Overview

URL filespace.ru/down/32b136bc1da24fce23e05a3011d3b620/cm7_rc1.rar
IP217.23.140.249
ASNDomain names registrar REG.RU, Ltd
Location Russia
Report completed2022-09-23 16:43:02 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-23 2 filespace.ru/down/32b136bc1da24fce23e05a3011d3b620/cm7_rc1.rar Malware
2022-09-23 2 filespace.ru/games/hl2/mods/single/cm7_rc1.rar Malware
2022-09-23 2 filespace.ru/games/hl2/mods/single/ Malware
2022-09-23 2 filespace.ru/css/functions.js Malware
2022-09-23 2 filespace.ru/css/brouser_css.php Malware
2022-09-23 2 filespace.ru/css/tooltip.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (63)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-23 05:02:25 UTC 52.89.15.44
mnemonic passive DNS tag.digitaltarget.ru (2) 98193 2015-07-21 14:24:58 UTC 2022-09-23 12:34:44 UTC 185.15.175.130
mnemonic passive DNS redirect.frontend.weborama.fr (2) 8348 2017-05-04 15:00:27 UTC 2022-09-23 06:51:47 UTC 35.190.24.218
mnemonic passive DNS filespace.ru (24) 0 2012-11-22 14:39:49 UTC 2022-08-31 06:08:50 UTC 217.23.140.249 Unknown ranking
mnemonic passive DNS pagead2.googlesyndication.com (2) 101 2021-02-20 15:52:05 UTC 2022-09-23 11:16:52 UTC 216.58.211.2
mnemonic passive DNS ocsp2.globalsign.com (2) 1544 2012-05-21 07:12:19 UTC 2022-09-23 04:53:35 UTC 104.18.20.226
mnemonic passive DNS acint.net (2) 22962 2014-02-14 21:23:16 UTC 2022-09-23 12:34:44 UTC 185.12.125.26
mnemonic passive DNS ssp.adriver.ru (2) 12439 2014-01-10 13:39:33 UTC 2022-09-23 12:34:45 UTC 195.209.111.13
mnemonic passive DNS sync.adkernel.com (1) 4993 2017-04-19 09:25:22 UTC 2022-09-23 12:34:44 UTC 77.245.57.72
mnemonic passive DNS sape-sync.rutarget.ru (1) 173587 2018-08-07 14:11:47 UTC 2022-09-22 21:55:06 UTC 46.243.142.239
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-09-23 12:37:11 UTC 151.101.85.229
mnemonic passive DNS mediatoday.ru (1) 136083 2013-05-20 20:53:32 UTC 2022-09-23 12:34:44 UTC 139.45.228.111
mnemonic passive DNS adservice.google.com (1) 76 2021-02-20 16:10:48 UTC 2022-09-23 12:50:04 UTC 172.217.21.162
mnemonic passive DNS ad.adriver.ru (2) 19548 2012-08-31 17:10:27 UTC 2022-09-23 09:36:30 UTC 195.209.108.37
mnemonic passive DNS sync.1dmp.io (2) 10017 2016-02-09 11:52:58 UTC 2022-09-23 05:13:47 UTC 136.243.148.229
mnemonic passive DNS ssp-rtb.sape.ru (1) 31166 2016-02-02 17:01:03 UTC 2022-09-23 08:58:13 UTC 193.3.184.133
mnemonic passive DNS px.adhigh.net (2) 10272 2013-01-03 21:02:08 UTC 2022-09-23 06:53:10 UTC 193.232.150.149
mnemonic passive DNS r3.o.lencr.org (19) 344 2020-12-02 08:52:13 UTC 2022-09-23 04:34:39 UTC 23.36.76.226
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-23 04:33:41 UTC 34.117.237.239
mnemonic passive DNS dm-eu.hybrid.ai (1) 28847 2021-01-25 11:48:59 UTC 2022-09-23 06:03:21 UTC 37.18.103.21
mnemonic passive DNS ocsp.globalsign.com (5) 2075 2012-05-25 06:20:55 UTC 2022-09-23 04:45:50 UTC 104.18.20.226
mnemonic passive DNS cs.agency2.ru (1) 0 2022-04-29 14:24:02 UTC 2022-09-23 08:58:25 UTC 23.111.107.44 Unknown ranking
mnemonic passive DNS mc.yandex.ru (6) 2672 2017-01-29 05:34:36 UTC 2022-09-23 09:04:46 UTC 77.88.21.119
mnemonic passive DNS ocsp.usertrust.com (1) 899 2012-05-21 15:43:18 UTC 2022-09-23 04:33:53 UTC 172.64.155.188
mnemonic passive DNS exchange.buzzoola.com (1) 18389 2014-10-17 15:20:27 UTC 2022-09-23 12:34:44 UTC 168.119.8.212
mnemonic passive DNS cm.g.doubleclick.net (1) 202 2013-05-30 23:19:45 UTC 2022-09-23 12:13:50 UTC 172.217.21.162
mnemonic passive DNS csj.ru (4) 0 2015-08-15 21:54:31 UTC 2022-09-01 18:49:35 UTC 217.23.140.253 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (8) 175 2017-06-14 07:23:31 UTC 2022-09-23 04:33:33 UTC 142.250.74.3
mnemonic passive DNS ads.adlook.me (1) 43352 2018-11-28 12:50:19 UTC 2022-09-22 21:55:06 UTC 5.200.43.131
mnemonic passive DNS sync.dmp.otm-r.com (1) 19534 2017-02-03 07:19:51 UTC 2022-09-23 12:34:44 UTC 148.251.9.22
mnemonic passive DNS a.utraff.com (1) 39874 2020-01-25 04:23:15 UTC 2022-09-23 12:51:56 UTC 104.21.59.66
mnemonic passive DNS ssp.bestssp.com (1) 90974 2017-06-10 08:55:20 UTC 2022-09-23 13:51:35 UTC 185.147.80.35
mnemonic passive DNS sync.bumlam.com (2) 3243 2015-08-10 21:04:25 UTC 2022-09-23 15:08:19 UTC 31.172.81.159
mnemonic passive DNS match.new-programmatic.com (1) 33613 2020-02-18 20:50:06 UTC 2022-09-23 12:34:44 UTC 217.65.2.150
mnemonic passive DNS ad.mail.ru (1) 7643 2012-06-22 19:38:09 UTC 2022-09-23 10:46:19 UTC 95.163.41.56
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-23 13:41:12 UTC 93.184.220.29
mnemonic passive DNS sync.upravel.com (2) 28097 2017-05-29 09:13:46 UTC 2022-09-23 09:36:30 UTC 148.251.236.115
mnemonic passive DNS sm.rtb.mts.ru (2) 27154 2019-03-26 14:10:01 UTC 2022-09-23 12:34:44 UTC 217.66.147.36
mnemonic passive DNS ssp.bidvol.com (1) 31817 2020-02-22 12:37:29 UTC 2022-09-23 12:34:44 UTC 65.108.1.47
mnemonic passive DNS sync.republer.com (1) 45392 2015-04-29 11:49:27 UTC 2022-09-22 21:55:06 UTC 23.88.82.46
mnemonic passive DNS s.uuidksinc.net (1) 3423 2015-07-20 12:00:35 UTC 2022-09-23 16:03:38 UTC 31.220.27.155
mnemonic passive DNS ut.rktch.com (1) 41215 2018-06-04 10:29:18 UTC 2022-09-23 12:34:44 UTC 89.108.97.2
mnemonic passive DNS 301bbc91-8a77-401c-bd66-52384d291fee.sync.upravel.com (1) 0 No data No data 78.46.16.13 Domain (upravel.com) ranked at: 27764
mnemonic passive DNS status.geotrust.com (1) 3662 2017-12-01 08:55:31 UTC 2022-09-23 05:00:39 UTC 93.184.220.29
mnemonic passive DNS status.thawte.com (1) 5123 2017-11-27 12:33:51 UTC 2022-09-23 05:17:19 UTC 93.184.220.29
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-23 12:37:00 UTC 34.120.237.76
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-23 04:49:01 UTC 108.156.28.51
mnemonic passive DNS dmg.digitaltarget.ru (4) 21471 2015-04-23 14:50:51 UTC 2022-09-23 12:34:46 UTC 185.15.175.146
mnemonic passive DNS banners.nashalife.ru (3) 0 2015-05-03 16:14:24 UTC 2022-09-01 18:49:17 UTC 217.23.140.249 Unknown ranking
mnemonic passive DNS www.acint.net (17) 29072 2014-02-14 21:23:16 UTC 2022-09-23 08:58:25 UTC 185.12.125.26
mnemonic passive DNS ocsp.godaddy.com (2) 698 2012-05-20 19:28:57 UTC 2022-09-23 04:40:04 UTC 192.124.249.22
mnemonic passive DNS tech.rtb.mts.ru (1) 27360 2017-04-17 12:41:30 UTC 2022-09-23 12:34:45 UTC 213.87.44.187
mnemonic passive DNS ocsp.sectigo.com (4) 487 2018-12-17 11:31:55 UTC 2022-09-23 14:11:13 UTC 172.64.155.188
mnemonic passive DNS partner.googleadservices.com (1) 798 2012-10-03 01:04:21 UTC 2022-09-23 05:42:01 UTC 172.217.21.162
mnemonic passive DNS fcgi4.gnezdo.ru (1) 69027 2020-06-11 12:55:54 UTC 2022-09-23 11:23:58 UTC 93.95.102.105
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-23 07:14:46 UTC 18.164.68.8
mnemonic passive DNS 0100007f0be22d63b800b3b30233cd9f-sp.ops.beeline.ru (1) 0 No data No data 37.9.245.57 Domain (beeline.ru) ranked at: 20964
mnemonic passive DNS x01.aidata.io (2) 12188 2016-03-31 15:36:46 UTC 2022-09-23 12:34:44 UTC 89.108.119.43
mnemonic passive DNS ads.betweendigital.com (3) 1571 2012-10-30 05:08:04 UTC 2022-09-23 04:55:55 UTC 188.42.191.196
mnemonic passive DNS nr.bidderstack.com (1) 352019 2019-02-11 14:43:50 UTC 2022-09-23 07:36:58 UTC 148.251.217.100
mnemonic passive DNS adservice.google.no (1) 96969 2017-09-26 14:23:08 UTC 2022-09-23 04:34:51 UTC 142.250.74.162
mnemonic passive DNS an.yandex.ru (2) 2577 2017-01-30 05:11:51 UTC 2022-09-23 09:06:23 UTC 213.180.193.90
mnemonic passive DNS adlmerge.com (1) 146521 2017-04-06 07:10:27 UTC 2022-09-23 12:34:44 UTC 95.211.66.35


Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 217.23.140.249

Date UQ / IDS / BL URL IP
2022-10-19 17:10:07 +0000
0 - 0 - 1 filespace.ru/games/hl2/mods/single/cm7_rc1.rar 217.23.140.249
2022-09-23 16:43:32 +0000
0 - 0 - 5 filespace.ru/games/hl2/mods/single/cm7_rc1.rar 217.23.140.249
2022-09-23 16:43:02 +0000
0 - 0 - 6 filespace.ru/down/32b136bc1da24fce23e05a3011d (...) 217.23.140.249

Last 5 reports on ASN: Domain names registrar REG.RU, Ltd

Date UQ / IDS / BL URL IP
2022-12-04 15:47:48 +0000
0 - 0 - 9 u1858051.plsk.regruhosting.ru/emshirisfa/index.php 31.31.198.208
2022-12-04 15:47:29 +0000
0 - 0 - 10 u1858051.plsk.regruhosting.ru/emshirisfa 31.31.198.208
2022-12-04 15:32:48 +0000
0 - 0 - 9 u1858051.plsk.regruhosting.ru/rmihisesfa/ 31.31.198.208
2022-12-04 15:00:48 +0000
0 - 0 - 80 pancakeswapairpdrop.com/ 31.31.198.27
2022-12-04 13:51:07 +0000
0 - 0 - 16 u1854008.plsk.regruhosting.ru/psbotk1a/ 31.31.198.171

Last 3 reports on domain: filespace.ru

Date UQ / IDS / BL URL IP
2022-10-19 17:10:07 +0000
0 - 0 - 1 filespace.ru/games/hl2/mods/single/cm7_rc1.rar 217.23.140.249
2022-09-23 16:43:32 +0000
0 - 0 - 5 filespace.ru/games/hl2/mods/single/cm7_rc1.rar 217.23.140.249
2022-09-23 16:43:02 +0000
0 - 0 - 6 filespace.ru/down/32b136bc1da24fce23e05a3011d (...) 217.23.140.249

Last 1 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-19 17:10:07 +0000
0 - 0 - 1 filespace.ru/games/hl2/mods/single/cm7_rc1.rar 217.23.140.249


JavaScript

Executed Scripts (24)


Executed Evals (0)


Executed Writes (3)

#1 JavaScript::Write (size: 207, repeated: 1) - SHA256: 678256a1009cc579929403f1828ae99a98ba4652c7ec8381b761afc1eb2b9069

                                        < div id = "aswift_0_host"
style = "border:none;margin:0;padding:0;position:relative;visibility:visible;background-color:transparent;display:inline-block;width:468px;height:60px;"
data - ad - slot = "8994886606" > < /div>
                                    

#2 JavaScript::Write (size: 207, repeated: 1) - SHA256: 3db248275a51ac1c9514ed01daaaf34b4800e957ea14e465ca2b9a39396b7aaf

                                        < div id = "aswift_1_host"
style = "border:none;margin:0;padding:0;position:relative;visibility:visible;background-color:transparent;display:inline-block;width:728px;height:90px;"
data - ad - slot = "4123334446" > < /div>
                                    

#3 JavaScript::Write (size: 207, repeated: 1) - SHA256: 9179fd4c0ce27fa6e683781186062e751b38a137815ae399ed0be81cbdb61cbd

                                        < div id = "aswift_2_host"
style = "border:none;margin:0;padding:0;position:relative;visibility:visible;background-color:transparent;display:inline-block;width:728px;height:90px;"
data - ad - slot = "8070088542" > < /div>
                                    


HTTP Transactions (173)


Request Response
                                        
                                            GET /down/32b136bc1da24fce23e05a3011d3b620/cm7_rc1.rar HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         217.23.140.249
HTTP/1.1 302 Found
Content-Type: text/html; charset=cp1251
                                        
Cache-Control: private
Pragma: no-cache
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: http://filespace.ru/games/hl2/mods/single/cm7_rc1.rar
Vary: Accept-Encoding
Server: NashaLife Server 2019.12.20
Set-Cookie: FILESPACESID=rmgrulas00sc626da5savip335; expires=Fri, 30-Sep-2022 16:42:49 GMT; Max-Age=604800; path=/; HttpOnly
Date: Fri, 23 Sep 2022 16:42:49 GMT
Content-Length: 0


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.8
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 16:05:09 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 3fc96eac90753d96374d6038f01cfe76.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: Qdc5CDFEQFcYzIoHHbFjHCUfsQNiLU1MvsMzF4je0ePKDlJLEpd5eQ==
Age: 2260


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5925
Expires: Fri, 23 Sep 2022 18:21:34 GMT
Date: Fri, 23 Sep 2022 16:42:49 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         108.156.28.51
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 c58391b07051938ceda6615614fbabb0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: uS8mgQzrdjkSQT-PvmKnCq1KMkx0cjy1NfN8vt7VqHVIMhR2u8AFjA==
age: 44988
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /games/hl2/mods/single/cm7_rc1.rar HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: FILESPACESID=rmgrulas00sc626da5savip335
Upgrade-Insecure-Requests: 1

                                         
                                         217.23.140.249
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=cp1251
                                        
Cache-Control: max-age=0, private, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: http://filespace.ru/games/hl2/mods/single/
Vary: Accept-Encoding
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:49 GMT
Content-Length: 0


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 23 Sep 2022 16:42:50 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.8
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 16:33:00 GMT
Expires: Fri, 23 Sep 2022 17:25:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 fd0213744bc3f0c3b6436f635fb80a6c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: Y891RUdqXo-AsEv3wbLnDPEZA6gYH_moD8ruXhayUsc9Zzg69EpszA==
Age: 590


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 299
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 16:42:50 GMT
Last-Modified: Fri, 23 Sep 2022 16:37:51 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /games/hl2/mods/single/ HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: FILESPACESID=rmgrulas00sc626da5savip335
Upgrade-Insecure-Requests: 1

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: text/html; charset=cp1251
                                        
Cache-Control: private
Pragma: no-cache
Content-Encoding: gzip
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Vary: Accept-Encoding
Server: NashaLife Server 2019.12.20
Set-Cookie: OAGEO=2%7CNO%7CEU%7C%7C%7C%7C59%2C95%7C10%2C75%7C200%7CEurope%2FOslo%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/; SameSite=none OAID=82601273f253acc5508934a0eaf8ec6b; expires=Sat, 23-Sep-2023 16:42:50 GMT; Max-Age=31536000; path=/; SameSite=none OAID=82601273f253acc5508934a0eaf8ec6b; expires=Sat, 23-Sep-2023 16:42:50 GMT; Max-Age=31536000; path=/; SameSite=none OAID=82601273f253acc5508934a0eaf8ec6b; expires=Sat, 23-Sep-2023 16:42:50 GMT; Max-Age=31536000; path=/; SameSite=none OAID=82601273f253acc5508934a0eaf8ec6b; expires=Sat, 23-Sep-2023 16:42:50 GMT; Max-Age=31536000; path=/; SameSite=none OAID=82601273f253acc5508934a0eaf8ec6b; expires=Sat, 23-Sep-2023 16:42:50 GMT; Max-Age=31536000; path=/; SameSite=none OAID=82601273f253acc5508934a0eaf8ec6b; expires=Sat, 23-Sep-2023 16:42:50 GMT; Max-Age=31536000; path=/; SameSite=none OAID=82601273f253acc5508934a0eaf8ec6b; expires=Sat, 23-Sep-2023 16:42:50 GMT; Max-Age=31536000; path=/; SameSite=none OAID=82601273f253acc5508934a0eaf8ec6b; expires=Sat, 23-Sep-2023 16:42:50 GMT; Max-Age=31536000; path=/; SameSite=none
P3P: CP="CUR ADM OUR NOR STA NID"
Date: Fri, 23 Sep 2022 16:42:49 GMT
Content-Length: 12374


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (680), with CRLF, CR, LF, NEL line terminators
Size:   12374
Md5:    99da5bfa47aa166346f678dbe780e439
Sha1:   ff2a1d1fbd19ff62b913587393750c4c10773c2f
Sha256: cc52a7277c7b99cae0bbae56c9aa768b296397a0df12d1a15f6b9e91bef3683d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css/main.css HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Expires: Sat, 23 Sep 2023 16:42:50 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:46 GMT
Accept-Ranges: bytes
Vary: User-Agent,Accept-Encoding
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 629


--- Additional Info ---
Magic:  ASCII text, with CRLF, LF line terminators
Size:   629
Md5:    50da598b97c7ea40407eb2c2fe6d89f5
Sha1:   8c743a350900205dac3e559e2e60d15841e0dff6
Sha256: 52af12ef93e0d1b80aedd0a9306d74fc2103c0950a331ab8a23e6669fa1bc03f
                                        
                                            GET /pagead/show_ads.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/

                                         
                                         216.58.211.2
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Fri, 23 Sep 2022 16:42:50 GMT
Expires: Fri, 23 Sep 2022 16:42:50 GMT
Cache-Control: private, max-age=3600
ETag: 9142183144919191411
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 40718
X-XSS-Protection: 0


--- Additional Info ---
Magic:  ASCII text, with very long lines (2535)
Size:   40718
Md5:    a2374c7d26a8e9c06ffd2cf55e055f9f
Sha1:   88bd6eb8fe2a7d64d2b9a0f4f7a1bd13cb41968f
Sha256: 7c06ef46dd4da9f611367c7804f2a58dfd841bff1451834fa9538e98611fb2ad
                                        
                                            GET /css/three.css HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Expires: Sat, 23 Sep 2023 16:42:50 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:47 GMT
Accept-Ranges: bytes
Vary: User-Agent,Accept-Encoding
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 369


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   369
Md5:    ce128ca4b1d0f7ff062c54532d664547
Sha1:   3a1f69a1ba38de7eb9f3036b08bce05962aea7f5
Sha256: 3e4de484b87cfedc51b2ad386080a587fef734856c58c6e9880d7482ff6a8395
                                        
                                            GET /css/blocks.css HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Expires: Sat, 23 Sep 2023 16:42:50 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:44 GMT
Accept-Ranges: bytes
Vary: User-Agent,Accept-Encoding
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 433


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   433
Md5:    348a43ae61b4d04fd2b2fb7c3268668f
Sha1:   ca8e80c5e77ae4ed13e12cd5d88506d8ab046002
Sha256: a1567270908cbb17d99650b48de3bd9fe101d3183bf87ee5fb9d478550d8f106
                                        
                                            GET /css/functions.js HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Expires: Sat, 23 Sep 2023 16:42:50 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 752


--- Additional Info ---
Magic:  ASCII text
Size:   752
Md5:    12cb5536a0cf67b1ab39658d34846ae4
Sha1:   4bc7387669cfc70a05f4458e391b78ed9548c2c1
Sha256: 78584781d90b27e25a84c611d7daad3443749c903dc3e2d6dc6478a5c4710388

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css/brouser_css.php HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: text/css;charset=cp1251
                                        
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Expires: Sat, 23 Sep 2023 16:42:50 GMT
Vary: User-Agent,Accept-Encoding
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 249


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   249
Md5:    aefbdba224bf2835d60290f6e4fe145f
Sha1:   f00a99c45956d9de1b948d142a9696d5b9c67ee4
Sha256: b80905e2c2e76a8a3d5f91fdf337663c9a8aa54282398784663e9af520d917b9

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css/tooltip.js HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Expires: Sat, 23 Sep 2023 16:42:50 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 1939


--- Additional Info ---
Magic:  ISO-8859 text, with CRLF line terminators
Size:   1939
Md5:    23e94cc61f2e240180bb57622801676a
Sha1:   35d203d9c92990e03d4a66cc765bf0f960780749
Sha256: d212943b6353c48afc2e61444d17461b6399e86d992266de0ee61e04e38e15ca

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 03aQiiwCxHOZ2r5kCI3Pwg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.89.15.44
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Zz4kloYVsmFBmmEj90oz1gJYm+s=

                                        
                                            GET /libs/nl_mistake/1.0/nl_mistake.js HTTP/1.1 
Host: csj.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/

                                         
                                         217.23.140.253
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Cache-Control: public, max-age=0
Expires: Fri, 23 Sep 2022 16:42:51 GMT
Location: https://csj.ru/libs/nl_mistake/1.0/nl_mistake.js
Server: Microsoft-IIS/10.0
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 258


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   258
Md5:    47b3391b3aab053cced1d641a72c5414
Sha1:   4a0b98ea98dc5331e4daf5f727bd2bdaf40be822
Sha256: d337b935011d3018a100ef2b2c5d56e8143aae4b4d4e7c3fe20a29f83482039e
                                        
                                            GET /images/flags/EN.gif HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: public, max-age=2592000
Expires: Sun, 23 Oct 2022 16:42:51 GMT
Last-Modified: Tue, 24 Dec 2019 21:15:19 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 161


--- Additional Info ---
Magic:  GIF image data, version 89a, 21 x 14\012- data
Size:   161
Md5:    7eb14a278f26283c87db5c536d65eaa8
Sha1:   2a789fc4d53811a780f39e20781f0eeb8a48fa58
Sha256: 3203ae9c9bc498ba6160aec1495a7f001333811328af3658cce815a281a64dfb
                                        
                                            GET /images/icon_zip.gif HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: public, max-age=2592000
Expires: Sun, 23 Oct 2022 16:42:51 GMT
Last-Modified: Tue, 24 Dec 2019 21:15:05 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 531


--- Additional Info ---
Magic:  GIF image data, version 89a, 36 x 36\012- data
Size:   531
Md5:    543430e6538c8723106de263ae04a63f
Sha1:   fd29678e46fe4bc542a9d328aa2fa06946746f85
Sha256: ac4aee5e6f6cfedd787aaec921314700f03044ddb42aeab17ce4cb2f5d8cc369
                                        
                                            GET /images/rss.gif HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: public, max-age=2592000
Expires: Sun, 23 Oct 2022 16:42:51 GMT
Last-Modified: Tue, 24 Dec 2019 21:15:05 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 108


--- Additional Info ---
Magic:  GIF image data, version 89a, 29 x 15\012- data
Size:   108
Md5:    68bf86e4e5a14692fc08595bdd177e51
Sha1:   23434c5829e5eae4adf76579e402963cae6a8455
Sha256: f90ef18bb6a1d76b0d47c350f1f2ec777df5ce5d318e37ca3d3afa7671b3c322
                                        
                                            GET /images/icon_info.gif HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: public, max-age=2592000
Expires: Sun, 23 Oct 2022 16:42:51 GMT
Last-Modified: Tue, 24 Dec 2019 21:15:01 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 257


--- Additional Info ---
Magic:  GIF image data, version 89a, 15 x 15\012- data
Size:   257
Md5:    da33c6b0ba79d4a54c807e698cf296c5
Sha1:   c862075c85d98544d59626e18afa590366718a04
Sha256: ae9c29e2d4cc0d5f2d05255ba4bae9a34780c29a04c870545152baf3a121f580
                                        
                                            GET /images/icon_up.gif HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: public, max-age=2592000
Expires: Sun, 23 Oct 2022 16:42:51 GMT
Last-Modified: Tue, 24 Dec 2019 21:15:04 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 889


--- Additional Info ---
Magic:  GIF image data, version 89a, 36 x 36\012- data
Size:   889
Md5:    f45fe5ba803c40a36113d5b4adc5cba7
Sha1:   ae9efba7ce2f58ccf2bfeecf78345af9480fda87
Sha256: 06ae4d7b43ca30833782538a0c600f13d645d0e4ccabc6b3876191189036f48a
                                        
                                            GET /images/flags/RU.gif HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: public, max-age=2592000
Expires: Sun, 23 Oct 2022 16:42:51 GMT
Last-Modified: Tue, 24 Dec 2019 21:15:23 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 1006


--- Additional Info ---
Magic:  GIF image data, version 89a, 18 x 12\012- data
Size:   1006
Md5:    daa2a635125539998a491f04ce53dc60
Sha1:   8b7daa6c7adef9a3db8c2d05b3830c3be3d9dcdd
Sha256: 987407b3bff6c7785ecdb057b9b4be01c28db9dc0343b68a2ada547d02c9f2f1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A35077B8BB0524C8A3D15BE9FDCCE98963F260FA71A4494EBD2759B1231F21CB"
Last-Modified: Wed, 21 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17408
Expires: Fri, 23 Sep 2022 21:32:59 GMT
Date: Fri, 23 Sep 2022 16:42:51 GMT
Connection: keep-alive

                                        
                                            GET /images/single.gif HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: public, max-age=2592000
Expires: Sun, 23 Oct 2022 16:42:51 GMT
Last-Modified: Tue, 24 Dec 2019 21:15:06 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 43


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /images/header_bg.gif HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/css/three.css
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: public, max-age=2592000
Expires: Sun, 23 Oct 2022 16:42:51 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:55 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 122


--- Additional Info ---
Magic:  GIF image data, version 89a, 10 x 181\012- data
Size:   122
Md5:    9526592a93a50391b54807476a2ee8cf
Sha1:   9c95934d4da53cad3286ac350900a5071ab42200
Sha256: c73dd3403822378234984dd1da20f30c7285c4d16b52a0c15ec4b38298d874d5
                                        
                                            GET /images/category00.gif HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/css/blocks.css
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: public, max-age=2592000
Expires: Sun, 23 Oct 2022 16:42:51 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:49 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 316


--- Additional Info ---
Magic:  GIF image data, version 89a, 22 x 20\012- data
Size:   316
Md5:    7b1d4782103fb414ae1293e5a3d7b7f3
Sha1:   2f1c1595da128a4568714f604787e36f6f63ca29
Sha256: b216883628a8fc9575b1ccacb816d806d845c155cce09e47dd6a3f93ac1ad030
                                        
                                            GET /images/header_left_main.jpg HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/css/three.css
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Cache-Control: public, max-age=2592000
Expires: Sun, 23 Oct 2022 16:42:51 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:55 GMT
Accept-Ranges: bytes
Vary: User-Agent
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 11312


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 470x111, components 3\012- data
Size:   11312
Md5:    913e88e679a80a6c8ca93723ad6a2a89
Sha1:   c1717481070f18f0e10df2d204d9d6fd8e414c32
Sha256: adadc9f0a179090db6ef54e163849673064a3ba3abfab2bbaf6b856f2b6f3399
                                        
                                            GET /images/header_right_main.gif HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/css/three.css
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: public, max-age=2592000
Expires: Sun, 23 Oct 2022 16:42:51 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:55 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 12876


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 300x180, components 3\012- data
Size:   12876
Md5:    15e7d29660667457332c2485dd964cca
Sha1:   760642251b7131efbecb5bf9ba65a1592f74ce8d
Sha256: 551c080b726efa1bdb95679a200e6d1f182405cd2699af7e719290875db1e96c
                                        
                                            GET /images/icon_folder.gif HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: public, max-age=2592000
Expires: Sun, 23 Oct 2022 16:42:51 GMT
Last-Modified: Tue, 24 Dec 2019 21:15:00 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 1028


--- Additional Info ---
Magic:  GIF image data, version 89a, 36 x 36\012- data
Size:   1028
Md5:    e942257e22c7d2b4e4728920c8ac9d18
Sha1:   154563b1e005b1e90eb24a0040942f5c6a896152
Sha256: bd38a13c120d6a6e213f5d9f40d5fc0ab96d34a3c205a621b2afe64bbfbae5be
                                        
                                            GET /images/icon_rar.gif HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: public, max-age=2592000
Expires: Sun, 23 Oct 2022 16:42:51 GMT
Last-Modified: Tue, 24 Dec 2019 21:15:03 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 531


--- Additional Info ---
Magic:  GIF image data, version 89a, 36 x 36\012- data
Size:   531
Md5:    543430e6538c8723106de263ae04a63f
Sha1:   fd29678e46fe4bc542a9d328aa2fa06946746f85
Sha256: ac4aee5e6f6cfedd787aaec921314700f03044ddb42aeab17ce4cb2f5d8cc369
                                        
                                            GET /libs/nl_mistake/1.0/nl_mistake.js HTTP/1.1 
Host: csj.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://filespace.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         217.23.140.253
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=31536000
content-encoding: gzip
expires: Sat, 23 Sep 2023 16:42:51 GMT
last-modified: Sun, 06 Mar 2022 22:17:17 GMT
accept-ranges: bytes
etag: "2166b8f0a731d81:0"
vary: Accept-Encoding
server: CSoft Server 2019.12.21
access-control-allow-origin: *
date: Fri, 23 Sep 2022 16:42:51 GMT
content-length: 2389
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2389
Md5:    024acff4a347f991f9816930df68805b
Sha1:   9db5c2041330462f4050dcf0f07f8525fe78af12
Sha256: 2754aa56d606bc89de92d3a85b2635c69920ba79d248a4b899985cd5067d9338
                                        
                                            GET /delivery/lg.php?bannerid=72&campaignid=23&zoneid=53&loc=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&cb=1a1ed786ba HTTP/1.1 
Host: banners.nashalife.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private
Pragma: no-cache
Expires: 0
Server: NashaLife Server 2019.12.20
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAGEO=2%7CNO%7CEU%7C%7C%7C%7C59.95%7C10.75%7C200%7CEurope%2FOslo%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/; SameSite=none OAID=e478212e1cef332b35ce31cccb9722c7; expires=Sat, 23-Sep-2023 16:42:51 GMT; Max-Age=31536000; path=/; SameSite=none
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 43


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /images/icon_exe.gif HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=rmgrulas00sc626da5savip335

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: public, max-age=2592000
Expires: Sun, 23 Oct 2022 16:42:51 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:59 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 528


--- Additional Info ---
Magic:  GIF image data, version 89a, 36 x 36\012- data
Size:   528
Md5:    ae260272f0765673921e5ac35d5ce9b1
Sha1:   76d2ea64eedeffb8d084427429d22479c2b3424b
Sha256: 428e332bbbbd649f5a31e709bb4241a21722561877308b8720fab537646a53a5
                                        
                                            GET /delivery/lg.php?bannerid=70&campaignid=23&zoneid=56&loc=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&cb=7e0d38f2a1 HTTP/1.1 
Host: banners.nashalife.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private
Pragma: no-cache
Expires: 0
Server: NashaLife Server 2019.12.20
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAGEO=2%7CNO%7CEU%7C%7C%7C%7C59.95%7C10.75%7C200%7CEurope%2FOslo%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/; SameSite=none OAID=9da1af6fd0d3b7caaf6aa5963cf5b739; expires=Sat, 23-Sep-2023 16:42:51 GMT; Max-Age=31536000; path=/; SameSite=none
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 43


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /delivery/lg.php?bannerid=69&campaignid=23&zoneid=55&loc=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&cb=1c50c9bce1 HTTP/1.1 
Host: banners.nashalife.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private
Pragma: no-cache
Expires: 0
Server: NashaLife Server 2019.12.20
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAGEO=2%7CNO%7CEU%7C%7C%7C%7C59.95%7C10.75%7C200%7CEurope%2FOslo%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/; SameSite=none OAID=f439010501f91a9919a590f5d26c5850; expires=Sat, 23-Sep-2023 16:42:51 GMT; Max-Age=31536000; path=/; SameSite=none
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 43


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /libs/jquery/1.12.4/jquery.min.js HTTP/1.1 
Host: csj.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.23.140.253
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=31536000
content-encoding: gzip
expires: Sat, 23 Sep 2023 16:42:51 GMT
last-modified: Fri, 20 May 2016 07:17:56 GMT
accept-ranges: bytes
etag: "0aacbb67b2d11:0"
vary: Accept-Encoding
server: CSoft Server 2019.12.21
access-control-allow-origin: *
date: Fri, 23 Sep 2022 16:42:51 GMT
content-length: 33886
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32077)
Size:   33886
Md5:    6ef48572188eff37defb0732b5709248
Sha1:   b67437a98ed39c3d8d83c210b9c35b89141ac020
Sha256: 191841a685c0f035798a187ad89ad4386a3311bee659f202c576103be18b703b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5485B7384F7916FB88550DF02EFD8748F3CB54FD48020F3DE31E7BB3AA9E89E6"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2601
Expires: Fri, 23 Sep 2022 17:26:12 GMT
Date: Fri, 23 Sep 2022 16:42:51 GMT
Connection: keep-alive

                                        
                                            GET /aci.js HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: application/x-javascript
                                        
server: openresty
date: Fri, 23 Sep 2022 16:42:51 GMT
content-length: 7461
last-modified: Mon, 16 May 2022 07:14:50 GMT
etag: "6281f9ea-1d25"
content-encoding: gzip
expires: Sat, 24 Sep 2022 04:42:51 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1408)
Size:   7461
Md5:    ae0aab6c5a2ae2e1168e74f6e6ae4741
Sha1:   2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
Sha256: a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de
                                        
                                            GET /libs/nl_mistake/1.0/nl_mistake.css HTTP/1.1 
Host: csj.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         217.23.140.253
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
content-encoding: gzip
expires: Sat, 23 Sep 2023 16:42:51 GMT
last-modified: Sun, 31 May 2020 11:29:57 GMT
accept-ranges: bytes
etag: "b13059d03e37d61:0"
vary: User-Agent,Accept-Encoding
server: CSoft Server 2019.12.21
access-control-allow-origin: *
date: Fri, 23 Sep 2022 16:42:51 GMT
content-length: 3169
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3997), with CRLF line terminators
Size:   3169
Md5:    4173e7cedfb401ba8977fe8082fe3970
Sha1:   9812dcd2b4b84e639ccb004a9f2b63d8b2dcefef
Sha256: c2e0471db89203d486c478e9d839341c7de1136d2c799180e6cfdcbb00f4c58c
                                        
                                            GET /npm/yandex-metrica-watch/tag.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.244.0
x-jsd-version-type: version
etag: W/"3392e-Qi3gEcZr1l3TqINcJ23fMrDsrI8"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 23 Sep 2022 16:42:51 GMT
age: 27121
x-served-by: cache-fra19163-FRA, cache-bma1676-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 83683
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Size:   83683
Md5:    93da68520075687596d7c4a0cb3c93a0
Sha1:   677e814d36fb09115d31b029c55b920c2b78f7aa
Sha256: 7ae325ea4d6de04c789cf4e147f9a334e8feb936d2d785ef48be82c5bbe3621d
                                        
                                            GET /mc/?dp=10 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/
Upgrade-Insecure-Requests: 1

                                         
                                         185.12.125.26
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: openresty
Date: Fri, 23 Sep 2022 16:42:51 GMT
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   142
Md5:    82c98e8e012b79c922655461171cc2fa
Sha1:   0828d79135573276005b04be42d79a8a3291292b
Sha256: 745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
                                        
                                            GET /hit/?v=0.4.0&uid=ba5f3e83-50f9-4f09-b79c-f4517b20500e&dp=10&tz=%2B00%3A00&nc=17377414&u=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&r=&rs=1280x1024&t=FileSpace.ru&oE=1&oP=1&dT=2022-09-23T16%3A42%3A50.529&fu=561aa111-b38b-413f-87b8-9258ce018096 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/

                                         
                                         185.12.125.26
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: openresty
Date: Fri, 23 Sep 2022 16:42:51 GMT
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.4.0&uid=ba5f3e83-50f9-4f09-b79c-f4517b20500e&dp=10&tz=%2B00%3A00&nc=17377414&u=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&r=&rs=1280x1024&t=FileSpace.ru&oE=1&oP=1&dT=2022-09-23T16%3A42%3A50.529&fu=561aa111-b38b-413f-87b8-9258ce018096


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   142
Md5:    82c98e8e012b79c922655461171cc2fa
Sha1:   0828d79135573276005b04be42d79a8a3291292b
Sha256: 745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
                                        
                                            GET /mc/?dp=10 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://filespace.ru/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 302 Found
content-type: text/html
                                        
server: openresty
date: Fri, 23 Sep 2022 16:42:51 GMT
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Fri, 23-Sep-22 16:52:51 GMT aid=fwAAAWMt4guzswC4n80zAsZpU3G7F3aOya+g8QH0KBFWyi4s; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   154
Md5:    cfbeaf604823f038b8b46f0ac862b98c
Sha1:   7b9eb1dac48e74fa5f418bc456cb410f88b81d98
Sha256: 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
                                        
                                            GET /hit/?v=0.4.0&uid=ba5f3e83-50f9-4f09-b79c-f4517b20500e&dp=10&tz=%2B00%3A00&nc=17377414&u=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&r=&rs=1280x1024&t=FileSpace.ru&oE=1&oP=1&dT=2022-09-23T16%3A42%3A50.529&fu=561aa111-b38b-413f-87b8-9258ce018096 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://filespace.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Fri, 23 Sep 2022 16:42:51 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=uQx9GmMt4guzswC4n807AmFE2UR7H0j0S/imy148Pc6/drQx; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: filespace.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filespace.ru/games/hl2/mods/single/
Cookie: FILESPACESID=rmgrulas00sc626da5savip335; fid=561aa111-b38b-413f-87b8-9258ce018096; _ym_uid=1663951371840133812; _ym_d=1663951371

                                         
                                         217.23.140.249
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Cache-Control: public, max-age=2592000
Expires: Sun, 23 Oct 2022 16:42:51 GMT
Last-Modified: Tue, 24 Dec 2019 21:14:40 GMT
Accept-Ranges: bytes
Server: NashaLife Server 2019.12.20
Date: Fri, 23 Sep 2022 16:42:50 GMT
Content-Length: 318


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Size:   318
Md5:    065328b3c213836ada02de8ea7006971
Sha1:   25a2b6f57053c63d8eef16d735a04075e040fd09
Sha256: bd3e79b578cef68e6fceee5240dc1f560f139bbdef6cc4b7db4f24eb7b1c51b9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4723
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 16:42:51 GMT
Last-Modified: Fri, 23 Sep 2022 15:24:08 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /match?id=106&vid=0100007F0BE22D63B800B3B30233CD9F HTTP/1.1 
Host: dm-eu.hybrid.ai
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.18.103.21
HTTP/2 204 No Content
                                        
date: Fri, 23 Sep 2022 16:42:51 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=8ff4be76186162077443; expires=Sat, 23 Sep 2023 16:42:51 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 520
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2

                                        
                                            GET /sync?ssp=sape HTTP/1.1 
Host: a.utraff.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.59.66
HTTP/2 204 No Content
content-type: text/plain
                                        
date: Fri, 23 Sep 2022 16:42:51 GMT
set-cookie: preutid=1; Expires=Sun, 23 Oct 2022 19:42:51 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/ preutid=1; Expires=Sun, 23 Oct 2022 19:42:51 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGV9bcmExje52QJE5i1HntkEDibQEeP%2Bve113a04cnNx8nN%2FW1%2FCBXsOzHiH8%2FakIMknA2n7MqfIx4X%2BlWn2FX%2FfKS2MTtGuMVW%2BP8WzuqrMMiRF9gFXnBEarSKt5RI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f4bc68b93cb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2088
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 16:42:51 GMT
Last-Modified: Fri, 23 Sep 2022 16:08:04 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4723
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 16:42:51 GMT
Last-Modified: Fri, 23 Sep 2022 15:24:08 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FE6E08489CCC6A01D4D7EBBB78B54487A5AC613E0830B547C279F265E7EC7FA5"
Last-Modified: Wed, 21 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5827
Expires: Fri, 23 Sep 2022 18:19:58 GMT
Date: Fri, 23 Sep 2022 16:42:51 GMT
Connection: keep-alive

                                        
                                            GET /pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=pub-8597845466791288&plah=filespace.ru HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.211.2
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 23 Sep 2022 16:42:51 GMT
expires: Fri, 23 Sep 2022 16:42:51 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
etag: 13779839714419932221
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 124743
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5015)
Size:   124743
Md5:    35196ac08a8d2528051e815d5de647bd
Sha1:   fe498a088de7cd973ef9377cef5cb106b3787c8a
Sha256: 715af41636d12a67b513eb3345531c3fd11d896562135cea8791bd8bd8e1f69b
                                        
                                            GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1 
Host: ads.adlook.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         5.200.43.131
HTTP/2 302 Found
                                        
location: https://acint.net/match?dp=110&euid=e583cd64486d48b6ba7cf522de9b924e
server: Kestrel
set-cookie: adlm_userId=e583cd64486d48b6ba7cf522de9b924e; expires=Fri, 22 Sep 2023 21:00:00 GMT; path=/; SameSite=None; secure
date: Fri, 23 Sep 2022 16:42:50 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7FD86E8D25BF5ED74A813015BB868FA3F5A0EC08829278713FE3F7D914C9823C"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3555
Expires: Fri, 23 Sep 2022 17:42:06 GMT
Date: Fri, 23 Sep 2022 16:42:51 GMT
Connection: keep-alive

                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:51 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 27 Sep 2022 12:55:20 GMT
ETag: "ff1eb14ebba49fa1d006dc19d0bae8809602c637"
Last-Modified: Fri, 23 Sep 2022 12:55:21 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2195
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f4bc69a9241c12-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    92a5d536d1a5c00149e8908c89b3a1d5
Sha1:   ff1eb14ebba49fa1d006dc19d0bae8809602c637
Sha256: f5394ddfe681ae5e5278d7e092c2bf35ddbb0f5aeb06da6f25fcb4444c1508c3
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:51 GMT
Content-Length: 940
Connection: keep-alive
Expires: Tue, 27 Sep 2022 15:38:23 GMT
ETag: "0cf3d42dbd53dfaa05729bfba55b997e2a9d3f07"
Last-Modified: Fri, 23 Sep 2022 15:38:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2944
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f4bc69ba8fb4f3-OSL

                                        
                                            GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F0BE22D63B800B3B30233CD9F HTTP/1.1 
Host: sync.1dmp.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         136.243.148.229
HTTP/2 302 Found
                                        
server: nginx
date: Fri, 23 Sep 2022 16:42:51 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=c3e51bd2-3b5e-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 23 Sep 2023 16:42:51 GMT; SameSite=None; Secure uid-legacy=c3e51bd2-3b5e-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 23 Sep 2023 16:42:51 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F0BE22D63B800B3B30233CD9F&cs=1
X-Firefox-Spdy: h2

                                        
                                            GET /match?dsp=sape HTTP/1.1 
Host: sync.republer.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.88.82.46
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 23 Sep 2022 16:42:51 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2

                                        
                                            GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1 
Host: ssp-rtb.sape.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         193.3.184.133
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: openresty
Date: Fri, 23 Sep 2022 16:42:51 GMT
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=A9B803C10BE22D631B00C569020E1518
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=wQO4qWMt4gtpxQAbGBUOAt39JNO0AV2wxslLoVZ/8/hGinnr; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   142
Md5:    82c98e8e012b79c922655461171cc2fa
Sha1:   0828d79135573276005b04be42d79a8a3291292b
Sha256: 745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "79620AF42E86CC52BB4419332A0C0D2A26B0CFC01F5D61E42B3C8C3294C16FD8"
Last-Modified: Thu, 22 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2558
Expires: Fri, 23 Sep 2022 17:25:29 GMT
Date: Fri, 23 Sep 2022 16:42:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9852827B86D52CC40ECB600418F7CEB05823A3BD21122C9BCD109DB26A57B79"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3026
Expires: Fri, 23 Sep 2022 17:33:17 GMT
Date: Fri, 23 Sep 2022 16:42:51 GMT
Connection: keep-alive

                                        
                                            GET /match/sape?id=0100007F0BE22D63B800B3B30233CD9F HTTP/1.1 
Host: sync.dmp.otm-r.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         148.251.9.22
HTTP/2 204 No Content
                                        
server: nginx/1.17.2
date: Fri, 23 Sep 2022 16:42:51 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "78A553B1B54FDAF46B372088EF869FA27482B221D7940947319A807105BB88BF"
Last-Modified: Thu, 22 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6060
Expires: Fri, 23 Sep 2022 18:23:51 GMT
Date: Fri, 23 Sep 2022 16:42:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "33CC7E1528CD3C0358C442656146C740469BDF1F68FACB8D3171AF0FD9F76B67"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5692
Expires: Fri, 23 Sep 2022 18:17:43 GMT
Date: Fri, 23 Sep 2022 16:42:51 GMT
Connection: keep-alive

                                        
                                            GET /core/match.gif?s=32&id=0100007F0BE22D63B800B3B30233CD9F HTTP/1.1 
Host: mediatoday.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.228.111
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx/1.22.0
date: Fri, 23 Sep 2022 16:42:51 GMT
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUEU9obQi82urrp; expires=Mon, 20-Sep-2032 16:42:51 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F0BE22D63B800B3B30233CD9F&cs=1 HTTP/1.1 
Host: sync.1dmp.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=c3e51bd2-3b5e-11ed-acfd-901b0e8b2a6e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         136.243.148.229
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Fri, 23 Sep 2022 16:42:51 GMT
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=c3e51bd2-3b5e-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 23 Sep 2023 16:42:51 GMT; SameSite=None; Secure uid-legacy=c3e51bd2-3b5e-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 23 Sep 2023 16:42:51 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /match?dp=110&euid=e583cd64486d48b6ba7cf522de9b924e HTTP/1.1 
Host: acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=uQx9GmMt4guzswC4n807AmFE2UR7H0j0S/imy148Pc6/drQx; cSyncDp7v2=1663951371; cSyncDp14v3=1663951371; cSyncDp17=1663951371; cSyncDp32=1663951371; cSyncDp45v3=1663951371; cSyncDp53=1663951371; cSyncDp54v2=1663951371; cSyncDp62=1663951371; cSyncDp67v2=1663951371; cSyncDp68=1663951371; cSyncDp71=1663951371; cSyncDp77=1663951371; cSyncDp84=1663951371; cSyncDp85=1663951371; cSyncDp95v3=1663951371; cSyncDp101=1663951371; cSyncDp104v2=1663951371; cSyncDp107=1663951371; cSyncDp110=1663951371; cSyncDp111v2=1663951371; cSyncDp112v2=1663951371; cSyncDp125v2=1663951371; cSyncDp126=1663951371; cSyncDp127=1663951371; cSyncDp129=1663951371; cSyncDp136v2=1663951371; cSyncDp138=1663951371; cSyncDp144=1663951371; cSyncDp146=1663951371; cSyncDp148=1663951371; cSyncDp149=1663951371; cSyncDp151=1663951371; cSyncDp178=1663951371; cSyncDp179=1663951371; cSyncDp186=1663951371; cSyncDp221=1663951371
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Fri, 23 Sep 2022 16:42:51 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "558C59C63FB940067A454741AA598B1E69BE7BA6E3B95D1C1D2DF9124F206810"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15986
Expires: Fri, 23 Sep 2022 21:09:17 GMT
Date: Fri, 23 Sep 2022 16:42:51 GMT
Connection: keep-alive

                                        
                                            GET /match?dp=14&euid=A9B803C10BE22D631B00C569020E1518 HTTP/1.1 
Host: acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=uQx9GmMt4guzswC4n807AmFE2UR7H0j0S/imy148Pc6/drQx; cSyncDp7v2=1663951371; cSyncDp14v3=1663951371; cSyncDp17=1663951371; cSyncDp32=1663951371; cSyncDp45v3=1663951371; cSyncDp53=1663951371; cSyncDp54v2=1663951371; cSyncDp62=1663951371; cSyncDp67v2=1663951371; cSyncDp68=1663951371; cSyncDp71=1663951371; cSyncDp77=1663951371; cSyncDp84=1663951371; cSyncDp85=1663951371; cSyncDp95v3=1663951371; cSyncDp101=1663951371; cSyncDp104v2=1663951371; cSyncDp107=1663951371; cSyncDp110=1663951371; cSyncDp111v2=1663951371; cSyncDp112v2=1663951371; cSyncDp125v2=1663951371; cSyncDp126=1663951371; cSyncDp127=1663951371; cSyncDp129=1663951371; cSyncDp136v2=1663951371; cSyncDp138=1663951371; cSyncDp144=1663951371; cSyncDp146=1663951371; cSyncDp148=1663951371; cSyncDp149=1663951371; cSyncDp151=1663951371; cSyncDp178=1663951371; cSyncDp179=1663951371; cSyncDp186=1663951371; cSyncDp221=1663951371
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Fri, 23 Sep 2022 16:42:51 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match/396/?remote_uid=0100007F0BE22D63B800B3B30233CD9F HTTP/1.1 
Host: s.uuidksinc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.220.27.155
HTTP/2 302 Found
                                        
server: nginx/1.19.0
date: Fri, 23 Sep 2022 16:42:51 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=XnRb7tNuV3jRrljYE40V
set-cookie: jcsuuid=XnRb7tNuV3jRrljYE40V; expires=Sat, 23 Sep 2023 16:42:51 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1 
Host: ssp.bestssp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.147.80.35
HTTP/1.1 302 Found
                                        
Server: nginx/1.16.1
Date: Fri, 23 Sep 2022 16:42:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=CKNLBRNW
Set-Cookie: uid=CKNLBRNW; Expires=Fri, 23 Sep 2032 00:00:00 GMT; mf2=1; Expires=Sun, 23 Oct 2022 00:00:00 GMT;

                                        
                                            GET /p?ssp=sp&uid=0100007F0BE22D63B800B3B30233CD9F HTTP/1.1 
Host: cs.agency2.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.111.107.44
HTTP/1.1 301 Moved Permanently
                                        
Date: Fri, 23 Sep 2022 16:42:51 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=000d9e59-1b77-4d92-aa72-706d0768c669
Set-Cookie: uuid=000d9e59-1b77-4d92-aa72-706d0768c669; expires=Thu, 14 Sep 2023 16:42:51 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /?src=sap1&uid=0100007F0BE22D63B800B3B30233CD9F HTTP/1.1 
Host: sync.bumlam.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.172.81.159
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:42:51 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRjM2YxYWY5NC0zYjVlLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Thu, 18 Sep 2042 16:42:51 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARiLxLeZBmIgMDEwMDAwN0YwQkUyMkQ2M0I4MDBCM0IzMDIzM0NEOUaiARDD8a-UO14R7YbgACWQwGR8
ETag: c3f1af94-3b5e-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

                                        
                                            GET /sape/cm?user_id=0100007F0BE22D63B800B3B30233CD9F HTTP/1.1 
Host: nr.bidderstack.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         148.251.217.100
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:42:51 GMT
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=81bbd2e8-5f29-4089-a862-ef6f024b8aa2; domain=.bidderstack.com; path=/; expires=Sat, 23-Sep-2023 16:42:51 GMT;
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   44
Md5:    f9d60352c70a2ba15616d1c9421f3844
Sha1:   e9abc8bea7721a4b6a50295850d13c515006a95c
Sha256: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
                                        
                                            GET /matchspm?pi=1000005&pui=0100007F0BE22D63B800B3B30233CD9F HTTP/1.1 
Host: ut.rktch.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         89.108.97.2
HTTP/1.1 302 Found
                                        
Server: nginx/1.22.0
Date: Fri, 23 Sep 2022 16:42:51 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=5668a8f6b46224fa8780c45833bcf48460d1; Max-Age=2592000; Expires=Sun, 23 Oct 2022 16:42:51 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A9479E2D500DCF2DB5517573B366ADC96D0C91DF525E1D9EA478EE7A1B37D566"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11279
Expires: Fri, 23 Sep 2022 19:50:50 GMT
Date: Fri, 23 Sep 2022 16:42:51 GMT
Connection: keep-alive

                                        
                                            GET /match?dp=127&euid=XnRb7tNuV3jRrljYE40V HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=uQx9GmMt4guzswC4n807AmFE2UR7H0j0S/imy148Pc6/drQx; cSyncDp7v2=1663951371; cSyncDp14v3=1663951371; cSyncDp17=1663951371; cSyncDp32=1663951371; cSyncDp45v3=1663951371; cSyncDp53=1663951371; cSyncDp54v2=1663951371; cSyncDp62=1663951371; cSyncDp67v2=1663951371; cSyncDp68=1663951371; cSyncDp71=1663951371; cSyncDp77=1663951371; cSyncDp84=1663951371; cSyncDp85=1663951371; cSyncDp95v3=1663951371; cSyncDp101=1663951371; cSyncDp104v2=1663951371; cSyncDp107=1663951371; cSyncDp110=1663951371; cSyncDp111v2=1663951371; cSyncDp112v2=1663951371; cSyncDp125v2=1663951371; cSyncDp126=1663951371; cSyncDp127=1663951371; cSyncDp129=1663951371; cSyncDp136v2=1663951371; cSyncDp138=1663951371; cSyncDp144=1663951371; cSyncDp146=1663951371; cSyncDp148=1663951371; cSyncDp149=1663951371; cSyncDp151=1663951371; cSyncDp178=1663951371; cSyncDp179=1663951371; cSyncDp186=1663951371; cSyncDp221=1663951371
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Fri, 23 Sep 2022 16:42:51 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match?dp=95&euid=CKNLBRNW HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=uQx9GmMt4guzswC4n807AmFE2UR7H0j0S/imy148Pc6/drQx; cSyncDp7v2=1663951371; cSyncDp14v3=1663951371; cSyncDp17=1663951371; cSyncDp32=1663951371; cSyncDp45v3=1663951371; cSyncDp53=1663951371; cSyncDp54v2=1663951371; cSyncDp62=1663951371; cSyncDp67v2=1663951371; cSyncDp68=1663951371; cSyncDp71=1663951371; cSyncDp77=1663951371; cSyncDp84=1663951371; cSyncDp85=1663951371; cSyncDp95v3=1663951371; cSyncDp101=1663951371; cSyncDp104v2=1663951371; cSyncDp107=1663951371; cSyncDp110=1663951371; cSyncDp111v2=1663951371; cSyncDp112v2=1663951371; cSyncDp125v2=1663951371; cSyncDp126=1663951371; cSyncDp127=1663951371; cSyncDp129=1663951371; cSyncDp136v2=1663951371; cSyncDp138=1663951371; cSyncDp144=1663951371; cSyncDp146=1663951371; cSyncDp148=1663951371; cSyncDp149=1663951371; cSyncDp151=1663951371; cSyncDp178=1663951371; cSyncDp179=1663951371; cSyncDp186=1663951371; cSyncDp221=1663951371
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Fri, 23 Sep 2022 16:42:51 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /metrika/advert.gif HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Fri, 23 Sep 2022 16:42:51 GMT
access-control-allow-origin: *
etag: "632d6d03-2b"
expires: Fri, 23 Sep 2022 17:42:51 GMT
accept-ranges: bytes
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /mc/?dp=10&tc=1 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://filespace.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWMt4guzswC4n80zAsZpU3G7F3aOya+g8QH0KBFWyi4s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: text/html
                                        
server: openresty
date: Fri, 23 Sep 2022 16:42:51 GMT
set-cookie: cSyncDp7v2=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp14v3=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp17=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp32=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp45v3=1663951371; expires=Sat, 24-Sep-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp53=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp54v2=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp62=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp67v2=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp68=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp71=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp77=1663951371; expires=Fri, 07-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp84=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp85=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp95v3=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp101=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp104v2=1663951371; expires=Fri, 07-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp107=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp110=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp111v2=1663951371; expires=Fri, 07-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp112v2=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp125v2=1663951371; expires=Sat, 08-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp126=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp127=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp129=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp136v2=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp138=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp144=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp146=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp148=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp149=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp151=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp178=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp179=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp186=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp221=1663951371; expires=Sun, 23-Oct-22 16:42:51 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   1467
Md5:    2a618011f5ab9271beda086cc35ed057
Sha1:   7d5252a519d40f1cb46c02b7d5bc20bf56b88d29
Sha256: d70e46309553012df0cab376921c404d0e5ff63b6c9d3dabf51101883e07688e
                                        
                                            GET /match?dp=186&euid=000d9e59-1b77-4d92-aa72-706d0768c669 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=uQx9GmMt4guzswC4n807AmFE2UR7H0j0S/imy148Pc6/drQx; cSyncDp7v2=1663951371; cSyncDp14v3=1663951371; cSyncDp17=1663951371; cSyncDp32=1663951371; cSyncDp45v3=1663951371; cSyncDp53=1663951371; cSyncDp54v2=1663951371; cSyncDp62=1663951371; cSyncDp67v2=1663951371; cSyncDp68=1663951371; cSyncDp71=1663951371; cSyncDp77=1663951371; cSyncDp84=1663951371; cSyncDp85=1663951371; cSyncDp95v3=1663951371; cSyncDp101=1663951371; cSyncDp104v2=1663951371; cSyncDp107=1663951371; cSyncDp110=1663951371; cSyncDp111v2=1663951371; cSyncDp112v2=1663951371; cSyncDp125v2=1663951371; cSyncDp126=1663951371; cSyncDp127=1663951371; cSyncDp129=1663951371; cSyncDp136v2=1663951371; cSyncDp138=1663951371; cSyncDp144=1663951371; cSyncDp146=1663951371; cSyncDp148=1663951371; cSyncDp149=1663951371; cSyncDp151=1663951371; cSyncDp178=1663951371; cSyncDp179=1663951371; cSyncDp186=1663951371; cSyncDp221=1663951371
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Fri, 23 Sep 2022 16:42:51 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:51 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 15:41:05 GMT
Expires: Tue, 27 Sep 2022 15:41:04 GMT
Etag: "aebee3a96cea231a0783a21220205be0b72058a7"
Cache-Control: max-age=341292,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f4bc6a4c5cb51b-OSL

                                        
                                            GET /userbind?src=sape&id=0100007F0BE22D63B800B3B30233CD9F HTTP/1.1 
Host: match.new-programmatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.65.2.150
HTTP/1.1 204 No Content
                                        
Server: nginx/1.18.0
Date: Fri, 23 Sep 2022 16:42:51 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

                                        
                                            GET /?src=sap1&s_data=CAIQARiLxLeZBmIgMDEwMDAwN0YwQkUyMkQ2M0I4MDBCM0IzMDIzM0NEOUaiARDD8a-UO14R7YbgACWQwGR8 HTTP/1.1 
Host: sync.bumlam.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRjM2YxYWY5NC0zYjVlLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.172.81.159
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:42:51 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRjM2YxYWY5NC0zYjVlLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Thu, 18 Sep 2042 16:42:51 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /sape/sync HTTP/1.1 
Host: sync.upravel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         148.251.236.115
HTTP/2 302 Found
content-type: image/png
                                        
server: nginx
date: Fri, 23 Sep 2022 16:42:51 GMT
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1663951371950;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180 session_tptc-legacy=1663951371950;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

                                        
                                            GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1 
Host: exchange.buzzoola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         168.119.8.212
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Fri, 23 Sep 2022 16:42:51 GMT
content-length: 115
location: https://www.acint.net/match?dp=126&euid=daf18238-258e-4142-605e-80e311feb14c
serverid: TODO
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   115
Md5:    666286c3402c19e35fd323047dc5e1eb
Sha1:   2423ae850a1995fda8656fd236a4b598bfb27efc
Sha256: ac7ea7f7f6960a4665eb44b4ce987bbf893837adbad169205e423c654b3a80d9
                                        
                                            GET /adsid/integrator.js?domain=filespace.ru HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.217.21.162
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Sep 2022 16:42:51 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   100
Md5:    917951a58be8c6c6f3680159550ba3c2
Sha1:   21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
Sha256: cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:51 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 27 Sep 2022 15:30:13 GMT
ETag: "a6b9e39eac6f0662daa1565d1b15c383030f8daa"
Last-Modified: Fri, 23 Sep 2022 15:30:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1495
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f4bc6adbc3b4f3-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    45eaa9201636f5a9aadd683cb07a49fe
Sha1:   a6b9e39eac6f0662daa1565d1b15c383030f8daa
Sha256: 0671963dca70dc50954dfbc1e3efb7a268ed490149fb8dc982fafe43eacc5773
                                        
                                            GET /watch/27873789/1?wmode=7&page-url=http%3A%2F%2Ffilespace.ru%2Fgames%2Fhl2%2Fmods%2Fsingle%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildvcz5k%3Afp%3A1379%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A429046138773%3Ahid%3A1049088491%3Az%3A0%3Ai%3A20220923164250%3Aet%3A1663951371%3Ac%3A1%3Arn%3A577923886%3Arqn%3A1%3Au%3A1663951371840133812%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C624%2C1%2C479%2C515%2C2%2C477%2C15%2C%2C%2C%2C1587%3Ans%3A1663951368891%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663951371%3At%3AFileSpace.ru&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://filespace.ru
Referer: http://filespace.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
content-length: 461
date: Fri, 23 Sep 2022 16:42:51 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://filespace.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 23-Sep-2022 16:42:51 GMT
last-modified: Fri, 23-Sep-2022 16:42:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (461), with no line terminators
Size:   461
Md5:    3179ac891276354a9c81bb8d439494f7
Sha1:   b8be0ad6296f74329320533770a3ecd9754739e1
Sha256: d649af73712dbac8b9df996f5b9b475824ea3d770f109367e906476fcc90a3d0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0D90C8DFEECA5DAE2C8EA3C648735A85146196A74F308775D6426AA37142B0AF"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2659
Expires: Fri, 23 Sep 2022 17:27:10 GMT
Date: Fri, 23 Sep 2022 16:42:51 GMT
Connection: keep-alive

                                        
                                            GET /adsid/integrator.js?domain=filespace.ru HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.162
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Sep 2022 16:42:51 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   100
Md5:    917951a58be8c6c6f3680159550ba3c2
Sha1:   21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
Sha256: cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
                                        
                                            GET /match?dp=126&euid=daf18238-258e-4142-605e-80e311feb14c HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=uQx9GmMt4guzswC4n807AmFE2UR7H0j0S/imy148Pc6/drQx; cSyncDp7v2=1663951371; cSyncDp14v3=1663951371; cSyncDp17=1663951371; cSyncDp32=1663951371; cSyncDp45v3=1663951371; cSyncDp53=1663951371; cSyncDp54v2=1663951371; cSyncDp62=1663951371; cSyncDp67v2=1663951371; cSyncDp68=1663951371; cSyncDp71=1663951371; cSyncDp77=1663951371; cSyncDp84=1663951371; cSyncDp85=1663951371; cSyncDp95v3=1663951371; cSyncDp101=1663951371; cSyncDp104v2=1663951371; cSyncDp107=1663951371; cSyncDp110=1663951371; cSyncDp111v2=1663951371; cSyncDp112v2=1663951371; cSyncDp125v2=1663951371; cSyncDp126=1663951371; cSyncDp127=1663951371; cSyncDp129=1663951371; cSyncDp136v2=1663951371; cSyncDp138=1663951371; cSyncDp144=1663951371; cSyncDp146=1663951371; cSyncDp148=1663951371; cSyncDp149=1663951371; cSyncDp151=1663951371; cSyncDp178=1663951371; cSyncDp179=1663951371; cSyncDp186=1663951371; cSyncDp221=1663951371
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Fri, 23 Sep 2022 16:42:51 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1 
Host: sync.upravel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1663951371950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         148.251.236.115
HTTP/2 302 Found
content-type: image/png
                                        
server: nginx
date: Fri, 23 Sep 2022 16:42:52 GMT
content-length: 0
location: https://301bbc91-8a77-401c-bd66-52384d291fee.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
set-cookie: user_id=301bbc91-8a77-401c-bd66-52384d291fee;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000 user_id-legacy=301bbc91-8a77-401c-bd66-52384d291fee;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /p?ssp=sp&id=0100007F0BE22D63B800B3B30233CD9F HTTP/1.1 
Host: 0100007f0be22d63b800b3b30233cd9f-sp.ops.beeline.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.9.245.57
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Fri, 23 Sep 2022 16:42:52 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=892bbfaa-61e5-4621-8ea3-881968ae1d05
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=892bbfaa-61e5-4621-8ea3-881968ae1d05; expires=Thu, 14 Sep 2023 16:42:52 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.30
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /match?dp=111&euid=892bbfaa-61e5-4621-8ea3-881968ae1d05 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=uQx9GmMt4guzswC4n807AmFE2UR7H0j0S/imy148Pc6/drQx; cSyncDp7v2=1663951371; cSyncDp14v3=1663951371; cSyncDp17=1663951371; cSyncDp32=1663951371; cSyncDp45v3=1663951371; cSyncDp53=1663951371; cSyncDp54v2=1663951371; cSyncDp62=1663951371; cSyncDp67v2=1663951371; cSyncDp68=1663951371; cSyncDp71=1663951371; cSyncDp77=1663951371; cSyncDp84=1663951371; cSyncDp85=1663951371; cSyncDp95v3=1663951371; cSyncDp101=1663951371; cSyncDp104v2=1663951371; cSyncDp107=1663951371; cSyncDp110=1663951371; cSyncDp111v2=1663951371; cSyncDp112v2=1663951371; cSyncDp125v2=1663951371; cSyncDp126=1663951371; cSyncDp127=1663951371; cSyncDp129=1663951371; cSyncDp136v2=1663951371; cSyncDp138=1663951371; cSyncDp144=1663951371; cSyncDp146=1663951371; cSyncDp148=1663951371; cSyncDp149=1663951371; cSyncDp151=1663951371; cSyncDp178=1663951371; cSyncDp179=1663951371; cSyncDp186=1663951371; cSyncDp221=1663951371
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Fri, 23 Sep 2022 16:42:52 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /gampad/cookie.js?domain=filespace.ru&callback=_gfp_s_&client=ca-pub-8597845466791288 HTTP/1.1 
Host: partner.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filespace.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.217.21.162
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Sep 2022 16:42:52 GMT
server: cafe
cache-control: private
content-length: 202
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   202
Md5:    224e6a224d7288a1d2627b371bec661c
Sha1:   4106dcf6c9f20766ed141b03e60b24584868ce51
Sha256: cd9ddd10a47401fa64ee1195df4b93f5a76d3de6b8ecc64d2c86b49ab70b16bd
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2162
Expires: Fri, 23 Sep 2022 17:18:54 GMT
Date: Fri, 23 Sep 2022 16:42:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2162
Expires: Fri, 23 Sep 2022 17:18:54 GMT
Date: Fri, 23 Sep 2022 16:42:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2162
Expires: Fri, 23 Sep 2022 17:18:54 GMT
Date: Fri, 23 Sep 2022 16:42:52 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 68070
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8029
Md5:    02a682b4703bb9d6381c762726c05531
Sha1:   1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
Sha256: fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7005
x-amzn-requestid: c805d882-7a00-4abd-a239-d8313d7df0c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4aBwEaMIAMF09A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd6d7-6d6a417f10c9628a16d438e1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:42:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7edV0FJytVSpHH-WkCiYzhW1JP4L6i6bpPCq9MTxPdhwFQTryf06BQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:53:16 GMT
age: 67776
etag: "4584bff61bf4d5c9b8fd3b97c048a8e6975e4323"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7005
Md5:    1985a957e6bc0c15d8489fa731e7f14e
Sha1:   4584bff61bf4d5c9b8fd3b97c048a8e6975e4323
Sha256: 9f3e1fd6e18d85d4f6645d077da643a3bc2cca611d5e85f534ba798102dca243
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 66686
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5340
Md5:    3b318ea5c36d2b22b925f7dfe382df5f
Sha1:   0264e73c4cfff0bb255757c7e1c760a5ad3ece80
Sha256: 0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 66924
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10127
Md5:    b877ead4a15221fdd278ef27f281a7ec
Sha1:   48c10714503e8dfdd3e3c3d39b919ef2792f0d15
Sha256: f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8497
x-amzn-requestid: 8543ac70-48ab-4523-856f-5d5fa1191c97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yin-pEryoAMFTfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324205d-660bba3f655f940d143bc437;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:06:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e9KUFhjuFMzjuh37rFiNKaMNVaGZwPGBkLrv0zgfSTT7dCIuWj4G9Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:27 GMT
age: 66685
etag: "d47db5fcd83023b4a8de40a47d4510e183de387a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8497
Md5:    7606ff88f05062b66970d9805f38987a
Sha1:   d47db5fcd83023b4a8de40a47d4510e183de387a
Sha256: 20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:48 GMT
age: 66664
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14579
Md5:    f10a12719b387d176497669ba75f0acc
Sha1:   16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
Sha256: 0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f
                                        
                                            GET /sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP/1.1 
Host: 301bbc91-8a77-401c-bd66-52384d291fee.sync.upravel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1663951371950; user_id=301bbc91-8a77-401c-bd66-52384d291fee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         78.46.16.13
HTTP/2 302 Found
content-type: image/png
                                        
server: nginx
date: Fri, 23 Sep 2022 16:42:52 GMT
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=301bbc91-8a77-401c-bd66-52384d291fee;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000 user_id-legacy=301bbc91-8a77-401c-bd66-52384d291fee;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=301bbc91-8a77-401c-bd66-52384d291fee
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /match?dp=71&euid=301bbc91-8a77-401c-bd66-52384d291fee HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=uQx9GmMt4guzswC4n807AmFE2UR7H0j0S/imy148Pc6/drQx; cSyncDp7v2=1663951371; cSyncDp14v3=1663951371; cSyncDp17=1663951371; cSyncDp32=1663951371; cSyncDp45v3=1663951371; cSyncDp53=1663951371; cSyncDp54v2=1663951371; cSyncDp62=1663951371; cSyncDp67v2=1663951371; cSyncDp68=1663951371; cSyncDp71=1663951371; cSyncDp77=1663951371; cSyncDp84=1663951371; cSyncDp85=1663951371; cSyncDp95v3=1663951371; cSyncDp101=1663951371; cSyncDp104v2=1663951371; cSyncDp107=1663951371; cSyncDp110=1663951371; cSyncDp111v2=1663951371; cSyncDp112v2=1663951371; cSyncDp125v2=1663951371; cSyncDp126=1663951371; cSyncDp127=1663951371; cSyncDp129=1663951371; cSyncDp136v2=1663951371; cSyncDp138=1663951371; cSyncDp144=1663951371; cSyncDp146=1663951371; cSyncDp148=1663951371; cSyncDp149=1663951371; cSyncDp151=1663951371; cSyncDp178=1663951371; cSyncDp179=1663951371; cSyncDp186=1663951371; cSyncDp221=1663951371
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Fri, 23 Sep 2022 16:42:52 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfwviLWO4ALOzAjPNnw HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.217.21.162
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 23 Sep 2022 16:42:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   170
Md5:    e7673c60af825466f83d46da72ca1635
Sha1:   fc0fcbee0835709ba2d28798a612bfd687903fb5
Sha256: 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:52 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 27 Sep 2022 15:52:45 GMT
ETag: "b900ff9eadcd59e187282ff3857c85d7d9519ddd"
Last-Modified: Fri, 23 Sep 2022 15:52:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2602
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f4bc6e9803b4f3-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    78062f2b46f4d08d7d3dae6c8c81ecb6
Sha1:   b900ff9eadcd59e187282ff3857c85d7d9519ddd
Sha256: 743e9af7ce24d69b344b9334cea1bf607d6fb75928693609f6dae2bf83041a0c
                                        
                                            GET /cookie_matching_ssp/Sape-dsp/0100007F0BE22D63B800B3B30233CD9F HTTP/1.1 
Host: fcgi4.gnezdo.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.95.102.105
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 23 Sep 2022 16:42:52 GMT
set-cookie: uid=XV9maWMt4gw6I4Y1qWV9Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1255
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 16:42:52 GMT
Last-Modified: Fri, 23 Sep 2022 16:21:57 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:52 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 16:18:19 GMT
Expires: Thu, 29 Sep 2022 16:18:18 GMT
Etag: "3cba20e0b1d62b3ac03751652bc9254ae9cd40c3"
Cache-Control: max-age=603212,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1599
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f4bc6ec8400b45-OSL

                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:52 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 27 Sep 2022 15:36:59 GMT
ETag: "033a078da2664c16cba6a0c56659e42da882900a"
Last-Modified: Fri, 23 Sep 2022 15:37:00 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1479
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f4bc6eef5b1c12-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    87f7d867c30e968c3d62805ecf751396
Sha1:   033a078da2664c16cba6a0c56659e42da882900a
Sha256: cee0b31b64cab56ff5e9bcc5d0079b9836251a5f29f76ea13a30d29c0b76aeda
                                        
                                            GET /cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F0BE22D63B800B3B30233CD9F HTTP/1.1 
Host: ssp.adriver.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.209.111.13
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:42:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5998
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 16:42:52 GMT
Last-Modified: Fri, 23 Sep 2022 15:02:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1 
Host: sync.adkernel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         77.245.57.72
HTTP/1.1 200 OK
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:42:52 GMT
Content-Length: 0
Connection: close

                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:52 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 27 Sep 2022 15:51:13 GMT
ETag: "05865b049673c91ca1f928574e7f4ca0e1fdbbf6"
Last-Modified: Fri, 23 Sep 2022 15:51:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 425
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f4bc6f1890b4f3-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    b78a7c64b913ac3f1767b397502ac86b
Sha1:   05865b049673c91ca1f928574e7f4ca0e1fdbbf6
Sha256: f9cfdd6f0b75357b1c8703349e589d46e8efdbb792cb3aa82edadd4688160f5b
                                        
                                            GET /cm.gif?p=48&id=0100007F0BE22D63B800B3B30233CD9F HTTP/1.1 
Host: ad.mail.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.163.41.56
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Fri, 23 Sep 2022 16:42:52 GMT
content-length: 43
set-cookie: VID=2_dFl_3m2K2C002DR82SyQYC:::0-0-0-8483acc:CAASECSTL4xYFRroHr08bLfPtjsaYMyrWSxYOLMd585ncpX9PrkiMR3_l5ki82P2IqjEJiEw5hU__tQCwyYtVa3RDuMfpswpQjAmnojx_6L0JRR02nWE-pTkmMBb3uAKOg8kBG4a0geNfNLi9lZOXJZDMBpqdw; path=/; expires=Sun, 24-Sep-23 16:42:52 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Fri, 23 Sep 2022 22:42:52 GMT
cache-control: max-age=21600
last-modified: Fri, 23 Sep 2022 16:42:52 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "87CC1ED52F443895E5D7615695D2D1162E0BD93EDF17990029727E52CE33256B"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17949
Expires: Fri, 23 Sep 2022 21:42:01 GMT
Date: Fri, 23 Sep 2022 16:42:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:52 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 14:18:44 GMT
Expires: Tue, 27 Sep 2022 14:18:43 GMT
Etag: "6a95016d800f003c5a9be4fb1a806178aeb263b3"
Cache-Control: max-age=336350,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f4bc6ef85f0b45-OSL

                                        
                                            GET /sync HTTP/1.1 
Host: sape-sync.rutarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         46.243.142.239
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:42:52 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=1sXkaPJwoMoN
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=1sXkaPJwoMoN; Path=/; Domain=.rutarget.ru; Expires=Wed, 22 Mar 2023 16:42:52 GMT; SameSite=None; Secure

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:52 GMT
Content-Length: 938
Connection: keep-alive
Expires: Tue, 27 Sep 2022 15:40:05 GMT
ETag: "856c888bace8f23e0408dbefa5f690675192ada8"
Last-Modified: Fri, 23 Sep 2022 15:40:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2003
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f4bc6f48b8b4f3-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Fri, 23 Sep 2022 16:42:52 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 22 Sep 2022 23:20:49 GMT
Expires: Fri, 23 Sep 2022 23:20:49 GMT
ETag: "fdcf37ff0e62f2aada44afc646c8bab91610906f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    22b0277441c57b57470c2eb25deabcdb
Sha1:   fdcf37ff0e62f2aada44afc646c8bab91610906f
Sha256: 767a76610f0407aec6a56a929e469eab929b774cd4a77a454c617e6c754860ee
                                        
                                            GET /match?dp=104&euid=1sXkaPJwoMoN HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=uQx9GmMt4guzswC4n807AmFE2UR7H0j0S/imy148Pc6/drQx; cSyncDp7v2=1663951371; cSyncDp14v3=1663951371; cSyncDp17=1663951371; cSyncDp32=1663951371; cSyncDp45v3=1663951371; cSyncDp53=1663951371; cSyncDp54v2=1663951371; cSyncDp62=1663951371; cSyncDp67v2=1663951371; cSyncDp68=1663951371; cSyncDp71=1663951371; cSyncDp77=1663951371; cSyncDp84=1663951371; cSyncDp85=1663951371; cSyncDp95v3=1663951371; cSyncDp101=1663951371; cSyncDp104v2=1663951371; cSyncDp107=1663951371; cSyncDp110=1663951371; cSyncDp111v2=1663951371; cSyncDp112v2=1663951371; cSyncDp125v2=1663951371; cSyncDp126=1663951371; cSyncDp127=1663951371; cSyncDp129=1663951371; cSyncDp136v2=1663951371; cSyncDp138=1663951371; cSyncDp144=1663951371; cSyncDp146=1663951371; cSyncDp148=1663951371; cSyncDp149=1663951371; cSyncDp151=1663951371; cSyncDp178=1663951371; cSyncDp179=1663951371; cSyncDp186=1663951371; cSyncDp221=1663951371
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Fri, 23 Sep 2022 16:42:52 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /p?ssp=sape&id=0100007F0BE22D63B800B3B30233CD9F HTTP/1.1 
Host: sm.rtb.mts.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.66.147.36
HTTP/1.1 301 Moved Permanently
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:53:47 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F0BE22D63B800B3B30233CD9F
Set-Cookie: dspid=1055d514-12ba-45ce-a192-d497002d37b5; expires=Thu, 14 Sep 2023 16:42:52 GMT; domain=.mts.ru; path=/; secure; SameSite=None

                                        
                                            GET /0.gif?pid=9401454&id=0100007F0BE22D63B800B3B30233CD9F HTTP/1.1 
Host: x01.aidata.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         89.108.119.43
HTTP/2 302 Found
                                        
server: nginx
date: Fri, 23 Sep 2022 16:42:52 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=0100007F0BE22D63B800B3B30233CD9F&bounce=1
expires: Fri, 23 Sep 2022 16:42:51 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Fri, 23 Sep 2022 16:42:51 GMT
set-cookie: __upin=kSZn79dAqdq3/MeTrBnQiQ;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure __upints=1663951372;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D3FFA9A34962536A8EFFF86FB04D44634D81B1BDD19B73E99899DA7D7C3E2EB8"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16050
Expires: Fri, 23 Sep 2022 21:10:22 GMT
Date: Fri, 23 Sep 2022 16:42:52 GMT
Connection: keep-alive

                                        
                                            GET /p/cm/sape?u=0100007F0BE22D63B800B3B30233CD9F HTTP/1.1 
Host: px.adhigh.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         193.232.150.149
HTTP/2 302 Found
                                        
server: nginx
date: Fri, 23 Sep 2022 16:42:52 GMT
content-length: 0
x-backend-id: f16-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=LdoNWElCXCi.AikABlGDazsBqw;Path=/;Domain=.adhigh.net;Expires=Sat, 23-Sep-2023 16:42:52 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=0100007F0BE22D63B800B3B30233CD9F&bounced=1
X-Firefox-Spdy: h2

                                        
                                            GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP/1.1 
Host: redirect.frontend.weborama.fr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.24.218
HTTP/2 302 Found
                                        
server: Weborama Collect Frontend
date: Fri, 23 Sep 2022 16:42:51 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=267677449
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Fri, 23 Sep 2022 16:42:52 GMT
set-cookie: AFFICHE_W=gkax8C@wkPSC62; expires=Sat, 21 Oct 2023 16:42:52 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:52 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 16:09:20 GMT
Expires: Fri, 30 Sep 2022 16:09:19 GMT
Etag: "9e1a63ac26855e427ec1a0ad6b46d5637dee89e4"
Cache-Control: max-age=602186,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f4bc6e7a42b51b-OSL

                                        
                                            GET /adcm.js HTTP/1.1 
Host: tag.digitaltarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.15.175.130
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:42:52 GMT
Content-Length: 3051
Last-Modified: Fri, 23 Sep 2022 16:34:56 GMT
Connection: keep-alive
ETag: "632de030-beb"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (3051), with no line terminators
Size:   3051
Md5:    e7097284185069f52fc736bcd50cda13
Sha1:   1cdfdf2d869841202079ddf91e0a00a8610812e6
Sha256: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 16:42:52 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 16:09:20 GMT
Expires: Fri, 30 Sep 2022 16:09:19 GMT
Etag: "9e1a63ac26855e427ec1a0ad6b46d5637dee89e4"
Cache-Control: max-age=602186,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f4bc6e9a93b4f7-OSL

                                        
                                            GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1 
Host: ad.adriver.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.209.108.37
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Fri, 23 Sep 2022 16:42:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-4389527601; expires=Sun, 22 Sep 2024 16:42:52 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4389527601
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

                                        
                                            GET /match/second?ssp=30&exu=0100007F0BE22D63B800B3B30233CD9F HTTP/1.1 
Host: sm.rtb.mts.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.66.147.36
HTTP/1.1 301 Moved Permanently
                                        
Server: nginx
Date: Fri, 23 Sep 2022 16:53:47 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://tech.rtb.mts.ru/

                                        
                                            GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=267677449 HTTP/1.1 
Host: redirect.frontend.weborama.fr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.24.218
HTTP/2 204 No Content
                                        
server: Weborama Collect Frontend
date: Fri, 23 Sep 2022 16:42:51 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Fri, 23 Sep 2022 16:42:52 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         188.42.191.196
HTTP/2 302 Found
                                        
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 23 Sep 2023 16:42:52 GMT; Path=/; Domain=.betweendigital.com tuuid=f255ac2a-1c78-520a-8061-5d59e34cbf55; Max-Age=31536000; Expires=Sat, 23 Sep 2023 16:42:52 GMT; Path=/; Domain=.betweendigital.com ut=Yy3iDAALtBitEJtBioMMRs4kdxRBg72DP467ng==; Max-Age=31536000; Expires=Sat, 23 Sep 2023 16:42:52 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /0.gif?pid=9401454&id=0100007F0BE22D63B800B3B30233CD9F&bounce=1 HTTP/1.1 
Host: x01.aidata.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         89.108.119.43
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 23 Sep 2022 16:42:52 GMT
expires: Fri, 23 Sep 2022 16:42:51 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Fri, 23 Sep 2022 16:42:51 GMT
set-cookie: __upin=IbN0PqtI6/SC5sybpidLrw;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure __upints=1663951372;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

                                        
                                            GET /match?dp=129&euid=k0hghjvvhj HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=uQx9GmMt4guzswC4n807AmFE2UR7H0j0S/imy148Pc6/drQx; cSyncDp7v2=1663951371; cSyncDp14v3=1663951371; cSyncDp17=1663951371; cSyncDp32=1663951371; cSyncDp45v3=1663951371; cSyncDp53=1663951371; cSyncDp54v2=1663951371; cSyncDp62=1663951371; cSyncDp67v2=1663951371; cSyncDp68=1663951371; cSyncDp71=1663951371; cSyncDp77=1663951371; cSyncDp84=1663951371; cSyncDp85=1663951371; cSyncDp95v3=1663951371; cSyncDp101=1663951371; cSyncDp104v2=1663951371; cSyncDp107=1663951371; cSyncDp110=1663951371; cSyncDp111v2=1663951371; cSyncDp112v2=1663951371; cSyncDp125v2=1663951371; cSyncDp126=1663951371; cSyncDp127=1663951371; cSyncDp129=1663951371; cSyncDp136v2=1663951371; cSyncDp138=1663951371; cSyncDp144=1663951371; cSyncDp146=1663951371; cSyncDp148=1663951371; cSyncDp149=1663951371; cSyncDp151=1663951371; cSyncDp178=1663951371; cSyncDp179=1663951371; cSyncDp186=1663951371; cSyncDp221=1663951371
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Fri, 23 Sep 2022 16:42:52 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match?bidder_id=73&external_user_id=0100007F0BE22D63B800B3B30233CD9F HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         188.42.191.196
HTTP/2 302 Found
                                        
location: /match?bidder_id=73&external_user_id=0100007F0BE22D63B800B3B30233CD9F&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 23 Sep 2023 16:42:52 GMT; Path=/; Domain=.betweendigital.com tuuid=2b7d782b-0f55-520a-afe7-5370cccab17c; Max-Age=31536000; Expires=Sat, 23 Sep 2023 16:42:52 GMT; Path=/; Domain=.betweendigital.com ut=Yy3iDAAMFcAFgHNEKQYaXCTVpC8k9LxPNcf4cw==; Max-Age=31536000; Expires=Sat, 23 Sep 2023 16:42:52 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /p/cm/sape?u=0100007F0BE22D63B800B3B30233CD9F&bounced=1 HTTP/1.1 
Host: px.adhigh.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         193.232.150.149
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Fri, 23 Sep 2022 16:42:52 GMT
content-length: 49
x-backend-id: f16-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   49
Md5:    889bc1fffc025af4685839fb516a0b8b
Sha1:   7f105137a4eafe93213ecd8cc34dd907c340467c
Sha256: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
                                        
                                            GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1 
Host: ads.betweendigital.com