-ref: {"Scheme":"https","Opaque":"","User":null,"Host":"hd.lordserial2.me","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
a.utraff.com/sync?ssp=8&id=0100007F8DF86365490EF34E02491D1F
204 No Content 0 B URL GET HTTP/2 a.utraff.com/sync?ssp=8&id=0100007F8DF86365490EF34E02491D1F
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGoogle Trust Services LLC
Subjectutraff.com
Fingerprint65:F0:CB:A7:9C:1E:18:8C:D9:DE:5B:4C:46:9E:79:3E:78:F1:B0:CD
ValidityThu, 12 Oct 2023 03:40:45 GMT - Wed, 10 Jan 2024 03:40:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=8&id=0100007F8DF86365490EF34E02491D1F HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Wed, 27 Dec 2023 05:01:50 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Wed, 27 Dec 2023 05:01:50 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twu8gJ0%2BIBHi05xilf%2FcRSqMr0l8pQdfBtnYsr8Ombm4dm6aKtDuhcVqcZ80vyDKVDbuC8iSs%2BdTG9M27jcJvsVuSpDKkG1UQyZLLLQ2UTyl4y4C2M29bhS%2F8eD87BM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c9189da4568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D
302 Found 0 B URL GET HTTP/2 match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectmatch.ohmy.bid
Fingerprint9E:80:FE:F1:53:4B:43:82:19:E2:9C:5A:93:AF:43:96:5D:6C:7B:69
ValidityFri, 24 Nov 2023 20:06:51 GMT - Thu, 22 Feb 2024 20:06:50 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D HTTP/1.1
Host: match.ohmy.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: uid=f1626fd8-daf4-45d1-8eb1-3c415ced7786.6563f88d.cfa5d97cafe7ea45
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Mon, 27 Nov 2023 02:01:50 GMT
content-length: 0
bidder: bid-21
location: https://www.acint.net/match?dp=217&euid=f1626fd8-daf4-45d1-8eb1-3c415ced7786
access-control-allow-credentials: true
X-Firefox-Spdy: h2
sync.dmp.otm-r.com/match/sape?id=0100007F8DF86365490EF34E02491D1F
204 No Content 0 B URL GET HTTP/2 sync.dmp.otm-r.com/match/sape?id=0100007F8DF86365490EF34E02491D1F
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.dmp.otm-r.com
FingerprintC6:A2:9D:82:0D:D1:C1:2D:A4:ED:7F:05:13:52:5B:94:6B:10:58:D6
ValidityMon, 19 Jun 2023 10:50:51 GMT - Sat, 20 Jul 2024 10:50:50 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0100007F8DF86365490EF34E02491D1F HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: mpid=NjU2M2Y4OGQwOWUwYWJiMQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx/1.17.4
date: Mon, 27 Nov 2023 02:01:50 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
200 OK 11 B URL POST HTTP/2 exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
IP
ASN #24940 Hetzner Online GmbH
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 9cc989d2e211083e0a170316914f1d06
392cd18d051f72b887529ac2998da54749f1338f
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
POST /ssp/adfox?set_buzzoola_cookie=t HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 360
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: uuid=84857c0c-460c-462c-6f35-7f64a7be6a1e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: text/plain; charset=utf-8
content-length: 11
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
access-control-allow-origin: https://hd.lordserial2.me
access-control-expose-headers: Set-Cookie, Etag
set-cookie: cookiesyncs=000000000000000000000000d93dab9edf0912baf9008f35866978f1; Path=/; Domain=exchange.buzzoola.com; Expires=Mon, 27 Nov 2023 14:01:50 GMT; Max-Age=43200; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2
kimberlite.io/rtb/sync/sape2?u=0100007F8DF86365490EF34E02491D1F
307 Temporary Redirect 0 B URL GET HTTP/1.1 kimberlite.io/rtb/sync/sape2?u=0100007F8DF86365490EF34E02491D1F
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.kimberlite.io
Fingerprint94:44:D9:27:EE:9B:5F:DE:36:07:ED:BA:1A:1D:62:2A:31:B6:43:72
ValidityFri, 10 Mar 2023 07:40:01 GMT - Wed, 10 Apr 2024 07:40:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/sync/sape2?u=0100007F8DF86365490EF34E02491D1F HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: u=ZWP4jRuyoq4~Y5P2yQgXk4OdZsMTXZahsXBGHSE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Mon, 27 Nov 2023 02:01:50 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: u=ZWP4jRuyoq4~Y5P2yQgXk4OdZsMTXZahsXBGHSE; path=/; max-age=7776000; samesite=none; httponly; secure
as=-WrUeGVj-I4; max-age=604800; samesite=none; httponly; secure
f=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D243%26euid%3DZWP4jRuyoq4; max-age=30; samesite=none; httponly; secure
n=1; max-age=30; samesite=none; httponly; secure
location: https://solta-sync.rutarget.ru/sync
referrer-policy: no-referrer
server-timing: app;srv=0;dur=0.0002
user91471.clients-cdnnow.ru/yasdk/vw.js?v3
1.9 kB URL user91471.clients-cdnnow.ru/yasdk/vw.js?v3
IP
File type gzip compressed data, from Unix\012- data
Hash 046475a7f7a2c4875b224654b3e63184
9a2f47e84c4d657811dcfdc9050ec624f854505d
7a33aa51f29cf6a975dbae1717fcb73ebf5927deac60880326fc25edb5ce03af
GET /yasdk/vw.js?v3 HTTP/1.1
Host: user91471.clients-cdnnow.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:44 GMT
content-type: application/javascript
last-modified: Fri, 21 Jul 2023 13:34:19 GMT
vary: Accept-Encoding
etag: W/"64ba895b-12fc"
x-movieads-country: RU
content-encoding: gzip
x-edge-cache: HIT
x-edge-ip: 172.19.32.8
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=167&tc=1
200 OK 1.9 kB URL GET HTTP/2 www.acint.net/mc/?dp=167&tc=1
IP
ASN #24940 Hetzner Online GmbH
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintD1:98:D5:B7:91:FF:E3:AC:0C:2E:5F:9E:20:DE:E5:45:A8:C2:0E:B1
ValidityTue, 31 Oct 2023 03:36:00 GMT - Mon, 29 Jan 2024 03:35:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 8dc3dc585092f1e8968627b6218c821b
750236f70aee3c154bd9c86e985d86400d4bd61a
5073ee4067e1a2c101f39a93dca5e906de3006ddc053318530abb431067dd564
GET /mc/?dp=167&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hd.lordserial2.me/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWVj+I1O8w5JHx1JAgKl8zlwgCWXNxsmefX90I41kwyY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 27 Nov 2023 02:01:49 GMT
content-type: text/html
set-cookie: cSyncDp14v5=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v5=1701050509; expires=Tue, 28-Nov-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53v5=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v3=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp80v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v4=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp98v3=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1701050509; expires=Mon, 11-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110v3=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v4=1701050509; expires=Tue, 12-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v3=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v3=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp217v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp235v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp239v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp243v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp260v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp244v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp248v2=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp261v1=1701050509; expires=Wed, 27-Dec-23 02:01:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
acint.net/rmatch?dp=14&euid=4E03420A8DF863653400139B02EA1CC1&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D
302 Found 154 B URL GET HTTP/2 acint.net/rmatch?dp=14&euid=4E03420A8DF863653400139B02EA1CC1&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D
IP
ASN #24940 Hetzner Online GmbH
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintD1:98:D5:B7:91:FF:E3:AC:0C:2E:5F:9E:20:DE:E5:45:A8:C2:0E:B1
ValidityTue, 31 Oct 2023 03:36:00 GMT - Mon, 29 Jan 2024 03:35:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=14&euid=4E03420A8DF863653400139B02EA1CC1&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: test_cookie=CheckForPermission; aid=fwAAAWVj+I1O8w5JHx1JAgKl8zlwgCWXNxsmefX90I41kwyY; cSyncDp14v5=1701050509; cSyncDp17v2=1701050509; cSyncDp45v5=1701050509; cSyncDp53v5=1701050509; cSyncDp62v2=1701050509; cSyncDp67v3=1701050509; cSyncDp68v2=1701050509; cSyncDp71v2=1701050509; cSyncDp80v2=1701050509; cSyncDp85v2=1701050509; cSyncDp95v4=1701050509; cSyncDp98v3=1701050509; cSyncDp104v2=1701050509; cSyncDp107v2=1701050509; cSyncDp110v3=1701050509; cSyncDp125v4=1701050509; cSyncDp126v2=1701050509; cSyncDp127v2=1701050509; cSyncDp129v2=1701050509; cSyncDp136v3=1701050509; cSyncDp146v2=1701050509; cSyncDp148v2=1701050509; cSyncDp149v3=1701050509; cSyncDp151v2=1701050509; cSyncDp178v2=1701050509; cSyncDp186v2=1701050509; cSyncDp217v2=1701050509; cSyncDp221v2=1701050509; cSyncDp235v2=1701050509; cSyncDp239v2=1701050509; cSyncDp243v2=1701050509; cSyncDp260v2=1701050509; cSyncDp244v2=1701050509; cSyncDp248v2=1701050509; cSyncDp261v1=1701050509; cSyncDp14v4=1701050509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: text/html
content-length: 154
location: https://code.moviead55.ru/go/csync?cn=sapecookie&bid=0100007F8DF86365490EF34E02491D1F
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
s.ccsyncuuid.net/match/5/?remote_uid=0100007F8DF86365490EF34E02491D1F
302 Found 0 B URL GET HTTP/2 s.ccsyncuuid.net/match/5/?remote_uid=0100007F8DF86365490EF34E02491D1F
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectccsyncuuid.net
Fingerprint05:93:D2:3F:39:41:DF:CE:18:E5:65:94:78:1D:8A:7F:24:58:17:98
ValidityMon, 13 Nov 2023 06:10:33 GMT - Sun, 11 Feb 2024 06:10:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/5/?remote_uid=0100007F8DF86365490EF34E02491D1F HTTP/1.1
Host: s.ccsyncuuid.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Mon, 27 Nov 2023 02:01:50 GMT
content-length: 0
location: https://acint.net/match?dp=80&euid=h9zOuEgKsvcuOhi8EmPR
set-cookie: jcsuuid=h9zOuEgKsvcuOhi8EmPR; expires=Tue, 26 Nov 2024 02:01:50 GMT; domain=ccsyncuuid.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&uid=0100007F8DF86365490EF34E02491D1F
302 Moved Temporarily 0 B URL GET HTTP/1.1 sync.bumlam.com/?src=sap1&uid=0100007F8DF86365490EF34E02491D1F
IP
ASN #44066 diva-e Datacenters GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint08:E4:EB:78:69:AA:1C:77:24:F5:D4:0F:6C:52:FC:A6:D3:74:90:D0
ValidityMon, 16 Oct 2023 05:30:36 GMT - Sun, 14 Jan 2024 05:30:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=0100007F8DF86365490EF34E02491D1F HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 27 Nov 2023 02:01:50 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRlZGE3MDNmZS04Y2M4LTExZWUtYmJiMS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Sun, 22 Nov 2043 02:01:50 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARiO8Y-rBmIgMDEwMDAwN0Y4REY4NjM2NTQ5MEVGMzRFMDI0OTFEMUaiARDtpwP-jMgR7ruxACWQyCQ3
ETag: eda703fe-8cc8-11ee-bbb1-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
code.moviead55.ru/go/csync?cn=bzcookie&bid=0595ada9-a835-4e1d-6786-6c3b23cbc810
200 OK 0 B URL GET HTTP/2 code.moviead55.ru/go/csync?cn=bzcookie&bid=0595ada9-a835-4e1d-6786-6c3b23cbc810
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/csync?cn=bzcookie&bid=0595ada9-a835-4e1d-6786-6c3b23cbc810 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: sky_uuid=4a1fa77d-b73b-2cf8-a5cb-9d982c07fc37; otclkbid=VUG31mKFfTelneA; hbrdcookie2=a2ce112f40850d383642; ohmybid=f1626fd8-daf4-45d1-8eb1-3c415ced7786; solta=ZWP4jRwhI48
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: image/jpeg
content-length: 0
set-cookie: bzcookie=0595ada9-a835-4e1d-6786-6c3b23cbc810; max-age=86400; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
s.uuidksinc.net/match/396/?remote_uid=0100007F8DF86365490EF34E02491D1F
302 Found 0 B URL GET HTTP/2 s.uuidksinc.net/match/396/?remote_uid=0100007F8DF86365490EF34E02491D1F
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectuuidksinc.net
Fingerprint24:9D:6D:A2:89:55:7D:CD:A6:BD:59:A3:21:F2:65:41:A8:9D:38:99
ValidityThu, 09 Nov 2023 23:20:21 GMT - Wed, 07 Feb 2024 23:20:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=0100007F8DF86365490EF34E02491D1F HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.23.2
date: Mon, 27 Nov 2023 02:01:50 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=nOg4lefBI4xtKGOWy3Gg
set-cookie: jcsuuid=nOg4lefBI4xtKGOWy3Gg; expires=Tue, 26 Nov 2024 02:01:50 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/check?sspuid=0100007F8DF86365490EF34E02491D1F
302 Found 0 B URL GET HTTP/1.1 pix.bumlam.com/sync/sape/check?sspuid=0100007F8DF86365490EF34E02491D1F
IP
ASN #44066 diva-e Datacenters GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint08:E4:EB:78:69:AA:1C:77:24:F5:D4:0F:6C:52:FC:A6:D3:74:90:D0
ValidityMon, 16 Oct 2023 05:30:36 GMT - Sun, 14 Jan 2024 05:30:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/check?sspuid=0100007F8DF86365490EF34E02491D1F HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 27 Nov 2023 02:01:50 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape
match.new-programmatic.com/userbind?src=sape&id=0100007F8DF86365490EF34E02491D1F
204 No Content 0 B URL GET HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=0100007F8DF86365490EF34E02491D1F
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectad.ad-blast.ru
FingerprintF3:B7:15:BC:2F:A8:7D:5A:73:CB:BC:43:B8:4C:EA:11:17:2B:7A:34
ValiditySat, 07 Oct 2023 18:59:50 GMT - Fri, 05 Jan 2024 18:59:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=0100007F8DF86365490EF34E02491D1F HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Mon, 27 Nov 2023 02:01:50 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
acint.net/match?dp=14&euid=4E03420A8DF863653400139B02EA1CC1
200 OK 43 B URL GET HTTP/2 acint.net/match?dp=14&euid=4E03420A8DF863653400139B02EA1CC1
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintD1:98:D5:B7:91:FF:E3:AC:0C:2E:5F:9E:20:DE:E5:45:A8:C2:0E:B1
ValidityTue, 31 Oct 2023 03:36:00 GMT - Mon, 29 Jan 2024 03:35:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=4E03420A8DF863653400139B02EA1CC1 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWVj+I1O8w5JHx1JAgKl8zlwgCWXNxsmefX90I41kwyY; cSyncDp14v5=1701050509; cSyncDp17v2=1701050509; cSyncDp45v5=1701050509; cSyncDp53v5=1701050509; cSyncDp62v2=1701050509; cSyncDp67v3=1701050509; cSyncDp68v2=1701050509; cSyncDp71v2=1701050509; cSyncDp80v2=1701050509; cSyncDp85v2=1701050509; cSyncDp95v4=1701050509; cSyncDp98v3=1701050509; cSyncDp104v2=1701050509; cSyncDp107v2=1701050509; cSyncDp110v3=1701050509; cSyncDp125v4=1701050509; cSyncDp126v2=1701050509; cSyncDp127v2=1701050509; cSyncDp129v2=1701050509; cSyncDp136v3=1701050509; cSyncDp146v2=1701050509; cSyncDp148v2=1701050509; cSyncDp149v3=1701050509; cSyncDp151v2=1701050509; cSyncDp178v2=1701050509; cSyncDp186v2=1701050509; cSyncDp217v2=1701050509; cSyncDp221v2=1701050509; cSyncDp235v2=1701050509; cSyncDp239v2=1701050509; cSyncDp243v2=1701050509; cSyncDp260v2=1701050509; cSyncDp244v2=1701050509; cSyncDp248v2=1701050509; cSyncDp261v1=1701050509; cSyncDp14v4=1701050509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=129&euid=t14um1wp3s
200 OK 43 B URL GET HTTP/2 www.acint.net/match?dp=129&euid=t14um1wp3s
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintD1:98:D5:B7:91:FF:E3:AC:0C:2E:5F:9E:20:DE:E5:45:A8:C2:0E:B1
ValidityTue, 31 Oct 2023 03:36:00 GMT - Mon, 29 Jan 2024 03:35:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=t14um1wp3s HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWVj+I1O8w5JHx1JAgKl8zlwgCWXNxsmefX90I41kwyY; cSyncDp14v5=1701050509; cSyncDp17v2=1701050509; cSyncDp45v5=1701050509; cSyncDp53v5=1701050509; cSyncDp62v2=1701050509; cSyncDp67v3=1701050509; cSyncDp68v2=1701050509; cSyncDp71v2=1701050509; cSyncDp80v2=1701050509; cSyncDp85v2=1701050509; cSyncDp95v4=1701050509; cSyncDp98v3=1701050509; cSyncDp104v2=1701050509; cSyncDp107v2=1701050509; cSyncDp110v3=1701050509; cSyncDp125v4=1701050509; cSyncDp126v2=1701050509; cSyncDp127v2=1701050509; cSyncDp129v2=1701050509; cSyncDp136v3=1701050509; cSyncDp146v2=1701050509; cSyncDp148v2=1701050509; cSyncDp149v3=1701050509; cSyncDp151v2=1701050509; cSyncDp178v2=1701050509; cSyncDp186v2=1701050509; cSyncDp217v2=1701050509; cSyncDp221v2=1701050509; cSyncDp235v2=1701050509; cSyncDp239v2=1701050509; cSyncDp243v2=1701050509; cSyncDp260v2=1701050509; cSyncDp244v2=1701050509; cSyncDp248v2=1701050509; cSyncDp261v1=1701050509; cSyncDp14v4=1701050509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.adspend.space/sape?uid=0100007F8DF86365490EF34E02491D1F
204 No Content 0 B URL GET HTTP/2 sync.adspend.space/sape?uid=0100007F8DF86365490EF34E02491D1F
IP
ASN #50340 OOO Network of data-centers Selectel
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.adspend.space
FingerprintD2:A9:45:D9:7D:4F:04:B2:D9:24:CC:62:7C:3B:4A:4E:C5:5C:CD:24
ValidityTue, 29 Aug 2023 13:03:53 GMT - Mon, 27 Nov 2023 13:03:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape?uid=0100007F8DF86365490EF34E02491D1F HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.22.1
date: Mon, 27 Nov 2023 02:01:50 GMT
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync
302 Found 0 B URL GET HTTP/2 sync.upravel.com/sape/sync
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.upravel.com
Fingerprint4C:ED:03:57:58:43:18:2C:CC:41:F3:3B:19:72:75:BD:29:C1:04:08
ValiditySat, 29 Apr 2023 07:48:21 GMT - Thu, 30 May 2024 07:48:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1701050510416;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1701050510416;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
www.acint.net/match?dp=217&euid=f1626fd8-daf4-45d1-8eb1-3c415ced7786
200 OK 43 B URL GET HTTP/2 www.acint.net/match?dp=217&euid=f1626fd8-daf4-45d1-8eb1-3c415ced7786
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintD1:98:D5:B7:91:FF:E3:AC:0C:2E:5F:9E:20:DE:E5:45:A8:C2:0E:B1
ValidityTue, 31 Oct 2023 03:36:00 GMT - Mon, 29 Jan 2024 03:35:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=217&euid=f1626fd8-daf4-45d1-8eb1-3c415ced7786 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWVj+I1O8w5JHx1JAgKl8zlwgCWXNxsmefX90I41kwyY; cSyncDp14v5=1701050509; cSyncDp17v2=1701050509; cSyncDp45v5=1701050509; cSyncDp53v5=1701050509; cSyncDp62v2=1701050509; cSyncDp67v3=1701050509; cSyncDp68v2=1701050509; cSyncDp71v2=1701050509; cSyncDp80v2=1701050509; cSyncDp85v2=1701050509; cSyncDp95v4=1701050509; cSyncDp98v3=1701050509; cSyncDp104v2=1701050509; cSyncDp107v2=1701050509; cSyncDp110v3=1701050509; cSyncDp125v4=1701050509; cSyncDp126v2=1701050509; cSyncDp127v2=1701050509; cSyncDp129v2=1701050509; cSyncDp136v3=1701050509; cSyncDp146v2=1701050509; cSyncDp148v2=1701050509; cSyncDp149v3=1701050509; cSyncDp151v2=1701050509; cSyncDp178v2=1701050509; cSyncDp186v2=1701050509; cSyncDp217v2=1701050509; cSyncDp221v2=1701050509; cSyncDp235v2=1701050509; cSyncDp239v2=1701050509; cSyncDp243v2=1701050509; cSyncDp260v2=1701050509; cSyncDp244v2=1701050509; cSyncDp248v2=1701050509; cSyncDp261v1=1701050509; cSyncDp14v4=1701050509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
nr.bidderstack.com/sape/cm?user_id=0100007F8DF86365490EF34E02491D1F
302 Found 0 B URL GET HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=0100007F8DF86365490EF34E02491D1F
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGoDaddy.com, Inc.
Subject*.bidderstack.com
Fingerprint7A:83:29:BF:37:01:78:02:DF:C1:07:D8:A2:10:AB:0A:DD:11:66:B0
ValidityTue, 21 Nov 2023 08:57:57 GMT - Sun, 22 Dec 2024 08:57:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/cm?user_id=0100007F8DF86365490EF34E02491D1F HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 27 Nov 2023 02:01:50 GMT
Content-Length: 0
Connection: keep-alive
Location: /sape/cm?user_id=0100007F8DF86365490EF34E02491D1F&pupa=1
Set-Cookie: pupa=d6979f52-2616-aa83-4667-870fd419f06c; domain=.bidderstack.com; path=/; expires=Tue, 26-Nov-2024 02:01:50 GMT;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
www.acint.net/match?dp=126&euid=84857c0c-460c-462c-6f35-7f64a7be6a1e
200 OK 43 B URL GET HTTP/2 www.acint.net/match?dp=126&euid=84857c0c-460c-462c-6f35-7f64a7be6a1e
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintD1:98:D5:B7:91:FF:E3:AC:0C:2E:5F:9E:20:DE:E5:45:A8:C2:0E:B1
ValidityTue, 31 Oct 2023 03:36:00 GMT - Mon, 29 Jan 2024 03:35:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=84857c0c-460c-462c-6f35-7f64a7be6a1e HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWVj+I1O8w5JHx1JAgKl8zlwgCWXNxsmefX90I41kwyY; cSyncDp14v5=1701050509; cSyncDp17v2=1701050509; cSyncDp45v5=1701050509; cSyncDp53v5=1701050509; cSyncDp62v2=1701050509; cSyncDp67v3=1701050509; cSyncDp68v2=1701050509; cSyncDp71v2=1701050509; cSyncDp80v2=1701050509; cSyncDp85v2=1701050509; cSyncDp95v4=1701050509; cSyncDp98v3=1701050509; cSyncDp104v2=1701050509; cSyncDp107v2=1701050509; cSyncDp110v3=1701050509; cSyncDp125v4=1701050509; cSyncDp126v2=1701050509; cSyncDp127v2=1701050509; cSyncDp129v2=1701050509; cSyncDp136v3=1701050509; cSyncDp146v2=1701050509; cSyncDp148v2=1701050509; cSyncDp149v3=1701050509; cSyncDp151v2=1701050509; cSyncDp178v2=1701050509; cSyncDp186v2=1701050509; cSyncDp217v2=1701050509; cSyncDp221v2=1701050509; cSyncDp235v2=1701050509; cSyncDp239v2=1701050509; cSyncDp243v2=1701050509; cSyncDp260v2=1701050509; cSyncDp244v2=1701050509; cSyncDp248v2=1701050509; cSyncDp261v1=1701050509; cSyncDp14v4=1701050509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
code.moviead55.ru/go/csync?cn=sapecookie&bid=0100007F8DF86365490EF34E02491D1F
200 OK 0 B URL GET HTTP/2 code.moviead55.ru/go/csync?cn=sapecookie&bid=0100007F8DF86365490EF34E02491D1F
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/csync?cn=sapecookie&bid=0100007F8DF86365490EF34E02491D1F HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: sky_uuid=4a1fa77d-b73b-2cf8-a5cb-9d982c07fc37; otclkbid=VUG31mKFfTelneA; hbrdcookie2=a2ce112f40850d383642; ohmybid=f1626fd8-daf4-45d1-8eb1-3c415ced7786; solta=ZWP4jRwhI48; bzcookie=0595ada9-a835-4e1d-6786-6c3b23cbc810
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: image/jpeg
content-length: 0
set-cookie: sapecookie=0100007F8DF86365490EF34E02491D1F; max-age=86400; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
sync.programmatica.com/match/01
200 OK 43 B URL GET HTTP/2 sync.programmatica.com/match/01
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.programmatica.com
FingerprintE4:B6:ED:A7:02:18:8C:3F:D0:A3:8D:04:EE:40:21:0A:0E:83:D1:D6
ValidityThu, 15 Dec 2022 17:05:13 GMT - Tue, 16 Jan 2024 17:05:12 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/01 HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ssp.afp.ai/api/sync/sape
302 Found 0 B IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerSectigo Limited
Subject*.afp.ai
Fingerprint6D:78:55:60:8D:74:D7:2E:9F:A5:B1:56:72:76:A6:20:F9:7E:E4:4F
ValidityMon, 23 Oct 2023 00:00:00 GMT - Tue, 24 Sep 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/sync/sape HTTP/1.1
Host: ssp.afp.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Mon, 27 Nov 2023 02:01:50 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Allow-Origin:
Access-Control-Allow-Credentials: true
Location: https://www.acint.net/match?dp=261&euid=11324ce3-43e9-41cf-a438-ae6058677b51
Set-Cookie: afp_cookie=gAAAAABlY_iO6EfDDl037Uug6eiPNW85NMkPzNJIYbeVMO2K0SWfxotCtsIGRPXuLvwDjN23JWgY1SUYXSYAJEIrhy8_fBZq9_cMSD_60C8M1ZLQyJhmqCAfX5ZPAJTGwsVpPk6LtESqfdyF40XWPy8V4Ieg2CFgvmhnxkjcf1Me8HMDfvQZV1heF0h78w3GzV65iWbidHrU$; expires=Wed, 27 Dec 2023 02:01:50 GMT; path=/; secure; SameSite=None
cs.agency2.ru/p?ssp=sp&uid=0100007F8DF86365490EF34E02491D1F
301 Moved Permanently 0 B URL GET HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=0100007F8DF86365490EF34E02491D1F
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectapi.agency2.ru
Fingerprint50:48:39:D7:EB:8F:8E:E7:36:A3:F3:08:25:93:84:7F:6B:36:24:95
ValidityMon, 16 Oct 2023 23:38:04 GMT - Sun, 14 Jan 2024 23:38:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=0100007F8DF86365490EF34E02491D1F HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Mon, 27 Nov 2023 02:01:50 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=a425a41b-3fd8-4b21-b431-4bf534b65397
Set-Cookie: uuid=a425a41b-3fd8-4b21-b431-4bf534b65397; expires=Sun, 17 Nov 2024 02:01:50 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
s.myangular.life/ws?ref_id=12516
0 B URL s.myangular.life/ws?ref_id=12516
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerSectigo Limited
Subjects.myangular.life
Fingerprint3A:21:0F:72:24:43:49:14:06:28:C6:D0:A6:10:6B:D7:B2:EA:5A:66
ValidityTue, 04 Apr 2023 00:00:00 GMT - Sat, 04 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws?ref_id=12516 HTTP/1.1
Host: s.myangular.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://api.bedemp2.ws
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Cv4PW5B+2aRS1nW50M34Jg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Mon, 27 Nov 2023 02:01:50 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GFdvVnH1wv0u9T0SkeB0Pqd+ov0=
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
302 Found 74 B URL GET HTTP/2 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.bestssp.com
Fingerprint25:15:42:2E:1C:54:0F:74:CF:89:02:5A:5E:AC:98:DA:1C:34:B3:B3
ValidityMon, 24 Jul 2023 17:15:54 GMT - Sat, 24 Aug 2024 17:15:53 GMT
File type HTML document, ASCII text
Hash 8d0167ae3ec8871aea49b2b0060b9caf
09caf189e07a40344036e6095ff3f394c6558939
60bc0970fd99a690d021ebbbfcec785ddea16b4364808c3193ea2ca18e558e13
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.22.0
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: text/html; charset=utf-8
content-length: 74
location: https://www.acint.net/match?dp=95&euid=FAMGJXJO
set-cookie: uid=FAMGJXJO; Expires=Thu, 24 Nov 2033 02:01:50 GMT
X-Firefox-Spdy: h2
acint.net/match?dp=80&euid=h9zOuEgKsvcuOhi8EmPR
200 OK 43 B URL GET HTTP/2 acint.net/match?dp=80&euid=h9zOuEgKsvcuOhi8EmPR
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintD1:98:D5:B7:91:FF:E3:AC:0C:2E:5F:9E:20:DE:E5:45:A8:C2:0E:B1
ValidityTue, 31 Oct 2023 03:36:00 GMT - Mon, 29 Jan 2024 03:35:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=80&euid=h9zOuEgKsvcuOhi8EmPR HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWVj+I1O8w5JHx1JAgKl8zlwgCWXNxsmefX90I41kwyY; cSyncDp14v5=1701050509; cSyncDp17v2=1701050509; cSyncDp45v5=1701050509; cSyncDp53v5=1701050509; cSyncDp62v2=1701050509; cSyncDp67v3=1701050509; cSyncDp68v2=1701050509; cSyncDp71v2=1701050509; cSyncDp80v2=1701050509; cSyncDp85v2=1701050509; cSyncDp95v4=1701050509; cSyncDp98v3=1701050509; cSyncDp104v2=1701050509; cSyncDp107v2=1701050509; cSyncDp110v3=1701050509; cSyncDp125v4=1701050509; cSyncDp126v2=1701050509; cSyncDp127v2=1701050509; cSyncDp129v2=1701050509; cSyncDp136v3=1701050509; cSyncDp146v2=1701050509; cSyncDp148v2=1701050509; cSyncDp149v3=1701050509; cSyncDp151v2=1701050509; cSyncDp178v2=1701050509; cSyncDp186v2=1701050509; cSyncDp217v2=1701050509; cSyncDp221v2=1701050509; cSyncDp235v2=1701050509; cSyncDp239v2=1701050509; cSyncDp243v2=1701050509; cSyncDp260v2=1701050509; cSyncDp244v2=1701050509; cSyncDp248v2=1701050509; cSyncDp261v1=1701050509; cSyncDp14v4=1701050509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&s_data=CAIQARiO8Y-rBmIgMDEwMDAwN0Y4REY4NjM2NTQ5MEVGMzRFMDI0OTFEMUaiARDtpwP-jMgR7ruxACWQyCQ3
200 OK 0 B URL GET HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARiO8Y-rBmIgMDEwMDAwN0Y4REY4NjM2NTQ5MEVGMzRFMDI0OTFEMUaiARDtpwP-jMgR7ruxACWQyCQ3
IP
ASN #44066 diva-e Datacenters GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint08:E4:EB:78:69:AA:1C:77:24:F5:D4:0F:6C:52:FC:A6:D3:74:90:D0
ValidityMon, 16 Oct 2023 05:30:36 GMT - Sun, 14 Jan 2024 05:30:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARiO8Y-rBmIgMDEwMDAwN0Y4REY4NjM2NTQ5MEVGMzRFMDI0OTFEMUaiARDtpwP-jMgR7ruxACWQyCQ3 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiRlZGE3MDNmZS04Y2M4LTExZWUtYmJiMS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRlZGE3MDNmZS04Y2M4LTExZWUtYmJiMS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Sun, 22 Nov 2043 02:01:50 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
sync.dsp.solta.io/match/sape?id=0100007F8DF86365490EF34E02491D1F
200 OK 43 B URL GET HTTP/2 sync.dsp.solta.io/match/sape?id=0100007F8DF86365490EF34E02491D1F
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.dsp.solta.io
Fingerprint6D:7F:91:92:30:E1:6A:A0:9B:86:49:7A:21:7F:5B:A4:23:8F:92:BC
ValidityWed, 02 Aug 2023 16:38:38 GMT - Mon, 02 Sep 2024 16:38:37 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/sape?id=0100007F8DF86365490EF34E02491D1F HTTP/1.1
Host: sync.dsp.solta.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
adx.com.ru/sape-sync?uid=0100007F8DF86365490EF34E02491D1F
302 Found 85 B URL GET HTTP/2 adx.com.ru/sape-sync?uid=0100007F8DF86365490EF34E02491D1F
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.adx.com.ru
FingerprintB6:86:21:C8:F9:AF:00:9E:42:EC:E3:77:AC:A3:5B:2B:E7:C4:46:B3
ValidityFri, 26 May 2023 11:44:59 GMT - Wed, 26 Jun 2024 11:44:58 GMT
File type HTML document, ASCII text
Hash 7c52d8bac59c323b0ca2324d2a75ef1b
48022710f4d1db1112054cc2cbd1569cd3625e5a
e016573acd2827142f31fae31ca99eac111fda5a9568b0981a04ed2b36effef5
GET /sape-sync?uid=0100007F8DF86365490EF34E02491D1F HTTP/1.1
Host: adx.com.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.22.0
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: text/html; charset=utf-8
content-length: 85
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
location: /sync?sspKey=25&sspUserID=0100007F8DF86365490EF34E02491D1F
p3p: CP="adx.com.ru does not have a P3P policy"
set-cookie: user=6563f88e991c7a000126eebb; Path=/; Domain=adx.com.ru; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
acint.net/match?dp=110&euid=9f0064f97ce54a30aa30608d27f5bf85
200 OK 43 B URL GET HTTP/2 acint.net/match?dp=110&euid=9f0064f97ce54a30aa30608d27f5bf85
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintD1:98:D5:B7:91:FF:E3:AC:0C:2E:5F:9E:20:DE:E5:45:A8:C2:0E:B1
ValidityTue, 31 Oct 2023 03:36:00 GMT - Mon, 29 Jan 2024 03:35:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=9f0064f97ce54a30aa30608d27f5bf85 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWVj+I1O8w5JHx1JAgKl8zlwgCWXNxsmefX90I41kwyY; cSyncDp14v5=1701050509; cSyncDp17v2=1701050509; cSyncDp45v5=1701050509; cSyncDp53v5=1701050509; cSyncDp62v2=1701050509; cSyncDp67v3=1701050509; cSyncDp68v2=1701050509; cSyncDp71v2=1701050509; cSyncDp80v2=1701050509; cSyncDp85v2=1701050509; cSyncDp95v4=1701050509; cSyncDp98v3=1701050509; cSyncDp104v2=1701050509; cSyncDp107v2=1701050509; cSyncDp110v3=1701050509; cSyncDp125v4=1701050509; cSyncDp126v2=1701050509; cSyncDp127v2=1701050509; cSyncDp129v2=1701050509; cSyncDp136v3=1701050509; cSyncDp146v2=1701050509; cSyncDp148v2=1701050509; cSyncDp149v3=1701050509; cSyncDp151v2=1701050509; cSyncDp178v2=1701050509; cSyncDp186v2=1701050509; cSyncDp217v2=1701050509; cSyncDp221v2=1701050509; cSyncDp235v2=1701050509; cSyncDp239v2=1701050509; cSyncDp243v2=1701050509; cSyncDp260v2=1701050509; cSyncDp244v2=1701050509; cSyncDp248v2=1701050509; cSyncDp261v1=1701050509; cSyncDp14v4=1701050509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sape
302 Moved Temporarily 0 B URL GET HTTP/1.1 sync.bumlam.com/?src=sape
IP
ASN #44066 diva-e Datacenters GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint08:E4:EB:78:69:AA:1C:77:24:F5:D4:0F:6C:52:FC:A6:D3:74:90:D0
ValidityMon, 16 Oct 2023 05:30:36 GMT - Sun, 14 Jan 2024 05:30:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiRlZGE3MDNmZS04Y2M4LTExZWUtYmJiMS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 27 Nov 2023 02:01:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRlZGE3MDNmZS04Y2M4LTExZWUtYmJiMS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Sun, 22 Nov 2043 02:01:50 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=eda703fe-8cc8-11ee-bbb1-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
ads.adlook.me/csync?pid=sape&uid=0100007F8DF86365490EF34E02491D1F&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
302 Found 43 B URL GET HTTP/2 ads.adlook.me/csync?pid=sape&uid=0100007F8DF86365490EF34E02491D1F&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP
ASN #48096 Enterprise Cloud Ltd.
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /csync?pid=sape&uid=0100007F8DF86365490EF34E02491D1F&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=9f0064f97ce54a30aa30608d27f5bf85
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=9f0064f97ce54a30aa30608d27f5bf85; expires=Mon, 25 Nov 2024 21:00:00 GMT; path=/; SameSite=None; secure; samesite=none
adlk_cmatch=sape%3A0100007F8DF86365490EF34E02491D1F; expires=Fri, 31 Dec 9999 20:59:59 GMT; path=/; SameSite=None; secure; samesite=none
date: Mon, 27 Nov 2023 02:01:50 GMT
X-Firefox-Spdy: h2
nr.bidderstack.com/sape/cm?user_id=0100007F8DF86365490EF34E02491D1F&pupa=1
200 OK 44 B URL GET HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=0100007F8DF86365490EF34E02491D1F&pupa=1
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGoDaddy.com, Inc.
Subject*.bidderstack.com
Fingerprint7A:83:29:BF:37:01:78:02:DF:C1:07:D8:A2:10:AB:0A:DD:11:66:B0
ValidityTue, 21 Nov 2023 08:57:57 GMT - Sun, 22 Dec 2024 08:57:57 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
GET /sape/cm?user_id=0100007F8DF86365490EF34E02491D1F&pupa=1 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:50 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Set-Cookie: pupa=d6979f52-2616-aa83-4667-870fd419f06c; domain=.bidderstack.com; path=/; expires=Tue, 26-Nov-2024 02:01:50 GMT;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
302 Found 0 B URL GET HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.upravel.com
Fingerprint4C:ED:03:57:58:43:18:2C:CC:41:F3:3B:19:72:75:BD:29:C1:04:08
ValiditySat, 29 Apr 2023 07:48:21 GMT - Thu, 30 May 2024 07:48:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: session_tptc=1701050510416
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=c222368e-fec7-4f30-bf4d-48edd40ffd17;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=c222368e-fec7-4f30-bf4d-48edd40ffd17;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=c222368e-fec7-4f30-bf4d-48edd40ffd17
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
img.zcvh.net/748951/desktop/thumb-1.webp
200 OK 213 kB URL GET HTTP/1.1 img.zcvh.net/748951/desktop/thumb-1.webp
IP
ASN #24940 Hetzner Online GmbH
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerLet's Encrypt
Subject*.zcvh.net
Fingerprint9F:09:BF:B0:10:B8:43:CC:8F:29:36:BC:BD:D2:2C:71:A7:7E:CA:9A
ValidityWed, 27 Sep 2023 04:02:29 GMT - Tue, 26 Dec 2023 04:02:28 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x900, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 213 kB (212626 bytes)
Hash ec8ce9030289ceacccd38bd5a3dca384
42e791a20cf4e6547a62f1f88b4d2c3f9ae8dcf6
fb3018fa704be9d53225b392301cbecd847c3b1843ed77b11920cf7ec8e46581
GET /748951/desktop/thumb-1.webp HTTP/1.1
Host: img.zcvh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.bedemp2.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:50 GMT
Content-Type: image/webp
Content-Length: 212626
Last-Modified: Mon, 12 Sep 2022 02:36:41 GMT
Connection: keep-alive
ETag: "631e9b39-33e92"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
www.acint.net/match?dp=186&euid=a425a41b-3fd8-4b21-b431-4bf534b65397
200 OK 43 B URL GET HTTP/2 www.acint.net/match?dp=186&euid=a425a41b-3fd8-4b21-b431-4bf534b65397
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintD1:98:D5:B7:91:FF:E3:AC:0C:2E:5F:9E:20:DE:E5:45:A8:C2:0E:B1
ValidityTue, 31 Oct 2023 03:36:00 GMT - Mon, 29 Jan 2024 03:35:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=a425a41b-3fd8-4b21-b431-4bf534b65397 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWVj+I1O8w5JHx1JAgKl8zlwgCWXNxsmefX90I41kwyY; cSyncDp14v5=1701050509; cSyncDp17v2=1701050509; cSyncDp45v5=1701050509; cSyncDp53v5=1701050509; cSyncDp62v2=1701050509; cSyncDp67v3=1701050509; cSyncDp68v2=1701050509; cSyncDp71v2=1701050509; cSyncDp80v2=1701050509; cSyncDp85v2=1701050509; cSyncDp95v4=1701050509; cSyncDp98v3=1701050509; cSyncDp104v2=1701050509; cSyncDp107v2=1701050509; cSyncDp110v3=1701050509; cSyncDp125v4=1701050509; cSyncDp126v2=1701050509; cSyncDp127v2=1701050509; cSyncDp129v2=1701050509; cSyncDp136v3=1701050509; cSyncDp146v2=1701050509; cSyncDp148v2=1701050509; cSyncDp149v3=1701050509; cSyncDp151v2=1701050509; cSyncDp178v2=1701050509; cSyncDp186v2=1701050509; cSyncDp217v2=1701050509; cSyncDp221v2=1701050509; cSyncDp235v2=1701050509; cSyncDp239v2=1701050509; cSyncDp243v2=1701050509; cSyncDp260v2=1701050509; cSyncDp244v2=1701050509; cSyncDp248v2=1701050509; cSyncDp261v1=1701050509; cSyncDp14v4=1701050509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=95&euid=FAMGJXJO
200 OK 43 B URL GET HTTP/2 www.acint.net/match?dp=95&euid=FAMGJXJO
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintD1:98:D5:B7:91:FF:E3:AC:0C:2E:5F:9E:20:DE:E5:45:A8:C2:0E:B1
ValidityTue, 31 Oct 2023 03:36:00 GMT - Mon, 29 Jan 2024 03:35:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=FAMGJXJO HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWVj+I1O8w5JHx1JAgKl8zlwgCWXNxsmefX90I41kwyY; cSyncDp14v5=1701050509; cSyncDp17v2=1701050509; cSyncDp45v5=1701050509; cSyncDp53v5=1701050509; cSyncDp62v2=1701050509; cSyncDp67v3=1701050509; cSyncDp68v2=1701050509; cSyncDp71v2=1701050509; cSyncDp80v2=1701050509; cSyncDp85v2=1701050509; cSyncDp95v4=1701050509; cSyncDp98v3=1701050509; cSyncDp104v2=1701050509; cSyncDp107v2=1701050509; cSyncDp110v3=1701050509; cSyncDp125v4=1701050509; cSyncDp126v2=1701050509; cSyncDp127v2=1701050509; cSyncDp129v2=1701050509; cSyncDp136v3=1701050509; cSyncDp146v2=1701050509; cSyncDp148v2=1701050509; cSyncDp149v3=1701050509; cSyncDp151v2=1701050509; cSyncDp178v2=1701050509; cSyncDp186v2=1701050509; cSyncDp217v2=1701050509; cSyncDp221v2=1701050509; cSyncDp235v2=1701050509; cSyncDp239v2=1701050509; cSyncDp243v2=1701050509; cSyncDp260v2=1701050509; cSyncDp244v2=1701050509; cSyncDp248v2=1701050509; cSyncDp261v1=1701050509; cSyncDp14v4=1701050509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/sync_ok?guid=eda703fe-8cc8-11ee-bbb1-002590c82437
302 Found 0 B URL GET HTTP/1.1 pix.bumlam.com/sync/sape/sync_ok?guid=eda703fe-8cc8-11ee-bbb1-002590c82437
IP
ASN #44066 diva-e Datacenters GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint08:E4:EB:78:69:AA:1C:77:24:F5:D4:0F:6C:52:FC:A6:D3:74:90:D0
ValidityMon, 16 Oct 2023 05:30:36 GMT - Sun, 14 Jan 2024 05:30:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/sync_ok?guid=eda703fe-8cc8-11ee-bbb1-002590c82437 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiRlZGE3MDNmZS04Y2M4LTExZWUtYmJiMS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 27 Nov 2023 02:01:50 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://eda703fe-8cc8-11ee-bbb1-002590c82437.n2.sync.bumlam.com/?src=sape
www.acint.net/match?dp=261&euid=11324ce3-43e9-41cf-a438-ae6058677b51
200 OK 43 B URL GET HTTP/2 www.acint.net/match?dp=261&euid=11324ce3-43e9-41cf-a438-ae6058677b51
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintD1:98:D5:B7:91:FF:E3:AC:0C:2E:5F:9E:20:DE:E5:45:A8:C2:0E:B1
ValidityTue, 31 Oct 2023 03:36:00 GMT - Mon, 29 Jan 2024 03:35:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=261&euid=11324ce3-43e9-41cf-a438-ae6058677b51 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWVj+I1O8w5JHx1JAgKl8zlwgCWXNxsmefX90I41kwyY; cSyncDp14v5=1701050509; cSyncDp17v2=1701050509; cSyncDp45v5=1701050509; cSyncDp53v5=1701050509; cSyncDp62v2=1701050509; cSyncDp67v3=1701050509; cSyncDp68v2=1701050509; cSyncDp71v2=1701050509; cSyncDp80v2=1701050509; cSyncDp85v2=1701050509; cSyncDp95v4=1701050509; cSyncDp98v3=1701050509; cSyncDp104v2=1701050509; cSyncDp107v2=1701050509; cSyncDp110v3=1701050509; cSyncDp125v4=1701050509; cSyncDp126v2=1701050509; cSyncDp127v2=1701050509; cSyncDp129v2=1701050509; cSyncDp136v3=1701050509; cSyncDp146v2=1701050509; cSyncDp148v2=1701050509; cSyncDp149v3=1701050509; cSyncDp151v2=1701050509; cSyncDp178v2=1701050509; cSyncDp186v2=1701050509; cSyncDp217v2=1701050509; cSyncDp221v2=1701050509; cSyncDp235v2=1701050509; cSyncDp239v2=1701050509; cSyncDp243v2=1701050509; cSyncDp260v2=1701050509; cSyncDp244v2=1701050509; cSyncDp248v2=1701050509; cSyncDp261v1=1701050509; cSyncDp14v4=1701050509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=71&euid=c222368e-fec7-4f30-bf4d-48edd40ffd17
200 OK 43 B URL GET HTTP/2 www.acint.net/match?dp=71&euid=c222368e-fec7-4f30-bf4d-48edd40ffd17
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintD1:98:D5:B7:91:FF:E3:AC:0C:2E:5F:9E:20:DE:E5:45:A8:C2:0E:B1
ValidityTue, 31 Oct 2023 03:36:00 GMT - Mon, 29 Jan 2024 03:35:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=c222368e-fec7-4f30-bf4d-48edd40ffd17 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWVj+I1O8w5JHx1JAgKl8zlwgCWXNxsmefX90I41kwyY; cSyncDp14v5=1701050509; cSyncDp17v2=1701050509; cSyncDp45v5=1701050509; cSyncDp53v5=1701050509; cSyncDp62v2=1701050509; cSyncDp67v3=1701050509; cSyncDp68v2=1701050509; cSyncDp71v2=1701050509; cSyncDp80v2=1701050509; cSyncDp85v2=1701050509; cSyncDp95v4=1701050509; cSyncDp98v3=1701050509; cSyncDp104v2=1701050509; cSyncDp107v2=1701050509; cSyncDp110v3=1701050509; cSyncDp125v4=1701050509; cSyncDp126v2=1701050509; cSyncDp127v2=1701050509; cSyncDp129v2=1701050509; cSyncDp136v3=1701050509; cSyncDp146v2=1701050509; cSyncDp148v2=1701050509; cSyncDp149v3=1701050509; cSyncDp151v2=1701050509; cSyncDp178v2=1701050509; cSyncDp186v2=1701050509; cSyncDp217v2=1701050509; cSyncDp221v2=1701050509; cSyncDp235v2=1701050509; cSyncDp239v2=1701050509; cSyncDp243v2=1701050509; cSyncDp260v2=1701050509; cSyncDp244v2=1701050509; cSyncDp248v2=1701050509; cSyncDp261v1=1701050509; cSyncDp14v4=1701050509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
adx.com.ru/sync?sspKey=25&sspUserID=0100007F8DF86365490EF34E02491D1F
302 Found 231 B URL GET HTTP/2 adx.com.ru/sync?sspKey=25&sspUserID=0100007F8DF86365490EF34E02491D1F
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.adx.com.ru
FingerprintB6:86:21:C8:F9:AF:00:9E:42:EC:E3:77:AC:A3:5B:2B:E7:C4:46:B3
ValidityFri, 26 May 2023 11:44:59 GMT - Wed, 26 Jun 2024 11:44:58 GMT
File type HTML document, ASCII text
Hash 5016288b7ae44222e5c2050f92dd09e2
3dff3d32c27b72c63f572d1b3d0eb7684c83e42f
421b2bd39f7761bba8484e4e03f03d806a95ea476ce13cdc0fd5f9686173705f
GET /sync?sspKey=25&sspUserID=0100007F8DF86365490EF34E02491D1F HTTP/1.1
Host: adx.com.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: user=6563f88e991c7a000126eebb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.22.0
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: text/html; charset=utf-8
content-length: 231
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D6563f88e991c7a000126eebb%2526r%253D%26webouid%3D{WEBO_CID}
p3p: CP="adx.com.ru does not have a P3P policy"
X-Firefox-Spdy: h2
user91471.clients-cdnnow.ru/vp_dist/hls.js?v2
200 OK 97 kB URL GET HTTP/2 user91471.clients-cdnnow.ru/vp_dist/hls.js?v2
IP
Requested by https://videotoday.site/mp_dist/td/trhls.html?v5613017984
Certificate IssuerLet's Encrypt
Subject*.clients-cdnnow.ru
Fingerprint7E:E4:04:34:49:F5:F1:E6:2A:83:55:F6:8A:EF:64:0A:9D:DB:88:53
ValidityTue, 07 Nov 2023 22:34:52 GMT - Mon, 05 Feb 2024 22:34:51 GMT
File type gzip compressed data, from Unix\012- data
Hash baf82622f4f03aa5d584b86eb2c69ae6
9adadb3e9a71f1bd4c687ff9ac9dcacd982962bc
14deaf496f5aed7738e596f16f8e5547d2615368b2e33ce43c199a0a84af9283
GET /vp_dist/hls.js?v2 HTTP/1.1
Host: user91471.clients-cdnnow.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videotoday.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:46 GMT
content-type: application/javascript
last-modified: Tue, 14 Feb 2023 08:10:38 GMT
vary: Accept-Encoding
etag: W/"63eb41fe-52302"
x-movieads-country: RU
content-encoding: gzip
x-edge-cache: HIT
x-edge-ip: 172.19.32.8
X-Firefox-Spdy: h2
eda703fe-8cc8-11ee-bbb1-002590c82437.n2.sync.bumlam.com/?src=sape
302 Found 0 B URL GET HTTP/2 eda703fe-8cc8-11ee-bbb1-002590c82437.n2.sync.bumlam.com/?src=sape
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.n0.sync.bumlam.com
Fingerprint99:77:61:BD:7C:71:52:75:4C:35:19:FA:21:42:A9:2E:BF:93:81:BF
ValidityTue, 19 Sep 2023 05:05:41 GMT - Mon, 18 Dec 2023 05:05:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: eda703fe-8cc8-11ee-bbb1-002590c82437.n2.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiRlZGE3MDNmZS04Y2M4LTExZWUtYmJiMS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.24.0
date: Mon, 27 Nov 2023 02:01:52 GMT
content-length: 0
location: https://pix.bumlam.com/sync/sape/done
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
X-Firefox-Spdy: h2
code.moviead55.ru/go/bn?key=647a534f9f5fb9ced25ee7db57ef9c72&cp.adsource=Sw_cr_br&vt=[vt]&w=300&h=250&cp.referer=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html&fid=655e0164911d2a4d&cp.tanc=
143 B URL code.moviead55.ru/go/bn?key=647a534f9f5fb9ced25ee7db57ef9c72&cp.adsource=Sw_cr_br&vt=[vt]&w=300&h=250&cp.referer=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html&fid=655e0164911d2a4d&cp.tanc=
IP
ASN #6681 Rozetka Sp. z o.o.
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
File type gzip compressed data, from Unix\012- data
Hash 950f55a3fb9420f9f196aba3507a58fa
02bacb4e88c87b19f3be55c362e81b640ecbfe38
74418e524807b4895d7811cd96d5331f75a7d4d36a57c1f682b727e674b0c9e4
GET /go/bn?key=647a534f9f5fb9ced25ee7db57ef9c72&cp.adsource=Sw_cr_br&vt=[vt]&w=300&h=250&cp.referer=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html&fid=655e0164911d2a4d&cp.tanc= HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: sky_uuid=4a1fa77d-b73b-2cf8-a5cb-9d982c07fc37; otclkbid=VUG31mKFfTelneA; hbrdcookie2=a2ce112f40850d383642; ohmybid=f1626fd8-daf4-45d1-8eb1-3c415ced7786; solta=ZWP4jRwhI48; bzcookie=0595ada9-a835-4e1d-6786-6c3b23cbc810; sapecookie=0100007F8DF86365490EF34E02491D1F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:52 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
x-movieads-path: /
x-movieads-referrer: https://hd.lordserial2.me/
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordserial2.me
x-movieads-udata: cache,parsed,43435
x-cache-source: Yac
x-movieads-mrc: no
x-movieads-ref: {"Scheme":"https","Opaque":"","User":null,"Host":"hd.lordserial2.me","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
static.filmskino.site/hls/trailers/Mhyjunn5pjM.mp4/index.m3u8
200 OK 355 B URL GET HTTP/1.1 static.filmskino.site/hls/trailers/Mhyjunn5pjM.mp4/index.m3u8
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://videotoday.site/mp_dist/td/trhls.html?v5613017984
Certificate IssuerLet's Encrypt
Subjectstatic.filmskino.site
Fingerprint6E:8F:8F:89:03:E1:65:6F:AE:73:8A:6F:6B:A2:B1:02:C1:FE:D3:C7
ValidityMon, 02 Oct 2023 16:05:08 GMT - Sun, 31 Dec 2023 16:05:07 GMT
Hash 90667a32c88c949fac3418ff1d1a63dd
db9c6c35a92128932e3651a455896771934e6c2f
d17a9a3fd9be997b77e6db316ff32641e0201593617fe26a03bcf61bf6d55e7a
GET /hls/trailers/Mhyjunn5pjM.mp4/index.m3u8 HTTP/1.1
Host: static.filmskino.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videotoday.site
DNT: 1
Connection: keep-alive
Referer: https://videotoday.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:52 GMT
Content-Type: application/vnd.apple.mpegurl
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"3a1794b0-12c7"
Expires: Wed, 06 Mar 2024 02:01:52 GMT
Cache-Control: max-age=8640000
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
static.filmskino.site/hls/trailers/Mhyjunn5pjM.mp4/seg-1-v1-a1.ts
200 OK 509 kB URL GET HTTP/1.1 static.filmskino.site/hls/trailers/Mhyjunn5pjM.mp4/seg-1-v1-a1.ts
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://videotoday.site/mp_dist/td/trhls.html?v5613017984
Certificate IssuerLet's Encrypt
Subjectstatic.filmskino.site
Fingerprint6E:8F:8F:89:03:E1:65:6F:AE:73:8A:6F:6B:A2:B1:02:C1:FE:D3:C7
ValidityMon, 02 Oct 2023 16:05:08 GMT - Sun, 31 Dec 2023 16:05:07 GMT
File type MPEG transport stream data\012- data
Size 509 kB (508728 bytes)
Hash e8b196b5c11557d28a7c885f09a76189
a8655dd0b6d23d57885fbd9411e3c0357ac26bf3
c7ed8179f8a9503a61f14404ea782a81df21981e62706a2e6cb9d18d788adb06
GET /hls/trailers/Mhyjunn5pjM.mp4/seg-1-v1-a1.ts HTTP/1.1
Host: static.filmskino.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videotoday.site
DNT: 1
Connection: keep-alive
Referer: https://videotoday.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:52 GMT
Content-Type: video/MP2T
Content-Length: 508728
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Connection: keep-alive
ETag: "3a1794b0-7c338"
Expires: Wed, 06 Mar 2024 02:01:52 GMT
Cache-Control: max-age=8640000
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
static.filmskino.site/hls/trailers/Mhyjunn5pjM.mp4/seg-2-v1-a1.ts
200 OK 428 kB URL GET HTTP/1.1 static.filmskino.site/hls/trailers/Mhyjunn5pjM.mp4/seg-2-v1-a1.ts
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://videotoday.site/mp_dist/td/trhls.html?v5613017984
Certificate IssuerLet's Encrypt
Subjectstatic.filmskino.site
Fingerprint6E:8F:8F:89:03:E1:65:6F:AE:73:8A:6F:6B:A2:B1:02:C1:FE:D3:C7
ValidityMon, 02 Oct 2023 16:05:08 GMT - Sun, 31 Dec 2023 16:05:07 GMT
File type MPEG transport stream data\012- TeX font metric data (\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377)\012- data
Size 428 kB (427512 bytes)
Hash 1954bda737419012e50393e9334337a4
c31445bfc06d8416d0d2c71a39ec5604ba4e3115
fa613d27b691b9adb1ec2fce9fcb185abb6e7ef2b482576d3ba0eb7242799af6
GET /hls/trailers/Mhyjunn5pjM.mp4/seg-2-v1-a1.ts HTTP/1.1
Host: static.filmskino.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videotoday.site
DNT: 1
Connection: keep-alive
Referer: https://videotoday.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:52 GMT
Content-Type: video/MP2T
Content-Length: 427512
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Connection: keep-alive
ETag: "3a1794b0-685f8"
Expires: Wed, 06 Mar 2024 02:01:52 GMT
Cache-Control: max-age=8640000
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
static.filmskino.site/hls/trailers/Mhyjunn5pjM.mp4/seg-3-v1-a1.ts
200 OK 331 kB URL GET HTTP/1.1 static.filmskino.site/hls/trailers/Mhyjunn5pjM.mp4/seg-3-v1-a1.ts
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://videotoday.site/mp_dist/td/trhls.html?v5613017984
Certificate IssuerLet's Encrypt
Subjectstatic.filmskino.site
Fingerprint6E:8F:8F:89:03:E1:65:6F:AE:73:8A:6F:6B:A2:B1:02:C1:FE:D3:C7
ValidityMon, 02 Oct 2023 16:05:08 GMT - Sun, 31 Dec 2023 16:05:07 GMT
File type MPEG transport stream data\012- TeX font metric data (\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377)\012- data
Size 331 kB (331256 bytes)
Hash 929b4c3e4d3dd8867952e5f009cec825
f2d935b99106fdd34d11e7f6fbdf534298e19b8d
e8117501ac95f0e31894ef85fd44565c1e82195ce619cd24b05cb656903ff877
GET /hls/trailers/Mhyjunn5pjM.mp4/seg-3-v1-a1.ts HTTP/1.1
Host: static.filmskino.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videotoday.site
DNT: 1
Connection: keep-alive
Referer: https://videotoday.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:52 GMT
Content-Type: video/MP2T
Content-Length: 331256
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Connection: keep-alive
ETag: "3a1794b0-50df8"
Expires: Wed, 06 Mar 2024 02:01:52 GMT
Cache-Control: max-age=8640000
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
cs.alfasense.com/pixeljs
200 OK 5.3 kB IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.com
Fingerprint92:58:B8:97:87:98:3A:5B:01:DA:24:13:D3:B2:D4:AF:F5:07:AE:9E
ValiditySat, 10 Dec 2022 23:58:10 GMT - Thu, 11 Jan 2024 23:58:09 GMT
File type ASCII text, with very long lines (5253), with no line terminators
Hash 86927c5aaa63904360dae1b13a303fc9
20d2cb29e2a5353e086d787e88c4b35f371a0335
77a4d52a453fe33f34a3567a27f86062e0ca6c343167e41b779f3be28e6a3f78
GET /pixeljs HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Nov 2023 02:01:52 GMT
Content-Type: application/javascript
Content-Length: 5253
Connection: keep-alive
Server: fasthttp
Set-Cookie: uuid=ded2ffbb-fa35-455f-907f-eda9cea0eccb; expires=Sun, 17 Nov 2024 02:01:52 GMT; domain=alfasense.com; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes
v.alfasrv.com/stats/2x2.png?s=104707&e=r&t=p
200 OK 95 B URL GET HTTP/1.1 v.alfasrv.com/stats/2x2.png?s=104707&e=r&t=p
IP
ASN #200350 Yandex.Cloud LLC
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasrv.com
Fingerprint4B:8A:22:65:23:10:74:25:5D:40:3B:78:20:8D:F8:82:A4:50:44:90
ValidityTue, 10 Oct 2023 09:20:49 GMT - Sun, 10 Nov 2024 09:20:48 GMT
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9591c410148e6883727c5339fd1c02cd
3442a95fe890ce4769b36b2ecc611b801a54cfb5
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
GET /stats/2x2.png?s=104707&e=r&t=p HTTP/1.1
Host: v.alfasrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Mon, 27 Nov 2023 02:01:52 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
Last-Modified: Monday, 27-Nov-2023 02:01:52 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Accept-Ranges: bytes
s.alfasrv.com/events/1x1.png?s=104707&e=r&t=p
200 OK 95 B URL GET HTTP/2 s.alfasrv.com/events/1x1.png?s=104707&e=r&t=p
IP
ASN #200350 Yandex.Cloud LLC
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasrv.com
Fingerprint4B:8A:22:65:23:10:74:25:5D:40:3B:78:20:8D:F8:82:A4:50:44:90
ValidityTue, 10 Oct 2023 09:20:49 GMT - Sun, 10 Nov 2024 09:20:48 GMT
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9591c410148e6883727c5339fd1c02cd
3442a95fe890ce4769b36b2ecc611b801a54cfb5
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
GET /events/1x1.png?s=104707&e=r&t=p HTTP/1.1
Host: s.alfasrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Mon, 27 Nov 2023 02:01:53 GMT
content-type: image/png
content-length: 95
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Original-Referer
access-control-allow-credentials: true
cache-control: no-cache,no-store
expires: Tue, 01 Jan 1980 1:00:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
ssp.afp.ai/api/sync/alfadart?skipme=ded2ffbb-fa35-455f-907f-eda9cea0eccb
302 Found 0 B URL GET HTTP/1.1 ssp.afp.ai/api/sync/alfadart?skipme=ded2ffbb-fa35-455f-907f-eda9cea0eccb
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerSectigo Limited
Subject*.afp.ai
Fingerprint6D:78:55:60:8D:74:D7:2E:9F:A5:B1:56:72:76:A6:20:F9:7E:E4:4F
ValidityMon, 23 Oct 2023 00:00:00 GMT - Tue, 24 Sep 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/sync/alfadart?skipme=ded2ffbb-fa35-455f-907f-eda9cea0eccb HTTP/1.1
Host: ssp.afp.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: afp_cookie=gAAAAABlY_iO6EfDDl037Uug6eiPNW85NMkPzNJIYbeVMO2K0SWfxotCtsIGRPXuLvwDjN23JWgY1SUYXSYAJEIrhy8_fBZq9_cMSD_60C8M1ZLQyJhmqCAfX5ZPAJTGwsVpPk6LtESqfdyF40XWPy8V4Ieg2CFgvmhnxkjcf1Me8HMDfvQZV1heF0h78w3GzV65iWbidHrU$
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Mon, 27 Nov 2023 02:01:53 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Allow-Origin:
Access-Control-Allow-Credentials: true
Location: https://cs.alfasense.com/p?ssp=al&id=11324ce3-43e9-41cf-a438-ae6058677b51
Set-Cookie: afp_cookie=gAAAAABlY_iRfM0rRBGe-qsq8nTz3zZJjiGibP0j662h6CSgjv68bctsIAeughtjoW_TA6obuDEyMHMS6RsiOHy9BIMK0Osr4fkbUEHbisLwZnHHLxZO_ItE_lQSO5BTuAzbVX4fFKkmwt1845miofp2Mqj6paLY5llsWpf9rdWzO_ZW3Vov9tg5wTiB0W2Tb0Sm_IVJybHpZotW-XiK86GHCc0gju_ChXxnR1-xkS-d-xYP-ONhCok=$; expires=Wed, 27 Dec 2023 02:01:53 GMT; path=/; secure; SameSite=None
sync.upravel.com/alfadart/sync?uid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
302 Found 0 B URL GET HTTP/2 sync.upravel.com/alfadart/sync?uid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
IP
ASN #24940 Hetzner Online GmbH
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.upravel.com
Fingerprint4C:ED:03:57:58:43:18:2C:CC:41:F3:3B:19:72:75:BD:29:C1:04:08
ValiditySat, 29 Apr 2023 07:48:21 GMT - Thu, 30 May 2024 07:48:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /alfadart/sync?uid=ded2ffbb-fa35-455f-907f-eda9cea0eccb HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: session_tptc=1701050510416; user_id=c222368e-fec7-4f30-bf4d-48edd40ffd17
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Mon, 27 Nov 2023 02:01:53 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=c222368e-fec7-4f30-bf4d-48edd40ffd17;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=c222368e-fec7-4f30-bf4d-48edd40ffd17;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://cs.alfasense.com/p?ssp=up&id=c222368e-fec7-4f30-bf4d-48edd40ffd17
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
sync.adspend.space/alfasense?uid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
204 No Content 0 B URL GET HTTP/2 sync.adspend.space/alfasense?uid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
IP
ASN #50340 OOO Network of data-centers Selectel
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.adspend.space
FingerprintD2:A9:45:D9:7D:4F:04:B2:D9:24:CC:62:7C:3B:4A:4E:C5:5C:CD:24
ValidityTue, 29 Aug 2023 13:03:53 GMT - Mon, 27 Nov 2023 13:03:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /alfasense?uid=ded2ffbb-fa35-455f-907f-eda9cea0eccb HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx/1.22.1
date: Mon, 27 Nov 2023 02:01:53 GMT
X-Firefox-Spdy: h2
a.adsource.tech/sync?id=ded2ffbb-fa35-455f-907f-eda9cea0eccb&ssp=Alfasense
204 No Content 0 B URL GET HTTP/2 a.adsource.tech/sync?id=ded2ffbb-fa35-455f-907f-eda9cea0eccb&ssp=Alfasense
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectadsource.tech
FingerprintA9:D3:6F:42:9D:C2:CC:8A:47:59:1B:20:7F:7D:94:AF:9D:37:C4:86
ValidityThu, 19 Oct 2023 23:09:18 GMT - Wed, 17 Jan 2024 23:09:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?id=ded2ffbb-fa35-455f-907f-eda9cea0eccb&ssp=Alfasense HTTP/1.1
Host: a.adsource.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Mon, 27 Nov 2023 02:01:53 GMT
content-type: text/plain
set-cookie: adpreudid=1; Expires=Wed, 27 Dec 2023 02:01:53 GMT; Domain=adsource.tech; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfIJeb7rTlrmdqSehYz2p1W1RXEuZkXmkUiO7x%2BxPxfmD6zc6KX7EKQfB%2BCUYJJp511L7L1CaTJdy5ItKk8pDwhqL3nWhj2a6gWZr9zohhE6qzR%2Fg56pq1rMvt8C9UGdlg4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c92a8fbdb4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
sync.bumlam.com/?src=asense&uid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
200 OK 43 B URL GET HTTP/1.1 sync.bumlam.com/?src=asense&uid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
IP
ASN #44066 diva-e Datacenters GmbH
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint08:E4:EB:78:69:AA:1C:77:24:F5:D4:0F:6C:52:FC:A6:D3:74:90:D0
ValidityMon, 16 Oct 2023 05:30:36 GMT - Sun, 14 Jan 2024 05:30:35 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /?src=asense&uid=ded2ffbb-fa35-455f-907f-eda9cea0eccb HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: suuid3=IiRlZGE3MDNmZS04Y2M4LTExZWUtYmJiMS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:53 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: suuid3=IiRlZGE3MDNmZS04Y2M4LTExZWUtYmJiMS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Sun, 22 Nov 2043 02:01:53 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
sync.programmatica.com/match/Alfasense?id=ded2ffbb-fa35-455f-907f-eda9cea0eccb
200 OK 43 B URL GET HTTP/2 sync.programmatica.com/match/Alfasense?id=ded2ffbb-fa35-455f-907f-eda9cea0eccb
IP
ASN #24940 Hetzner Online GmbH
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.programmatica.com
FingerprintE4:B6:ED:A7:02:18:8C:3F:D0:A3:8D:04:EE:40:21:0A:0E:83:D1:D6
ValidityThu, 15 Dec 2022 17:05:13 GMT - Tue, 16 Jan 2024 17:05:12 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/Alfasense?id=ded2ffbb-fa35-455f-907f-eda9cea0eccb HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:53 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
cs.agency2.ru/p?ssp=al&uid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
301 Moved Permanently 0 B URL GET HTTP/1.1 cs.agency2.ru/p?ssp=al&uid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subjectapi.agency2.ru
Fingerprint50:48:39:D7:EB:8F:8E:E7:36:A3:F3:08:25:93:84:7F:6B:36:24:95
ValidityMon, 16 Oct 2023 23:38:04 GMT - Sun, 14 Jan 2024 23:38:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=al&uid=ded2ffbb-fa35-455f-907f-eda9cea0eccb HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: uuid=a425a41b-3fd8-4b21-b431-4bf534b65397
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Mon, 27 Nov 2023 02:01:53 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://cs.alfasense.com/p?ssp=a2&uid=a425a41b-3fd8-4b21-b431-4bf534b65397
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
exchange.buzzoola.com/cookiesync/redirect?skip2=ded2ffbb-fa35-455f-907f-eda9cea0eccb&redirect_url=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dbz%26uid%3D%24%7BUUID%7D
301 Moved Permanently 113 B URL GET HTTP/2 exchange.buzzoola.com/cookiesync/redirect?skip2=ded2ffbb-fa35-455f-907f-eda9cea0eccb&redirect_url=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dbz%26uid%3D%24%7BUUID%7D
IP
ASN #24940 Hetzner Online GmbH
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
File type HTML document, ASCII text
Hash 4433c13748ef370249be8fa07a699b52
dc931b2f37ed947aac58b194f74879c994c7ff52
954fe1dd7a7082b4a3309c10e73efd3e8766f29fbb142111154ba4424539662c
GET /cookiesync/redirect?skip2=ded2ffbb-fa35-455f-907f-eda9cea0eccb&redirect_url=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dbz%26uid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: uuid=84857c0c-460c-462c-6f35-7f64a7be6a1e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 27 Nov 2023 02:01:53 GMT
content-type: text/html; charset=utf-8
content-length: 113
location: https://cs.alfasense.com/p?ssp=bz&uid=84857c0c-460c-462c-6f35-7f64a7be6a1e
serverid: TODO
X-Firefox-Spdy: h2
www.acint.net/rmatch?dp=185&euid=ded2ffbb-fa35-455f-907f-eda9cea0eccb&r=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dsp%26uid%3D%24%7BUSER_ID%7D
302 Found 154 B URL GET HTTP/2 www.acint.net/rmatch?dp=185&euid=ded2ffbb-fa35-455f-907f-eda9cea0eccb&r=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dsp%26uid%3D%24%7BUSER_ID%7D
IP
ASN #24940 Hetzner Online GmbH
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintD1:98:D5:B7:91:FF:E3:AC:0C:2E:5F:9E:20:DE:E5:45:A8:C2:0E:B1
ValidityTue, 31 Oct 2023 03:36:00 GMT - Mon, 29 Jan 2024 03:35:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=185&euid=ded2ffbb-fa35-455f-907f-eda9cea0eccb&r=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dsp%26uid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: test_cookie=CheckForPermission; aid=fwAAAWVj+I1O8w5JHx1JAgKl8zlwgCWXNxsmefX90I41kwyY; cSyncDp14v5=1701050509; cSyncDp17v2=1701050509; cSyncDp45v5=1701050509; cSyncDp53v5=1701050509; cSyncDp62v2=1701050509; cSyncDp67v3=1701050509; cSyncDp68v2=1701050509; cSyncDp71v2=1701050509; cSyncDp80v2=1701050509; cSyncDp85v2=1701050509; cSyncDp95v4=1701050509; cSyncDp98v3=1701050509; cSyncDp104v2=1701050509; cSyncDp107v2=1701050509; cSyncDp110v3=1701050509; cSyncDp125v4=1701050509; cSyncDp126v2=1701050509; cSyncDp127v2=1701050509; cSyncDp129v2=1701050509; cSyncDp136v3=1701050509; cSyncDp146v2=1701050509; cSyncDp148v2=1701050509; cSyncDp149v3=1701050509; cSyncDp151v2=1701050509; cSyncDp178v2=1701050509; cSyncDp186v2=1701050509; cSyncDp217v2=1701050509; cSyncDp221v2=1701050509; cSyncDp235v2=1701050509; cSyncDp239v2=1701050509; cSyncDp243v2=1701050509; cSyncDp260v2=1701050509; cSyncDp244v2=1701050509; cSyncDp248v2=1701050509; cSyncDp261v1=1701050509; cSyncDp14v4=1701050509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 27 Nov 2023 02:01:53 GMT
content-type: text/html
content-length: 154
location: https://cs.alfasense.com/p?ssp=sp&uid=0100007F8DF86365490EF34E02491D1F
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
kimberlite.io/rtb/sync/alfasense?u=ded2ffbb-fa35-455f-907f-eda9cea0eccb
307 Temporary Redirect 0 B URL GET HTTP/1.1 kimberlite.io/rtb/sync/alfasense?u=ded2ffbb-fa35-455f-907f-eda9cea0eccb
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.kimberlite.io
Fingerprint94:44:D9:27:EE:9B:5F:DE:36:07:ED:BA:1A:1D:62:2A:31:B6:43:72
ValidityFri, 10 Mar 2023 07:40:01 GMT - Wed, 10 Apr 2024 07:40:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/sync/alfasense?u=ded2ffbb-fa35-455f-907f-eda9cea0eccb HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: as=-WrUeGVj-I4; f=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D243%26euid%3DZWP4jRuyoq4; n=1; u=ZWP4jRuyoq4~Y5P2yQgXk4OdZsMTXZahsXBGHSE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Mon, 27 Nov 2023 02:01:53 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: as=OFrH4WVj-JH5atR4ZWP4jg; max-age=604800; samesite=none; httponly; secure
n=2; max-age=30; samesite=none; httponly; secure
location: https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZWP4jRuyoq4
referrer-policy: no-referrer
server-timing: app;srv=6;dur=0.0001
match.new-programmatic.com/userbind?src=alfasense&id=ded2ffbb-fa35-455f-907f-eda9cea0eccb
302 Found 0 B URL GET HTTP/1.1 match.new-programmatic.com/userbind?src=alfasense&id=ded2ffbb-fa35-455f-907f-eda9cea0eccb
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subjectad.ad-blast.ru
FingerprintF3:B7:15:BC:2F:A8:7D:5A:73:CB:BC:43:B8:4C:EA:11:17:2B:7A:34
ValiditySat, 07 Oct 2023 18:59:50 GMT - Fri, 05 Jan 2024 18:59:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=alfasense&id=ded2ffbb-fa35-455f-907f-eda9cea0eccb HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Mon, 27 Nov 2023 02:01:53 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
Location: https://cs.alfasense.com/p?ssp=tg&redir=0&id=
s.uuidksinc.net/match/1215/?remote_uid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
302 Found 0 B URL GET HTTP/2 s.uuidksinc.net/match/1215/?remote_uid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subjectuuidksinc.net
Fingerprint24:9D:6D:A2:89:55:7D:CD:A6:BD:59:A3:21:F2:65:41:A8:9D:38:99
ValidityThu, 09 Nov 2023 23:20:21 GMT - Wed, 07 Feb 2024 23:20:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/1215/?remote_uid=ded2ffbb-fa35-455f-907f-eda9cea0eccb HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: jcsuuid=nOg4lefBI4xtKGOWy3Gg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.23.2
date: Mon, 27 Nov 2023 02:01:53 GMT
content-length: 0
location: https://cs.alfasense.com/p?ssp=kd&uid=nOg4lefBI4xtKGOWy3Gg
set-cookie: jcsuuid=nOg4lefBI4xtKGOWy3Gg; expires=Tue, 26 Nov 2024 02:01:53 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
cs.agency2.ru/p?ssp=ai&skipme=ded2ffbb-fa35-455f-907f-eda9cea0eccb
301 Moved Permanently 0 B URL GET HTTP/1.1 cs.agency2.ru/p?ssp=ai&skipme=ded2ffbb-fa35-455f-907f-eda9cea0eccb
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subjectapi.agency2.ru
Fingerprint50:48:39:D7:EB:8F:8E:E7:36:A3:F3:08:25:93:84:7F:6B:36:24:95
ValidityMon, 16 Oct 2023 23:38:04 GMT - Sun, 14 Jan 2024 23:38:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=ai&skipme=ded2ffbb-fa35-455f-907f-eda9cea0eccb HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: uuid=a425a41b-3fd8-4b21-b431-4bf534b65397
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Mon, 27 Nov 2023 02:01:53 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://x01.aidata.io/0.gif?pid=7140034&id=a425a41b-3fd8-4b21-b431-4bf534b65397
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
const.uno/id.json?p=5
200 OK 13 B IP
ASN #12695 LLC Digital Network
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subjectconst.uno
FingerprintF3:55:FF:DF:CF:D2:5B:10:0C:D3:01:CB:10:2A:F0:23:D4:D3:B1:04
ValidityFri, 13 Oct 2023 08:17:54 GMT - Thu, 11 Jan 2024 08:17:53 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash f51f496a0658094e8eae3ee01c8c45ab
0f3ec02ab5185dfc13a4f1dc7ed01c6f400f39b6
d32acf592f7f63460ff06711e1a9d41fbf6327a03303ae840e83fa9ef278d8f1
GET /id.json?p=5 HTTP/1.1
Host: const.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:53 GMT
Content-Type: application/json
Content-Length: 13
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hd.lordserial2.me
ssp-rtb.sape.ru/prebid
204 No Content 0 B IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.sape.ru
FingerprintF9:61:5C:64:81:FD:57:C2:4A:BD:6B:12:D4:7E:02:5E:83:8E:3E:40
ValiditySun, 08 Oct 2023 01:41:50 GMT - Sat, 06 Jan 2024 01:41:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 911
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: sspuid=CkIDTmVj+I2bEwA0wRzqAqn6XMdE6IKHJUkuUU/xM6Oyp0DR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: openresty
Date: Mon, 27 Nov 2023 02:01:53 GMT
Content-Type: text/html
Connection: keep-alive
Access-Control-Allow-Origin: https://hd.lordserial2.me
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST
X-YaRequestId: 07dba3657db8439292de1e5e8642d571
X-YaSpanId: 54f4cd48c04475bb
X-YaTraceId: 363fdb361cf146bc860e8d982e77409b
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
hd.lordserial2.me/engine/ajax/controller.php?mod=adminfunction&id=146&action=newsread&user_hash=39adc8963e756445da4a3d85a1c7e3f098593a1d
200 OK 41 B URL GET HTTP/3 hd.lordserial2.me/engine/ajax/controller.php?mod=adminfunction&id=146&action=newsread&user_hash=39adc8963e756445da4a3d85a1c7e3f098593a1d
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
GET /engine/ajax/controller.php?mod=adminfunction&id=146&action=newsread&user_hash=39adc8963e756445da4a3d85a1c7e3f098593a1d HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hd.lordserial2.me/146-kasl-sv-13.html
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103; viewed_ids=146; _ma=82eb872c-f7d7-41b3-9039-71554fb4ce85; cf_clearance=zn4A8GCd.QIcD9fAq_bDmMMPDwcN90.QAFzlUWdrS8M-1701050508-0-1-730ca2d2.73a07051.5b213570-0.2.1701050508; _pbjs_userid_consent_data=3524755945110770; "_pubcid"=e8dd06c7-4fc9-48a0-9075-1c71d97f20c0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 27 Nov 2023 02:01:53 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FylsIYAbQvcGvUOpcMtIRIbuABveiyw6zyaYuvqe5A3uQjxzNtsV0QOgdPQ1SRFDjDCZ4vJdFE3E3kenNENYTICkO8FPyGx3lVs5ZKH%2BQ%2FYuN1bM%2BE0drlMggb5fMoLeg3hUFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c92b6b5156c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
pbs.alfasense.com/yandex/auction
200 OK 11 B URL POST HTTP/1.1 pbs.alfasense.com/yandex/auction
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.com
Fingerprint92:58:B8:97:87:98:3A:5B:01:DA:24:13:D3:B2:D4:AF:F5:07:AE:9E
ValiditySat, 10 Dec 2022 23:58:10 GMT - Thu, 11 Jan 2024 23:58:09 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 9cc989d2e211083e0a170316914f1d06
392cd18d051f72b887529ac2998da54749f1338f
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
POST /yandex/auction HTTP/1.1
Host: pbs.alfasense.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 272
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: uuid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Nov 2023 02:01:53 GMT
Content-Type: application/json
Content-Length: 11
Connection: keep-alive
x-dsp-24__status: 204
x-dsp-22__status: 204
expires: 0
x-geo-cityid: 4000000055
cache-control: no-cache, no-store, must-revalidate
uuid: 59e44433-8ad5-4fac-85f4-44d0efac2315
pragma: no-cache
x-dsp-4__status: 204
x-dsp-8__status: 204
access-control-max-age: 0
Access-Control-Allow-Origin: https://hd.lordserial2.me
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.115.84
Accept-Ranges: bytes
match.qtarget.tech/userbind?src=alfasense&id=ded2ffbb-fa35-455f-907f-eda9cea0eccb
204 No Content 0 B URL GET HTTP/1.1 match.qtarget.tech/userbind?src=alfasense&id=ded2ffbb-fa35-455f-907f-eda9cea0eccb
IP
ASN #12695 LLC Digital Network
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subjectdsp.qtarget.tech
Fingerprint29:6F:E0:4A:F8:5E:3D:84:DF:96:EB:7F:EF:EC:D4:F8:16:19:3A:14
ValiditySun, 12 Nov 2023 07:12:31 GMT - Sat, 10 Feb 2024 07:12:30 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=alfasense&id=ded2ffbb-fa35-455f-907f-eda9cea0eccb HTTP/1.1
Host: match.qtarget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Mon, 27 Nov 2023 06:59:31 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
cs.alfasense.com/p?ssp=up&id=c222368e-fec7-4f30-bf4d-48edd40ffd17
200 OK 35 B URL GET HTTP/1.1 cs.alfasense.com/p?ssp=up&id=c222368e-fec7-4f30-bf4d-48edd40ffd17
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.com
Fingerprint92:58:B8:97:87:98:3A:5B:01:DA:24:13:D3:B2:D4:AF:F5:07:AE:9E
ValiditySat, 10 Dec 2022 23:58:10 GMT - Thu, 11 Jan 2024 23:58:09 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /p?ssp=up&id=c222368e-fec7-4f30-bf4d-48edd40ffd17 HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: uuid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Nov 2023 02:01:53 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes
sync.dmp.otm-r.com/match/videohead_display?id=77778383-7c28-448f-bf62-b0147777b853
204 No Content 0 B URL GET HTTP/2 sync.dmp.otm-r.com/match/videohead_display?id=77778383-7c28-448f-bf62-b0147777b853
IP
ASN #24940 Hetzner Online GmbH
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.dmp.otm-r.com
FingerprintC6:A2:9D:82:0D:D1:C1:2D:A4:ED:7F:05:13:52:5B:94:6B:10:58:D6
ValidityMon, 19 Jun 2023 10:50:51 GMT - Sat, 20 Jul 2024 10:50:50 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/videohead_display?id=77778383-7c28-448f-bf62-b0147777b853 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: mpid=NjU2M2Y4OGQwOWUwYWJiMQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx/1.17.4
date: Mon, 27 Nov 2023 02:01:53 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ssp.hybrid.ai/auction/prebid
204 No Content 0 B URL OPTIONS HTTP/2 ssp.hybrid.ai/auction/prebid
IP
ASN #58272 LeaderTelecom B.V.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerSectigo Limited
Subject*.hybrid.ai
Fingerprint40:F9:88:C5:EF:2B:26:9C:61:DC:CC:ED:B1:67:03:F4:E2:CC:B7:C8
ValidityThu, 14 Sep 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /auction/prebid HTTP/1.1
Host: ssp.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hd.lordserial2.me/
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Mon, 27 Nov 2023 02:01:53 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://hd.lordserial2.me
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server: Hybrid Web Server
X-Firefox-Spdy: h2
ssp.bidvol.com/usersync?dspcsid=135&redirect=1&id=ded2ffbb-fa35-455f-907f-eda9cea0eccb
302 Found 35 B URL GET HTTP/2 ssp.bidvol.com/usersync?dspcsid=135&redirect=1&id=ded2ffbb-fa35-455f-907f-eda9cea0eccb
IP
ASN #24940 Hetzner Online GmbH
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subjectssp.bidvol.com
Fingerprint40:DB:53:6B:41:DC:4B:32:C0:EE:F6:09:5C:13:AF:5C:EF:90:56:90
ValidityThu, 09 Nov 2023 10:21:37 GMT - Wed, 07 Feb 2024 10:21:36 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /usersync?dspcsid=135&redirect=1&id=ded2ffbb-fa35-455f-907f-eda9cea0eccb HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: bvuid=t14um1wp3s
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.22.0
date: Mon, 27 Nov 2023 02:01:52 GMT
x-request-id: 723c141c-3fb5-400e-90d1-991e02f14a87
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
set-cookie: bvuid=t14um1wp3s; Max-Age=2147483647; Domain=.bidvol.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=t14um1wp3s; Max-Age=2147483647; Domain=.bidvol.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
location: https://cs.alfasense.com/p?ssp=bv&uid=t14um1wp3s
X-Firefox-Spdy: h2
cs.alfasense.com/p?ssp=bz&uid=84857c0c-460c-462c-6f35-7f64a7be6a1e
200 OK 35 B URL GET HTTP/1.1 cs.alfasense.com/p?ssp=bz&uid=84857c0c-460c-462c-6f35-7f64a7be6a1e
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.com
Fingerprint92:58:B8:97:87:98:3A:5B:01:DA:24:13:D3:B2:D4:AF:F5:07:AE:9E
ValiditySat, 10 Dec 2022 23:58:10 GMT - Thu, 11 Jan 2024 23:58:09 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /p?ssp=bz&uid=84857c0c-460c-462c-6f35-7f64a7be6a1e HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: uuid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Nov 2023 02:01:53 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes
ssp.otm-r.com/adjson?tz=0&w=970&h=250&domain=&l=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html&s=38014&cur=RUB&bidid=10e039beee9a2e9&transactionid=0aa007e2-a588-4a48-9a1c-8a603ec7838c&auctionid=4926f9bd-3e9a-4e32-876c-1a05aa4d2269&bidfloor=0
200 OK 2 B URL GET HTTP/2 ssp.otm-r.com/adjson?tz=0&w=970&h=250&domain=&l=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html&s=38014&cur=RUB&bidid=10e039beee9a2e9&transactionid=0aa007e2-a588-4a48-9a1c-8a603ec7838c&auctionid=4926f9bd-3e9a-4e32-876c-1a05aa4d2269&bidfloor=0
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.otm-r.com
FingerprintDE:D2:E7:8E:11:AC:D8:80:39:F5:5D:C2:86:9D:33:3F:95:71:FA:58
ValidityMon, 19 Jun 2023 10:49:55 GMT - Sat, 20 Jul 2024 10:49:54 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /adjson?tz=0&w=970&h=250&domain=&l=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html&s=38014&cur=RUB&bidid=10e039beee9a2e9&transactionid=0aa007e2-a588-4a48-9a1c-8a603ec7838c&auctionid=4926f9bd-3e9a-4e32-876c-1a05aa4d2269&bidfloor=0 HTTP/1.1
Host: ssp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: mpid=NjU2M2Y4OGQwOWUwYWJiMQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.23.2
date: Mon, 27 Nov 2023 02:01:53 GMT
content-type: application/javascript
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordserial2.me
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: mpid=NjU2M2Y4OGQwOWUwYWJiMQ==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
vary: Origin
X-Firefox-Spdy: h2
cs.alfasense.com/p?ssp=um&id=a329d164-906b-41e8-bd52-adb79ead3c20
200 OK 35 B URL GET HTTP/1.1 cs.alfasense.com/p?ssp=um&id=a329d164-906b-41e8-bd52-adb79ead3c20
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.com
Fingerprint92:58:B8:97:87:98:3A:5B:01:DA:24:13:D3:B2:D4:AF:F5:07:AE:9E
ValiditySat, 10 Dec 2022 23:58:10 GMT - Thu, 11 Jan 2024 23:58:09 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /p?ssp=um&id=a329d164-906b-41e8-bd52-adb79ead3c20 HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: uuid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Nov 2023 02:01:53 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes
ssp.hybrid.ai/auction/prebid
204 No Content 0 B URL OPTIONS HTTP/2 ssp.hybrid.ai/auction/prebid
IP
ASN #58272 LeaderTelecom B.V.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerSectigo Limited
Subject*.hybrid.ai
Fingerprint40:F9:88:C5:EF:2B:26:9C:61:DC:CC:ED:B1:67:03:F4:E2:CC:B7:C8
ValidityThu, 14 Sep 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /auction/prebid HTTP/1.1
Host: ssp.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 243
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: vid=a2ce112f40850d383642
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 27 Nov 2023 02:01:53 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordserial2.me
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server: Hybrid Web Server
X-Firefox-Spdy: h2
cs.alfasense.com/p?ssp=tg&redir=0&id=
200 OK 35 B URL GET HTTP/1.1 cs.alfasense.com/p?ssp=tg&redir=0&id=
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.com
Fingerprint92:58:B8:97:87:98:3A:5B:01:DA:24:13:D3:B2:D4:AF:F5:07:AE:9E
ValiditySat, 10 Dec 2022 23:58:10 GMT - Thu, 11 Jan 2024 23:58:09 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /p?ssp=tg&redir=0&id= HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: uuid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Nov 2023 02:01:53 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes
cs.alfasense.com/p?ssp=sp&uid=0100007F8DF86365490EF34E02491D1F
200 OK 35 B URL GET HTTP/1.1 cs.alfasense.com/p?ssp=sp&uid=0100007F8DF86365490EF34E02491D1F
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.com
Fingerprint92:58:B8:97:87:98:3A:5B:01:DA:24:13:D3:B2:D4:AF:F5:07:AE:9E
ValiditySat, 10 Dec 2022 23:58:10 GMT - Thu, 11 Jan 2024 23:58:09 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /p?ssp=sp&uid=0100007F8DF86365490EF34E02491D1F HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: uuid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Nov 2023 02:01:53 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes
cs.alfasense.com/p?ssp=kd&uid=nOg4lefBI4xtKGOWy3Gg
200 OK 35 B URL GET HTTP/1.1 cs.alfasense.com/p?ssp=kd&uid=nOg4lefBI4xtKGOWy3Gg
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.com
Fingerprint92:58:B8:97:87:98:3A:5B:01:DA:24:13:D3:B2:D4:AF:F5:07:AE:9E
ValiditySat, 10 Dec 2022 23:58:10 GMT - Thu, 11 Jan 2024 23:58:09 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /p?ssp=kd&uid=nOg4lefBI4xtKGOWy3Gg HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: uuid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Nov 2023 02:01:53 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes
cs.alfasense.com/p?ssp=a2&uid=a425a41b-3fd8-4b21-b431-4bf534b65397
200 OK 35 B URL GET HTTP/1.1 cs.alfasense.com/p?ssp=a2&uid=a425a41b-3fd8-4b21-b431-4bf534b65397
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.com
Fingerprint92:58:B8:97:87:98:3A:5B:01:DA:24:13:D3:B2:D4:AF:F5:07:AE:9E
ValiditySat, 10 Dec 2022 23:58:10 GMT - Thu, 11 Jan 2024 23:58:09 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /p?ssp=a2&uid=a425a41b-3fd8-4b21-b431-4bf534b65397 HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: uuid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Nov 2023 02:01:53 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes
v.alfasrv.com/stats/2x2.png?s=104707&a=fallback&k1=1&k2=1&e=i&t=p&c=0
200 OK 95 B URL GET HTTP/1.1 v.alfasrv.com/stats/2x2.png?s=104707&a=fallback&k1=1&k2=1&e=i&t=p&c=0
IP
ASN #200350 Yandex.Cloud LLC
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasrv.com
Fingerprint4B:8A:22:65:23:10:74:25:5D:40:3B:78:20:8D:F8:82:A4:50:44:90
ValidityTue, 10 Oct 2023 09:20:49 GMT - Sun, 10 Nov 2024 09:20:48 GMT
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9591c410148e6883727c5339fd1c02cd
3442a95fe890ce4769b36b2ecc611b801a54cfb5
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
GET /stats/2x2.png?s=104707&a=fallback&k1=1&k2=1&e=i&t=p&c=0 HTTP/1.1
Host: v.alfasrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Mon, 27 Nov 2023 02:01:53 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
Last-Modified: Monday, 27-Nov-2023 02:01:53 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Accept-Ranges: bytes
s.alfasrv.com/events/1x1.png?s=104707&a=fallback&k1=1&k2=1&e=i&t=p&c=0
200 OK 95 B URL GET HTTP/2 s.alfasrv.com/events/1x1.png?s=104707&a=fallback&k1=1&k2=1&e=i&t=p&c=0
IP
ASN #200350 Yandex.Cloud LLC
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasrv.com
Fingerprint4B:8A:22:65:23:10:74:25:5D:40:3B:78:20:8D:F8:82:A4:50:44:90
ValidityTue, 10 Oct 2023 09:20:49 GMT - Sun, 10 Nov 2024 09:20:48 GMT
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9591c410148e6883727c5339fd1c02cd
3442a95fe890ce4769b36b2ecc611b801a54cfb5
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
GET /events/1x1.png?s=104707&a=fallback&k1=1&k2=1&e=i&t=p&c=0 HTTP/1.1
Host: s.alfasrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Mon, 27 Nov 2023 02:01:53 GMT
content-type: image/png
content-length: 95
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Original-Referer
access-control-allow-credentials: true
cache-control: no-cache,no-store
expires: Tue, 01 Jan 1980 1:00:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
ads.alfasense.net/adserver/www/images/51832be0e461b298bd87a32e65215bee.jpg
200 OK 26 kB URL GET HTTP/2 ads.alfasense.net/adserver/www/images/51832be0e461b298bd87a32e65215bee.jpg
IP
ASN #52000 Innovation IT Solutions LTD
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.net
Fingerprint15:61:D7:BD:E9:E1:37:36:5F:FD:47:F7:69:F7:5E:53:CD:95:A9:59
ValidityWed, 22 Nov 2023 16:23:03 GMT - Mon, 23 Dec 2024 16:23:02 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 970x250, components 3\012- data
Hash 51832be0e461b298bd87a32e65215bee
f94e6e1bd4c7ccf06f09255011e4c94d8a0ed03f
ed94f56fea851ac27164ed90dd404a9c3ad04530b6139b1c46bc8240b4321e56
GET /adserver/www/images/51832be0e461b298bd87a32e65215bee.jpg HTTP/1.1
Host: ads.alfasense.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: OAID=01000111010001000101000001010010
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:53 GMT
content-type: image/jpeg
content-length: 26410
last-modified: Tue, 18 Jul 2023 14:36:01 GMT
etag: "64b6a351-672a"
content-security-policy: frame-ancestors 'self';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
accept-ranges: bytes
set-cookie: SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
5.8 kB URL aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
IP
File type gzip compressed data, max speed, from Unix\012- data
Hash 10f286be35f9cb305ad394ea4104fc1c
4c57898405d1d64506bf4bd7eb7dea83be6efda7
6e7c13bda12bc46a3e004da9936727920f4ea7c97de3900ca7bd5f00b2cac449
GET /update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:02:06 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2023-12-29-19-51-25.chain; p384ecdsa=vRzWQqjsaoKkJ_eoMaSsiNtlm785pCoZclJ7vv6ORgfHTb4Ackk-p7cCb8oVdJ_zMk-aU0HDfOzNBgqlHd1r3Kv9l5ZnN_bqGNJGsEHfzVWlgW-ZXu-iyNVDijjQd-q7
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
512 kB URL ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
IP
ASN #20940 Akamai International B.V.
File type Zip archive data, at least v2.0 to extract, compression method=deflate\012- data
Size 512 kB (511815 bytes)
Hash 152eda253e242e18443ef3282495bc7c
ff0fa85565f21ec4931baad4573b4c0bd08c4019
8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48
GET /openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Last-Modified: Thu, 16 Nov 2023 07:38:15 GMT
ETag: 152eda253e242e18443ef3282495bc7c
Content-Length: 511815
Accept-Ranges: bytes
X-Timestamp: 1700120294.87662
Content-Type: application/zip
X-Trans-Id: tx35e1afa589ba4bd9a93ea-006556c567dfw1
Cache-Control: public, max-age=94026
Expires: Tue, 28 Nov 2023 04:09:12 GMT
Date: Mon, 27 Nov 2023 02:02:06 GMT
Connection: keep-alive
ads.alfasense.net/adserver/www/delivery/asyncjs.php
200 OK 7.1 kB URL GET HTTP/2 ads.alfasense.net/adserver/www/delivery/asyncjs.php
IP
ASN #52000 Innovation IT Solutions LTD
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.net
Fingerprint15:61:D7:BD:E9:E1:37:36:5F:FD:47:F7:69:F7:5E:53:CD:95:A9:59
ValidityWed, 22 Nov 2023 16:23:03 GMT - Mon, 23 Dec 2024 16:23:02 GMT
File type HTML document text\012- C source text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7079), with no line terminators
Hash e1e03cf9aea0cc1663c2b7daca219be7
4bf60740db7398d5738ffb333ad49985db25ab15
8b08c24aff84f645f9879d3c3e013b367be99cbdb4f482d1582d436283f38d15
GET /adserver/www/delivery/asyncjs.php HTTP/1.1
Host: ads.alfasense.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:53 GMT
content-type: text/javascript;charset=UTF-8
etag: 1079f85a6f7f7d83640b17a26d3394d5
expire: Mon, 27 Nov 2023 03:01:53 GMT
cache-control: private, max-age=3600
p3p: CP="CUR ADM OUR NOR STA NID"
content-security-policy: frame-ancestors 'self';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
set-cookie: SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
code.moviead55.ru/go/bmap?v=647a534f9f5fb9ced25ee7db57ef9c72&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html&maid=82eb872c-f7d7-41b3-9039-71554fb4ce85&rel=true&rnd=1701050530835&cnt=2
65 kB URL code.moviead55.ru/go/bmap?v=647a534f9f5fb9ced25ee7db57ef9c72&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html&maid=82eb872c-f7d7-41b3-9039-71554fb4ce85&rel=true&rnd=1701050530835&cnt=2
IP
ASN #6681 Rozetka Sp. z o.o.
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
File type gzip compressed data, from Unix\012- data
Hash 40e900b34586756b29c27ac16d7142f4
108fb2bc8b87381c7159a1d66fc3c910a7e0b779
b5a1a2a6b1a50ca0fdceb571b71413c378c795c3d8f4ea9e26ab00383860cc0f
GET /go/bmap?v=647a534f9f5fb9ced25ee7db57ef9c72&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html&maid=82eb872c-f7d7-41b3-9039-71554fb4ce85&rel=true&rnd=1701050530835&cnt=2 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: sky_uuid=4a1fa77d-b73b-2cf8-a5cb-9d982c07fc37; otclkbid=VUG31mKFfTelneA; hbrdcookie2=a2ce112f40850d383642; ohmybid=f1626fd8-daf4-45d1-8eb1-3c415ced7786; solta=ZWP4jRwhI48; bzcookie=0595ada9-a835-4e1d-6786-6c3b23cbc810; sapecookie=0100007F8DF86365490EF34E02491D1F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:02:07 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
x-movieads-udata: cache,parsed,30300
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
hd.lordserial2.me/templates/lordfun/images/ft-logo2.png
200 OK 1.7 kB URL GET HTTP/3 hd.lordserial2.me/templates/lordfun/images/ft-logo2.png
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
File type PNG image data, 180 x 70, 8-bit colormap, non-interlaced\012- data
Hash ef077755be2b48ef80cf8347a6d34405
60cac22bab1548eec86ee33aca2f10971128f204
4cc1ad38721d2a465b02ad8c9ad234ce2a9843dd8c56f79ceaece02b45df5e03
GET /templates/lordfun/images/ft-logo2.png HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/templates/lordfun/style/full.css?v=2.6
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 27 Nov 2023 02:01:47 GMT
content-type: image/png
last-modified: Fri, 07 Jul 2023 00:28:51 GMT
vary: Accept-Encoding
etag: W/"64a75c43-6cb"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5913
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HlDJIjGCPnKxKTr%2BQZjc9ukIC8fnX2qD0Qh%2FMBapdjAZK1EEQNG5VCR9%2FoK27pPiaFgbbINN9yqkQwlWF53OeLutZ7yvOiabfH73r4Cyg1WY8rJvBDIBRszN2X1U%2BEeP3XgGfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c90acddd56c1-OSL
alt-svc: h3=":443"; ma=86400
s.myangular.life/player?cat=support&hit=find&description=yes
200 OK 0 B URL GET HTTP/1.1 s.myangular.life/player?cat=support&hit=find&description=yes
IP
ASN #24940 Hetzner Online GmbH
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerSectigo Limited
Subjects.myangular.life
Fingerprint3A:21:0F:72:24:43:49:14:06:28:C6:D0:A6:10:6B:D7:B2:EA:5A:66
ValidityTue, 04 Apr 2023 00:00:00 GMT - Sat, 04 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player?cat=support&hit=find&description=yes HTTP/1.1
Host: s.myangular.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.bedemp2.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:48 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
lordserialx.xyz/146-kasl-81.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html
302 Found 58 kB URL User Request GET HTTP/2 lordserialx.xyz/146-kasl-81.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html
IP
Certificate IssuerLet's Encrypt
Subjectlordserialx.xyz
FingerprintAB:4D:22:F6:A1:E7:8B:F1:F7:83:18:7C:D4:11:CE:43:E7:EF:46:20
ValidityTue, 24 Oct 2023 10:43:43 GMT - Mon, 22 Jan 2024 10:43:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /146-kasl-81.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html HTTP/1.1
Host: lordserialx.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 27 Nov 2023 02:01:47 GMT
content-type: text/html; charset=UTF-8
location: https://hd.lordserial2.me/146-kasl-81.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html
x-powered-by: PHP/7.4.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=f182ac65f98509b4ba1b0e210d80d2da; path=/; secure; HttpOnly
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTJM1zPd19%2Bh%2FtfNLXClP1SLOwcfp2vXylGPMrWonmuFl7ffbTPgIER90RRONoJWD4qalzdRVXVMX6MsiwRIlq2DzDg8xgQIqqlljMC1OeYDcriY3hT3KvF7WdJaiPUYqhI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c9046cd2b511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
yandex.ru/ads/system/header-bidding.js
200 OK 114 kB URL GET HTTP/2 yandex.ru/ads/system/header-bidding.js
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.xn--d1acpjx3f.xn--p1ai
FingerprintE4:BA:B2:7F:BF:93:B8:22:10:26:70:37:9C:03:1A:9D:FB:23:17:24
ValidityWed, 21 Jun 2023 13:42:48 GMT - Tue, 19 Dec 2023 20:59:59 GMT
File type ASCII text, with very long lines (65479)
Size 114 kB (113831 bytes)
Hash 1982dd9a95d7dd8cc00b8e7109d23329
d0b7b6fd002e86e1b40cb50b86090538abd75726
91a960779de376492635494e6271800550322f29aae3365059d8a7be80214510
GET /ads/system/header-bidding.js HTTP/1.1
Host: yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
timing-allow-origin: *
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-content-type-options: nosniff
access-control-allow-origin: *
set-cookie: i=oEq6m5BejF0L5mnCxdfMRj8bAJzjXvVS2xYHA8FvzlUHlen7SS8Kgnhxx4Qmu07W5mBh2eT24NQinKHQ95en8+w57nU=; Expires=Wed, 26-Nov-2025 02:01:48 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=6405591321701050508; Expires=Wed, 26-Nov-2025 02:01:48 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None
yashr=3699304671701050508; Path=/; Domain=.yandex.ru; Expires=Tue, 26 Nov 2024 02:01:48 GMT; SameSite=None; Secure; HttpOnly
expires: Mon, 27 Nov 2023 03:01:48 GMT
x-yandex-req-id: 1701050508310400-12390929427240559132-balancer-l7leveler-kubr-yp-vla-66-BAL-7383
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
cache-control: private, max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
x-robots-tag: noindex, noarchive, nofollow
X-Firefox-Spdy: h2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
302 Found 43 B URL GET HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectssp.bidvol.com
Fingerprint40:DB:53:6B:41:DC:4B:32:C0:EE:F6:09:5C:13:AF:5C:EF:90:56:90
ValidityThu, 09 Nov 2023 10:21:37 GMT - Wed, 07 Feb 2024 10:21:36 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: bvuid=t14um1wp3s
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.22.0
date: Mon, 27 Nov 2023 02:01:50 GMT
x-request-id: 2d371753-786a-422b-be99-ce5affe73b24
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
set-cookie: bvuid=t14um1wp3s; Max-Age=2147483647; Domain=.bidvol.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=t14um1wp3s; Max-Age=2147483647; Domain=.bidvol.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
location: https://www.acint.net/match?dp=129&euid=t14um1wp3s
X-Firefox-Spdy: h2
hd.lordserial2.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 1.2 kB URL GET HTTP/3 hd.lordserial2.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
File type HTML document, ASCII text, with very long lines (1271), with no line terminators
Hash 40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/146-kasl-sv-13.html
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 27 Nov 2023 02:01:47 GMT
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
etag: W/"65568fe4-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1VXsdoIcsplIaR2ZgkFFEMCLfMNhuubE5yOTtX9I%2Fb2ew1CZOwEL73hPKHXZszimnTgVbpv65Bwh7IuH1YN8X1zMZNmV2YnRCi8XAbO8KhmRSduh3632jKjc8IvIeqSVnn0ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82c6c90acddc56c1-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 29 Nov 2023 02:01:47 GMT
cache-control: max-age=172800, public
content-encoding: gzip
hd.lordserial2.me/templates/lordfun/images/bg.jpg
200 OK 195 kB URL GET HTTP/3 hd.lordserial2.me/templates/lordfun/images/bg.jpg
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1400x488, components 3\012- data
Size 195 kB (195125 bytes)
Hash 2c6615789c683ee6f6018c445d2f002d
316e5bc3a50c2c8b302c7f9bce3420aa802c14ac
25cd2a918ff78890040a2c632b67914de4389fa33bf573b40f224293827b8259
GET /templates/lordfun/images/bg.jpg HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/templates/lordfun/style/full.css?v=2.6
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 27 Nov 2023 02:01:47 GMT
content-type: image/jpeg
last-modified: Tue, 06 Sep 2022 06:42:38 GMT
vary: Accept-Encoding
etag: W/"6316ebde-2fa35"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5913
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OL1aTzQ71MvRexBeIjOkSgJLTZ%2B2n%2B0jho6CF9StfPJylAMEMeykvHYsLfjHjQg6PgiRBuCJ6eEV8a973pP8WCbjYixX2DlF%2Feer%2F4LmMfNUI0vUkgtPhlYqv2VpFKlotVAfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c909bda356c1-OSL
alt-svc: h3=":443"; ma=86400
www.acint.net/match?dp=127&euid=nOg4lefBI4xtKGOWy3Gg
200 OK 43 B URL GET HTTP/2 www.acint.net/match?dp=127&euid=nOg4lefBI4xtKGOWy3Gg
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintD1:98:D5:B7:91:FF:E3:AC:0C:2E:5F:9E:20:DE:E5:45:A8:C2:0E:B1
ValidityTue, 31 Oct 2023 03:36:00 GMT - Mon, 29 Jan 2024 03:35:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=nOg4lefBI4xtKGOWy3Gg HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWVj+I1O8w5JHx1JAgKl8zlwgCWXNxsmefX90I41kwyY; cSyncDp14v5=1701050509; cSyncDp17v2=1701050509; cSyncDp45v5=1701050509; cSyncDp53v5=1701050509; cSyncDp62v2=1701050509; cSyncDp67v3=1701050509; cSyncDp68v2=1701050509; cSyncDp71v2=1701050509; cSyncDp80v2=1701050509; cSyncDp85v2=1701050509; cSyncDp95v4=1701050509; cSyncDp98v3=1701050509; cSyncDp104v2=1701050509; cSyncDp107v2=1701050509; cSyncDp110v3=1701050509; cSyncDp125v4=1701050509; cSyncDp126v2=1701050509; cSyncDp127v2=1701050509; cSyncDp129v2=1701050509; cSyncDp136v3=1701050509; cSyncDp146v2=1701050509; cSyncDp148v2=1701050509; cSyncDp149v3=1701050509; cSyncDp151v2=1701050509; cSyncDp178v2=1701050509; cSyncDp186v2=1701050509; cSyncDp217v2=1701050509; cSyncDp221v2=1701050509; cSyncDp235v2=1701050509; cSyncDp239v2=1701050509; cSyncDp243v2=1701050509; cSyncDp260v2=1701050509; cSyncDp244v2=1701050509; cSyncDp248v2=1701050509; cSyncDp261v1=1701050509; cSyncDp14v4=1701050509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Mon, 27 Nov 2023 02:01:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
cdn.alfasense.net/lib/alfadart.lib.min.js
200 OK 39 kB URL GET HTTP/2 cdn.alfasense.net/lib/alfadart.lib.min.js
IP
ASN #52000 Innovation IT Solutions LTD
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.net
Fingerprint15:61:D7:BD:E9:E1:37:36:5F:FD:47:F7:69:F7:5E:53:CD:95:A9:59
ValidityWed, 22 Nov 2023 16:23:03 GMT - Mon, 23 Dec 2024 16:23:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lib/alfadart.lib.min.js HTTP/1.1
Host: cdn.alfasense.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:52 GMT
content-type: application/javascript
last-modified: Thu, 13 Jul 2023 10:00:46 GMT
etag: W/"64afcb4e-98f0"
content-security-policy: frame-ancestors 'none';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
cache-control: public, max-age=60
content-encoding: gzip
set-cookie: route=dd92c318b574e2af8018c0207c5098f9; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
logger.moviead55.ru/logger.php?t=cdiv&c=f5b01794-8165-45bc-8d01-7849ce9a33ee&a=&m=238&v=647a534f9f5fb9ced25ee7db57ef9c72&o=
200 OK 70 B URL GET HTTP/2 logger.moviead55.ru/logger.php?t=cdiv&c=f5b01794-8165-45bc-8d01-7849ce9a33ee&a=&m=238&v=647a534f9f5fb9ced25ee7db57ef9c72&o=
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash b357a19c87624c7c4d131aeeb4ae677f
c7a9c45fd419815a5ab1998503a9f03514c0e229
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581
GET /logger.php?t=cdiv&c=f5b01794-8165-45bc-8d01-7849ce9a33ee&a=&m=238&v=647a534f9f5fb9ced25ee7db57ef9c72&o= HTTP/1.1
Host: logger.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: Content-Type: image/png
vary: Accept-Encoding
x-movieads-le: true
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
cs.alfasense.com/p?ssp=al&id=11324ce3-43e9-41cf-a438-ae6058677b51
200 OK 35 B URL GET HTTP/1.1 cs.alfasense.com/p?ssp=al&id=11324ce3-43e9-41cf-a438-ae6058677b51
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.com
Fingerprint92:58:B8:97:87:98:3A:5B:01:DA:24:13:D3:B2:D4:AF:F5:07:AE:9E
ValiditySat, 10 Dec 2022 23:58:10 GMT - Thu, 11 Jan 2024 23:58:09 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /p?ssp=al&id=11324ce3-43e9-41cf-a438-ae6058677b51 HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: uuid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Nov 2023 02:01:53 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes
cdn.jsdelivr.net/npm/venom-player@0.2.86
200 OK 724 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/venom-player@0.2.86
IP
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Size 724 kB (723593 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npm/venom-player@0.2.86 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://api.bedemp2.ws
DNT: 1
Connection: keep-alive
Referer: https://api.bedemp2.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.2.86
x-jsd-version-type: version
etag: W/"b0a89-1BOiGy3ecB+l817zXDSjVzo8z10"
content-encoding: br
accept-ranges: bytes
date: Mon, 27 Nov 2023 02:01:48 GMT
age: 4582420
x-served-by: cache-fra-eddf8230080-FRA, cache-bma1651-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 198514
X-Firefox-Spdy: h2
a.utraff.com/sync?ssp=716&skipme=ded2ffbb-fa35-455f-907f-eda9cea0eccb
302 Found 35 B URL GET HTTP/3 a.utraff.com/sync?ssp=716&skipme=ded2ffbb-fa35-455f-907f-eda9cea0eccb
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectutraff.com
Fingerprint65:F0:CB:A7:9C:1E:18:8C:D9:DE:5B:4C:46:9E:79:3E:78:F1:B0:CD
ValidityThu, 12 Oct 2023 03:40:45 GMT - Wed, 10 Jan 2024 03:40:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=716&skipme=ded2ffbb-fa35-455f-907f-eda9cea0eccb HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: preutid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Mon, 27 Nov 2023 02:01:53 GMT
content-type: text/plain
location: https://cs.alfasense.com/p?ssp=um&id=a329d164-906b-41e8-bd52-adb79ead3c20
set-cookie: preutid=1; Max-Age=0; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Max-Age=0; Domain=.utraff.com; SameSite=None; Secure; Path=/
utid=xalqdMzA4Ni3zDdrq195PknTqA4pyiTqMGAPaEscu4iJuhC7eSJM24WBFeEVWt9yirsIxOzLF2SamvJhQ-uNGg; Expires=Thu, 24 Nov 2033 05:01:53 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
utid=xalqdMzA4Ni3zDdrq195PknTqA4pyiTqMGAPaEscu4iJuhC7eSJM24WBFeEVWt9yirsIxOzLF2SamvJhQ-uNGg; Expires=Thu, 24 Nov 2033 05:01:53 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFHWO%2F%2FCqYixIU18YPXpIpugHZFL34bCpACGWFo5Z5RQ4LedEhI2rodTp4Jzvu9lZQ1ZvTYTudNiKU79IwHdNfpfKwoLpIH2%2BJvX7LH6OzpcgspMaRCgV7OGCuOuWpE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c92a5ecf712e-OSL
alt-svc: h3=":443"; ma=86400
hd.lordserial2.me/templates/lordfun/images/favicon.png
200 OK 3.1 kB URL GET HTTP/3 hd.lordserial2.me/templates/lordfun/images/favicon.png
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 51ed3314ca236d302b7a4c229b216a84
a3bd7ccc45f54b7f2a0c1a572bb628ebb2142270
ca732814bb0b1808000642169d9ea4616a6b0ffcc480cbdd01c3ebe60b871780
GET /templates/lordfun/images/favicon.png HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/146-kasl-sv-13.html
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103; viewed_ids=146
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: image/png
last-modified: Tue, 06 Sep 2022 06:42:38 GMT
vary: Accept-Encoding
etag: W/"6316ebde-c2a"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4587
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2Bh2cFeQCBtGqZy2Q8LPTYTCxKC8SOuJLeV05%2F6mVSL67WKScCiB0JvVaRSRwYPSInHAr0KdzzSv6VanDk26%2Bop7waA5r5Yyv7GewH%2FXwzWsFCbq1hJ9SJlChRK8bJlBCYkDyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c90b9e2456c1-OSL
alt-svc: h3=":443"; ma=86400
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
301 Moved Permanently 43 B URL GET HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: uuid=84857c0c-460c-462c-6f35-7f64a7be6a1e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 27 Nov 2023 02:01:04 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=84857c0c-460c-462c-6f35-7f64a7be6a1e
serverid: TODO
X-Firefox-Spdy: h2
logger.moviead55.ru/logger.php?v=647a534f9f5fb9ced25ee7db57ef9c72&c=f5b01794-8165-45bc-8d01-7849ce9a33ee&t=player_loaded&a=&m=%7B%22sub_id%22%3A%22ap%22%2C%22loadTime%22%3A0.605%2C%22version%22%3A%221700841488198%22%2C%22vt%22%3A0%2C%22dh%22%3Atrue%2C%22l%22%3A%22https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html%22%2C%22scr%22%3A%7B%22w%22%3A1280%2C%22h%22%3A1024%2C%22c%22%3A24%2C%22iw%22%3A1060%2C%22ih%22%3A330%7D%7D&o=
200 OK 70 B URL GET HTTP/2 logger.moviead55.ru/logger.php?v=647a534f9f5fb9ced25ee7db57ef9c72&c=f5b01794-8165-45bc-8d01-7849ce9a33ee&t=player_loaded&a=&m=%7B%22sub_id%22%3A%22ap%22%2C%22loadTime%22%3A0.605%2C%22version%22%3A%221700841488198%22%2C%22vt%22%3A0%2C%22dh%22%3Atrue%2C%22l%22%3A%22https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html%22%2C%22scr%22%3A%7B%22w%22%3A1280%2C%22h%22%3A1024%2C%22c%22%3A24%2C%22iw%22%3A1060%2C%22ih%22%3A330%7D%7D&o=
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash b357a19c87624c7c4d131aeeb4ae677f
c7a9c45fd419815a5ab1998503a9f03514c0e229
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581
GET /logger.php?v=647a534f9f5fb9ced25ee7db57ef9c72&c=f5b01794-8165-45bc-8d01-7849ce9a33ee&t=player_loaded&a=&m=%7B%22sub_id%22%3A%22ap%22%2C%22loadTime%22%3A0.605%2C%22version%22%3A%221700841488198%22%2C%22vt%22%3A0%2C%22dh%22%3Atrue%2C%22l%22%3A%22https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html%22%2C%22scr%22%3A%7B%22w%22%3A1280%2C%22h%22%3A1024%2C%22c%22%3A24%2C%22iw%22%3A1060%2C%22ih%22%3A330%7D%7D&o= HTTP/1.1
Host: logger.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:49 GMT
content-type: Content-Type: image/png
vary: Accept-Encoding
x-movieads-le: true
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
cs.alfasense.com/p?ssp=bv&uid=t14um1wp3s
200 OK 35 B URL GET HTTP/1.1 cs.alfasense.com/p?ssp=bv&uid=t14um1wp3s
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.com
Fingerprint92:58:B8:97:87:98:3A:5B:01:DA:24:13:D3:B2:D4:AF:F5:07:AE:9E
ValiditySat, 10 Dec 2022 23:58:10 GMT - Thu, 11 Jan 2024 23:58:09 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /p?ssp=bv&uid=t14um1wp3s HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: uuid=ded2ffbb-fa35-455f-907f-eda9cea0eccb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Nov 2023 02:01:53 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes
ads.alfasense.net/adserver/www/delivery/asyncspc.php?zones=9&prefix=revive-0-&xcampaigns=%3A%3Abetween%3A%3Agetintent%3A%3Avox%3A%3Aotm%3A%3Aalfasense%3A%3Artbsape%3A%3Akadam-js%3A%3Adefault-stub%3A%3A&xsite=11072&xsitename=lordserial2.me&loc=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html
200 OK 1.2 kB URL GET HTTP/2 ads.alfasense.net/adserver/www/delivery/asyncspc.php?zones=9&prefix=revive-0-&xcampaigns=%3A%3Abetween%3A%3Agetintent%3A%3Avox%3A%3Aotm%3A%3Aalfasense%3A%3Artbsape%3A%3Akadam-js%3A%3Adefault-stub%3A%3A&xsite=11072&xsitename=lordserial2.me&loc=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html
IP
ASN #52000 Innovation IT Solutions LTD
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.net
Fingerprint15:61:D7:BD:E9:E1:37:36:5F:FD:47:F7:69:F7:5E:53:CD:95:A9:59
ValidityWed, 22 Nov 2023 16:23:03 GMT - Mon, 23 Dec 2024 16:23:02 GMT
File type HTML document text\012- troff or preprocessor input, ASCII text, with very long lines (1247), with no line terminators
Hash 4076b6815114661153ffa6a925f2b5db
c49321e0598583bcc2c931b99fd58d8f5daefa7f
3bc8c0b0051d298519ebb2552169c2a2494710d5850d7f86a3fbdf3bfbc88371
GET /adserver/www/delivery/asyncspc.php?zones=9&prefix=revive-0-&xcampaigns=%3A%3Abetween%3A%3Agetintent%3A%3Avox%3A%3Aotm%3A%3Aalfasense%3A%3Artbsape%3A%3Akadam-js%3A%3Adefault-stub%3A%3A&xsite=11072&xsitename=lordserial2.me&loc=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html HTTP/1.1
Host: ads.alfasense.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:53 GMT
content-type: application/json
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://hd.lordserial2.me
access-control-allow-credentials: true
content-security-policy: frame-ancestors 'self';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
set-cookie: OAID=01000111010001000101000001010010; expires=Tue, 26-Nov-2024 02:01:53 GMT; Max-Age=31536000; path=/; secure; SameSite=none
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
yandex.ru/ads/system/context.js
200 OK 331 kB URL GET HTTP/2 yandex.ru/ads/system/context.js
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.xn--d1acpjx3f.xn--p1ai
FingerprintE4:BA:B2:7F:BF:93:B8:22:10:26:70:37:9C:03:1A:9D:FB:23:17:24
ValidityWed, 21 Jun 2023 13:42:48 GMT - Tue, 19 Dec 2023 20:59:59 GMT
File type ASCII text, with very long lines (65492)
Size 331 kB (331293 bytes)
Hash c81fe83ae975ba8a1659686476954126
06eaa9d9b872edba68a63007244a55197724cac8
5de653ba73a4bfb8bbe0826dac23974e325490d356a3f5d528ceb45d3ab6eee4
GET /ads/system/context.js HTTP/1.1
Host: yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
timing-allow-origin: *
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-content-type-options: nosniff
access-control-allow-origin: *
set-cookie: i=glPOQ74vFk+mA+Myem3BTc1CIK3iTi1jJD6okv2ZA/kFIdKXx68vI3EwTaR+db+eYUlo2hu1RFtwf+PpFMExZzvVmg0=; Expires=Wed, 26-Nov-2025 02:01:48 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7055712101701050508; Expires=Wed, 26-Nov-2025 02:01:48 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None
yashr=5855616381701050508; Path=/; Domain=.yandex.ru; Expires=Tue, 26 Nov 2024 02:01:48 GMT; SameSite=None; Secure; HttpOnly
expires: Mon, 27 Nov 2023 03:01:48 GMT
x-yandex-req-id: 1701050508310950-12606866413805571210-balancer-l7leveler-kubr-yp-vla-66-BAL-2239
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
cache-control: private, max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
x-robots-tag: noindex, noarchive, nofollow
X-Firefox-Spdy: h2
logger.moviead55.ru/logger.php?t=target_country_load&c=f5b01794-8165-45bc-8d01-7849ce9a33ee&a=&m=%7B%22browser%22%3A%22%7B%5C%22name%5C%22%3A%5C%22firefox%5C%22%2C%5C%22version%5C%22%3A%5C%22105%5C%22%7D%22%2C%22isMobile%22%3Afalse%2C%22format%22%3A%22new%22%7D&v=647a534f9f5fb9ced25ee7db57ef9c72&o=undefined
200 OK 70 B URL GET HTTP/2 logger.moviead55.ru/logger.php?t=target_country_load&c=f5b01794-8165-45bc-8d01-7849ce9a33ee&a=&m=%7B%22browser%22%3A%22%7B%5C%22name%5C%22%3A%5C%22firefox%5C%22%2C%5C%22version%5C%22%3A%5C%22105%5C%22%7D%22%2C%22isMobile%22%3Afalse%2C%22format%22%3A%22new%22%7D&v=647a534f9f5fb9ced25ee7db57ef9c72&o=undefined
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash b357a19c87624c7c4d131aeeb4ae677f
c7a9c45fd419815a5ab1998503a9f03514c0e229
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581
GET /logger.php?t=target_country_load&c=f5b01794-8165-45bc-8d01-7849ce9a33ee&a=&m=%7B%22browser%22%3A%22%7B%5C%22name%5C%22%3A%5C%22firefox%5C%22%2C%5C%22version%5C%22%3A%5C%22105%5C%22%7D%22%2C%22isMobile%22%3Afalse%2C%22format%22%3A%22new%22%7D&v=647a534f9f5fb9ced25ee7db57ef9c72&o=undefined HTTP/1.1
Host: logger.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: Content-Type: image/png
vary: Accept-Encoding
x-movieads-le: true
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
vak345.com/s.js?v=647a534f9f5fb9ced25ee7db57ef9c72
200 OK 3.7 kB URL GET HTTP/2 vak345.com/s.js?v=647a534f9f5fb9ced25ee7db57ef9c72
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF4:50:2C:D7:5C:84:E6:10:5D:32:80:62:FC:FE:E8:A0:40:4B:99:C4
ValidityFri, 10 Mar 2023 00:00:00 GMT - Sat, 09 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (4101), with no line terminators
Hash 109f82697ff1a9033031bb05d231b5a8
ae14e00218690950df807a73939b8113168034fc
9155966c99ce264409ce2122b01694f2ee6f3c1e38841777176e465f0678eea5
GET /s.js?v=647a534f9f5fb9ced25ee7db57ef9c72 HTTP/1.1
Host: vak345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 27 Nov 2023 02:01:47 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-movieads-country: NO
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtEOCWwLpvw8w1EVUImYlXwguk3TrEqEk4rdY6PUAejCM1%2FB9PzyW4yc2qaIQSrhsOlErRmX2b5WTcN890SrlR3PKcZ4ZtsZnKRIq8DtLFIjMNYbeL3RTpVv9Gju"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c9099931712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
hd.lordserial2.me/146-kasl-81.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html
301 Moved Permanently 58 kB URL User Request GET HTTP/2 hd.lordserial2.me/146-kasl-81.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /146-kasl-81.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html/146-kasl-sv-13.html HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Mon, 27 Nov 2023 02:01:47 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103; path=/; secure; HttpOnly
location: /146-kasl-sv-13.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYluoTmtz4kEjjQ7UTiMdQR%2FkWFChQTmoc2YLD1g7UmtC8m2%2F1NlPj9PQe3n%2Bmg9AiQ1dYPiSwo3DrPsZ7eNZzd285leB9UZnxj2QzHm%2FSDRA7jUXiwoTtJP8I4k9X6GqbAH0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c905ed8356a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
hd.lordserial2.me/templates/lordfun/images/logo.png
200 OK 6.4 kB URL GET HTTP/3 hd.lordserial2.me/templates/lordfun/images/logo.png
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
File type PNG image data, 180 x 70, 8-bit/color RGB, non-interlaced\012- data
Hash 98ae1617c9fc8aabc9fee2c4621af925
e735de62235735ff34da9065b5e69fb83286ded5
9639944058fef1f0d34f7a9ccab2ccc55a4f7915860014138d3b9f425ba90587
GET /templates/lordfun/images/logo.png HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/146-kasl-sv-13.html
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 27 Nov 2023 02:01:47 GMT
content-type: image/png
last-modified: Tue, 06 Sep 2022 06:42:38 GMT
vary: Accept-Encoding
etag: W/"6316ebde-1902"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5913
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1%2FPybhC864BXx%2F2K9yT4v48dvHCZ37Hz%2Fw48L3f0bc%2FtOjJwKqKph6fB3SaPKfGAOm15npOK4WGbx0MBaKEk2ICxqQgzHdYIGRq7ZXOmvWKHq7aTE2wrl%2FH9BqMwJVDt%2BEjFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c9094d7756c1-OSL
alt-svc: h3=":443"; ma=86400
s.myangular.life/player?cat=support&hit=weak-ref&description=yes
200 OK 0 B URL GET HTTP/1.1 s.myangular.life/player?cat=support&hit=weak-ref&description=yes
IP
ASN #24940 Hetzner Online GmbH
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerSectigo Limited
Subjects.myangular.life
Fingerprint3A:21:0F:72:24:43:49:14:06:28:C6:D0:A6:10:6B:D7:B2:EA:5A:66
ValidityTue, 04 Apr 2023 00:00:00 GMT - Sat, 04 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player?cat=support&hit=weak-ref&description=yes HTTP/1.1
Host: s.myangular.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.bedemp2.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:48 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
cdn.alfasense.net/js/ad_11072.js
200 OK 14 kB URL GET HTTP/2 cdn.alfasense.net/js/ad_11072.js
IP
ASN #52000 Innovation IT Solutions LTD
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.net
Fingerprint15:61:D7:BD:E9:E1:37:36:5F:FD:47:F7:69:F7:5E:53:CD:95:A9:59
ValidityWed, 22 Nov 2023 16:23:03 GMT - Mon, 23 Dec 2024 16:23:02 GMT
File type ASCII text, with very long lines (2753)
Hash ab3ba01ad833c385f1995b6a04dd6012
a4d24393b32b2936a03edb4bacab4883fa1bba71
dc1c2a1a1029570fc5e3488bd424ade002eabd139223edbe9dc26816f65cdf10
GET /js/ad_11072.js HTTP/1.1
Host: cdn.alfasense.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:52 GMT
content-type: application/javascript
last-modified: Sun, 26 Nov 2023 04:14:54 GMT
etag: W/"6562c63e-3590"
content-security-policy: frame-ancestors 'none';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
cache-control: public, max-age=60
content-encoding: gzip
set-cookie: route=dd92c318b574e2af8018c0207c5098f9; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
cdn5.playmatic.video/public/playmatic_union.min.js
200 OK 41 kB URL GET HTTP/2 cdn5.playmatic.video/public/playmatic_union.min.js
IP
ASN #57416 LLC South Internet
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subjectcdn5.playmatic.video
Fingerprint83:D1:3D:F2:01:70:F1:21:98:AF:D2:CB:80:84:EF:F7:96:0A:E4:09
ValidityWed, 04 Oct 2023 07:49:05 GMT - Tue, 02 Jan 2024 07:49:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /public/playmatic_union.min.js HTTP/1.1
Host: cdn5.playmatic.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 07 Oct 2023 08:15:12 GMT
etag: W/"65211390-a00f"
content-encoding: gzip
cache: HIT
x-cached-since: 2023-11-24T17:07:24+00:00
x-node: fr5-up-gc15
X-Firefox-Spdy: h2
code.moviead55.ru/madstyle.css
200 OK 209 B URL GET HTTP/2 code.moviead55.ru/madstyle.css
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
File type ASCII text, with no line terminators
Hash 34ed3baf0ccc34943924193051a3831c
9db5f4f2d7550382415204d07374d06b051bfe11
fdff9397b0855170c901983bc461d4c1ef74af9632bddff74b788af3777599f4
GET /madstyle.css HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
access-control-allow-origin: *
access-control-expose-headers: *
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
hd.lordserial2.me/146-kasl-sv-13.html
200 OK 58 kB URL User Request GET HTTP/2 hd.lordserial2.me/146-kasl-sv-13.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /146-kasl-sv-13.html HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 27 Nov 2023 02:01:47 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/7.4.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAVI8jA89mC%2F%2FUMwEEypnpLBfYNue%2Fwg0nVgt44YnxidfKGqeoDgIdtqDiRhvXxrHZxoGZNHSk7N02tCs0q4QSmjNgqNL8oTBT4c6rpkyT%2B%2BGhkkDVnkjjIKH7mFq%2FTqM7QsPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c906ede356a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
code.moviead55.ru/go/bmap?v=647a534f9f5fb9ced25ee7db57ef9c72&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html
200 OK 162 kB URL GET HTTP/2 code.moviead55.ru/go/bmap?v=647a534f9f5fb9ced25ee7db57ef9c72&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 162 kB (162397 bytes)
Hash b386d78e803ca5fb5b2fdffa1de3df9c
7c0b05a8a2f7b98045fbb08ce63ba355a5fb9521
3b2bdc6da87877fba1456a93c384eccdf2594a6e0fd5c3670d31ee5509012d8f
GET /go/bmap?v=647a534f9f5fb9ced25ee7db57ef9c72&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
x-movieads-udata: cache,parsed,32189
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
a.videohead.tech/sync?ssp=42&skipme=ded2ffbb-fa35-455f-907f-eda9cea0eccb
302 Found 0 B URL GET HTTP/3 a.videohead.tech/sync?ssp=42&skipme=ded2ffbb-fa35-455f-907f-eda9cea0eccb
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectvideohead.tech
FingerprintAC:24:7F:38:6B:35:E3:94:CB:F9:41:85:4E:11:82:9B:AB:92:22:D2
ValiditySun, 26 Nov 2023 10:34:15 GMT - Sat, 24 Feb 2024 10:34:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=42&skipme=ded2ffbb-fa35-455f-907f-eda9cea0eccb HTTP/1.1
Host: a.videohead.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: prevhead=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Mon, 27 Nov 2023 02:01:53 GMT
content-type: text/plain
location: https://sync.dmp.otm-r.com/match/videohead_display?id=77778383-7c28-448f-bf62-b0147777b853
set-cookie: prevhead=1; Max-Age=0; Domain=videohead.tech; SameSite=None; Secure; Path=/
vhead=nPDOVpcvgZjibly8HdJd3S1ADllQkZjd3pxVWIg_tMH_rsGIGHb9Sjmuk2EL5jXMdm5SHnHUszi7PzqcW2Zfug; Expires=Thu, 24 Nov 2033 02:01:53 GMT; Domain=videohead.tech; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJh9tA9iPCn4hx%2Fz4l3gj1PyHgMQQcAin%2FwQvWrsN670%2BXuRvOpkHLB3aC2nhFiPpO0u42BGX4JBbeuITwDhE7%2FCajGhv0dM4TFrEIdWcum3Tb%2Fv32MOZcqwPF%2BGFFzHpodS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c92aabbab509-OSL
alt-svc: h3=":443"; ma=86400
hd.lordserial2.me/engine/modules/antibot/antibot.php
200 OK 6.0 kB URL GET HTTP/3 hd.lordserial2.me/engine/modules/antibot/antibot.php
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 160x80, components 3\012- data
Hash 6d72912753430b8b91d37c34503957a6
b66584a29d73b5fb8ddef6212121352f884a52b5
30c02d89153b73b080024040b4bf5457e7a81c8567e824f62c3765e490a15580
GET /engine/modules/antibot/antibot.php HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/146-kasl-sv-13.html
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 27 Nov 2023 02:01:47 GMT
content-type: image/jpeg
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdtu%2FRW%2ByaY%2FkiI2hmiij57SpTaXcWew%2FEIv%2Fvk4m0y1XxrRtJhQnrMobhXy7eJ8MLtUiVxLrGkm5VNj42X%2FEpUqYZ35colONfvOICY8tsPFfVNuUraLRflwJhAKxbxQkb4HEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c9095d7c56c1-OSL
alt-svc: h3=":443"; ma=86400
s.myangular.life/ws?ref_id=12516
101 Switching Protocols 0 B URL GET HTTP/1.1 s.myangular.life/ws?ref_id=12516
IP
ASN #24940 Hetzner Online GmbH
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerSectigo Limited
Subjects.myangular.life
Fingerprint3A:21:0F:72:24:43:49:14:06:28:C6:D0:A6:10:6B:D7:B2:EA:5A:66
ValidityTue, 04 Apr 2023 00:00:00 GMT - Sat, 04 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws?ref_id=12516 HTTP/1.1
Host: s.myangular.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://api.bedemp2.ws
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Cv4PW5B+2aRS1nW50M34Jg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Mon, 27 Nov 2023 02:01:50 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GFdvVnH1wv0u9T0SkeB0Pqd+ov0=
hd.lordserial2.me/ccdn.php
200 OK 11 B URL POST HTTP/3 hd.lordserial2.me/ccdn.php
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 023b66d077eec9336b21a3813defc22a
4d644f198bd706740dabf098ccf16a68f2c8a06d
dd1ac68a937ed14636599279bc971a1b4fc20df9aed5f29bc51a0c7449472fb6
POST /ccdn.php HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hd.lordserial2.me/146-kasl-sv-13.html
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 67
Origin: https://hd.lordserial2.me
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103; viewed_ids=146; _ma=82eb872c-f7d7-41b3-9039-71554fb4ce85; cf_clearance=zn4A8GCd.QIcD9fAq_bDmMMPDwcN90.QAFzlUWdrS8M-1701050508-0-1-730ca2d2.73a07051.5b213570-0.2.1701050508
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 27 Nov 2023 02:01:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vO0Vy4tv3IFB6qR9g0UAPa7anwqxeh2LN4aibNEeQ3sqwUr2%2F5N%2BEFFPPnRzMG4rQh5agZRhwdfV4CFBvSSClro7kskQZJ6dBDgke92Gsbpop6GJZ%2Box0R3UT6n8aFG%2Foes3rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c926b98756c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.alfasense.net/ext/weboctxrun.js
200 OK 213 B URL GET HTTP/2 cdn.alfasense.net/ext/weboctxrun.js
IP
ASN #52000 Innovation IT Solutions LTD
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.net
Fingerprint15:61:D7:BD:E9:E1:37:36:5F:FD:47:F7:69:F7:5E:53:CD:95:A9:59
ValidityWed, 22 Nov 2023 16:23:03 GMT - Mon, 23 Dec 2024 16:23:02 GMT
File type ASCII text, with no line terminators
Hash 7e6e77a84388919cef04b18773e40546
dfcee86d73693ac10ada371c448d02af02b63f51
a3b9b5f351cc23a9d67c5884cc76e44c6a76ca07d725a14f48e6af9fe6f8c9b3
GET /ext/weboctxrun.js HTTP/1.1
Host: cdn.alfasense.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:52 GMT
content-type: application/javascript
last-modified: Wed, 12 Jul 2023 13:34:46 GMT
etag: W/"64aeabf6-d5"
content-security-policy: frame-ancestors 'none';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
cache-control: public, max-age=60
content-encoding: gzip
set-cookie: route=e7a39e6e3385558e2f6a6a18cac7185b; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
cdn.alfasense.net/lib/prebid.js
200 OK 182 kB URL GET HTTP/2 cdn.alfasense.net/lib/prebid.js
IP
ASN #52000 Innovation IT Solutions LTD
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.net
Fingerprint15:61:D7:BD:E9:E1:37:36:5F:FD:47:F7:69:F7:5E:53:CD:95:A9:59
ValidityWed, 22 Nov 2023 16:23:03 GMT - Mon, 23 Dec 2024 16:23:02 GMT
File type ASCII text, with very long lines (65419)
Size 182 kB (181566 bytes)
Hash 873153e0c9ed294f3f464bd20b35036a
34225020cc9c672f8195a465a66837c516edb5ab
b4d5cd59e626514d5a925245b6b73c5e9c3f626d01a91ac76bb52f658841fb85
GET /lib/prebid.js HTTP/1.1
Host: cdn.alfasense.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:52 GMT
content-type: application/javascript
last-modified: Mon, 27 Feb 2023 15:51:14 GMT
etag: W/"63fcd172-2c53e"
content-security-policy: frame-ancestors 'none';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
cache-control: public, max-age=60
content-encoding: gzip
set-cookie: route=dd92c318b574e2af8018c0207c5098f9; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
hd.lordserial2.me/templates/lordfun/style/full.css?v=2.6
200 OK 119 kB URL GET HTTP/3 hd.lordserial2.me/templates/lordfun/style/full.css?v=2.6
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
Size 119 kB (119112 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /templates/lordfun/style/full.css?v=2.6 HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/146-kasl-sv-13.html
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 27 Nov 2023 02:01:47 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=127503
etag: W/"654a170f-1f20f"
last-modified: Tue, 07 Nov 2023 10:53:03 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJq6BlIKXWnm%2BkQd3dJuS5sOkAMJ6P0ZvMnJqecq9IjO5OjouU1ZLpcwIasBK%2BDXP9H6zoWkUsb94g%2FO8dyZsfES6cr4ghLDNf5XbH%2F%2BnxEz3J%2BEoDjmC4YvwZ5UfWakH8%2F5lg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82c6c9094d6e56c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
hd.lordserial2.me/engine/classes/min/index.php?g=general&v=cbebf
200 OK 86 kB URL GET HTTP/3 hd.lordserial2.me/engine/classes/min/index.php?g=general&v=cbebf
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
File type ASCII text, with very long lines (32065), with CRLF line terminators
Hash 710458dd559c957714ac4a8e95357eb5
f694238d616f579a0690001f37984af430c19963
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
GET /engine/classes/min/index.php?g=general&v=cbebf HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/146-kasl-sv-13.html
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 27 Nov 2023 02:01:47 GMT
content-type: application/x-javascript; charset=utf-8
x-powered-by: PHP/7.4.33
expires: Tue, 26 Nov 2024 02:01:47 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
last-modified: Fri, 09 Dec 2022 04:42:50 GMT
etag: W/"pub1670560970;gz"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exCa2egqHtXIrKjV821TilR8IUEC%2F5RFr8BT5ION%2BfUVCGoFDYx7HxmO2SowrlX9%2BAg3wkCcJLrG8cOodJe9Er3Vyr7fw8YuaMQ%2F2xtmc6XXybLzeqDYaRWQyUNSnVgjOCRPEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c9095d7e56c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
serieslife.online/frndnp.php?ver=1&autoplay=1&v=647a534f9f5fb9ced25ee7db57ef9c72&cb=f5b01794-8165-45bc-8d01-7849ce9a33ee&fclose=false&sub_id=ap&fmt_id=1&testad=no&nomon=1&cdiv=238&r=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html&frnd=true
0 B URL GET serieslife.online/frndnp.php?ver=1&autoplay=1&v=647a534f9f5fb9ced25ee7db57ef9c72&cb=f5b01794-8165-45bc-8d01-7849ce9a33ee&fclose=false&sub_id=ap&fmt_id=1&testad=no&nomon=1&cdiv=238&r=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html&frnd=true
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintBE:44:2C:25:3A:93:45:5F:7C:F1:FE:10:23:23:70:B9:DA:DF:D5:1B
ValidityThu, 26 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /frndnp.php?ver=1&autoplay=1&v=647a534f9f5fb9ced25ee7db57ef9c72&cb=f5b01794-8165-45bc-8d01-7849ce9a33ee&fclose=false&sub_id=ap&fmt_id=1&testad=no&nomon=1&cdiv=238&r=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html&frnd=true HTTP/1.1
Host: serieslife.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-cache: Yac
x-movieads-country: NO
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2B488M7WKyFo7oJLhDGu4XbJiU%2Fh%2BQFGDne4K9tqn6PRJW04Km4oRuy2vVLEjYQ8AmVTHuTxWz1%2BcsVEjOGBZj1BvjX6QhN42dAi1MH8V2XeDR02y%2BGEIEYRwlKqe2NblL6KCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c90cee8f5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.moviead55.ru/mp_dist/mstream2.js?v5613017984
200 OK 169 kB URL GET HTTP/2 static.moviead55.ru/mp_dist/mstream2.js?v5613017984
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectmoviead55.ru
Fingerprint97:2B:AC:BC:2D:E4:7C:FC:61:B0:3F:37:04:D9:9A:96:E1:03:56:22
ValidityFri, 17 Nov 2023 16:01:17 GMT - Thu, 15 Feb 2024 16:01:16 GMT
Size 169 kB (168766 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mp_dist/mstream2.js?v5613017984 HTTP/1.1
Host: static.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: application/javascript
last-modified: Fri, 24 Nov 2023 15:58:17 GMT
vary: Accept-Encoding
etag: W/"6560c819-2933e"
x-movieads-country: RU
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-max-age: 1728000
cache-control: max-age=7200
cf-cache-status: HIT
age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r30E1YuyZDKfjjUN2OYho%2Bswsj2ZKis3xdeZYa9hd6ZZeQltMLkOWxDm9ORPb0pwB%2Fs2HzYFBOBydkIoMKg%2FjSm3JSKFqYUAwmcbHx%2B7MNq%2FXlXj9CP8TLsTMGF1%2F42IS2xJUAnI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c9110f43568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
hd.lordserial2.me/engine/classes/min/index.php?f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/js/bbcodes.js&v=cbebf
200 OK 148 kB URL GET HTTP/3 hd.lordserial2.me/engine/classes/min/index.php?f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/js/bbcodes.js&v=cbebf
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
Size 148 kB (148085 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /engine/classes/min/index.php?f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/js/bbcodes.js&v=cbebf HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/146-kasl-sv-13.html
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 27 Nov 2023 02:01:47 GMT
content-type: application/x-javascript; charset=utf-8
x-powered-by: PHP/7.4.33
expires: Tue, 26 Nov 2024 02:01:47 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
last-modified: Thu, 06 Jul 2023 21:06:23 GMT
etag: W/"pub1688677583;gz"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpS5ppo3e2fylCPKSkMK9gzKmBN6%2FPYqKe4H8kQNXqNeQqxLIO0j31FA40gO2UFCPiFKEzmrKaslo%2BLalG2qm7n8IZ0ZlUmf7xtczDFPtxl%2FcUCHEb4R0eYJfoQrehqmDVDcAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c9095d8156c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
s.myangular.life/player?cat=support&hit=opus&description=true
200 OK 0 B URL GET HTTP/1.1 s.myangular.life/player?cat=support&hit=opus&description=true
IP
ASN #24940 Hetzner Online GmbH
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerSectigo Limited
Subjects.myangular.life
Fingerprint3A:21:0F:72:24:43:49:14:06:28:C6:D0:A6:10:6B:D7:B2:EA:5A:66
ValidityTue, 04 Apr 2023 00:00:00 GMT - Sat, 04 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player?cat=support&hit=opus&description=true HTTP/1.1
Host: s.myangular.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.bedemp2.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:48 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
logger.moviead55.ru/logger.php?t=player_frame_loaded_new&c=f5b01794-8165-45bc-8d01-7849ce9a33ee&a=&m=0&v=647a534f9f5fb9ced25ee7db57ef9c72&o=
200 OK 70 B URL GET HTTP/2 logger.moviead55.ru/logger.php?t=player_frame_loaded_new&c=f5b01794-8165-45bc-8d01-7849ce9a33ee&a=&m=0&v=647a534f9f5fb9ced25ee7db57ef9c72&o=
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash b357a19c87624c7c4d131aeeb4ae677f
c7a9c45fd419815a5ab1998503a9f03514c0e229
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581
GET /logger.php?t=player_frame_loaded_new&c=f5b01794-8165-45bc-8d01-7849ce9a33ee&a=&m=0&v=647a534f9f5fb9ced25ee7db57ef9c72&o= HTTP/1.1
Host: logger.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: Content-Type: image/png
vary: Accept-Encoding
x-movieads-le: true
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
img.imgilall.me/movies/video/3/9/0/3/9/6/0/0/0/0/800x450_390396.jpg?t=1648646685
200 OK 28 kB URL GET HTTP/2 img.imgilall.me/movies/video/3/9/0/3/9/6/0/0/0/0/800x450_390396.jpg?t=1648646685
IP
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerLet's Encrypt
Subjectimgilall.me
Fingerprint98:E4:9B:8A:B0:87:12:C1:ED:11:CF:C5:25:B0:C9:44:46:81:F3:F5
ValiditySat, 14 Oct 2023 01:59:51 GMT - Fri, 12 Jan 2024 01:59:50 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 800x450, components 3\012- data
Hash 8f7677618651ffcaedee395638278613
95693404b713c983eb82b47e22fadc79ff07e53a
e53c24c6b9664f1b712edc257f9344f9bad73d8c82ee1d33519cd5459d736f16
GET /movies/video/3/9/0/3/9/6/0/0/0/0/800x450_390396.jpg?t=1648646685 HTTP/1.1
Host: img.imgilall.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.bedemp2.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 27 Nov 2023 02:01:49 GMT
content-type: image/jpeg
last-modified: Mon, 18 Jul 2022 12:20:27 GMT
vary: Accept-Encoding
etag: W/"62d5500b-6c5d"
expires: Tue, 19 Nov 2024 05:20:00 GMT
cache-control: max-age=31104000
access-control-allow-origin: *
cf-cache-status: HIT
age: 160909
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHF%2FkGAwEa9kxougfppt9k0RG7iZ4%2B5PGdoNTTwa3ZiZvxVR0kKGDvPUgBa5DJM%2BvQf4SIX6L0HuZFBKP5AAjd2QqBvU5WbuzpzI90mR30MfWwfSHnYzu8yO%2FhIiUa3ZNcA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c9141de55691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/done
200 OK 43 B URL GET HTTP/1.1 pix.bumlam.com/sync/sape/done
IP
ASN #44066 diva-e Datacenters GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint08:E4:EB:78:69:AA:1C:77:24:F5:D4:0F:6C:52:FC:A6:D3:74:90:D0
ValidityMon, 16 Oct 2023 05:30:36 GMT - Sun, 14 Jan 2024 05:30:35 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiRlZGE3MDNmZS04Y2M4LTExZWUtYmJiMS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 02:01:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
hd.lordserial2.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 1.2 kB URL GET HTTP/3 hd.lordserial2.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
File type HTML document, ASCII text, with very long lines (1271), with no line terminators
Hash 40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/146-kasl-sv-13.html
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 27 Nov 2023 02:01:47 GMT
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
etag: W/"65568fe4-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMoHa20YYqOLSfwSAMQ1MA5C8z0%2Bel4GituB%2FSt4H1zewof6wSLh3RnyJ8JDg%2B%2BgLfhZOm0hH%2BuAYvS7kIyLsahMljPxXPndKQrd3UqYszyp2Q1NH2NKKgrFVR6abgfQi3b%2BMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82c6c9094d7a56c1-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 29 Nov 2023 02:01:47 GMT
cache-control: max-age=172800, public
content-encoding: gzip
ads.alfasense.net/adserver/www/delivery/lg.php?bannerid=103&campaignid=15&zoneid=9&loc=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html&cb=4538649d7f&zones=9&xcampaigns=::between::getintent::vox::otm::alfasense::rtbsape::kadam-js::default-stub::&xsite=11072&xsitename=lordserial2.me
200 OK 43 B URL GET HTTP/2 ads.alfasense.net/adserver/www/delivery/lg.php?bannerid=103&campaignid=15&zoneid=9&loc=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html&cb=4538649d7f&zones=9&xcampaigns=::between::getintent::vox::otm::alfasense::rtbsape::kadam-js::default-stub::&xsite=11072&xsitename=lordserial2.me
IP
ASN #52000 Innovation IT Solutions LTD
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGlobalSign nv-sa
Subject*.alfasense.net
Fingerprint15:61:D7:BD:E9:E1:37:36:5F:FD:47:F7:69:F7:5E:53:CD:95:A9:59
ValidityWed, 22 Nov 2023 16:23:03 GMT - Mon, 23 Dec 2024 16:23:02 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /adserver/www/delivery/lg.php?bannerid=103&campaignid=15&zoneid=9&loc=https%3A%2F%2Fhd.lordserial2.me%2F146-kasl-sv-13.html&cb=4538649d7f&zones=9&xcampaigns=::between::getintent::vox::otm::alfasense::rtbsape::kadam-js::default-stub::&xsite=11072&xsitename=lordserial2.me HTTP/1.1
Host: ads.alfasense.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Cookie: OAID=01000111010001000101000001010010
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:53 GMT
content-type: image/gif
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
content-security-policy: frame-ancestors 'self';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
set-cookie: OAID=01000111010001000101000001010010; expires=Tue, 26-Nov-2024 02:01:53 GMT; Max-Age=31536000; path=/; secure; SameSite=none
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
miradres.com/met/409640
200 OK 158 B IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subjectmiradres.com
Fingerprint9C:FA:53:73:49:EB:CD:56:18:D7:6C:67:D4:AD:32:25:11:0A:6D:13
ValiditySat, 21 Oct 2023 07:24:42 GMT - Fri, 19 Jan 2024 07:24:41 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 4c9ea221577ac9d85e822737a07d4875
9a4f6fdd838434a83e9a72def2b0e10e8db006fe
11b8fcc98b8884ec4ccfd3510aa105860968be18575dbcf940babb258bba1077
GET /met/409640 HTTP/1.1
Host: miradres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 27 Nov 2023 02:01:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=v0joqrepn3q3sdag58snvfh4k0; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
t8.zcvh.net/v1/ws
101 Switching Protocols 0 B IP
ASN #24940 Hetzner Online GmbH
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerLet's Encrypt
Subject*.zcvh.net
Fingerprint9F:09:BF:B0:10:B8:43:CC:8F:29:36:BC:BD:D2:2C:71:A7:7E:CA:9A
ValidityWed, 27 Sep 2023 04:02:29 GMT - Tue, 26 Dec 2023 04:02:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/ws HTTP/1.1
Host: t8.zcvh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://api.bedemp2.ws
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XYYzoEcEHql99sf5z0ut5w==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Mon, 27 Nov 2023 02:01:49 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: W35M5ReZ3L5/DIkVN8parysAMzA=
hd.lordserial2.me/templates/lordfun/images/calendar.svg
200 OK 1.5 kB URL GET HTTP/3 hd.lordserial2.me/templates/lordfun/images/calendar.svg
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectlordserial2.me
FingerprintA9:9E:F9:CB:BA:AE:BC:57:05:F8:C2:3C:F5:17:1E:73:EE:AE:96:AB
ValidityFri, 20 Oct 2023 01:33:13 GMT - Thu, 18 Jan 2024 01:33:12 GMT
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (1547), with no line terminators
Hash afe20d6d7ce2f5ebc4475e27f8944250
a8324deeb02bde3cd492121d1b283a7242c9b6fd
535057257ba6206b89cd58f6abded23f7587fddd7ae854537e131a72ef4b7b81
GET /templates/lordfun/images/calendar.svg HTTP/1.1
Host: hd.lordserial2.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/templates/lordfun/style/full.css?v=2.6
Cookie: PHPSESSID=4b49e8fc52a9887457ab4993add54103
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 27 Nov 2023 02:01:47 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Jul 2023 23:57:54 GMT
vary: Accept-Encoding
etag: W/"64a75502-5f4"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1208
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXW0dDvZoR50tTkp%2BopJa3IMUz7yWDYc3oEhh0U3yTLcp1qj2cDtn7jRcNokegR4pilesDedG27v9JIlDNL9k9qORpifTvq%2B7Cr5ZwzoMOmRGYV2GTpOXwC5dJ64eY13gI%2BgUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c909edad56c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
s.myangular.life/ws?cdn
101 Switching Protocols 0 B IP
ASN #24940 Hetzner Online GmbH
Requested by https://api.bedemp2.ws/embed/movie/455
Certificate IssuerSectigo Limited
Subjects.myangular.life
Fingerprint3A:21:0F:72:24:43:49:14:06:28:C6:D0:A6:10:6B:D7:B2:EA:5A:66
ValidityTue, 04 Apr 2023 00:00:00 GMT - Sat, 04 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws?cdn HTTP/1.1
Host: s.myangular.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://api.bedemp2.ws
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PyxGM//Un+ISpSPPWJZEaA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Mon, 27 Nov 2023 02:01:48 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 08vi3NDGhtJmN1QZZZQ5Clh3J10=
code.moviead55.ru/go/cinit?cn=otmbid&rnd=1701050508
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=otmbid&rnd=1701050508
IP
ASN #6681 Rozetka Sp. z o.o.
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintCC:7F:33:36:EA:E9:74:E6:01:78:2B:3F:E0:D2:07:2E:0E:15:F4:6B
ValidityFri, 08 Sep 2023 12:23:14 GMT - Thu, 07 Dec 2023 12:23:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=otmbid&rnd=1701050508 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 27 Nov 2023 02:01:48 GMT
content-length: 0
location: https://sync.dmp.otm-r.com/match/skyadvert
set-cookie: sky_uuid=dc7cfcb4-a689-c866-c0dc-120d664781ba; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
videotoday.site/mp_dist/td/trhls.html?v5613017984
200 OK 9.1 kB URL GET HTTP/2 videotoday.site/mp_dist/td/trhls.html?v5613017984
IP
Requested by https://hd.lordserial2.me/146-kasl-sv-13.html
Certificate IssuerGoogle Trust Services LLC
Subjectvideotoday.site
FingerprintA8:0A:0C:FF:C9:74:01:DA:F2:F4:6F:1A:46:B4:A3:2D:53:73:57:62
ValidityFri, 06 Oct 2023 02:55:12 GMT - Thu, 04 Jan 2024 02:55:11 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9275), with no line terminators
Hash e21934971bc64f6ad77228cab1e49713
c2eb29bd30c99c05e9fa9ee57d5294324bb71a89
f96d688f61c0d77e2ab27a63cab738fb9e85f7041e5d5a91287e6fa5a4792f9e
GET /mp_dist/td/trhls.html?v5613017984 HTTP/1.1
Host: videotoday.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hd.lordserial2.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 27 Nov 2023 02:01:52 GMT
content-type: text/html
last-modified: Fri, 24 Nov 2023 15:58:17 GMT
vary: Accept-Encoding
x-movieads-country: NO
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5vxEqwyZKA0pUW%2B3JZ9Zmrm%2FSBSqKajoEQZKE%2F2diItax86JcOUwiUbown0GJ%2BaH79BxZBVcppWkSwlPBvXfD%2BoCior4rLJL3zlcUii2CvCPaTijF34FzsYmaQBTFLDwAI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c6c924185356c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
172.67.132.224
167.235.186.113
188.42.105.220
217.65.2.150
37.230.131.17
188.114.96.1
146.59.111.187
104.21.52.2
139.45.228.134
183.81.169.106
0.0.0.0