Overview

URL www.chersonesos.org/?p=ct_map35
IP185.9.147.100
ASNLLC Smart Ape
Location Russia
Report completed2022-09-21 10:41:27 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-21 2 www.chersonesos.org/scripts/rus_menu.js Malware
2022-09-21 2 www.chersonesos.org/js/functions.js Malware
2022-09-21 2 www.chersonesos.org/scripts/fw_menu.js Malware
2022-09-21 2 www.chersonesos.org/js/fancybox/jquery.fancybox.js Malware
2022-09-21 2 www.chersonesos.org/js/jquery-1.11.0.min.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (60)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS sape-sync.rutarget.ru (1) 173587 2018-08-07 14:11:47 UTC 2022-09-21 00:23:03 UTC 188.72.107.156
mnemonic passive DNS dmg.digitaltarget.ru (4) 21471 2015-04-23 14:50:51 UTC 2022-09-21 08:19:24 UTC 185.15.175.145
mnemonic passive DNS r3.o.lencr.org (19) 344 2020-12-02 08:52:13 UTC 2022-09-21 04:18:22 UTC 23.36.76.226
mnemonic passive DNS a.utraff.com (1) 39874 2020-01-25 04:23:15 UTC 2022-09-21 08:22:50 UTC 104.21.59.66
mnemonic passive DNS ad.mail.ru (1) 7643 2012-06-22 19:38:09 UTC 2022-09-21 08:19:23 UTC 95.163.41.56
mnemonic passive DNS sync.dmp.otm-r.com (1) 19534 2017-02-03 07:19:51 UTC 2022-09-21 08:47:50 UTC 138.201.65.74
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-21 04:18:25 UTC 143.204.55.27
mnemonic passive DNS ssp.bestssp.com (1) 90974 2017-06-10 08:55:20 UTC 2022-09-21 08:19:25 UTC 185.147.80.35
mnemonic passive DNS acint.net (2) 22962 2014-02-14 21:23:16 UTC 2022-09-21 06:24:30 UTC 185.12.125.26
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-21 04:20:37 UTC 34.117.237.239
mnemonic passive DNS ocsp.usertrust.com (1) 899 2012-05-21 15:43:18 UTC 2022-09-21 04:23:05 UTC 172.64.155.188
mnemonic passive DNS ad.adriver.ru (2) 19548 2012-08-31 17:10:27 UTC 2022-09-21 08:19:25 UTC 195.209.108.38
mnemonic passive DNS s.uuidksinc.net (1) 3423 2015-07-20 12:00:35 UTC 2022-09-21 08:08:42 UTC 31.220.27.134
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-21 04:20:37 UTC 44.237.239.70
mnemonic passive DNS px.adhigh.net (2) 10272 2013-01-03 21:02:08 UTC 2022-09-21 08:47:50 UTC 193.232.150.60
mnemonic passive DNS www.acint.net (17) 29072 2014-02-14 21:23:16 UTC 2022-09-21 04:30:15 UTC 185.12.125.26
mnemonic passive DNS mc.yandex.ru (4) 2672 2017-01-29 05:34:36 UTC 2022-09-21 08:08:08 UTC 87.250.251.119
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-21 10:02:25 UTC 93.184.220.29
mnemonic passive DNS tech.rtb.mts.ru (1) 27360 2017-04-17 12:41:30 UTC 2022-09-21 08:47:52 UTC 213.87.44.187
mnemonic passive DNS 5c84e6de-55c4-4bba-8064-951442aa780d.sync.upravel.com (1) 0 No data No data 136.243.48.22 Domain (upravel.com) ranked at: 27764
mnemonic passive DNS ssp.bidvol.com (1) 31817 2020-02-22 12:37:29 UTC 2022-09-21 00:23:03 UTC 65.109.23.99
mnemonic passive DNS adlmerge.com (1) 146521 2017-04-06 07:10:27 UTC 2022-09-21 00:23:03 UTC 95.211.66.35
mnemonic passive DNS sm.rtb.mts.ru (1) 27154 2019-03-26 14:10:01 UTC 2022-09-21 08:47:50 UTC 217.66.147.165
mnemonic passive DNS cs.agency2.ru (1) 0 2022-04-29 14:24:02 UTC 2022-09-21 00:23:03 UTC 23.111.107.44 Unknown ranking
mnemonic passive DNS status.thawte.com (1) 5123 2017-11-27 12:33:51 UTC 2022-09-21 05:07:24 UTC 93.184.220.29
mnemonic passive DNS ads.betweendigital.com (4) 1571 2012-10-30 05:08:04 UTC 2022-09-21 08:47:47 UTC 188.42.191.196
mnemonic passive DNS sync.upravel.com (2) 28097 2017-05-29 09:13:46 UTC 2022-09-21 08:47:50 UTC 88.198.16.238
mnemonic passive DNS fcgi4.gnezdo.ru (1) 69027 2020-06-11 12:55:54 UTC 2022-09-21 00:23:03 UTC 93.95.102.105
mnemonic passive DNS x01.aidata.io (2) 12188 2016-03-31 15:36:46 UTC 2022-09-21 08:19:23 UTC 89.108.119.43
mnemonic passive DNS dmp.gotechnology.io (1) 48839 2019-06-17 16:08:58 UTC 2022-09-21 08:23:37 UTC 142.132.209.136
mnemonic passive DNS ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-09-21 04:20:12 UTC 142.250.74.3
mnemonic passive DNS cm.g.doubleclick.net (1) 202 2013-05-30 23:19:45 UTC 2022-09-21 10:01:31 UTC 142.250.74.34
mnemonic passive DNS tag.digitaltarget.ru (2) 98193 2015-07-21 14:24:58 UTC 2022-09-21 00:23:03 UTC 185.15.175.174
mnemonic passive DNS www.chersonesos.org (13) 0 2013-08-20 23:04:29 UTC 2022-06-25 21:42:14 UTC 185.9.147.100 Unknown ranking
mnemonic passive DNS yastatic.net (1) 72282 2014-03-11 07:15:28 UTC 2022-09-21 08:14:45 UTC 178.154.131.215
mnemonic passive DNS nr.bidderstack.com (1) 352019 2019-02-11 14:43:50 UTC 2022-09-21 08:08:42 UTC 148.251.217.100
mnemonic passive DNS sync.adkernel.com (1) 4993 2017-04-19 09:25:22 UTC 2022-09-21 06:03:59 UTC 77.245.57.72
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-21 04:18:32 UTC 143.204.55.35
mnemonic passive DNS d5.ca.b2.a1.top.list.ru (1) 0 2013-09-27 02:01:33 UTC 2014-12-22 10:38:03 UTC 95.163.52.67 Domain (list.ru) ranked at: 153031
mnemonic passive DNS stat.adlabs.ru (1) 200922 2012-07-23 15:58:30 UTC 2022-09-21 00:23:03 UTC 109.248.237.37
mnemonic passive DNS match.new-programmatic.com (1) 33613 2020-02-18 20:50:06 UTC 2022-09-21 08:47:50 UTC 217.65.2.150
mnemonic passive DNS ocsp2.globalsign.com (2) 1544 2012-05-21 07:12:19 UTC 2022-09-21 04:56:28 UTC 104.18.20.226
mnemonic passive DNS top-fwz1.mail.ru (2) 8936 No data No data 95.163.52.67
mnemonic passive DNS ocsp.sectigo.com (3) 487 2018-12-17 11:31:55 UTC 2022-09-21 09:26:53 UTC 104.18.32.68
mnemonic passive DNS exchange.buzzoola.com (1) 18389 2014-10-17 15:20:27 UTC 2022-09-21 08:47:50 UTC 88.198.31.232
mnemonic passive DNS mediatoday.ru (1) 136083 2013-05-20 20:53:32 UTC 2022-09-21 00:23:03 UTC 139.45.228.100
mnemonic passive DNS 89b803c14dea2a63dc036c67029ca6f2-sp.ops.beeline.ru (1) 0 No data No data 37.9.245.57 Domain (beeline.ru) ranked at: 20964
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-21 04:18:21 UTC 34.120.237.76
mnemonic passive DNS an.yandex.ru (2) 2577 2017-01-30 05:11:51 UTC 2022-09-21 07:10:12 UTC 213.180.193.90
mnemonic passive DNS ads.adlook.me (1) 43352 2018-11-28 12:50:19 UTC 2022-09-21 00:23:03 UTC 5.200.43.131
mnemonic passive DNS sync.republer.com (1) 45392 2015-04-29 11:49:27 UTC 2022-09-21 04:30:15 UTC 23.88.82.46
mnemonic passive DNS status.geotrust.com (1) 3662 2017-12-01 08:55:31 UTC 2022-09-21 04:28:33 UTC 93.184.220.29
mnemonic passive DNS ssp-rtb.sape.ru (1) 31166 2016-02-02 17:01:03 UTC 2022-09-21 09:33:30 UTC 193.3.184.135
mnemonic passive DNS sync.1dmp.io (2) 10017 2016-02-09 11:52:58 UTC 2022-09-21 08:19:24 UTC 136.243.148.229
mnemonic passive DNS ssp.adriver.ru (2) 12439 2014-01-10 13:39:33 UTC 2022-09-21 08:19:24 UTC 195.209.111.13
mnemonic passive DNS yandex.st (1) 46311 No data No data 178.154.131.215
mnemonic passive DNS counter.yadro.ru (2) 7275 2014-09-09 18:41:17 UTC 2022-09-21 05:57:56 UTC 88.212.202.52
mnemonic passive DNS ocsp.globalsign.com (6) 2075 2012-05-25 06:20:55 UTC 2022-09-21 04:23:28 UTC 104.18.20.226
mnemonic passive DNS dm-eu.hybrid.ai (1) 28847 2021-01-25 11:48:59 UTC 2022-09-21 08:19:23 UTC 37.18.103.21
mnemonic passive DNS sync.bumlam.com (2) 3243 2015-08-10 21:04:25 UTC 2022-09-21 08:19:24 UTC 31.172.81.159


Recent reports on same IP/ASN/Domain/Screenshot

Last 4 reports on IP: 185.9.147.100

Date UQ / IDS / BL URL IP
2022-09-21 10:41:27 +0000
0 - 0 - 5 www.chersonesos.org/?p=ct_map35 185.9.147.100
2022-09-07 04:45:33 +0000
0 - 0 - 24 armmountstravel.com/js/ 185.9.147.100
2022-09-06 18:19:43 +0000
0 - 0 - 25 armmountstravel.com/js/ 185.9.147.100
2022-09-02 15:47:11 +0000
0 - 0 - 24 armmountstravel.com/js/ 185.9.147.100

Last 5 reports on ASN: LLC Smart Ape

Date UQ / IDS / BL URL IP
2022-12-01 08:14:49 +0000
0 - 0 - 4 dappsradar.biz/ 188.127.225.100
2022-11-30 04:10:59 +0000
0 - 0 - 5 you-computer.ru/ 188.127.249.34
2022-11-29 10:29:54 +0000
0 - 0 - 1 winhost.xyz/update/update.rar 94.198.54.48
2022-11-28 20:13:24 +0000
0 - 0 - 0 www.ferkslalerkks.online 188.127.225.100
2022-11-07 15:25:10 +0000
0 - 0 - 1 gdqqbxgte2cmm3xzs3xsq4d0fhzmwe.sodfzultdbcbky (...) 188.127.254.1

Last 1 reports on domain: chersonesos.org

Date UQ / IDS / BL URL IP
2022-09-21 10:41:27 +0000
0 - 0 - 5 www.chersonesos.org/?p=ct_map35 185.9.147.100

No other reports with similar screenshot



JavaScript

Executed Scripts (27)


Executed Evals (0)


Executed Writes (11)

#1 JavaScript::Write (size: 119, repeated: 1) - SHA256: 638d13d5cf9bcf46f088c7e63ac1ab6153a0c4f5c29ce97c3a56bae7d2fbf9b5

                                        < a class href = "?p=history"
onMouseOut = "FW_startTimeout();"
onMouseOver = "window.FW_showMenu(window.fw_menu_0,228,200);" >
                                    

#2 JavaScript::Write (size: 111, repeated: 1) - SHA256: ff3cfb91ac87c6c7b001b1db261c9def5515dba4aacad4110d09f67ce7c95f2a

                                        < a href = "?p=excav"
onMouseOut = "FW_startTimeout();"
onMouseOver = "window.FW_showMenu(window.fw_menu_1,353,200);" >
                                    

#3 JavaScript::Write (size: 112, repeated: 1) - SHA256: d56e00f4b54928bcda62b64bd22f31a63ad153035d5254f06006fa6bc2ec1757

                                        < a href = "?p=museum"
onMouseOut = "FW_startTimeout();"
onMouseOver = "window.FW_showMenu(window.fw_menu_2,473,200);" >
                                    

#4 JavaScript::Write (size: 110, repeated: 1) - SHA256: d70372a157f58f3a4053ad964c7e9b8ec995539067b061aaa0f1760a8d82dd21

                                        < a href = "?p=park"
onMouseOut = "FW_startTimeout();"
onMouseOver = "window.FW_showMenu(window.fw_menu_3,583,200);" >
                                    

#5 JavaScript::Write (size: 110, repeated: 1) - SHA256: 1671cf7778960e86595ae51fb06a4c9e38a9fb7be8a20a0b245ec487be1ef28c

                                        < a href = "?p=city"
onMouseOut = "FW_startTimeout();"
onMouseOver = "window.FW_showMenu(window.fw_menu_4,728,200);" >
                                    

#6 JavaScript::Write (size: 5, repeated: 1) - SHA256: 454d2afd4b550c2fa634518d303c473a5ca5605ff9aec05eeef33b88fd4cbcd9

                                        <!--
                                    

#7 JavaScript::Write (size: 32, repeated: 1) - SHA256: c887c2c24ec58c642c1cfc953c9bafa687207a5305adc9b214dfe9aebbb55782

                                        < SPAN ID = "menuContainer" > < /SPAN>
                                    

#8 JavaScript::Write (size: 111, repeated: 1) - SHA256: 5d213d3edd30da3e9e66903a9d8eee2c5d62c0e13d620d151a1eda37f9b23e8d

                                        < a href = "?p=chora"
onMouseOut = "FW_startTimeout();"
onMouseOver = "window.FW_showMenu(window.fw_menu_5,843,200);" >
                                    

#9 JavaScript::Write (size: 109, repeated: 1) - SHA256: df87f5e228d338a5b8e97b51ecd3966c70cbd426d46215c8095ab7d9ee6b655c

                                        < a href = "?p=out"
onMouseOut = "FW_startTimeout();"
onMouseOver = "window.FW_showMenu(window.fw_menu_6,883,200);" >
                                    

#10 JavaScript::Write (size: 532, repeated: 1) - SHA256: d809da581b1d7c14664e4fc0f3d12a15505187aedc7361c27981af310044ee27

                                        < a href = 'http://www.liveinternet.ru/click'
target = _blank > < img src = 'http://counter.yadro.ru/hit?t16.2;r;s1280*1024*24;uhttp%3A//www.chersonesos.org/%3Fp%3Dct_map35;i%u0416%u0436%u041C%u043E%u043D%u0435%u0442%u043D%u044B%u0439%20%u0434%u0432%u043E%u0440%20-%20%u0413%u043E%u0440%u043E%u0434%u0438%u0449%u0435%20-%20%u041E%20%u0425%u0435%u0440%u0441%u043E%u043D%u0435%u0441%u0435;0.9102738573072036'
border = 0 width = 88 height = 31 alt = ''
title = 'LiveInternet: ?>:070=> G8A;> ?@>A<>B@>2 70 24 G0A0, ?>A5B8B5;59 70 24 G0A0 8 70 A53>4=O' > < /a>
                                    

#11 JavaScript::Write (size: 239, repeated: 1) - SHA256: bfdaf3e5fe373c3d48a78cc9a0a9678fc05201aa1189431685dc880a9e305a5b

                                        < a href = "http://top.mail.ru/jump?from=1221995"
target = _top > < img src = "http://d5.ca.b2.a1.top.list.ru/counter?id=1221995;t=51;js=13;r=;j=false;s=1280*1024;d=24;rand=0.32849768360931497"
alt = " 59B8=3@Mail.ru"
border = 0 height = 31 width = 88 / > < /a>
                                    


HTTP Transactions (144)


Request Response
                                        
                                            GET /?p=ct_map35 HTTP/1.1 
Host: www.chersonesos.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         185.9.147.100
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (687), with CRLF, LF line terminators
Size:   17554
Md5:    5d7668d5e288b2e329bdc9c339bc9fb1
Sha1:   cf20c16b5b98ba528c926e6b56b8a517ae7b1041
Sha256: ff8ef2280ef7751c1b651b5cc4c2afd53faf00ad6f8eb746ef25d69ad3238393
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8455
Expires: Wed, 21 Sep 2022 13:02:11 GMT
Date: Wed, 21 Sep 2022 10:41:16 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 10:13:33 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: J8wQKDV8sIxK6sW4FqhYetF2EfVv8bI7_V4aU4849TLDrRQkqrfavQ==
Age: 1663


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 27goC5EBGhr52P9bp1FPveX3q-3mf_ukaK1_0SVQ79RUAD6rbwtS2w==
age: 21963
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 21 Sep 2022 10:41:17 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /css/styles.css HTTP/1.1 
Host: www.chersonesos.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

                                         
                                         185.9.147.100
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Length: 4735
Last-Modified: Wed, 22 Mar 2017 18:07:44 GMT
Connection: keep-alive
ETag: "58d2bd70-127f"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   4735
Md5:    eb329bbdbbd165bad95406c950f853cf
Sha1:   137daeb8b5db81efc37cdb9f4dd1fae56fedff31
Sha256: 5f486b0a280f5701dae82dc8d0a9673b9c7769791569955dfcb8289d5686cd86
                                        
                                            GET /scripts/rus_menu.js HTTP/1.1 
Host: www.chersonesos.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

                                         
                                         185.9.147.100
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Length: 6912
Last-Modified: Tue, 12 Apr 2016 13:05:08 GMT
Connection: keep-alive
ETag: "570cf284-1b00"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  exported SGML document, Unicode text, UTF-8 text
Size:   6912
Md5:    9571f8897ea86a7f1725334aa2d9e296
Sha1:   6fd79886536bb66ab150c58bbe0dfb85f5b447e9
Sha256: 8bc1c6526c669449a5d8ba7a84d9c138e958ee40f0e120e004ac2d82ec0d19af

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/fancybox/jquery.fancybox.css HTTP/1.1 
Host: www.chersonesos.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

                                         
                                         185.9.147.100
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Length: 4895
Last-Modified: Tue, 12 Apr 2016 13:04:35 GMT
Connection: keep-alive
ETag: "570cf263-131f"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   4895
Md5:    6c55951ce1e3115711f63f99b7501f3a
Sha1:   5f163444617b6cf267342f06ac166a237bb62df9
Sha256: 968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
                                        
                                            GET /js/functions.js HTTP/1.1 
Host: www.chersonesos.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

                                         
                                         185.9.147.100
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Length: 171
Last-Modified: Tue, 12 Apr 2016 13:04:33 GMT
Connection: keep-alive
ETag: "570cf261-ab"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   171
Md5:    ec1044dab977233ad1542845205c47cd
Sha1:   15615f10d470477b48a1b729c95e6b454fb06c2d
Sha256: 88528a08a06c7366b362974b7f5edda5005d5c8be2609cc4d5352d91739047e7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /share/share.js HTTP/1.1 
Host: yandex.st
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/

                                         
                                         178.154.131.215
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx/1.17.9
Date: Wed, 21 Sep 2022 10:41:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=216013
Content-Encoding: gzip
Etag: W/"db7132f94e4730c128b638f72b46c899"
Expires: Fri, 23 Sep 2022 22:41:00 GMT
Last-Modified: Wed, 24 Oct 2018 16:00:42 GMT
NEL: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Report-To: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Nginx-Request-Id: 396f2fcca0a13194


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32058)
Size:   13696
Md5:    0846935dee0d2ebbb7af7cbce113d5b8
Sha1:   f07346e034d5ad76aa90b38e195500574aafbb4e
Sha256: 2b682e5417a0a08596a80bc834ffeb32948d54373b4020d54fac626e559c1270
                                        
                                            GET /scripts/fw_menu.js HTTP/1.1 
Host: www.chersonesos.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

                                         
                                         185.9.147.100
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Length: 33219
Last-Modified: Tue, 12 Apr 2016 13:05:07 GMT
Connection: keep-alive
ETag: "570cf283-81c3"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (306)
Size:   33219
Md5:    c3ea9809cc481d1d4a65bd0ff96611e6
Sha1:   a29883bfb66741f475267056dca66a9b8ea2a729
Sha256: 49b657ae2310f2f7843161e84e8722100e6ed035118ebac414ebd6e88ba47051

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/fancybox/jquery.fancybox.js HTTP/1.1 
Host: www.chersonesos.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

                                         
                                         185.9.147.100
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Length: 48706
Last-Modified: Tue, 12 Apr 2016 13:04:35 GMT
Connection: keep-alive
ETag: "570cf263-be42"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   48706
Md5:    921e9cb04ad6e2559869ec845c5be39b
Sha1:   1cf3d47b5ccb7cb6e9019c64f2a88d03a64853e4
Sha256: 6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/jquery-1.11.0.min.js HTTP/1.1 
Host: www.chersonesos.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

                                         
                                         185.9.147.100
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Length: 96381
Last-Modified: Tue, 12 Apr 2016 13:04:33 GMT
Connection: keep-alive
ETag: "570cf261-1787d"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (32341)
Size:   96381
Md5:    8fc25e27d42774aeae6edbc0a18b72aa
Sha1:   b66ed708717bf0b4a005a4d0113af8843ef3b8ff
Sha256: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /images/mint.jpg HTTP/1.1 
Host: www.chersonesos.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

                                         
                                         185.9.147.100
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Length: 10775
Last-Modified: Tue, 12 Apr 2016 12:52:41 GMT
Connection: keep-alive
ETag: "570cef99-2a17"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 300x203, components 3\012- data
Size:   10775
Md5:    a16c37394b5111f0e4ececf9a1b1aa5f
Sha1:   17b7de59b121bd3fa4a4c03f87f4b62229f8e6ed
Sha256: c608b1aff3ae836b763d3e1275c3b4c094a898ede30b6229c9ff0cd810577ae8
                                        
                                            GET /images/rus_object-razdeli.jpg HTTP/1.1 
Host: www.chersonesos.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

                                         
                                         185.9.147.100
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Length: 4929
Last-Modified: Tue, 12 Apr 2016 12:53:26 GMT
Connection: keep-alive
ETag: "570cefc6-1341"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 280x50, components 3\012- data
Size:   4929
Md5:    14587bdd75db30bf26ec678195cf53c2
Sha1:   754f65df875a1eaafa13aaaedfbb9c8166abc6bd
Sha256: a29af576cb700d242e1b0a9a0d3428434eadf8d782c434a0873785d3269ec289
                                        
                                            GET /arrows.gif HTTP/1.1 
Host: www.chersonesos.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

                                         
                                         185.9.147.100
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Length: 54
Last-Modified: Thu, 02 Feb 2006 11:21:10 GMT
Connection: keep-alive
ETag: "43e1eb26-36"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 8 x 8\012- data
Size:   54
Md5:    4d61ba12cc50f0b4fa85cfc89447c305
Sha1:   a3926a50fd194ac175dc2b149e0aafb8aed7d350
Sha256: a2755ab742409b06389c9d8067b45b7b874ba059480373b06874e288c56de1c7
                                        
                                            GET /images/background_rus.jpg HTTP/1.1 
Host: www.chersonesos.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

                                         
                                         185.9.147.100
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Length: 56027
Last-Modified: Tue, 12 Apr 2016 12:45:32 GMT
Connection: keep-alive
ETag: "570cedec-dadb"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x195, components 3\012- data
Size:   56027
Md5:    bdc105eb3dad9dad1d2d3916cb8a80c8
Sha1:   c58fb4f9a7a54fdcbd7212b18dc138aef42d6e3e
Sha256: d305e2d70e826185241b58570b52fe14aead775a172a6530ad882b4143f20333
                                        
                                            GET /share/static/b-share-icon.png HTTP/1.1 
Host: yastatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/

                                         
                                         178.154.131.215
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.17.9
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Length: 4637
Connection: keep-alive
Keep-Alive: timeout=5
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=216009
Etag: "24bc3d4a0d287d95c0fb2ec150c1776e"
Expires: Fri, 23 Sep 2022 22:38:26 GMT
Last-Modified: Wed, 24 Oct 2018 16:00:42 GMT
NEL: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Report-To: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Nginx-Request-Id: 69c96a99f369bf3e
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 16 x 493, 8-bit colormap, non-interlaced\012- data
Size:   4637
Md5:    24bc3d4a0d287d95c0fb2ec150c1776e
Sha1:   53b50aca31779f1d2082384c113cb8bd12392dca
Sha256: 4518d4c73cc79f597d32c09c25b38ef44da466f502c31e2023d1005f2f899713
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "44856BFB834A500B1C55837358B97B8D4961EA56101516B1E332E6369B102D1E"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14725
Expires: Wed, 21 Sep 2022 14:46:42 GMT
Date: Wed, 21 Sep 2022 10:41:17 GMT
Connection: keep-alive

                                        
                                            GET /aci.js HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.chersonesos.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: application/x-javascript
                                        
server: openresty
date: Wed, 21 Sep 2022 10:41:17 GMT
content-length: 7461
last-modified: Mon, 16 May 2022 07:14:50 GMT
etag: "6281f9ea-1d25"
content-encoding: gzip
expires: Wed, 21 Sep 2022 22:41:17 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1408)
Size:   7461
Md5:    ae0aab6c5a2ae2e1168e74f6e6ae4741
Sha1:   2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
Sha256: a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.chersonesos.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/?p=ct_map35

                                         
                                         185.9.147.100
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Length: 1406
Connection: keep-alive
Last-Modified: Tue, 13 Nov 2012 17:52:57 GMT
ETag: "57e-4ce6416897040"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16\012- data
Size:   1406
Md5:    797e9fa8cd6a169f9f6ddd8c370915b9
Sha1:   07d518701f0be5d1012ac182e53bcd94f311f072
Sha256: f411a6c2a1b4811cd5293338eb049ca1a42cd131527aa5457b78669620e65790
                                        
                                            GET /hit?t16.2;r;s1280*1024*24;uhttp%3A//www.chersonesos.org/%3Fp%3Dct_map35;i%u0416%u0436%u041C%u043E%u043D%u0435%u0442%u043D%u044B%u0439%20%u0434%u0432%u043E%u0440%20-%20%u0413%u043E%u0440%u043E%u0434%u0438%u0449%u0435%20-%20%u041E%20%u0425%u0435%u0440%u0441%u043E%u043D%u0435%u0441%u0435;0.9102738573072036 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/

                                         
                                         88.212.202.52
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Wed, 21 Sep 2022 10:41:17 GMT
Server: 0W/0.8c
Location: https://counter.yadro.ru/hit?t16.2;r;s1280*1024*24;uhttp%3A//www.chersonesos.org/%3Fp%3Dct_map35;i%u0416%u0436%u041C%u043E%u043D%u0435%u0442%u043D%u044B%u0439%20%u0434%u0432%u043E%u0440%20-%20%u0413%u043E%u0440%u043E%u0434%u0438%u0449%u0435%20-%20%u041E%20%u0425%u0435%u0440%u0441%u043E%u043D%u0435%u0441%u0435;0.9102738573072036
Content-Length: 32
Expires: Mon, 20 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   32
Md5:    3e9c09a8c5a87f266e047a596f48578c
Sha1:   07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
Sha256: 57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 10:03:22 GMT
Expires: Wed, 21 Sep 2022 10:46:06 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bPG1EQRKCmavWDOCIK_nCrTYWdUmPGiRiWUAzwXXMw6PdymDSrHZ-g==
Age: 2275


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /hit/?v=0.4.0&uid=bdec349b-015c-4f17-9038-1d3c7014bf26&dp=10&tz=%2B00%3A00&nc=41076712&u=http%3A%2F%2Fwww.chersonesos.org%2F%3Fp%3Dct_map35&r=&rs=1280x1024&t=%D0%9C%D0%BE%D0%BD%D0%B5%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B2%D0%BE%D1%80%20-%20%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D0%B8%D1%89%D0%B5%20-%20%D0%9E%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B5%D1%81%D0%B5&oE=1&oP=1&dT=2022-09-21T10%3A41%3A17.584&fu=7449aca7-6bc6-4d1a-a662-17d1b30355f8 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/

                                         
                                         185.12.125.26
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: openresty
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.4.0&uid=bdec349b-015c-4f17-9038-1d3c7014bf26&dp=10&tz=%2B00%3A00&nc=41076712&u=http%3A%2F%2Fwww.chersonesos.org%2F%3Fp%3Dct_map35&r=&rs=1280x1024&t=%D0%9C%D0%BE%D0%BD%D0%B5%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B2%D0%BE%D1%80%20-%20%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D0%B8%D1%89%D0%B5%20-%20%D0%9E%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B5%D1%81%D0%B5&oE=1&oP=1&dT=2022-09-21T10%3A41%3A17.584&fu=7449aca7-6bc6-4d1a-a662-17d1b30355f8


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   142
Md5:    82c98e8e012b79c922655461171cc2fa
Sha1:   0828d79135573276005b04be42d79a8a3291292b
Sha256: 745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
                                        
                                            GET /mc/?dp=10 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/
Upgrade-Insecure-Requests: 1

                                         
                                         185.12.125.26
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: openresty
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   142
Md5:    82c98e8e012b79c922655461171cc2fa
Sha1:   0828d79135573276005b04be42d79a8a3291292b
Sha256: 745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
                                        
                                            GET /mc/?dp=10 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.chersonesos.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 302 Found
content-type: text/html
                                        
server: openresty
date: Wed, 21 Sep 2022 10:41:17 GMT
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Wed, 21-Sep-22 10:51:17 GMT aid=fwAAAWMq6k1QMACxhmNfAsET2cpRWQZJK171gHvkkFb772Vl; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   154
Md5:    cfbeaf604823f038b8b46f0ac862b98c
Sha1:   7b9eb1dac48e74fa5f418bc456cb410f88b81d98
Sha256: 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
                                        
                                            GET /hit/?v=0.4.0&uid=bdec349b-015c-4f17-9038-1d3c7014bf26&dp=10&tz=%2B00%3A00&nc=41076712&u=http%3A%2F%2Fwww.chersonesos.org%2F%3Fp%3Dct_map35&r=&rs=1280x1024&t=%D0%9C%D0%BE%D0%BD%D0%B5%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B2%D0%BE%D1%80%20-%20%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D0%B8%D1%89%D0%B5%20-%20%D0%9E%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B5%D1%81%D0%B5&oE=1&oP=1&dT=2022-09-21T10%3A41%3A17.584&fu=7449aca7-6bc6-4d1a-a662-17d1b30355f8 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.chersonesos.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Wed, 21 Sep 2022 10:41:17 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /metrika/watch.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/

                                         
                                         87.250.251.119
HTTP/1.1 302 Moved temporarily
                                        
Content-Length: 0
Location: https://mc.yandex.ru/metrika/watch.js

                                        
                                            GET /hit?t16.2;r;s1280*1024*24;uhttp%3A//www.chersonesos.org/%3Fp%3Dct_map35;i%u0416%u0436%u041C%u043E%u043D%u0435%u0442%u043D%u044B%u0439%20%u0434%u0432%u043E%u0440%20-%20%u0413%u043E%u0440%u043E%u0434%u0438%u0449%u0435%20-%20%u041E%20%u0425%u0435%u0440%u0441%u043E%u043D%u0435%u0441%u0435;0.9102738573072036 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.chersonesos.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.212.202.52
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Length: 214
Connection: keep-alive
Expires: Mon, 20 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400


--- Additional Info ---
Magic:  GIF image data, version 89a, 88 x 31\012- data
Size:   214
Md5:    993dd5b335e78a4cb78a9a6e81c8ac8d
Sha1:   6c53370242962a60e64d264510cf07bf8215f45e
Sha256: e3ca311ef85dfd77fd1008b0cd4014ed5a59053d4d5f2fe7bf06ea7407fd7ac0
                                        
                                            GET /counter?id=1221995;t=51;js=13;r=;j=false;s=1280*1024;d=24;rand=0.32849768360931497 HTTP/1.1 
Host: d5.ca.b2.a1.top.list.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/

                                         
                                         95.163.52.67
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Wed, 21 Sep 2022 10:41:17 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://top-fwz1.mail.ru/counter?id=1221995;t=51;js=13;r=;j=false;s=1280*1024;d=24;rand=0.32849768360931497;ver=30
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: private, no-cache, no-store, max-age=0
Pragma: no-cache
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
Accept-CH-Lifetime: 86400

                                        
                                            GET /match?id=106&vid=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: dm-eu.hybrid.ai
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.18.103.21
HTTP/2 204 No Content
                                        
date: Wed, 21 Sep 2022 10:41:17 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=3f903e8f165630979949; expires=Thu, 21 Sep 2023 10:41:16 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 527
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2

                                        
                                            GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1 
Host: ads.adlook.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         5.200.43.131
HTTP/2 302 Found
                                        
location: https://acint.net/match?dp=110&euid=5826f705795c4faf8cb1a53e64411a2a
server: Kestrel
set-cookie: adlm_userId=5826f705795c4faf8cb1a53e64411a2a; expires=Wed, 20 Sep 2023 21:00:00 GMT; path=/; SameSite=None; secure
date: Wed, 21 Sep 2022 10:41:17 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3680
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 10:41:18 GMT
Last-Modified: Wed, 21 Sep 2022 09:39:58 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3819
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 10:41:18 GMT
Last-Modified: Wed, 21 Sep 2022 09:37:39 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A13695745612E9F0FEAF5B58CBAB183B166956C0E84B94148D230E12725B9C66"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8046
Expires: Wed, 21 Sep 2022 12:55:24 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9D5840FC9DEA3D55D10247F043B47715557416539DB5856830BE0275EBD1224"
Last-Modified: Mon, 19 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15969
Expires: Wed, 21 Sep 2022 15:07:27 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

                                        
                                            GET /sape/sync HTTP/1.1 
Host: sync.upravel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.198.16.238
HTTP/2 302 Found
content-type: image/png
                                        
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1663756878052;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180 session_tptc-legacy=1663756878052;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 939
Connection: keep-alive
Expires: Sun, 25 Sep 2022 07:01:51 GMT
ETag: "0a0baabfc909038da1590b05e9549608506200c8"
Last-Modified: Wed, 21 Sep 2022 07:01:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3212
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e23007fdb00b3d-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E75315ECF71F2D2C0BBA377F986399DB9653201D0E22C93F1D6A3AF0AAF64190"
Last-Modified: Mon, 19 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7042
Expires: Wed, 21 Sep 2022 12:38:40 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

                                        
                                            GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1 
Host: ssp-rtb.sape.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         193.3.184.135
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: openresty
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=AAB803C14EEA2A6324006D1002B63F3D
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=wQO4qmMq6k4QbQAkPT+2Ag7gl54IGzLb7ic6KG8FPG3Wa2HF; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   142
Md5:    82c98e8e012b79c922655461171cc2fa
Sha1:   0828d79135573276005b04be42d79a8a3291292b
Sha256: 745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
                                        
                                            GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1 
Host: ssp.bestssp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.147.80.35
HTTP/1.1 302 Found
                                        
Server: nginx/1.16.1
Date: Wed, 21 Sep 2022 10:41:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=CGZXEHXD
Set-Cookie: uid=CGZXEHXD; Expires=Wed, 21 Sep 2032 00:00:00 GMT; mf2=1; Expires=Fri, 21 Oct 2022 00:00:00 GMT;

                                        
                                            GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: sync.1dmp.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         136.243.148.229
HTTP/2 302 Found
                                        
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=ec9fd273-3999-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 21 Sep 2023 10:41:18 GMT; SameSite=None; Secure uid-legacy=ec9fd273-3999-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 21 Sep 2023 10:41:18 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C14DEA2A63DC036C67029CA6F2&cs=1
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "718EED71973D15305E0894498BE069C630B67BCAD72A6C1A1872BFDF99E97F4B"
Last-Modified: Mon, 19 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1844
Expires: Wed, 21 Sep 2022 11:12:02 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

                                        
                                            GET /sync?ssp=sape HTTP/1.1 
Host: a.utraff.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.59.66
HTTP/2 204 No Content
content-type: text/plain
                                        
date: Wed, 21 Sep 2022 10:41:18 GMT
set-cookie: preutid=1; Expires=Fri, 21 Oct 2022 13:41:18 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/ preutid=1; Expires=Fri, 21 Oct 2022 13:41:18 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJjef%2FCeLiM4vhB4kZ4lOJWZVbtgYmcC7pAjEEb47XoKXD6z4eFgEBD4gYAFMaSOPNwkB5y3%2FfIVbG9UJyUskQtX2qYAhEChhNGZ6LVJyVLE53K%2FBDzgU6KWEqotU30%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e23007f808b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E28B5CB66252A18D25FCCA8E24BFCDAAA5F93BC9AE8DB726B28CB4AF50867E21"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11001
Expires: Wed, 21 Sep 2022 13:44:39 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

                                        
                                            GET /match?dp=110&euid=5826f705795c4faf8cb1a53e64411a2a HTTP/1.1 
Host: acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match?dsp=sape HTTP/1.1 
Host: sync.republer.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.88.82.46
HTTP/2 204 No Content
                                        
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7B67202E50EE8511EB36FAD0CCADF6B6DEBE8169C3925C48BC1B5F1AAE26BC13"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19176
Expires: Wed, 21 Sep 2022 16:00:54 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

                                        
                                            GET /match?dp=14&euid=AAB803C14EEA2A6324006D1002B63F3D HTTP/1.1 
Host: acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match?dp=95&euid=CGZXEHXD HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9FF0F01363DBFB8A16C5BA064B6AD8AAAF50C69CD6181E65C41AC1E46CF891AD"
Last-Modified: Tue, 20 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17443
Expires: Wed, 21 Sep 2022 15:32:01 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

                                        
                                            GET /match/396/?remote_uid=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: s.uuidksinc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.220.27.134
HTTP/2 302 Found
                                        
server: nginx/1.19.0
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=6QNgpQU4LKaO3HzmpFxg
set-cookie: jcsuuid=6QNgpQU4LKaO3HzmpFxg; expires=Thu, 21 Sep 2023 10:41:18 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1 
Host: sync.upravel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1663756878052
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         88.198.16.238
HTTP/2 302 Found
content-type: image/png
                                        
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 0
location: https://5c84e6de-55c4-4bba-8064-951442aa780d.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
set-cookie: user_id=5c84e6de-55c4-4bba-8064-951442aa780d;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000 user_id-legacy=5c84e6de-55c4-4bba-8064-951442aa780d;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

                                        
                                            GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C14DEA2A63DC036C67029CA6F2&cs=1 HTTP/1.1 
Host: sync.1dmp.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=ec9fd273-3999-11ed-acfd-901b0e8b2a6e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         136.243.148.229
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=ec9fd273-3999-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 21 Sep 2023 10:41:18 GMT; SameSite=None; Secure uid-legacy=ec9fd273-3999-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 21 Sep 2023 10:41:18 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /userbind?src=sape&id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: match.new-programmatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.65.2.150
HTTP/1.1 204 No Content
                                        
Server: nginx/1.18.0
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0C3B6835B2E7AA2BB66466305608B1AB6236431FADAFA3A6FE32530F516DC23A"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7905
Expires: Wed, 21 Sep 2022 12:53:03 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4852
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 10:41:18 GMT
Last-Modified: Wed, 21 Sep 2022 09:20:26 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /match?dp=127&euid=6QNgpQU4LKaO3HzmpFxg HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "33CC7E1528CD3C0358C442656146C740469BDF1F68FACB8D3171AF0FD9F76B67"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6428
Expires: Wed, 21 Sep 2022 12:28:26 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

                                        
                                            GET /sape/cm?user_id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: nr.bidderstack.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         148.251.217.100
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=812d9557-b68d-4d41-9391-456046a60a9b; domain=.bidderstack.com; path=/; expires=Thu, 21-Sep-2023 10:41:18 GMT;
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   44
Md5:    f9d60352c70a2ba15616d1c9421f3844
Sha1:   e9abc8bea7721a4b6a50295850d13c515006a95c
Sha256: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
                                        
                                            GET /?src=sap1&uid=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: sync.bumlam.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.172.81.159
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRlY2FkNjEwNi0zOTk5LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Tue, 16 Sep 2042 10:41:18 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjO1KuZBmIgODlCODAzQzE0REVBMkE2M0RDMDM2QzY3MDI5Q0E2RjKiARDsrWEGOZkR7YbgACWQwGR8
ETag: ecad6106-3999-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 25 Sep 2022 09:00:34 GMT
ETag: "e1603f0e1b0ed0ab64d13d4f7f9ef40a18d4fc2b"
Last-Modified: Wed, 21 Sep 2022 09:00:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1859
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e23008c8b7b4ff-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    1ac3f4fae3e6921a7230804b23acee49
Sha1:   e1603f0e1b0ed0ab64d13d4f7f9ef40a18d4fc2b
Sha256: 3b2b7034a7a1a0d27b365532b5cdede5302fc2cac1ed13162da1b366317d8e5a
                                        
                                            GET /match?dp=129&euid=6e0otjtl16 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /merge_gpsid/?sid=50&id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: stat.adlabs.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         109.248.237.37
HTTP/2 302 Found
                                        
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=89B803C14DEA2A63DC036C67029CA6F2
X-Firefox-Spdy: h2

                                        
                                            GET /p?ssp=sp&uid=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: cs.agency2.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.111.107.44
HTTP/1.1 301 Moved Permanently
                                        
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=0be9b619-84bb-4daf-931b-e779ad19b6f7
Set-Cookie: uuid=0be9b619-84bb-4daf-931b-e779ad19b6f7; expires=Tue, 12 Sep 2023 10:41:18 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3680
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 10:41:18 GMT
Last-Modified: Wed, 21 Sep 2022 09:39:58 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GSy02MdS4HOd90lxuuLFHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.237.239.70
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rMAIFLclx0QZhqFR8YR7wrFhvWU=

                                        
                                            GET /counter?id=1221995;t=51;js=13;r=;j=false;s=1280*1024;d=24;rand=0.32849768360931497;ver=30 HTTP/1.1 
Host: top-fwz1.mail.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.chersonesos.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.163.52.67
HTTP/2 302 Found
                                        
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?id=1221995;t=51;js=13;r=;j=false;s=1280*1024;d=24;rand=0.32849768360931497;ver=30
set-cookie: FTID=1RMYgQ0tkIIC:1663756878:1221995:::; path=/; expires=Fri, 22-Sep-23 10:41:18 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 25 Sep 2022 06:21:39 GMT
ETag: "6a701d845c7a70b1dd10d7f5e047011ae3689360"
Last-Modified: Wed, 21 Sep 2022 06:21:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2529
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e230090f020b3d-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    a2e812044128f3a98fbd7fda6a36e44d
Sha1:   6a701d845c7a70b1dd10d7f5e047011ae3689360
Sha256: 763986ad47e03273f158fa35b26da01d56de2460e8c1321a3fbea96fe22eb7f7
                                        
                                            GET /core/match.gif?s=32&id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: mediatoday.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.228.100
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx/1.20.2
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUl4Tk1sSJV78my; expires=Sat, 18-Sep-2032 10:41:18 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /match?dp=186&euid=0be9b619-84bb-4daf-931b-e779ad19b6f7 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match/sape?id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: sync.dmp.otm-r.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.65.74
HTTP/2 204 No Content
                                        
server: nginx/1.17.4
date: Wed, 21 Sep 2022 10:41:18 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 00:21:03 GMT
Expires: Sun, 25 Sep 2022 00:21:02 GMT
Etag: "4ae50c94f39c12046d8522d440f5bb81781d4e9a"
Cache-Control: max-age=307783,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e230080b4cb51b-OSL

                                        
                                            GET /?src=sap1&s_data=CAIQARjO1KuZBmIgODlCODAzQzE0REVBMkE2M0RDMDM2QzY3MDI5Q0E2RjKiARDsrWEGOZkR7YbgACWQwGR8 HTTP/1.1 
Host: sync.bumlam.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRlY2FkNjEwNi0zOTk5LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.172.81.159
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRlY2FkNjEwNi0zOTk5LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Tue, 16 Sep 2042 10:41:18 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

                                        
                                            GET /counter2?id=1221995;t=51;js=13;r=;j=false;s=1280*1024;d=24;rand=0.32849768360931497;ver=30 HTTP/1.1 
Host: top-fwz1.mail.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.chersonesos.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         95.163.52.67
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 630
set-cookie: FTID=1RMYgQ0tkIIC:1663756878:1221995:::; path=/; expires=Fri, 22-Sep-23 10:41:18 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 87a, 88 x 31\012- data
Size:   630
Md5:    091f148ecb0ea5ff0722971874baa230
Sha1:   e34a7edacf6c48b998e55ccaf476215ab75c3a9d
Sha256: f921adaa98a953fcc26356f075d10139f76d02502d03d0bf2ecc33e676c6933d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9D9E74F7121399F63901DDA5622E7AE4E2199C44358A421780C2B1C2FC41114D"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12198
Expires: Wed, 21 Sep 2022 14:04:36 GMT
Date: Wed, 21 Sep 2022 10:41:18 GMT
Connection: keep-alive

                                        
                                            GET /metrika/watch.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.chersonesos.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         87.250.251.119
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 56984
date: Wed, 21 Sep 2022 10:41:18 GMT
access-control-allow-origin: *
etag: "63295b76-de98"
expires: Wed, 21 Sep 2022 11:41:18 GMT
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
cache-control: max-age=3600
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (570)
Size:   56984
Md5:    586a53abefa89b60f73e53e4f44e6f2f
Sha1:   d4c50345603590468c539f46853ce78140f7664a
Sha256: 8472faf943b35943b628eb70fb721ec98aa217d2526631f884f117994c2a8095
                                        
                                            GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1 
Host: exchange.buzzoola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.198.31.232
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 115
location: https://www.acint.net/match?dp=126&euid=b54b0ba1-219b-4084-5b48-4eb859cd7f17
serverid: TODO
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   115
Md5:    69e1a7e5772be8a4c7b88d4ce5b39b5b
Sha1:   6a4c0d3539958d431179cf5984bffa32ce35d3fe
Sha256: fc98d4728c121790af14593d5d9faf8dfd262fea31a9a753a5a8bcdf9ad39875
                                        
                                            GET /match?dp=126&euid=b54b0ba1-219b-4084-5b48-4eb859cd7f17 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /p?ssp=sp&id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: 89b803c14dea2a63dc036c67029ca6f2-sp.ops.beeline.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.9.245.57
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=9d1c215c-24ef-41d3-82e0-13b7e13ec915
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=9d1c215c-24ef-41d3-82e0-13b7e13ec915; expires=Tue, 12 Sep 2023 10:41:18 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.31
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 11:26:46 GMT
Expires: Sun, 25 Sep 2022 11:26:45 GMT
Etag: "72dd5651384cd773852d35bdacce2cce2af4f03e"
Cache-Control: max-age=347726,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e230091838b524-OSL

                                        
                                            GET /match?dp=111&euid=9d1c215c-24ef-41d3-82e0-13b7e13ec915 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /metrika/advert.gif HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.chersonesos.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Wed, 21 Sep 2022 10:41:18 GMT
access-control-allow-origin: *
etag: "63295b76-2b"
expires: Wed, 21 Sep 2022 11:41:18 GMT
accept-ranges: bytes
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /watch/26812653?wmode=7&page-url=http%3A%2F%2Fwww.chersonesos.org%2F%3Fp%3Dct_map35&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.11.0%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1347084678311%3Ahid%3A146048660%3Az%3A0%3Ai%3A20220921104118%3Aet%3A1663756878%3Ac%3A1%3Arn%3A168226262%3Arqn%3A1%3Au%3A1663756878180769721%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A11%2C44%2C63%2C45%2C-5%2C0%2C%2C570%2C35%2C%2C%2C%2C834%3Ans%3A1663756876573%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663756878%3At%3A%D0%9C%D0%BE%D0%BD%D0%B5%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B2%D0%BE%D1%80%20-%20%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D0%B8%D1%89%D0%B5%20-%20%D0%9E%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B5%D1%81%D0%B5&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.chersonesos.org
Connection: keep-alive
Referer: http://www.chersonesos.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.119
HTTP/2 302 Found
                                        
location: /watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fwww.chersonesos.org%2F%3Fp%3Dct_map35&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.11.0%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1347084678311%3Ahid%3A146048660%3Az%3A0%3Ai%3A20220921104118%3Aet%3A1663756878%3Ac%3A1%3Arn%3A168226262%3Arqn%3A1%3Au%3A1663756878180769721%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A11%2C44%2C63%2C45%2C-5%2C0%2C%2C570%2C35%2C%2C%2C%2C834%3Ans%3A1663756876573%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663756878%3At%3A%D0%9C%D0%BE%D0%BD%D0%B5%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B2%D0%BE%D1%80%20-%20%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D0%B8%D1%89%D0%B5%20-%20%D0%9E%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B5%D1%81%D0%B5&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 21 Sep 2022 10:41:18 GMT
access-control-allow-origin: http://www.chersonesos.org
set-cookie: yandexuid=2577536531663756878; Expires=Thu, 21-Sep-2023 10:41:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=2577536531663756878; Expires=Thu, 21-Sep-2023 10:41:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yabs-sid=2276270541663756878; Path=/; SameSite=None; Secure i=m2HUGi+yaOzZjcQyQE44pyM0N76g4J0mCdbV+MEd5i0IZpgInKO1mKOlDuR3AowZnkYsZFLcCam8e47EevtJlxbeTX8=; Expires=Sat, 18-Sep-2032 10:41:17 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None ymex=1695292878.yrts.1663756878#1695292878.yrtsi.1663756878; Expires=Thu, 21-Sep-2023 10:41:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21-Sep-2022 10:41:18 GMT
last-modified: Wed, 21-Sep-2022 10:41:18 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Size:   407
Md5:    b5992fc0cfe73a8152f1186e0b3b2b97
Sha1:   19619893b40188993a66449a918c7a9f4d2f9e6c
Sha256: 1f38c19346f97a1de7b0f18b680608e4e9e95f10976987eb11a953bc790fdc7d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 10:41:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 25 Sep 2022 09:31:00 GMT
ETag: "6899c7c4d5fedffd6f69b1883cd640357fad4042"
Last-Modified: Wed, 21 Sep 2022 09:31:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1606
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e2300d2c150b3d-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    3796af71f8152e32fa0d79eda422767d
Sha1:   6899c7c4d5fedffd6f69b1883cd640357fad4042
Sha256: efbbdd96987db9007a40eb0acc5e854f15d2655f3cd6a8b89ad0c0497899ca06
                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 25 Sep 2022 09:31:00 GMT
ETag: "6899c7c4d5fedffd6f69b1883cd640357fad4042"
Last-Modified: Wed, 21 Sep 2022 09:31:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1606
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e2300d5c400b3d-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    3796af71f8152e32fa0d79eda422767d
Sha1:   6899c7c4d5fedffd6f69b1883cd640357fad4042
Sha256: efbbdd96987db9007a40eb0acc5e854f15d2655f3cd6a8b89ad0c0497899ca06
                                        
                                            GET /pixel?google_nid=agentstvo_sape_limited&google_hm=ibgDwU3qKmPcA2xnApym8g HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.34
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 21 Sep 2022 10:41:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   170
Md5:    e7673c60af825466f83d46da72ca1635
Sha1:   fc0fcbee0835709ba2d28798a612bfd687903fb5
Sha256: 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
                                        
                                            GET /cookie_matching_ssp/Sape-dsp/89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: fcgi4.gnezdo.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.95.102.105
HTTP/2 204 No Content
                                        
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
set-cookie: uid=XV9maWMq6k46qoY4Gn0zAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2

                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 25 Sep 2022 09:31:30 GMT
ETag: "336a9c17de788b94418bf905bfa48115cfd4e7c7"
Last-Modified: Wed, 21 Sep 2022 09:31:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 785
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e2300d6e8fb4ff-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    0fa471221f8f5e1d23dff5de3d87dd0b
Sha1:   336a9c17de788b94418bf905bfa48115cfd4e7c7
Sha256: 87c425e6a8d4d0949fc636b934d7869cf76c14e30de2ae27b136de59a54eb94b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 04:18:18 GMT
Expires: Mon, 26 Sep 2022 04:18:17 GMT
Etag: "81959b98f864c8b48587bae773c5a8a33748b4e2"
Cache-Control: max-age=600121,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 348
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e2300d7c8a0b3d-OSL

                                        
                                            GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1 
Host: sync.adkernel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         77.245.57.72
HTTP/1.1 200 OK
                                        
Server: nginx
Date: Wed, 21 Sep 2022 10:41:18 GMT
Content-Length: 0
Connection: close

                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4341
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 10:41:18 GMT
Last-Modified: Wed, 21 Sep 2022 09:28:57 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1 
Host: ad.adriver.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.209.108.38
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Wed, 21 Sep 2022 10:41:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-4460424563; expires=Fri, 20 Sep 2024 10:41:18 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4460424563
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

                                        
                                            GET /sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP/1.1 
Host: 5c84e6de-55c4-4bba-8064-951442aa780d.sync.upravel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1663756878052; user_id=5c84e6de-55c4-4bba-8064-951442aa780d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         136.243.48.22
HTTP/2 302 Found
content-type: image/png
                                        
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=5c84e6de-55c4-4bba-8064-951442aa780d;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000 user_id-legacy=5c84e6de-55c4-4bba-8064-951442aa780d;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=5c84e6de-55c4-4bba-8064-951442aa780d
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

                                        
                                            GET /cgi-bin/sync.cgi?dsp_id=153&external_id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: ssp.adriver.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.209.111.13
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 21 Sep 2022 10:41:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 25 Sep 2022 09:00:28 GMT
ETag: "92f1294ef39595dd86175b6bfc879bd2dabdb32a"
Last-Modified: Wed, 21 Sep 2022 09:00:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 315
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e2300dbcf90b3d-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    2dfd3681efb1f9a13c89875d48425c3d
Sha1:   92f1294ef39595dd86175b6bfc879bd2dabdb32a
Sha256: 952a4d2ae7dc2b18aafe20b053081a19bd782e9d4afcd8d065d313200f212801
                                        
                                            GET /match?dp=71&euid=5c84e6de-55c4-4bba-8064-951442aa780d HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Wed, 21 Sep 2022 10:41:19 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "87CC1ED52F443895E5D7615695D2D1162E0BD93EDF17990029727E52CE33256B"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14834
Expires: Wed, 21 Sep 2022 14:48:33 GMT
Date: Wed, 21 Sep 2022 10:41:19 GMT
Connection: keep-alive

                                        
                                            GET /cm.gif?p=48&id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: ad.mail.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.163.41.56
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 43
set-cookie: VID=0TLQWI0kZf2C0020ep1cm62C:::0-0-0-845430e:CAASELWkZKlX5XBI2YAfIa6U_5caYHKFW77BBWhRaQlEsTiiVeDdnU714n7-KVCpplXBqoiOrA0yOkCadefpciJbMS-v4DPYE9JYJvvEsieZWPz224caI2nKRR1lbMLs5w7sTi4P68iND0NRsqNXWPDoXyln8Q; path=/; expires=Fri, 22-Sep-23 10:41:18 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Wed, 21 Sep 2022 16:41:18 GMT
cache-control: max-age=21600
last-modified: Wed, 21 Sep 2022 10:41:18 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 10:41:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /sync HTTP/1.1 
Host: sape-sync.rutarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         188.72.107.156
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=3WpUTtVkKXBR
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=3WpUTtVkKXBR; Path=/; Domain=.rutarget.ru; Expires=Mon, 20 Mar 2023 10:41:19 GMT; SameSite=None; Secure

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Length: 940
Connection: keep-alive
Expires: Sun, 25 Sep 2022 09:32:15 GMT
ETag: "cd78cb3571154e38b8c74e99fe8ccc999809e149"
Last-Modified: Wed, 21 Sep 2022 09:32:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2703
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e2300dfd520b3d-OSL

                                        
                                            GET /usersync?dspcsid=8&redirect=1 HTTP/1.1 
Host: ssp.bidvol.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.109.23.99
HTTP/2 302 Found
                                        
server: nginx/1.22.0
date: Wed, 21 Sep 2022 10:41:18 GMT
x-request-id: 5c5c5f01-e9f9-4c10-a95c-a8580654581e
set-cookie: bvuid=6e0otjtl16; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None bvuid2=6e0otjtl16; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=6e0otjtl16
X-Firefox-Spdy: h2

                                        
                                            GET /mc/?dp=10&tc=1 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.chersonesos.org/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: text/html
                                        
server: openresty
date: Wed, 21 Sep 2022 10:41:17 GMT
set-cookie: cSyncDp7v2=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp14v3=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp17=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp32=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp45v3=1663756877; expires=Thu, 22-Sep-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp53=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp54v2=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp62=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp67v2=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp68=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp71=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp77=1663756877; expires=Wed, 05-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp84=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp85=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp95v3=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp101=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp104v2=1663756877; expires=Wed, 05-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp107=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp110=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp111v2=1663756877; expires=Wed, 05-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp112v2=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp125v2=1663756877; expires=Thu, 06-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp126=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp127=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp129=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp136v2=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp138=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp144=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp146=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp148=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp149=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp151=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp178=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp179=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp186=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp221=1663756877; expires=Fri, 21-Oct-22 10:41:17 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1939
Md5:    76d88356cdedfc32332176b5ddf05614
Sha1:   e6606beffdcc3819f27655aee9cee62356ed325b
Sha256: d6c9388c3652ad68053f050d7f3c0713d006e5333266ae6102f9622c53038d5c
                                        
                                            GET /adcm.js HTTP/1.1 
Host: tag.digitaltarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.15.175.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Length: 3051
Last-Modified: Wed, 21 Sep 2022 10:34:35 GMT
Connection: keep-alive
ETag: "632ae8bb-beb"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (3051), with no line terminators
Size:   3051
Md5:    e7097284185069f52fc736bcd50cda13
Sha1:   1cdfdf2d869841202079ddf91e0a00a8610812e6
Sha256: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
                                        
                                            GET /p/cm/sape?u=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: px.adhigh.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         193.232.150.60
HTTP/2 302 Found
                                        
server: nginx
date: Wed, 21 Sep 2022 10:41:19 GMT
content-length: 0
x-backend-id: f20-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=LaEsZJ88hdH.AikABlGDX6NE2w;Path=/;Domain=.adhigh.net;Expires=Thu, 21-Sep-2023 10:41:19 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=89B803C14DEA2A63DC036C67029CA6F2&bounced=1
X-Firefox-Spdy: h2

                                        
                                            GET /match?bidder_id=73&external_user_id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         188.42.191.196
HTTP/2 302 Found
                                        
location: /match?bidder_id=73&external_user_id=89B803C14DEA2A63DC036C67029CA6F2&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com tuuid=d7d52708-b6eb-5208-85a5-0d2de68fe762; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com ut=YyrqTwABsZhKYsA1H9dsj0lWb6hB7Pdy3rFN0g==; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /merge_gpsid/?sid=50&id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: adlmerge.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         95.211.66.35
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx/1.16.0
date: Wed, 21 Sep 2022 10:41:18 GMT
iseu: eu
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   515
Md5:    6cb509b886fe357fb4e131c64d06476a
Sha1:   5c00c9b63fbb8cd01c46d7322650f02e01a52a53
Sha256: ce2a9a0e0a1947df4b556510e8beef65f6c1a6896bea335b4cbd6c9bcc4383ad
                                        
                                            GET /match?dp=104&euid=3WpUTtVkKXBR HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Wed, 21 Sep 2022 10:41:19 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         188.42.191.196
HTTP/2 302 Found
                                        
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com tuuid=5efa22b6-c79d-5208-8c3f-d4c5ef153e8a; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com ut=YyrqTwACXXh_U59IK0dZHgqvRconopw5AXFYRQ==; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /match/second?ssp=30&exu=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: sm.rtb.mts.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.66.147.165
HTTP/1.1 301 Moved Permanently
                                        
Server: nginx
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://tech.rtb.mts.ru/

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 14:18:44 GMT
Expires: Tue, 27 Sep 2022 14:18:43 GMT
Etag: "6a95016d800f003c5a9be4fb1a806178aeb263b3"
Cache-Control: max-age=530843,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e2300daa5ab523-OSL

                                        
                                            GET /p/cm/sape?u=89B803C14DEA2A63DC036C67029CA6F2&bounced=1 HTTP/1.1 
Host: px.adhigh.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         193.232.150.60
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Wed, 21 Sep 2022 10:41:19 GMT
content-length: 49
x-backend-id: f20-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   49
Md5:    889bc1fffc025af4685839fb516a0b8b
Sha1:   7f105137a4eafe93213ecd8cc34dd907c340467c
Sha256: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
                                        
                                            GET /0.gif?pid=9401454&id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: x01.aidata.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         89.108.119.43
HTTP/2 302 Found
                                        
server: nginx
date: Wed, 21 Sep 2022 10:41:19 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=89B803C14DEA2A63DC036C67029CA6F2&bounce=1
expires: Wed, 21 Sep 2022 10:41:18 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Wed, 21 Sep 2022 10:41:18 GMT
set-cookie: __upin=/JyH5GBBtaIzBLCCAwvssQ;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure __upints=1663756879;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

                                        
                                            GET /match?bidder_id=73&external_user_id=89B803C14DEA2A63DC036C67029CA6F2&crf=1 HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.42.191.196
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com tuuid=33a392da-8065-5208-91ed-6af3f2c780bc; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com ut=YyrqTwADwPD13HxVqG8wpbeB8HjX21n0VDVXGQ==; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   68
Md5:    c4a2b870062c2bb98c500bc1526c0498
Sha1:   528666ccdb12997358077bc8fcdbfb6b825c7788
Sha256: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
                                        
                                            GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.42.191.196
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com tuuid=ec9fb7e5-9348-5208-874c-6bfce46681b3; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com ut=YyrqTwADyMDsn3zYWZcf4h06sP7bteImSfjn0Q==; Max-Age=31536000; Expires=Thu, 21 Sep 2023 10:41:19 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   68
Md5:    c4a2b870062c2bb98c500bc1526c0498
Sha1:   528666ccdb12997358077bc8fcdbfb6b825c7788
Sha256: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
                                        
                                            GET /0.gif?pid=9401454&id=89B803C14DEA2A63DC036C67029CA6F2&bounce=1 HTTP/1.1 
Host: x01.aidata.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         89.108.119.43
HTTP/2 204 No Content
                                        
server: nginx
date: Wed, 21 Sep 2022 10:41:19 GMT
expires: Wed, 21 Sep 2022 10:41:18 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Wed, 21 Sep 2022 10:41:18 GMT
set-cookie: __upin=4Xk4EcRPBUaea4S0XvhiqA;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure __upints=1663756879;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

                                        
                                            GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4460424563 HTTP/1.1 
Host: ad.adriver.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.209.108.38
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Wed, 21 Sep 2022 10:41:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Fri, 20 Sep 2024 10:41:19 GMT; path=/; domain=.adriver.ru; uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   40
Md5:    251630b588179b239e8fab1ac9ef6d3a
Sha1:   91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
Sha256: c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
                                        
                                            GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 302 Found
content-type: text/html
                                        
server: openresty
date: Wed, 21 Sep 2022 10:41:19 GMT
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=89B803C14DEA2A63DC036C67029CA6F2
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   154
Md5:    cfbeaf604823f038b8b46f0ac862b98c
Sha1:   7b9eb1dac48e74fa5f418bc456cb410f88b81d98
Sha256: 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
                                        
                                            GET /processor.js?i=55607016929651 HTTP/1.1 
Host: tag.digitaltarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.15.175.174
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Length: 15892
Last-Modified: Wed, 21 Sep 2022 10:34:36 GMT
Connection: keep-alive
ETag: "632ae8bc-3e14"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (15892), with no line terminators
Size:   15892
Md5:    9d8bbf9b7d1aaed9a324a9cf9977dda4
Sha1:   d3365fba7f95ca11a9564b373162d1ddb06fcdbd
Sha256: 0935447866da8ca59df7d65710e0b68377a6dbc62c761e83ebfc83998f905788
                                        
                                            GET /cgi-bin/sync.cgi?ssp_id=43&external_id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: ssp.adriver.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.209.111.13
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 21 Sep 2022 10:41:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9135
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 10:41:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9135
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 10:41:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9135
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 10:41:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9135
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 10:41:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9135
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 10:41:19 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12654
x-amzn-requestid: efc99152-2b51-462d-b48b-67ba8263b1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOGVYoAMFcvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-00eeb6913e06ac151f293263;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wK03Lqow6u4lrQ3QI21klXXHGZqbKYathhCO87k0rZWBbF8o5YYjXw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:05:16 GMT
age: 12963
etag: "d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12654
Md5:    f7b780d39877eea116277625aaa01f1b
Sha1:   d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db
Sha256: ca9d59056e0a3f512d36db11f4a4bd3109c2ce1e13b29b5f40dce84df079e71f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 14:38:21 GMT
age: 72178
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10244
Md5:    14e6ddceb639a5f4875aecb796f95c79
Sha1:   b1cd04a66852694284eeef16a1cde38896e33c03
Sha256: 4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:43:18 GMT
age: 46681
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9201
Md5:    a692964324dbb9c460a1b855808d02e6
Sha1:   1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
Sha256: 3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8826
x-amzn-requestid: cf0c711e-4ec9-4f87-a60f-41374262a114
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYweUHIyoAMFYQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202df5-17ad5d4e25a754586e531d05;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:15:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OEbpCQXLpTCDZH4OlzVvvsc-bSgbsIoXRgX6f-nKVwJTL5-SVTCHeA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:56:09 GMT
age: 45910
etag: "344c6000dbdafdb5105edc93a082d640c3e95ddc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8826
Md5:    4eb6d1b35f680bfec656941b6167fd23
Sha1:   344c6000dbdafdb5105edc93a082d640c3e95ddc
Sha256: 67fc85fa0f1a55d57ab9db6f4c723fb9116ef3b2c5282dbdd42d9c37396bd7b9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rq4QHCD4EubBKHyCj7jyKqpct5d7U33TvNufqj_w8mWunqQsouoh7w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:21:54 GMT
age: 44365
etag: "09bd3300d710c3212483159f8398b84cde09da26"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7507
Md5:    4d98acc059a69d51165fb5e0c7430ea3
Sha1:   09bd3300d710c3212483159f8398b84cde09da26
Sha256: 6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6897
x-amzn-requestid: 280a2e44-c21a-4d78-991b-3328e816d045
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YwWSpE0SoAMFaxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63299daa-55cb53491be78c4d5bed0462;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 11:02:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eNkM22Xu--qgJdsrH-UrTG5-Ie4nAsyLjiMaJ5ZKIz0bbw7cYrvFjw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 02:18:26 GMT
age: 30173
etag: "91df60162a8322469cada0dd8eb93619f28aec1a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6897
Md5:    8bae3a7a80ff40df1d701dfc925ddeff
Sha1:   91df60162a8322469cada0dd8eb93619f28aec1a
Sha256: fab10c7ad4658bc191621d9f2042236a7b6e34448ce5215dde5b8d6a64b52952
                                        
                                            GET / HTTP/1.1 
Host: tech.rtb.mts.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         213.87.44.187
HTTP/1.1 204 No Content
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 10:41:19 GMT
Connection: keep-alive
Set-Cookie: mts_id=7a0a164a-8199-4feb-b49f-3ea44b04d1dd; Domain=mts.ru; expires=Fri, 30 Jul 2032 10:41:19 GMT; SameSite=None; Secure mts_id_last_sync=1663756879; Domain=mts.ru; expires=Fri, 30 Jul 2032 10:41:19 GMT; SameSite=None; Secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7828B1F22ADDC2B108044B4A9B79AC64543AD2899C882B01413983739FD571DA"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10980
Expires: Wed, 21 Sep 2022 13:44:19 GMT
Date: Wed, 21 Sep 2022 10:41:19 GMT
Connection: keep-alive

                                        
                                            GET /1/1093/i/i?i=995872473354382.760068391466566&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1 
Host: dmg.digitaltarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.15.175.145
HTTP/1.1 307 Temporary Redirect
                                        
Server: nginx
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=995872473354382.760068391466566&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=IZGzNbPamUpkkik7ul-l; Max-Age=93312000; Expires=Fri, 05 Sep 2025 10:41:19 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

                                        
                                            GET /1/1093/i/i?i=995872473354382.744254662777799&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1 
Host: dmg.digitaltarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.15.175.145
HTTP/1.1 307 Temporary Redirect
                                        
Server: nginx
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=995872473354382.744254662777799&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=qgGttyoad0xmyo77H5mA; Max-Age=93312000; Expires=Fri, 05 Sep 2025 10:41:19 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

                                        
                                            GET /awg/custom/1093/i/i?call_source=awg&i=995872473354382.744254662777799&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1 
Host: dmg.digitaltarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.15.175.145
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 2
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   64
Md5:    ffd585dfb1ac6320633a0be46d579437
Sha1:   5a6033d23bc9cd5d1de9ee61de69a44428086dcb
Sha256: df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
                                        
                                            GET /awg/custom/1093/i/i?call_source=awg&i=995872473354382.760068391466566&a=77&e=89B803C14DEA2A63DC036C67029CA6F2&pref=http%3A%2F%2Fwww.chersonesos.org%2F&c=ss:77.up:89B803C14DEA2A63DC036C67029CA6F2.sync:up.xdua:duUPXJ4Lk_XT1e1TNVKpNys8.xps:xpsemaSpgFp9bvweLR5e5EFtV.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1 
Host: dmg.digitaltarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.15.175.145
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 21 Sep 2022 10:41:19 GMT
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 2
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   64
Md5:    ffd585dfb1ac6320633a0be46d579437
Sha1:   5a6033d23bc9cd5d1de9ee61de69a44428086dcb
Sha256: df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
                                        
                                            GET /ping/?v=0.4.0&uid=bdec349b-015c-4f17-9038-1d3c7014bf26&dp=10&tz=%2B00%3A00&nc=99927179&dT=2022-09-21T10%3A41%3A20.595 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chersonesos.org/

                                         
                                         185.12.125.26
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: openresty
Date: Wed, 21 Sep 2022 10:41:20 GMT
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/ping/?v=0.4.0&uid=bdec349b-015c-4f17-9038-1d3c7014bf26&dp=10&tz=%2B00%3A00&nc=99927179&dT=2022-09-21T10%3A41%3A20.595


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   142
Md5:    82c98e8e012b79c922655461171cc2fa
Sha1:   0828d79135573276005b04be42d79a8a3291292b
Sha256: 745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
                                        
                                            GET /ping/?v=0.4.0&uid=bdec349b-015c-4f17-9038-1d3c7014bf26&dp=10&tz=%2B00%3A00&nc=99927179&dT=2022-09-21T10%3A41%3A20.595 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.chersonesos.org/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMq6k1nbAPc8qacAsyY6dczrzh47ida5ymfcd+P+N92; cSyncDp7v2=1663756877; cSyncDp14v3=1663756877; cSyncDp17=1663756877; cSyncDp32=1663756877; cSyncDp45v3=1663756877; cSyncDp53=1663756877; cSyncDp54v2=1663756877; cSyncDp62=1663756877; cSyncDp67v2=1663756877; cSyncDp68=1663756877; cSyncDp71=1663756877; cSyncDp77=1663756877; cSyncDp84=1663756877; cSyncDp85=1663756877; cSyncDp95v3=1663756877; cSyncDp101=1663756877; cSyncDp104v2=1663756877; cSyncDp107=1663756877; cSyncDp110=1663756877; cSyncDp111v2=1663756877; cSyncDp112v2=1663756877; cSyncDp125v2=1663756877; cSyncDp126=1663756877; cSyncDp127=1663756877; cSyncDp129=1663756877; cSyncDp136v2=1663756877; cSyncDp138=1663756877; cSyncDp144=1663756877; cSyncDp146=1663756877; cSyncDp148=1663756877; cSyncDp149=1663756877; cSyncDp151=1663756877; cSyncDp178=1663756877; cSyncDp179=1663756877; cSyncDp186=1663756877; cSyncDp221=1663756877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Wed, 21 Sep 2022 10:41:20 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /mapuid/sapeis/89B803C14DEA2A63DC036C67029CA6F2?redir-setuniq=1 HTTP/1.1 
Host: an.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         213.180.193.90
HTTP/2 200 OK
content-type: image/gif; charset=utf-8
                                        
timing-allow-origin: *
date: Wed, 21 Sep 2022 10:41:19 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21 Sep 2022 10:41:19 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 21 Sep 2022 10:41:19 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /match/sape?id=89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: dmp.gotechnology.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.132.209.136
HTTP/2 408 Request Timeout
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Wed, 21 Sep 2022 10:41:18 GMT
content-length: 15
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /mapuid/sapeis/89B803C14DEA2A63DC036C67029CA6F2 HTTP/1.1 
Host: an.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         213.180.193.90
HTTP/2 302 Found
                                        
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/89B803C14DEA2A63DC036C67029CA6F2?redir-setuniq=1
date: Wed, 21 Sep 2022 10:41:19 GMT
set-cookie: yandexuid=8772509341663756879; domain=.yandex.ru; path=/; expires=Sat, 18-Sep-2032 10:41:19 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21 Sep 2022 10:41:19 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 21 Sep 2022 10:41:19 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---