Overview

URL obzor48.ru/
IP92.53.96.125
ASNTimeWeb Ltd.
Location Russia
Report completed2022-09-20 17:50:21 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-20 2 obzor48.ru/ Malware
2022-09-20 2 obzor48.ru/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.2.1 Malware
2022-09-20 2 obzor48.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 Malware
2022-09-20 2 obzor48.ru/wp-content/themes/Newspaper/style.css?ver=10.3.6.1 Malware
2022-09-20 2 obzor48.ru/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8 Malware
2022-09-20 2 obzor48.ru/wp-includes/js/underscore.min.js?ver=1.8.3 Malware
2022-09-20 2 obzor48.ru/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload. (...) Malware
2022-09-20 2 obzor48.ru/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_le (...) Malware
2022-09-20 2 obzor48.ru/wp-includes/js/comment-reply.min.js?ver=5.4.11 Malware
2022-09-20 2 obzor48.ru/wp-content/plugins/td-cloud-library/assets/css/tdb_less_front.cs (...) Malware
2022-09-20 2 obzor48.ru/wp-includes/js/wp-emoji-release.min.js?ver=5.4.11 Malware
2022-09-20 2 obzor48.ru/ Malware
2022-09-20 2 obzor48.ru/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_stan (...) Malware
2022-09-20 2 obzor48.ru/wp-content/plugins/revslider/public/assets/js/jquery.themepunch. (...) Malware
2022-09-20 2 obzor48.ru/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme. (...) Malware
2022-09-20 2 obzor48.ru/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front (...) Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafefram (...)
IP  87.250.251.119
Magic gzip compressed data, max compression\012- data
Size 1121
MD5 7ba9ad663d708bacf0304492d2726851
SHA1 bffb5044acc7f49700a19447834bb949bbe2bea0
SHA256 3c0cd756f14733dbf14543b1fbde9d78c7ad5be09fb5249cae74aea179222b77
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (70)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS sm.rtb.mts.ru (2) 27154 2019-03-26 14:10:01 UTC 2022-09-20 14:54:48 UTC 217.66.147.164
mnemonic passive DNS yastatic.net (8) 72282 2014-03-11 07:15:28 UTC 2022-09-20 13:21:33 UTC 178.154.131.215
mnemonic passive DNS sync.dmp.otm-r.com (1) 19534 2017-02-03 07:19:51 UTC 2022-09-20 12:49:26 UTC 88.99.28.61
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-20 17:35:13 UTC 143.204.55.115
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-20 15:51:03 UTC 142.250.74.10
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-09-20 04:47:45 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS acint.net (2) 22962 2014-02-14 21:23:16 UTC 2022-09-20 13:44:51 UTC 176.9.9.10
mnemonic passive DNS s.uuidksinc.net (1) 3423 2015-07-20 12:00:35 UTC 2022-09-20 12:49:26 UTC 31.220.27.134
mnemonic passive DNS cs.agency2.ru (1) 0 2022-04-29 14:24:02 UTC 2022-09-20 13:44:49 UTC 23.111.107.44 Unknown ranking
mnemonic passive DNS px.adhigh.net (2) 10272 2013-01-03 21:02:08 UTC 2022-09-20 12:45:04 UTC 194.190.76.38
mnemonic passive DNS avatars.mds.yandex.net (4) 6545 2014-12-15 11:43:59 UTC 2022-09-20 13:21:34 UTC 87.250.247.183
mnemonic passive DNS mediatoday.ru (1) 136083 2013-05-20 20:53:32 UTC 2022-09-20 14:54:48 UTC 139.45.228.100
mnemonic passive DNS status.geotrust.com (1) 3662 2017-12-01 08:55:31 UTC 2022-09-20 10:18:22 UTC 93.184.220.29
mnemonic passive DNS ssp.adriver.ru (1) 12439 2014-01-10 13:39:33 UTC 2022-09-20 14:54:48 UTC 195.209.111.4
mnemonic passive DNS 0a0909b053fd2963c1002e210209a16d-sp.ops.beeline.ru (1) 0 No data No data 37.9.245.57 Domain (beeline.ru) ranked at: 20964
mnemonic passive DNS adlmerge.com (1) 146521 2017-04-06 07:10:27 UTC 2022-09-20 14:54:49 UTC 95.211.66.35
mnemonic passive DNS ssp-rtb.sape.ru (1) 31166 2016-02-02 17:01:03 UTC 2022-09-20 13:44:39 UTC 193.3.184.130
mnemonic passive DNS status.thawte.com (1) 5123 2017-11-27 12:33:51 UTC 2022-09-20 10:19:59 UTC 93.184.220.29
mnemonic passive DNS log.strm.yandex.ru (1) 17573 2018-03-28 21:12:20 UTC 2022-09-20 13:26:11 UTC 87.250.251.15
mnemonic passive DNS ocsp.pki.goog (18) 175 2017-06-14 07:23:31 UTC 2022-09-20 04:47:45 UTC 142.250.74.3
mnemonic passive DNS nr.bidderstack.com (1) 352019 2019-02-11 14:43:50 UTC 2022-09-20 14:54:48 UTC 148.251.217.100
mnemonic passive DNS ocsp.globalsign.com (14) 2075 2012-05-25 06:20:55 UTC 2022-09-20 10:16:44 UTC 104.18.21.226
mnemonic passive DNS fcgi4.gnezdo.ru (1) 69027 2020-06-11 12:55:54 UTC 2022-09-20 13:44:47 UTC 93.95.102.105
mnemonic passive DNS ads.adlook.me (1) 43352 2018-11-28 12:50:19 UTC 2022-09-20 14:54:48 UTC 5.101.76.186
mnemonic passive DNS sync.1dmp.io (2) 10017 2016-02-09 11:52:58 UTC 2022-09-20 14:54:24 UTC 95.216.101.186
mnemonic passive DNS www.google.no (6) 25607 2016-04-05 19:50:59 UTC 2022-09-20 09:43:46 UTC 142.250.74.3
mnemonic passive DNS yandex.ru (1) 671 2012-05-21 21:15:36 UTC 2022-09-20 12:14:10 UTC 77.88.55.77
mnemonic passive DNS a.utraff.com (1) 39874 2020-01-25 04:23:15 UTC 2022-09-20 14:54:48 UTC 104.21.59.66
mnemonic passive DNS ssp.bidvol.com (1) 31817 2020-02-22 12:37:29 UTC 2022-09-20 13:44:39 UTC 65.109.23.99
mnemonic passive DNS ads.betweendigital.com (4) 1571 2012-10-30 05:08:04 UTC 2022-09-20 12:26:54 UTC 188.42.191.196
mnemonic passive DNS www.acint.net (12) 29072 2014-02-14 21:23:16 UTC 2022-09-20 17:23:51 UTC 176.9.9.10
mnemonic passive DNS ssp.bestssp.com (1) 90974 2017-06-10 08:55:20 UTC 2022-09-20 14:54:48 UTC 185.147.80.35
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-20 17:37:01 UTC 34.120.237.76
mnemonic passive DNS ocsp.sectigo.com (4) 487 2018-12-17 11:31:55 UTC 2022-09-20 11:08:08 UTC 104.18.32.68
mnemonic passive DNS ocsp.godaddy.com (2) 698 2012-05-20 19:28:57 UTC 2022-09-20 09:29:00 UTC 192.124.249.41
mnemonic passive DNS ocsp.usertrust.com (1) 899 2012-05-21 15:43:18 UTC 2022-09-20 10:15:42 UTC 104.18.32.68
mnemonic passive DNS de1d95c6-8b12-4792-aa36-e3dbce6a3680.sync.upravel.com (1) 0 No data No data 136.243.48.22 Domain (upravel.com) ranked at: 27764
mnemonic passive DNS sync.republer.com (1) 45392 2015-04-29 11:49:27 UTC 2022-09-20 14:54:48 UTC 23.88.82.46
mnemonic passive DNS sync.upravel.com (2) 28097 2017-05-29 09:13:46 UTC 2022-09-20 14:54:48 UTC 148.251.78.49
mnemonic passive DNS stat.adlabs.ru (1) 200922 2012-07-23 15:58:30 UTC 2022-09-20 14:54:48 UTC 109.248.237.36
mnemonic passive DNS exchange.buzzoola.com (1) 18389 2014-10-17 15:20:27 UTC 2022-09-20 13:58:37 UTC 168.119.9.59
mnemonic passive DNS tech.rtb.mts.ru (1) 27360 2017-04-17 12:41:30 UTC 2022-09-20 14:54:50 UTC 213.87.44.187
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-20 05:19:24 UTC 143.204.55.49
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-20 13:04:07 UTC 93.184.220.29
mnemonic passive DNS redirect.frontend.weborama.fr (1) 8348 2017-05-04 15:00:27 UTC 2022-09-20 12:49:26 UTC 35.190.24.218
mnemonic passive DNS strm-ams04.strm.yandex.net (1) 536250 2020-02-12 18:57:34 UTC 2022-09-18 16:38:27 UTC 5.45.247.244
mnemonic passive DNS ut.rktch.com (1) 41215 2018-06-04 10:29:18 UTC 2022-09-20 14:54:48 UTC 89.108.97.2
mnemonic passive DNS ad.adriver.ru (2) 19548 2012-08-31 17:10:27 UTC 2022-09-20 11:11:09 UTC 195.209.108.38
mnemonic passive DNS ad.mail.ru (1) 7643 2012-06-22 19:38:09 UTC 2022-09-20 10:20:09 UTC 95.163.41.56
mnemonic passive DNS tag.digitaltarget.ru (2) 98193 2015-07-21 14:24:58 UTC 2022-09-20 14:55:06 UTC 185.15.175.144
mnemonic passive DNS googleads.g.doubleclick.net (5) 42 2021-02-20 15:43:32 UTC 2022-09-20 13:36:28 UTC 216.58.207.226
mnemonic passive DNS r3.o.lencr.org (16) 344 2020-12-02 08:52:13 UTC 2022-09-20 04:47:05 UTC 23.36.77.32
mnemonic passive DNS an.yandex.ru (18) 2577 No data No data 77.88.21.90
mnemonic passive DNS favicon.yandex.net (1) 9338 2017-01-29 09:03:57 UTC 2022-09-20 10:20:13 UTC 87.250.250.36
mnemonic passive DNS www.googleadservices.com (3) 107 2012-07-21 05:05:30 UTC 2022-09-20 15:22:14 UTC 142.250.74.66
mnemonic passive DNS www.google.com (6) 7 2016-08-04 12:36:31 UTC 2022-09-20 07:44:02 UTC 142.250.74.164
mnemonic passive DNS obzor48.ru (81) 0 2014-12-19 00:22:25 UTC 2022-09-19 17:51:12 UTC 92.53.96.125 Unknown ranking
mnemonic passive DNS dm-eu.hybrid.ai (1) 28847 2021-01-25 11:48:59 UTC 2022-09-20 14:54:48 UTC 37.18.103.16
mnemonic passive DNS mc.yandex.ru (13) 2672 2017-01-29 05:34:36 UTC 2022-09-20 15:11:38 UTC 87.250.251.119
mnemonic passive DNS strm.yandex.ru (1) 14701 2017-01-30 15:19:59 UTC 2022-09-20 13:33:41 UTC 87.250.254.45
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-20 04:47:04 UTC 34.117.237.239
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-20 05:36:22 UTC 35.165.143.157
mnemonic passive DNS sape-sync.rutarget.ru (1) 173587 2018-08-07 14:11:47 UTC 2022-09-20 14:54:48 UTC 178.170.196.247
mnemonic passive DNS x01.aidata.io (2) 12188 2016-03-31 15:36:46 UTC 2022-09-20 14:54:24 UTC 89.108.120.76
mnemonic passive DNS dmg.digitaltarget.ru (4) 21471 2015-04-23 14:50:51 UTC 2022-09-20 12:49:28 UTC 185.15.175.133
mnemonic passive DNS sync.bumlam.com (2) 3243 2015-08-10 21:04:25 UTC 2022-09-20 14:54:48 UTC 31.172.81.159
mnemonic passive DNS match.new-programmatic.com (1) 33613 2020-02-18 20:50:06 UTC 2022-09-20 13:58:37 UTC 217.65.2.150
mnemonic passive DNS cm.g.doubleclick.net (1) 202 2013-05-30 23:19:45 UTC 2022-09-20 16:06:02 UTC 216.58.207.194
mnemonic passive DNS ocsp2.globalsign.com (2) 1544 2012-05-21 07:12:19 UTC 2022-09-20 10:20:11 UTC 104.18.20.226
mnemonic passive DNS sync.adkernel.com (1) 4993 2017-04-19 09:25:22 UTC 2022-09-20 14:54:48 UTC 77.245.57.72


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 92.53.96.125

Date UQ / IDS / BL URL IP
2022-09-20 17:50:21 +0000
0 - 0 - 16 obzor48.ru/ 92.53.96.125

Last 5 reports on ASN: TimeWeb Ltd.

Date UQ / IDS / BL URL IP
2022-12-01 11:24:56 +0000
0 - 0 - 1 cl29183.tmweb.ru/ 5.23.51.23
2022-12-01 08:38:13 +0000
0 - 0 - 2 www.stroyfirm.ru/redir.php?tourl=lifelineketo.com 92.53.96.244
2022-12-01 05:05:15 +0000
0 - 0 - 9 trikitatlt.ru/ 92.53.96.242
2022-12-01 04:49:42 +0000
0 - 0 - 1 nd-58.ru/wp-content/plugins/super-forms/uploa (...) 92.53.96.112
2022-11-30 23:32:56 +0000
0 - 0 - 3 grammarlycheck2.com/bc6w9o/index/b1/?serverna (...) 85.193.83.110

Last 1 reports on domain: obzor48.ru

Date UQ / IDS / BL URL IP
2022-09-20 17:50:21 +0000
0 - 0 - 16 obzor48.ru/ 92.53.96.125

No other reports with similar screenshot



JavaScript

Executed Scripts (59)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 1391, repeated: 1) - SHA256: 060f6b753d3f8095ba9d8e9a776e6b0bfb667d4e5593752bbf03c275165e20e7

                                        < script > "use strict";
var p = ["https://yastatic.net/q/set/s/rsya-tag-users/bundle.js"],
    m = /^(?:(?:https?:)?\/\/)?(?:an\.)?yandex\.[a-z]+\//gi,
    t = window.parent;
window.addEventListener("message", function(e) {
    if ("string" == typeof e.data) try {
        t = JSON.parse(e.data)
    } catch (e) {
        return
    } else t = e.data;
    var t = (e = t || {}).name,
        n = e.namespace,
        a = e.days,
        r = e.urls,
        o = e.adblockCountToXhr,
        i = e.countToXhr,
        e = e.bundle,
        s = "load_image" === t || "load_script" === t,
        n = function(e, t) {
            if (t && e) {
                e = "".concat(e, "=1");
                if (-1 !== document.cookie.indexOf(e)) return !1;
                var t = 86400 * t * 1e3,
                    n = new Date,
                    n = new Date(Number(n) + t).toUTCString();
                document.cookie = "".concat(e, "; expires=").concat(n, "; SameSite=None; Secure")
            }
            return !0
        }(n, a),
        a = Array.isArray(r) && 0 < r.length;
    if (s && n && a)
        if ("load_image" === t)
            for (var c = r, d = o, u = i, f = e, l = 0; l < c.length; l++)(u && m.test(c[l]) || "adblock" === f && d ? function(e) {
                var t = new XMLHttpRequest;
                t.open("GET", e, !0), t.withCredentials = !0, t.send()
            } : function(e) {
                (new Image).src = e
            })(c[l]);
        else "load_script" === t && r.filter(function(e) {
            return p.includes(e)
        }).forEach(function(e) {
            return e = e, (t = document.createElement("script")).src = e, void document.body.appendChild(t);
            var t
        })
});

function n(e) {
    "pagehide" === e.type && e.persisted || a || (a = !0, t.postMessage({
        name: "CONFIRM_FRAME_UNLOADED"
    }, "*"))
}
var a = !1;
["beforeunload", "pagehide", "unload"].forEach(function(e) {
    return window.addEventListener(e, n)
}), t.postMessage({
    name: "CONFIRM_FRAME_READY"
}, "*"); < /script>
                                    


HTTP Transactions (290)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         92.53.96.125
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx/1.14.1
Date: Tue, 20 Sep 2022 17:50:09 GMT
Content-Length: 185
Connection: keep-alive
Location: https://obzor48.ru/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   185
Md5:    a107aba61c93cdf7882a9c6750a4b8fc
Sha1:   8b9bea8c8373e3f0386e14134443c1873e3cf219
Sha256: 69758c97903bb258a8ccdea130baf19bb258861c475667b5320454d143bcbd3a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Backoff, Retry-After, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 17:13:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qfcq4iG5iZhbwCwfYfc_RnTcmVagaBMoKXOEg2WlLaV3Ru19v2bqXw==
Age: 2218


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    804f8bbb7f556d51a5f52d5ebd5b6eef
Sha1:   922cd7e06df278615a04abb81d811d14596c8180
Sha256: ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10185
Expires: Tue, 20 Sep 2022 20:39:54 GMT
Date: Tue, 20 Sep 2022 17:50:09 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: F8zN9CBp7vMnW0EHp-iY1bseXthoe2KGBsTusX8C3Nzxu9YOwf2xoQ==
age: 47696
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 20 Sep 2022 17:50:09 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9D1F1C1B30A9919CE12984FD61C78975275ED73D7385ABFDDE59D8FB23B3A5AF"
Last-Modified: Mon, 19 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 20 Sep 2022 23:50:10 GMT
Date: Tue, 20 Sep 2022 17:50:10 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 20 Sep 2022 17:03:22 GMT
Expires: Tue, 20 Sep 2022 17:30:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fgojceuIundIMF0uDkaLry3nfCdmxYFQsCBOHnL38FWhXAATqPXQZQ==
Age: 2808


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5143
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 17:50:10 GMT
Last-Modified: Tue, 20 Sep 2022 16:24:28 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NxFnxsjlAI0j0y8GWalWeA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.165.143.157
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7pwTLVpl9DNTbmlQa9EAnsufIvA=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 17:50:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 17:50:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.2.1 HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: application/x-javascript
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
last-modified: Tue, 11 Aug 2020 05:50:36 GMT
vary: Accept-Encoding
etag: W/"5f3231ac-3719"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   4369
Md5:    6708b9d1117d039dfc908a0091b8a5b0
Sha1:   3ad7a924aa3d236fd8425f7b577cd5756535b91f
Sha256: 39bba7dba37fa27576f10a881e89bd325f7bd07645b8e1a54e0e0946f1e07600

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=5.4.11 HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: application/x-javascript
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
last-modified: Thu, 15 Apr 2021 21:15:20 GMT
vary: Accept-Encoding
etag: W/"6078ace8-592"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1268
Md5:    02e2e74dd9aff5550cfe724b915f1c19
Sha1:   d72f4f58df2bf9346ab48eb6187f50e07a7d14b9
Sha256: f4f7dde57dd8f0c68c08829416718ba714981e25fe0ecaa5c71efb7582b6b659
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: application/x-javascript
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
last-modified: Tue, 12 Feb 2019 06:42:06 GMT
vary: Accept-Encoding
etag: W/"5c626abe-2748"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   4486
Md5:    083e9f84625b7658ce415735214e6b17
Sha1:   a144643d37cc6ff4a1e3a7c443660b69abb87ae8
Sha256: c6db4cf122cf9c93e15795498020bed39835fbe97eb407b275bf20c170ffc750

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.6.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 17:50:11 GMT
date: Tue, 20 Sep 2022 17:50:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16779
Md5:    69993998be80ead5068d9a4543da5e80
Sha1:   a66b24825f570e12a0a1445160a8d3e3257b129b
Sha256: 427987cde1f0b22e218df87f69040e7ba0554a8d50ae48a5a987ec99a48d25a7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 17:50:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 17:50:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 17:50:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/Newspaper/style.css?ver=10.3.6.1 HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
last-modified: Tue, 11 Aug 2020 05:51:28 GMT
vary: Accept-Encoding
etag: W/"5f3231e0-26091"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   35320
Md5:    4df5f04fe9bb82bf116ce6c83efa02b0
Sha1:   3dd7bd135e9cd0682903704181dc22664a569669
Sha256: 8c0fa954d457f1fc85e94821e07d4413587503e86cc457a21b7b7da9d73469d2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://obzor48.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 08:31:01 GMT
expires: Wed, 20 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 33550
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            GET /wp-content/plugins/td-newsletter/style.css?ver=10.3.6.1 HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
last-modified: Tue, 11 Aug 2020 05:52:05 GMT
vary: Accept-Encoding
etag: W/"5f323205-1968"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   11228
Md5:    8e164b1f622066ede46fc55a908e68e7
Sha1:   0c98311910e03fd46581c9a343029510e546a462
Sha256: 5bfda32612afc29bbfef9ac50248c8f9aa4eb225e3a2a18cd8b04f73fd5cc50f
                                        
                                            GET /wp-content/uploads/2019/02/logo-1.png HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 8982
last-modified: Tue, 12 Feb 2019 06:42:00 GMT
etag: "5c626ab8-2316"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 272 x 81, 8-bit/color RGBA, non-interlaced\012- data
Size:   8982
Md5:    87bcfcff01803c9a0aa89f2f6d844b42
Sha1:   23bf1a9fecad79700f85f86d747570fd6939dd42
Sha256: 0f98f648ff41936498d9c3567bdb7b7621820f7738c9dfb1da3615d3d7b89a78
                                        
                                            GET /wp-content/uploads/2019/02/logomob.png HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 4546
last-modified: Tue, 12 Feb 2019 06:41:59 GMT
etag: "5c626ab7-11c2"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 140 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size:   4546
Md5:    213a5b055fabfd17d633a005f27408f6
Sha1:   4fe2b1f99bb0cc012c2ed02d261af56c906d99a2
Sha256: cb5ce29e22aa6ea2315fb56611a9a9a4e7f42698511fb538c63b75b35454ceff
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://obzor48.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:56 GMT
expires: Thu, 14 Sep 2023 19:34:56 GMT
cache-control: public, max-age=31536000
age: 512115
last-modified: Wed, 11 May 2022 19:24:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Size:   9840
Md5:    7b08b9e11fc6b8a8a1398b357e874144
Sha1:   4b5fb5790fae1c96655aaa7a426b697f5ab986d0
Sha256: 3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=5.4.11 HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
last-modified: Wed, 29 Apr 2020 23:50:20 GMT
vary: Accept-Encoding
etag: W/"5eaa12bc-d159"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   23485
Md5:    120be7718ee891f635221be6e8703a64
Sha1:   0c1637b65ca0d341a21d2a83450a919ebea8be45
Sha256: 8d59f1e81326e877697da1993ea426ae10aa8bb3c5340ae2e23404f47624ce97
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.2.1 HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
last-modified: Tue, 11 Aug 2020 05:50:36 GMT
vary: Accept-Encoding
etag: W/"5f3231ac-780"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   26967
Md5:    f9e3a39044a324a87fb766b968108db9
Sha1:   a15d1739bbf85abec0fbcd3ae19b6cc9ef1f7c35
Sha256: 472a27b78abeba925e165e34bf393daffbe126b58df1e88c2120c29bbfb7775e
                                        
                                            GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8 HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
last-modified: Tue, 12 Feb 2019 06:42:03 GMT
vary: Accept-Encoding
etag: W/"5c626abb-9b46"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   25274
Md5:    9760f006ad5971afa2e136bacec2592e
Sha1:   0ddf68f577bdca63fe5ae3eee0e35fbbd1edfe6d
Sha256: ff403fd56962b91050f071a2fdda56d5fd3f866afe192c2a49849c81333bbfe5

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /aci.js HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         176.9.9.10
HTTP/2 200 OK
content-type: application/x-javascript
                                        
server: openresty
date: Tue, 20 Sep 2022 17:50:11 GMT
content-length: 7461
last-modified: Wed, 08 Jun 2022 16:58:23 GMT
etag: "62a0d52f-1d25"
content-encoding: gzip
expires: Wed, 21 Sep 2022 05:50:11 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1408)
Size:   7461
Md5:    ae0aab6c5a2ae2e1168e74f6e6ae4741
Sha1:   2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
Sha256: a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de
                                        
                                            GET /wp-content/uploads/2020/08/530A0784-218x150.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 12441
last-modified: Mon, 24 Aug 2020 06:05:21 GMT
etag: "5f4358a1-3099"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=ACDSee Ultimate 2019, datetime=2020:08:21 19:45:41], baseline, precision 8, 218x150, components 3\012- data
Size:   12441
Md5:    f730268c8381ae53e9d838bc8f87feae
Sha1:   a30a149e7002b2245769700b387f4c9611d90b02
Sha256: 09e6cd6515a640f24ab51f881cd71f5b4cefd1ca98d491e712693b21f03b16a7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 17:50:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/2020/08/2D4A0388-218x150.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 9575
last-modified: Mon, 24 Aug 2020 06:03:42 GMT
etag: "5f43583e-2567"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 218x150, components 3\012- data
Size:   9575
Md5:    42546db7e65462638fd50e78f35c93af
Sha1:   1932cc7dfb2d26d36da05d35ae62e32a0824e8f3
Sha256: 8f58f8bb7565536ac832df82383f140cec070547d7e9fe5fba50e12706104995
                                        
                                            GET /wp-content/uploads/2020/07/3_1980-218x150.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 11346
last-modified: Tue, 14 Jul 2020 06:01:08 GMT
etag: "5f0d4a24-2c52"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=ACDSee Ultimate 2019, datetime=2020:07:13 06:34:46], baseline, precision 8, 218x150, components 3\012- data
Size:   11346
Md5:    4569f25afa3a87b08c18e226b0f009c6
Sha1:   cb3f9d85cd59d8df236ef897cee304f22470d863
Sha256: 962fa122c73124c5e2615f917103f721f42124c1529030729f3cbbab8d4a20bf
                                        
                                            GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: application/x-javascript
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
last-modified: Thu, 15 Apr 2021 21:15:20 GMT
vary: Accept-Encoding
etag: W/"6078ace8-3ead"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   11611
Md5:    09864a770ba2309ba788898008a5b455
Sha1:   8b26a1e7df5c4242f5ea72cec83529ed4b2b8fcc
Sha256: 36c9a3934d57e83e5eb23afca6f1de213694a2f608dc4b52f4ac964bd0d50b25

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2019/01/8.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

                                         
                                         92.53.96.125
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx/1.14.1
Date: Tue, 20 Sep 2022 17:50:11 GMT
Content-Length: 185
Connection: keep-alive
Location: https://obzor48.ru/wp-content/uploads/2019/01/8.jpg
Expires: Fri, 21 Oct 2022 17:50:11 GMT
Cache-Control: max-age=2678400


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   185
Md5:    a107aba61c93cdf7882a9c6750a4b8fc
Sha1:   8b9bea8c8373e3f0386e14134443c1873e3cf219
Sha256: 69758c97903bb258a8ccdea130baf19bb258861c475667b5320454d143bcbd3a
                                        
                                            GET /hit/?v=0.4.0&uid=f73435f9-e2cb-479a-94a9-52b80e8ce314&dp=10&tz=%2B00%3A00&nc=54426080&u=https%3A%2F%2Fobzor48.ru%2F&r=&rs=1280x1024&t=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B0%20%D0%9B%D0%B8%D0%BF%D0%B5%D1%86%D0%BA%D0%B0%20%D0%B8%2048%20%D1%80%D0%B5%D0%B3%D0%B8%D0%BE%D0%BD%D0%B0%20%D0%B7%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20-%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20Obzor48&oE=1&oP=1&dT=2022-09-20T17%3A50%3A11.955&fu=bcafdd5e-47ff-43e0-a4a4-bca7f8b8f2d8 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         176.9.9.10
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Tue, 20 Sep 2022 17:50:11 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=LgR5GmMp/VNAjACwH7LYAojNk8RMkR0sTYuLzRb0ZQi+A4Gv; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /mc/?dp=10 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         176.9.9.10
HTTP/2 302 Found
content-type: text/html
                                        
server: openresty
date: Tue, 20 Sep 2022 17:50:11 GMT
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Tue, 20-Sep-22 18:00:11 GMT aid=sAkJCmMp/VMhLgDBbaEJAh4/vOQw0G4CHC3rbRYj9wWLJb2c; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   154
Md5:    cfbeaf604823f038b8b46f0ac862b98c
Sha1:   7b9eb1dac48e74fa5f418bc456cb410f88b81d98
Sha256: 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
                                        
                                            GET /wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=a336a33b491e4d82f056f6bf77847b68 HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: application/x-javascript
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
last-modified: Tue, 11 Aug 2020 05:51:47 GMT
vary: Accept-Encoding
etag: W/"5f3231f3-13f5"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   22197
Md5:    2fae25a0870a25080060c9d13ecf3f41
Sha1:   e2f5f6b8ca3e9aff4d81403c3a6e5987d7269fa5
Sha256: 719aba198c6e5bf8c6d0669a4f5b131ac1e7a1580a1554c395979e72f6eea3aa

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1879
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 17:50:12 GMT
Last-Modified: Tue, 20 Sep 2022 17:18:53 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=1a221c8450bc290d78da968c50c142a1 HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
last-modified: Tue, 11 Aug 2020 05:51:37 GMT
vary: Accept-Encoding
etag: W/"5f3231e9-10e72"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   133585
Md5:    f14798cfc3de46a28adacb1ae573c1b5
Sha1:   dfe96a9bebc73601f47cf56a03a89eab79cb64ed
Sha256: 4eaa2307017ad4525e8980c922c938416f64909c984a4db4c3b93cf6e5d7b0d7
                                        
                                            GET /match?id=106&vid=0A0909B053FD2963C1002E210209A16D HTTP/1.1 
Host: dm-eu.hybrid.ai
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.18.103.16
HTTP/2 204 No Content
                                        
date: Tue, 20 Sep 2022 17:50:12 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=f6adceab15670209114e; expires=Wed, 20 Sep 2023 17:50:11 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 505
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2

                                        
                                            GET /sync?ssp=sape HTTP/1.1 
Host: a.utraff.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.59.66
HTTP/2 204 No Content
content-type: text/plain
                                        
date: Tue, 20 Sep 2022 17:50:12 GMT
set-cookie: preutid=1; Expires=Thu, 20 Oct 2022 20:50:12 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/ preutid=1; Expires=Thu, 20 Oct 2022 20:50:12 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NC9juR%2Fe1SorxpZZThKx3KjeBqnwwpzYxT1GIZdMQaeThST7U9%2BSHcwQdHdLiOVpo%2BIFUws3VnDyG%2FPreou1YBmxy%2FSTFLflsbFGlU4froMhZgySXADmQY5Px2LETy8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74dc66ee2b88b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1 
Host: ads.adlook.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         5.101.76.186
HTTP/2 302 Found
                                        
location: https://acint.net/match?dp=110&euid=9b42d847a4ce4ed6875e91efcdcd3a25
server: Kestrel
set-cookie: adlm_userId=9b42d847a4ce4ed6875e91efcdcd3a25; expires=Tue, 19 Sep 2023 21:00:00 GMT; path=/; SameSite=None; secure
date: Tue, 20 Sep 2022 17:50:11 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9D5840FC9DEA3D55D10247F043B47715557416539DB5856830BE0275EBD1224"
Last-Modified: Mon, 19 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17169
Expires: Tue, 20 Sep 2022 22:36:21 GMT
Date: Tue, 20 Sep 2022 17:50:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1879
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 17:50:12 GMT
Last-Modified: Tue, 20 Sep 2022 17:18:53 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B5F207D845748904470B77F0E824472B28B929B62731B9A396B1B5FF5B99B413"
Last-Modified: Sun, 18 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1625
Expires: Tue, 20 Sep 2022 18:17:17 GMT
Date: Tue, 20 Sep 2022 17:50:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13437
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 17:50:12 GMT
Connection: keep-alive

                                        
                                            GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1 
Host: ssp.bestssp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.147.80.35
HTTP/1.1 302 Found
                                        
Server: nginx/1.16.1
Date: Tue, 20 Sep 2022 17:50:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=THHXUBFB
Set-Cookie: uid=THHXUBFB; Expires=Tue, 20 Sep 2032 00:00:00 GMT; mf2=1; Expires=Thu, 20 Oct 2022 00:00:00 GMT;

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FEC7401FA6C80AE83CE366CE7722BEFD451222694B98E6373A3BB75866E187AD"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14564
Expires: Tue, 20 Sep 2022 21:52:56 GMT
Date: Tue, 20 Sep 2022 17:50:12 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11145
x-amzn-requestid: dcb726a6-2f43-4170-a53c-4f0d2883309e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yuh7yHfHIAMFu4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e37e-11bf06e96123e01c11854cbb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:47:42 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DwufJXA1yHz_jnJL0PWjCQYF9fa3jlJ0e-2hIomInAXCpmPISX3mjg==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:33 GMT
age: 71259
etag: "ff8286c4d2cf87a1865d56d082bc5235dba60ad7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11145
Md5:    c283017ec789693602177a2785177e21
Sha1:   ff8286c4d2cf87a1865d56d082bc5235dba60ad7
Sha256: 520db2567ad5529d35d2ac63b94d4186848382e9c86d0c4355ab979b34f0e0ab
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 21:50:04 GMT
age: 72008
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9873
Md5:    7ca0c1a7f205ad07f1cce80b26448873
Sha1:   0e14f5062e40ce94346494ff947bfcf74b5e88c1
Sha256: ebc960279032671136749823c126ec807334d9eaf2b019abcc63b41bcdbf4a7f
                                        
                                            GET /match?dp=110&euid=9b42d847a4ce4ed6875e91efcdcd3a25 HTTP/1.1 
Host: acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=LgR5GmMp/VNAjACwH7LYAojNk8RMkR0sTYuLzRb0ZQi+A4Gv; test_cookie=CheckForPermission; cSyncDp7v2=1663696212; cSyncDp14v3=1663696212; cSyncDp17=1663696212; cSyncDp32=1663696212; cSyncDp45v3=1663696212; cSyncDp53=1663696212; cSyncDp54v2=1663696212; cSyncDp62=1663696212; cSyncDp67v2=1663696212; cSyncDp68=1663696212; cSyncDp71=1663696212; cSyncDp77=1663696212; cSyncDp84=1663696212; cSyncDp85=1663696212; cSyncDp95v3=1663696212; cSyncDp101=1663696212; cSyncDp104v2=1663696212; cSyncDp107=1663696212; cSyncDp110=1663696212; cSyncDp111v2=1663696212; cSyncDp112v2=1663696212; cSyncDp125v2=1663696212; cSyncDp126=1663696212; cSyncDp127=1663696212; cSyncDp129=1663696212; cSyncDp136v2=1663696212; cSyncDp138=1663696212; cSyncDp144=1663696212; cSyncDp146=1663696212; cSyncDp148=1663696212; cSyncDp149=1663696212; cSyncDp151=1663696212; cSyncDp178=1663696212; cSyncDp179=1663696212; cSyncDp186=1663696212; cSyncDp221=1663696212
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         176.9.9.10
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Tue, 20 Sep 2022 17:50:12 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match?dsp=sape HTTP/1.1 
Host: sync.republer.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.88.82.46
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 20 Sep 2022 17:50:12 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "718EED71973D15305E0894498BE069C630B67BCAD72A6C1A1872BFDF99E97F4B"
Last-Modified: Mon, 19 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4271
Expires: Tue, 20 Sep 2022 19:01:23 GMT
Date: Tue, 20 Sep 2022 17:50:12 GMT
Connection: keep-alive

                                        
                                            GET /?src=sap1&uid=0A0909B053FD2963C1002E210209A16D HTTP/1.1 
Host: sync.bumlam.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.172.81.159
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Tue, 20 Sep 2022 17:50:12 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRhZDBiMmEwYy0zOTBjLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Mon, 15 Sep 2042 17:50:12 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjU-qeZBmIgMEEwOTA5QjA1M0ZEMjk2M0MxMDAyRTIxMDIwOUExNkSiARCtCyoMOQwR7YZEACWQyCQ3
ETag: ad0b2a0c-390c-11ed-8644-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9543
x-amzn-requestid: 17be04c9-54f0-4988-82dd-f13911a2a629
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugINHN1IAMF8iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09a-35496b4c21c23dec75257964;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y3urrVdjZEds_DKf3yL2XfaOy-5UPBwU-YVWe5eKYsDpl3JPmqffsw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:23:30 GMT
age: 70002
etag: "a852edb64a7220532aa619ab2a440c3a7e11b97a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9543
Md5:    30fbdfee7ec4513a5ff3dfcb7282f816
Sha1:   a852edb64a7220532aa619ab2a440c3a7e11b97a
Sha256: 4adee59f97bea412c6a0a786d0a27e431a497198b9047a75841b0a530803bdfe
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9FF0F01363DBFB8A16C5BA064B6AD8AAAF50C69CD6181E65C41AC1E46CF891AD"
Last-Modified: Tue, 20 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16318
Expires: Tue, 20 Sep 2022 22:22:10 GMT
Date: Tue, 20 Sep 2022 17:50:12 GMT
Connection: keep-alive

                                        
                                            GET /match?dp=95&euid=THHXUBFB HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=LgR5GmMp/VNAjACwH7LYAojNk8RMkR0sTYuLzRb0ZQi+A4Gv; test_cookie=CheckForPermission; cSyncDp7v2=1663696212; cSyncDp14v3=1663696212; cSyncDp17=1663696212; cSyncDp32=1663696212; cSyncDp45v3=1663696212; cSyncDp53=1663696212; cSyncDp54v2=1663696212; cSyncDp62=1663696212; cSyncDp67v2=1663696212; cSyncDp68=1663696212; cSyncDp71=1663696212; cSyncDp77=1663696212; cSyncDp84=1663696212; cSyncDp85=1663696212; cSyncDp95v3=1663696212; cSyncDp101=1663696212; cSyncDp104v2=1663696212; cSyncDp107=1663696212; cSyncDp110=1663696212; cSyncDp111v2=1663696212; cSyncDp112v2=1663696212; cSyncDp125v2=1663696212; cSyncDp126=1663696212; cSyncDp127=1663696212; cSyncDp129=1663696212; cSyncDp136v2=1663696212; cSyncDp138=1663696212; cSyncDp144=1663696212; cSyncDp146=1663696212; cSyncDp148=1663696212; cSyncDp149=1663696212; cSyncDp151=1663696212; cSyncDp178=1663696212; cSyncDp179=1663696212; cSyncDp186=1663696212; cSyncDp221=1663696212
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         176.9.9.10
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Tue, 20 Sep 2022 17:50:12 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /matchspm?pi=1000005&pui=0A0909B053FD2963C1002E210209A16D HTTP/1.1 
Host: ut.rktch.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         89.108.97.2
HTTP/1.1 302 Found
                                        
Server: nginx/1.22.0
Date: Tue, 20 Sep 2022 17:50:12 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=67e3096e0185772e96a23c8b523d1a643ca3; Max-Age=2592000; Expires=Thu, 20 Oct 2022 17:50:12 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9865
x-amzn-requestid: 7eeeff5b-cb13-4060-96a6-bf5a4be57331
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugokGQVoAMFXmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e169-4211dbbe1a22d0255a45aff0;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zDPKSOJ7SJImKcluUMhGvVMHv4t2oKLD2AJfGKAFSfedsdSA4VgZ_g==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:56 GMT
etag: "b8484fb5443344b03e52dd56b1d6c5682eb6221a"
age: 71236
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9865
Md5:    1a7d863845e96c5927e812f325c08c16
Sha1:   b8484fb5443344b03e52dd56b1d6c5682eb6221a
Sha256: fcb382029332a44deaf212298b618074a752d674d0c735a1b8b861ab4bb6ff0f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13437
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 17:50:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E28B5CB66252A18D25FCCA8E24BFCDAAA5F93BC9AE8DB726B28CB4AF50867E21"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6046
Expires: Tue, 20 Sep 2022 19:30:58 GMT
Date: Tue, 20 Sep 2022 17:50:12 GMT
Connection: keep-alive

                                        
                                            GET /match/396/?remote_uid=0A0909B053FD2963C1002E210209A16D HTTP/1.1 
Host: s.uuidksinc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.220.27.134
HTTP/2 302 Found
                                        
server: nginx/1.19.0
date: Tue, 20 Sep 2022 17:50:12 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=nH2DumJC24uxVY2HJU2D
set-cookie: jcsuuid=nH2DumJC24uxVY2HJU2D; expires=Wed, 20 Sep 2023 17:50:12 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A6E7B2CA3C515A44807F1D8F2F61F8DC69637F75069B2D1139318294E313EBEA"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2017
Expires: Tue, 20 Sep 2022 18:23:49 GMT
Date: Tue, 20 Sep 2022 17:50:12 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:07:05 GMT
age: 70987
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11832
Md5:    2ed7323b395e757f7766ea0045efdaca
Sha1:   8b91bc3069a3217bc719c27959d578b353b5d9dc
Sha256: 8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
                                        
                                            GET /userbind?src=sape&id=0A0909B053FD2963C1002E210209A16D HTTP/1.1 
Host: match.new-programmatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.65.2.150
HTTP/1.1 204 No Content
                                        
Server: nginx/1.18.0
Date: Tue, 20 Sep 2022 17:50:12 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

                                        
                                            GET /p?ssp=sp&uid=0A0909B053FD2963C1002E210209A16D HTTP/1.1 
Host: cs.agency2.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.111.107.44
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 20 Sep 2022 17:50:12 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=855402c5-1593-4ea5-84f2-66c448159f10
Set-Cookie: uuid=855402c5-1593-4ea5-84f2-66c448159f10; expires=Mon, 11 Sep 2023 17:50:12 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44

                                        
                                            GET /wp-content/uploads/2019/01/8.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:11 GMT
content-length: 70672
last-modified: Mon, 13 May 2019 07:22:01 GMT
etag: "5cd91b19-11410"
expires: Fri, 21 Oct 2022 17:50:11 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x683, components 3\012- data
Size:   70672
Md5:    d345994493a3827ff660cc5e71fc253d
Sha1:   2a647d5bf2e93c1aa4e7f4c3920b9cae8ab6a917
Sha256: 03e96a006f801f17cc1f3e247353996790d5db8b97fc360ec3c7ff91b0c2f74e
                                        
                                            GET /wp-content/uploads/2020/06/5649546-218x150.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 12759
last-modified: Thu, 18 Jun 2020 07:39:38 GMT
etag: "5eeb1a3a-31d7"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 218x150, components 3\012- data
Size:   12759
Md5:    0a3fa882d027757e5181bd2f01c06c03
Sha1:   8d9fc2948635e3ff88384a0e9a86ca3babb9c137
Sha256: 5ebf8e3306af93a34e5c9f99be3e9415225b7d82522c7b56fcbc7db4b8a015f3
                                        
                                            GET /sape/sync HTTP/1.1 
Host: sync.upravel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         148.251.78.49
HTTP/2 302 Found
content-type: image/png
                                        
server: nginx
date: Tue, 20 Sep 2022 17:50:12 GMT
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1663696212452;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180 session_tptc-legacy=1663696212452;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

                                        
                                            GET /merge_gpsid/?sid=50&id=0A0909B053FD2963C1002E210209A16D HTTP/1.1 
Host: stat.adlabs.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         109.248.237.36
HTTP/2 302 Found
                                        
server: nginx
date: Tue, 20 Sep 2022 17:37:53 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=0A0909B053FD2963C1002E210209A16D
X-Firefox-Spdy: h2

                                        
                                            GET /?src=sap1&s_data=CAIQARjU-qeZBmIgMEEwOTA5QjA1M0ZEMjk2M0MxMDAyRTIxMDIwOUExNkSiARCtCyoMOQwR7YZEACWQyCQ3 HTTP/1.1 
Host: sync.bumlam.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRhZDBiMmEwYy0zOTBjLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.172.81.159
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Tue, 20 Sep 2022 17:50:12 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRhZDBiMmEwYy0zOTBjLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Mon, 15 Sep 2042 17:50:12 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

                                        
                                            GET /sape/cm?user_id=0A0909B053FD2963C1002E210209A16D HTTP/1.1 
Host: nr.bidderstack.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         148.251.217.100
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Tue, 20 Sep 2022 17:50:12 GMT
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=d7d3b9f4-9228-467c-be9e-a8ca3ba60355; domain=.bidderstack.com; path=/; expires=Wed, 20-Sep-2023 17:50:12 GMT;
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   44
Md5:    f9d60352c70a2ba15616d1c9421f3844
Sha1:   e9abc8bea7721a4b6a50295850d13c515006a95c
Sha256: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
                                        
                                            GET /match?dp=127&euid=nH2DumJC24uxVY2HJU2D HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=LgR5GmMp/VNAjACwH7LYAojNk8RMkR0sTYuLzRb0ZQi+A4Gv; test_cookie=CheckForPermission; cSyncDp7v2=1663696212; cSyncDp14v3=1663696212; cSyncDp17=1663696212; cSyncDp32=1663696212; cSyncDp45v3=1663696212; cSyncDp53=1663696212; cSyncDp54v2=1663696212; cSyncDp62=1663696212; cSyncDp67v2=1663696212; cSyncDp68=1663696212; cSyncDp71=1663696212; cSyncDp77=1663696212; cSyncDp84=1663696212; cSyncDp85=1663696212; cSyncDp95v3=1663696212; cSyncDp101=1663696212; cSyncDp104v2=1663696212; cSyncDp107=1663696212; cSyncDp110=1663696212; cSyncDp111v2=1663696212; cSyncDp112v2=1663696212; cSyncDp125v2=1663696212; cSyncDp126=1663696212; cSyncDp127=1663696212; cSyncDp129=1663696212; cSyncDp136v2=1663696212; cSyncDp138=1663696212; cSyncDp144=1663696212; cSyncDp146=1663696212; cSyncDp148=1663696212; cSyncDp149=1663696212; cSyncDp151=1663696212; cSyncDp178=1663696212; cSyncDp179=1663696212; cSyncDp186=1663696212; cSyncDp221=1663696212
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         176.9.9.10
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Tue, 20 Sep 2022 17:50:12 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 17:50:12 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 24 Sep 2022 15:22:08 GMT
ETag: "f762e34cbb6874fcd68d20c5f1aabe8094d9571b"
Last-Modified: Tue, 20 Sep 2022 15:22:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3579
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dc66f02e750b65-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    2434a56f7314b3e676f8113c6f054688
Sha1:   f762e34cbb6874fcd68d20c5f1aabe8094d9571b
Sha256: 35cad6dc8bdd2e49ab2aca6c5ddabdc5cd5b72a7bc8a6ac8b8805e5bc3e9fc1a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 17:50:12 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 00:21:03 GMT
Expires: Sun, 25 Sep 2022 00:21:02 GMT
Etag: "4ae50c94f39c12046d8522d440f5bb81781d4e9a"
Cache-Control: max-age=368449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dc66ef0e60b521-OSL

                                        
                                            GET /core/match.gif?s=32&id=0A0909B053FD2963C1002E210209A16D HTTP/1.1 
Host: mediatoday.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.228.100
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx/1.20.2
date: Tue, 20 Sep 2022 17:50:12 GMT
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUsKC4FFFNh7to7; expires=Fri, 17-Sep-2032 17:50:12 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B053FD2963C1002E210209A16D HTTP/1.1 
Host: sync.1dmp.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.216.101.186
HTTP/2 302 Found
                                        
server: nginx
date: Tue, 20 Sep 2022 17:50:12 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=ad1f8bf5-390c-11ed-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 20 Sep 2023 17:50:12 GMT; SameSite=None; Secure uid-legacy=ad1f8bf5-390c-11ed-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 20 Sep 2023 17:50:12 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B053FD2963C1002E210209A16D&cs=1
X-Firefox-Spdy: h2

                                        
                                            GET /match?dp=186&euid=855402c5-1593-4ea5-84f2-66c448159f10 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=LgR5GmMp/VNAjACwH7LYAojNk8RMkR0sTYuLzRb0ZQi+A4Gv; test_cookie=CheckForPermission; cSyncDp7v2=1663696212; cSyncDp14v3=1663696212; cSyncDp17=1663696212; cSyncDp32=1663696212; cSyncDp45v3=1663696212; cSyncDp53=1663696212; cSyncDp54v2=1663696212; cSyncDp62=1663696212; cSyncDp67v2=1663696212; cSyncDp68=1663696212; cSyncDp71=1663696212; cSyncDp77=1663696212; cSyncDp84=1663696212; cSyncDp85=1663696212; cSyncDp95v3=1663696212; cSyncDp101=1663696212; cSyncDp104v2=1663696212; cSyncDp107=1663696212; cSyncDp110=1663696212; cSyncDp111v2=1663696212; cSyncDp112v2=1663696212; cSyncDp125v2=1663696212; cSyncDp126=1663696212; cSyncDp127=1663696212; cSyncDp129=1663696212; cSyncDp136v2=1663696212; cSyncDp138=1663696212; cSyncDp144=1663696212; cSyncDp146=1663696212; cSyncDp148=1663696212; cSyncDp149=1663696212; cSyncDp151=1663696212; cSyncDp178=1663696212; cSyncDp179=1663696212; cSyncDp186=1663696212; cSyncDp221=1663696212
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         176.9.9.10
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Tue, 20 Sep 2022 17:50:12 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /wp-content/uploads/2020/08/2D4A7036-534x462.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 40001
last-modified: Tue, 11 Aug 2020 05:55:31 GMT
etag: "5f3232d3-9c41"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 534x462, components 3\012- data
Size:   40001
Md5:    63bc2e4ed8dd4e2872f853372962fad8
Sha1:   1687b3b57a39f64a08cffb1ac16462f72133db78
Sha256: 3e982ae0bdd3dae3b91fad9f01176601f47f59438630841d757fffcaf36ad10b
                                        
                                            GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1 
Host: exchange.buzzoola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         168.119.9.59
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Tue, 20 Sep 2022 17:50:12 GMT
content-length: 115
location: https://www.acint.net/match?dp=126&euid=95c1ef0a-a522-453c-56b7-fe6cac3cd1a7
serverid: TODO
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   115
Md5:    9e8971d7774a48134a65e6d5bea88f6b
Sha1:   aba77e44c50cc299cc69fb2750d15d4102e93289
Sha256: ab260909be1440847586e4d25e59f04bf6cd3458a235a478815eb6c43501e263
                                        
                                            GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B053FD2963C1002E210209A16D&cs=1 HTTP/1.1 
Host: sync.1dmp.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=ad1f8bf5-390c-11ed-ad67-f832e4719dd9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         95.216.101.186
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Tue, 20 Sep 2022 17:50:12 GMT
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=ad1f8bf5-390c-11ed-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 20 Sep 2023 17:50:12 GMT; SameSite=None; Secure uid-legacy=ad1f8bf5-390c-11ed-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 20 Sep 2023 17:50:12 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /wp-content/uploads/2020/08/%D1%81%D0%B5%D0%BB%D0%BE%D0%A1%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0-265x198.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 16978
last-modified: Tue, 11 Aug 2020 05:53:24 GMT
etag: "5f323254-4252"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 265x198, components 3\012- data
Size:   16978
Md5:    c2cc40f09051e7efd24d71858037c72d
Sha1:   f223fc8e626e01d74e4db2051a3a00984b0c3d2a
Sha256: 0de04e2b89f325e3604855cf51f7682e37d5dcb9dae1179e65ecd8f9186a1a93
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "35D99593231C2D7E65301F92C1A16D21CFD7A6BCD6818179176B77C4AB753850"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17588
Expires: Tue, 20 Sep 2022 22:43:20 GMT
Date: Tue, 20 Sep 2022 17:50:12 GMT
Connection: keep-alive

                                        
                                            GET /match?dp=126&euid=95c1ef0a-a522-453c-56b7-fe6cac3cd1a7 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=LgR5GmMp/VNAjACwH7LYAojNk8RMkR0sTYuLzRb0ZQi+A4Gv; test_cookie=CheckForPermission; cSyncDp7v2=1663696212; cSyncDp14v3=1663696212; cSyncDp17=1663696212; cSyncDp32=1663696212; cSyncDp45v3=1663696212; cSyncDp53=1663696212; cSyncDp54v2=1663696212; cSyncDp62=1663696212; cSyncDp67v2=1663696212; cSyncDp68=1663696212; cSyncDp71=1663696212; cSyncDp77=1663696212; cSyncDp84=1663696212; cSyncDp85=1663696212; cSyncDp95v3=1663696212; cSyncDp101=1663696212; cSyncDp104v2=1663696212; cSyncDp107=1663696212; cSyncDp110=1663696212; cSyncDp111v2=1663696212; cSyncDp112v2=1663696212; cSyncDp125v2=1663696212; cSyncDp126=1663696212; cSyncDp127=1663696212; cSyncDp129=1663696212; cSyncDp136v2=1663696212; cSyncDp138=1663696212; cSyncDp144=1663696212; cSyncDp146=1663696212; cSyncDp148=1663696212; cSyncDp149=1663696212; cSyncDp151=1663696212; cSyncDp178=1663696212; cSyncDp179=1663696212; cSyncDp186=1663696212; cSyncDp221=1663696212
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         176.9.9.10
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Tue, 20 Sep 2022 17:50:12 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /p?ssp=sp&id=0A0909B053FD2963C1002E210209A16D HTTP/1.1 
Host: 0a0909b053fd2963c1002e210209a16d-sp.ops.beeline.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.9.245.57
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Tue, 20 Sep 2022 17:50:12 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=a7b2484c-6245-4fc9-a328-78eba7981ada
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=a7b2484c-6245-4fc9-a328-78eba7981ada; expires=Mon, 11 Sep 2023 17:50:12 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.35
X-Firefox-Spdy: h2

                                        
                                            GET /wp-content/uploads/2020/08/%D0%B7%D0%B0%D0%BD%D1%8F%D1%82%D0%BE%D1%81%D1%82%D1%8C-265x198.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 20854
last-modified: Tue, 04 Aug 2020 08:11:35 GMT
etag: "5f291837-5176"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=540, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=960], baseline, precision 8, 265x198, components 3\012- data
Size:   20854
Md5:    c6f3fe3acea63cd1da5ebd613ffb2475
Sha1:   b5be2ae7216d1fe36a51673c3015eeeb1896c23d
Sha256: 7f2d5f08f23466ff879038ff904edf8b2945417f8376b258b4224c37ffee81bc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 14:35:48 GMT
age: 11664
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10894
Md5:    d3e70b2859ca89b353682d03f6b46b93
Sha1:   ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
Sha256: 43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
                                        
                                            GET /merge_gpsid/?sid=50&id=0A0909B053FD2963C1002E210209A16D HTTP/1.1 
Host: adlmerge.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.66.35
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx/1.16.0
date: Tue, 20 Sep 2022 17:50:12 GMT
iseu: eu
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   86
Md5:    cd01ca32a344e7529987fed41a31de69
Sha1:   4558538a8b95d32e8209cabc21462c0cbb8789e1
Sha256: d243a8594bf956ada2c21d571ef312c61cbcbfc655b50efd1a55c11c2c4427a7
                                        
                                            GET /wp-content/uploads/2020/07/%D0%B4%D0%B5%D1%82%D0%B8%D0%94%D0%B5%D1%82%D1%81%D0%B0%D0%B4-265x198.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 33203
last-modified: Tue, 14 Jul 2020 06:09:08 GMT
etag: "5f0d4c04-81b3"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2020:07:13 10:06:34], baseline, precision 8, 265x198, components 3\012- data
Size:   33203
Md5:    6a74f7127d504d880e92194e60d6391f
Sha1:   1c68f2427dd34190bec2c1d8aa9e850872708b9e
Sha256: 5593565ac60998aae87982728cf68bf1e396a8ab9c8ec401ebb3c2a3f0618184
                                        
                                            GET /wp-content/uploads/2020/07/RXh3kZUU93Q1-2-265x198.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 14448
last-modified: Tue, 14 Jul 2020 05:59:53 GMT
etag: "5f0d49d9-3870"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 265x198, components 3\012- data
Size:   14448
Md5:    bb4dab7a7ba5c0ba75c30922d7634da7
Sha1:   88db810a5b68a3fbbea29fbfe3451944c621da38
Sha256: 96969497186e43b780a62f83077d20a916700315eb48f7c5af096f5414694fe8
                                        
                                            GET /wp-content/uploads/2020/07/MG_7064-324x235.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 16036
last-modified: Tue, 14 Jul 2020 05:59:04 GMT
etag: "5f0d49a8-3ea4"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 324x235, components 3\012- data
Size:   16036
Md5:    6ab0b2652839284517da60008abfd697
Sha1:   2abf33fb7b2baee9261f5d6b57e73a01e5330110
Sha256: 57f2616891387bc3e0061c00cbbdc360ae0a2a06b12ca583bff4129c4e0c7f7d
                                        
                                            GET /wp-content/uploads/2020/07/7_1977-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 19179
last-modified: Mon, 13 Jul 2020 05:59:11 GMT
etag: "5f0bf82f-4aeb"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=ACDSee Ultimate 2019, datetime=2020:07:10 11:10:00], baseline, precision 8, 100x70, components 3\012- data
Size:   19179
Md5:    8e31a9978f7fe06a474670d066d590a9
Sha1:   8173cce6b2f73b7fffaf0b847e1626fbbd143477
Sha256: e6ee20566a31b5b7ed4417105eebfb937af8cdb664bdbdac52e4e2ca2c30c845
                                        
                                            GET /wp-content/uploads/2020/07/549978458-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 2373
last-modified: Mon, 13 Jul 2020 05:58:18 GMT
etag: "5f0bf7fa-945"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=ACDSee Pro 10, datetime=2020:07:10 11:32:13], baseline, precision 8, 100x70, components 3\012- data
Size:   2373
Md5:    9a748073e6c37f73945965045a771c39
Sha1:   b8ac77870bfa0ea212f84740d25f89b5e2e43eda
Sha256: cfa1a726174b6fb77c8ad9432348f6f2746ba621dbe935f5d188fd2bb7f05897
                                        
                                            GET /wp-content/uploads/2020/07/%D0%BB%D0%B5%D1%811-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 22706
last-modified: Mon, 13 Jul 2020 05:57:00 GMT
etag: "5f0bf7ac-58b2"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=27, height=1200, bps=0, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 77D, orientation=upper-left, width=1800], baseline, precision 8, 100x70, components 3\012- data
Size:   22706
Md5:    f90571cdec47910e81ec078423468e4e
Sha1:   956942e157c5aea6a203b51816d103569a03da2b
Sha256: ebbbaa56ca69e747a12cdb1c485bb8867e1788d88364bc285e459c14f7c712f9
                                        
                                            GET /wp-content/uploads/2020/07/%D0%B7%D0%B0%D0%BD%D1%8F%D1%82%D0%BE%D1%81%D1%82%D1%8C-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 11761
last-modified: Thu, 09 Jul 2020 06:39:47 GMT
etag: "5f06bbb3-2df1"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=540, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=960], baseline, precision 8, 100x70, components 3\012- data
Size:   11761
Md5:    d3af018c08815f87cb4bfde6fc769fd0
Sha1:   24292a660d51e488e703bae64144e34c4c15015b
Sha256: 9499c7c44a2c298f51fb0e9eeddd5989ebaa3e23a88da6c6271695e76bdd86cf
                                        
                                            GET /wp-content/uploads/2020/02/92abdc10118f9607062da89875f14aa-324x160.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 12280
last-modified: Wed, 05 Feb 2020 06:30:25 GMT
etag: "5e3a6101-2ff8"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 324x160, components 3\012- data
Size:   12280
Md5:    932bf7b8bf2a287dd69cc9f36173de61
Sha1:   b9c3e35c3932052ccbc21bc1309519c6f5b1e966
Sha256: 9d3e0eee60a3c9e7e81dbc37722e6cebe6d24cee4e01aa0c6beaed1495d756a7
                                        
                                            GET /wp-content/uploads/2020/03/serviceOPZI2DPG-400x270-1-324x160.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 10610
last-modified: Tue, 17 Mar 2020 05:50:18 GMT
etag: "5e70651a-2972"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.2.10], baseline, precision 8, 324x160, components 3\012- data
Size:   10610
Md5:    674bc49fb013f23643a1126ef4041566
Sha1:   4cc5436d9957d362582005b2c9ec5991e9a6fd78
Sha256: d72577f69d82be2b53ff2ff9b41b887f816e71b8e415476ab17e2a31cb2adbb1
                                        
                                            GET /wp-content/uploads/2020/03/service2628YRIW-400x270-1-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 2063
last-modified: Thu, 12 Mar 2020 06:41:22 GMT
etag: "5e69d992-80f"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.2.10], baseline, precision 8, 100x70, components 3\012- data
Size:   2063
Md5:    329f2fe3050fdf32b602075d0ef04989
Sha1:   2dcab76f2ed2cad7d9c96d91896f9a5ed5fd1366
Sha256: a5af80962fa66cf7af8dec9c298113e28747f6d5187c4a0945924776dc6553ff
                                        
                                            GET /wp-content/uploads/2020/03/serviceN92YLC982-400x270-1-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 2093
last-modified: Wed, 11 Mar 2020 05:55:04 GMT
etag: "5e687d38-82d"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.2.10], baseline, precision 8, 100x70, components 3\012- data
Size:   2093
Md5:    c7eeeb719dc95f6a1ab5bfd7ed522b05
Sha1:   9ff9bc7166e5a5fbb0a737b0b2f6e74c72fe4b28
Sha256: 3009b90c922ce411e8257f27e4cabb940d1edc3ebe4c2cffea0db3c3dfd7bc3b
                                        
                                            GET /wp-content/uploads/2020/03/serviceAOW2MQ1R2-400x270-1-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 1779
last-modified: Thu, 05 Mar 2020 06:02:22 GMT
etag: "5e6095ee-6f3"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.2.10], baseline, precision 8, 100x70, components 3\012- data
Size:   1779
Md5:    af119093795ce7187756dd00a0f1c322
Sha1:   e373be6423442ad2019b6a5d18008501c84309af
Sha256: ae84800941f477ba8769b2102ebcafec836a627ef798fe9799a10d83f4215916
                                        
                                            GET /wp-content/uploads/2020/03/maxresdefault-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 2219
last-modified: Mon, 02 Mar 2020 07:03:45 GMT
etag: "5e5cafd1-8ab"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x70, components 3\012- data
Size:   2219
Md5:    b7ba4e09ecc785f5f4e3340b91779cc5
Sha1:   da4a8f814547a7892c9af44fdd881e17a9cd4395
Sha256: 5629f06a7d7035a5a0e1f31477fc1175d2df9f426b0dfb96336a6564e28854a9
                                        
                                            GET /wp-content/uploads/2020/08/IMG_0491-324x235.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 30434
last-modified: Mon, 24 Aug 2020 06:06:39 GMT
etag: "5f4358ef-76e2"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=27, height=683, bps=0, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 700D, orientation=upper-left, width=1024], baseline, precision 8, 324x235, components 3\012- data
Size:   30434
Md5:    e6284370b7143a8fea65e0370f3a888a
Sha1:   295c34e674dfce9b5c918229587a27dd6ba1c72a
Sha256: 42b1291fc5f52293d9b061e093b25f1168309a6df93c75bf34cdec000be34d19
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "036C9308AE0565C542B1DC222F015489D71BACD42E2921F5EED651C6A4BBA258"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7243
Expires: Tue, 20 Sep 2022 19:50:56 GMT
Date: Tue, 20 Sep 2022 17:50:13 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/uploads/2020/03/56495687498-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 16349
last-modified: Mon, 23 Mar 2020 05:51:11 GMT
etag: "5e784e4f-3fdd"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=16, height=4480, bps=206, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark IV, orientation=upper-left, width=6720], baseline, precision 8, 100x70, components 3\012- data
Size:   16349
Md5:    99366b32c07adda70abe7a9d9b880c26
Sha1:   9f64338ac90b6a787b162f9ffb203acc20163622
Sha256: 8c67105ac0b430bd6b90212ea51abadcb4ce30cfffc50f72ba6591de7caee208
                                        
                                            GET /wp-content/uploads/2020/03/55abfb9520e7dfcf70f8c56bed53cbbb-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 2308
last-modified: Fri, 13 Mar 2020 19:00:04 GMT
etag: "5e6bd834-904"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 100x70, components 3\012- data
Size:   2308
Md5:    9992bfc5248486a34727a7c9053aed77
Sha1:   87ce39b55b98a3c32a67e62aefea88b44ac6d215
Sha256: 0991c741c936cf6088177d1203759fc7bdacb5464eb0b8e7170caab844eaf2d0
                                        
                                            GET /match?dp=129&euid=2lth21lwlj HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=LgR5GmMp/VNAjACwH7LYAojNk8RMkR0sTYuLzRb0ZQi+A4Gv; test_cookie=CheckForPermission; cSyncDp7v2=1663696212; cSyncDp14v3=1663696212; cSyncDp17=1663696212; cSyncDp32=1663696212; cSyncDp45v3=1663696212; cSyncDp53=1663696212; cSyncDp54v2=1663696212; cSyncDp62=1663696212; cSyncDp67v2=1663696212; cSyncDp68=1663696212; cSyncDp71=1663696212; cSyncDp77=1663696212; cSyncDp84=1663696212; cSyncDp85=1663696212; cSyncDp95v3=1663696212; cSyncDp101=1663696212; cSyncDp104v2=1663696212; cSyncDp107=1663696212; cSyncDp110=1663696212; cSyncDp111v2=1663696212; cSyncDp112v2=1663696212; cSyncDp125v2=1663696212; cSyncDp126=1663696212; cSyncDp127=1663696212; cSyncDp129=1663696212; cSyncDp136v2=1663696212; cSyncDp138=1663696212; cSyncDp144=1663696212; cSyncDp146=1663696212; cSyncDp148=1663696212; cSyncDp149=1663696212; cSyncDp151=1663696212; cSyncDp178=1663696212; cSyncDp179=1663696212; cSyncDp186=1663696212; cSyncDp221=1663696212
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         176.9.9.10
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Tue, 20 Sep 2022 17:50:13 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A13695745612E9F0FEAF5B58CBAB183B166956C0E84B94148D230E12725B9C66"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7645
Expires: Tue, 20 Sep 2022 19:57:38 GMT
Date: Tue, 20 Sep 2022 17:50:13 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/uploads/2020/03/1449565-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 14026
last-modified: Wed, 11 Mar 2020 05:57:12 GMT
etag: "5e687db8-36ca"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=16, height=3840, bps=206, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, width=5760], baseline, precision 8, 100x70, components 3\012- data
Size:   14026
Md5:    e747573c18c1ea35d7d484f5cfde7dbe
Sha1:   98318b2fafd44a07953238728e3afa5cd6c00090
Sha256: c6d32ed1f941405f589af553b6b3f65c291dcdf5d1fd4ebd56dd06d6886eeb82
                                        
                                            GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1 
Host: ssp-rtb.sape.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         193.3.184.130
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: openresty
Date: Tue, 20 Sep 2022 17:50:13 GMT
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=A8B803C155FD29632000A23602249F60
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=wQO4qGMp/VU2ogAgYJ8kAj10tG958jlpshX/xRqnsJO3U3Pd; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   142
Md5:    82c98e8e012b79c922655461171cc2fa
Sha1:   0828d79135573276005b04be42d79a8a3291292b
Sha256: 745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
                                        
                                            GET /match?dp=14&euid=A8B803C155FD29632000A23602249F60 HTTP/1.1 
Host: acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=LgR5GmMp/VNAjACwH7LYAojNk8RMkR0sTYuLzRb0ZQi+A4Gv; test_cookie=CheckForPermission; cSyncDp7v2=1663696212; cSyncDp14v3=1663696212; cSyncDp17=1663696212; cSyncDp32=1663696212; cSyncDp45v3=1663696212; cSyncDp53=1663696212; cSyncDp54v2=1663696212; cSyncDp62=1663696212; cSyncDp67v2=1663696212; cSyncDp68=1663696212; cSyncDp71=1663696212; cSyncDp77=1663696212; cSyncDp84=1663696212; cSyncDp85=1663696212; cSyncDp95v3=1663696212; cSyncDp101=1663696212; cSyncDp104v2=1663696212; cSyncDp107=1663696212; cSyncDp110=1663696212; cSyncDp111v2=1663696212; cSyncDp112v2=1663696212; cSyncDp125v2=1663696212; cSyncDp126=1663696212; cSyncDp127=1663696212; cSyncDp129=1663696212; cSyncDp136v2=1663696212; cSyncDp138=1663696212; cSyncDp144=1663696212; cSyncDp146=1663696212; cSyncDp148=1663696212; cSyncDp149=1663696212; cSyncDp151=1663696212; cSyncDp178=1663696212; cSyncDp179=1663696212; cSyncDp186=1663696212; cSyncDp221=1663696212
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         176.9.9.10
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Tue, 20 Sep 2022 17:50:13 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /wp-content/uploads/2020/02/%D0%92%D1%80%D0%B0%D1%87%D0%B8-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 16990
last-modified: Fri, 28 Feb 2020 06:52:40 GMT
etag: "5e58b8b8-425e"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=18, height=3264, bps=0, PhotometricIntepretation=RGB, manufacturer=NIKON CORPORATION, model=NIKON D7000, orientation=upper-left, width=4928], baseline, precision 8, 100x70, components 3\012- data
Size:   16990
Md5:    556c89b65e80e35ad52817687d1ac141
Sha1:   1dbb92d6c984831428c2724cb603f553b390ce8a
Sha256: ce7ba2066f55cb2f770741a29602d77e829515146bede529396f1d9352191c58
                                        
                                            GET /wp-content/uploads/2020/03/%D0%BA%D1%83%D0%BB%D1%82%D1%83%D1%80%D0%B0%D0%91%D0%BE%D0%B9%D0%BA%D0%BE%D0%B2-324x235.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 27365
last-modified: Thu, 12 Mar 2020 06:37:47 GMT
etag: "5e69d8bb-6ae5"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2020:03:11 12:15:05], baseline, precision 8, 324x235, components 3\012- data
Size:   27365
Md5:    f26700586f20bc259724c7519c7e532e
Sha1:   2f3cb95671f6f5e55936484649313550f2ff429d
Sha256: ae75f73260543d8a255acec8eb4d719a9d58204c25edd88903cf7c29a973ee5e
                                        
                                            GET /wp-content/uploads/2020/03/46458-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 2677
last-modified: Tue, 03 Mar 2020 05:50:49 GMT
etag: "5e5df039-a75"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 100x70, components 3\012- data
Size:   2677
Md5:    637483f2f18882d93808fed018ddf050
Sha1:   667d2efd26767bd7b20570eb67f0758ee007715d
Sha256: 7e34abb7cf82a05e80857e40b9221a356ba2c6e43c12f5a4b3b5e6f4ec6831a0
                                        
                                            GET /wp-content/uploads/2020/03/Bq23U3vzmSk-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 10454
last-modified: Tue, 03 Mar 2020 05:49:20 GMT
etag: "5e5defe0-28d6"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=492, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=800], baseline, precision 8, 100x70, components 1\012- data
Size:   10454
Md5:    7a232af8ea0280b1fb46566d23ff28c5
Sha1:   872208a81e863328298c4482f6260babe366bc25
Sha256: a770befc8649197d87b0ac35ada0aab7156f0d06704731e8980d4ec095b6d160
                                        
                                            GET /wp-content/uploads/2020/02/%D1%82%D0%B5%D0%B0%D1%82%D1%801-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 16765
last-modified: Thu, 27 Feb 2020 06:08:18 GMT
etag: "5e575cd2-417d"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2020:02:26 12:09:50], baseline, precision 8, 100x70, components 3\012- data
Size:   16765
Md5:    dc0bf379a554875c2ef42a73e26deb4e
Sha1:   279707a593cfc71f83de213ba9e22e07a0fbb2fe
Sha256: d473800fccae4bab13d78e5fce01c78ff90fd50bdb8a943e27365d1b594ea2ed
                                        
                                            GET /wp-content/uploads/2020/02/img_8841-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 3326
last-modified: Fri, 21 Feb 2020 05:45:16 GMT
etag: "5e4f6e6c-cfe"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 100x70, components 3\012- data
Size:   3326
Md5:    287d4daacbef092e640aebce11251342
Sha1:   7d83bc6c981dd115311a1f9d9c5cb1a947741cd7
Sha256: 1f2d58cf981c496316eaabd30e6aa8c6930de8d7fb74edcc599da85fca16ea72
                                        
                                            GET /wp-content/uploads/2020/02/92abdc10118f9607062da89875f14aa-218x150.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 8254
last-modified: Wed, 05 Feb 2020 06:30:25 GMT
etag: "5e3a6101-203e"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 218x150, components 3\012- data
Size:   8254
Md5:    22b49f22c4850d858e829267e99dc2f4
Sha1:   bcca39117fd8fb8adbc03103a2f4fc0a133d2f2f
Sha256: 0af1be708afe3e6069364770231862940dfade4fc060a139a1a51b6726eac524
                                        
                                            GET /wp-content/uploads/2020/02/92abdc10118f9607062da89875f14aa-1-218x150.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 8254
last-modified: Wed, 05 Feb 2020 06:31:37 GMT
etag: "5e3a6149-203e"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 218x150, components 3\012- data
Size:   8254
Md5:    22b49f22c4850d858e829267e99dc2f4
Sha1:   bcca39117fd8fb8adbc03103a2f4fc0a133d2f2f
Sha256: 0af1be708afe3e6069364770231862940dfade4fc060a139a1a51b6726eac524
                                        
                                            GET /wp-content/uploads/2020/02/240569f9efddd2ef64b67a53b51887a3-218x150.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 23713
last-modified: Sun, 23 Feb 2020 07:00:03 GMT
etag: "5e5222f3-5ca1"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=19, manufacturer=Canon, model=Canon EOS 1100D, orientation=upper-left, datetime=2017:02:27 17:06:06], baseline, precision 8, 218x150, components 3\012- data
Size:   23713
Md5:    dd0786be53c4d60eca2c28cff2b5fd23
Sha1:   bf7da0c4694848f1461611a38e486b171f692210
Sha256: 1e00fc0e30136b33462813b71ce6d6f76be19e4fbb5b5f532bae65a00f413b40
                                        
                                            GET /wp-content/uploads/2020/08/530A0784-324x235.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 24727
last-modified: Mon, 24 Aug 2020 06:05:21 GMT
etag: "5f4358a1-6097"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=ACDSee Ultimate 2019, datetime=2020:08:21 19:45:41], baseline, precision 8, 324x235, components 3\012- data
Size:   24727
Md5:    d890c13fd6bf554386f0c897b1b66f37
Sha1:   10c900e2cd51cbe7bdfb9d259e000c7192660355
Sha256: 43e42bd9318e3732e97c19d623b553038e3a00afa04aab531d28342f33c250a6
                                        
                                            GET /usersync?dspcsid=8&redirect=1 HTTP/1.1 
Host: ssp.bidvol.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.109.23.99
HTTP/2 302 Found
                                        
server: nginx/1.22.0
date: Tue, 20 Sep 2022 17:50:13 GMT
x-request-id: 9e6daa7d-c268-4d26-9ecd-26d2cbbaabb0
set-cookie: bvuid=2lth21lwlj; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None bvuid2=2lth21lwlj; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=2lth21lwlj
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 17:50:13 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:09:18 GMT
Expires: Tue, 27 Sep 2022 04:09:17 GMT
Etag: "c0bbb9ac61662fda8781947855cf7074484ac540"
Cache-Control: max-age=554943,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dc66f7a97fb521-OSL

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 17:50:13 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 24 Sep 2022 16:50:17 GMT
ETag: "cc380d7f6c9c4b1bf403500c551c30227230c984"
Last-Modified: Tue, 20 Sep 2022 16:50:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2762
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dc66f7fe4c0b65-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    039904fc7ab8463e1bc1693a77040038
Sha1:   cc380d7f6c9c4b1bf403500c551c30227230c984
Sha256: 7021bcf379df7006e1df9f44ea97854a76426952db80b550abb8792dede26f04
                                        
                                            GET /wp-content/uploads/2020/08/2D4A0388-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 2990
last-modified: Mon, 24 Aug 2020 06:03:43 GMT
etag: "5f43583f-bae"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 100x70, components 3\012- data
Size:   2990
Md5:    49d82b2370f5964e9ea90e93ea11782b
Sha1:   bb20324ec6643c09a46e69975654cddd3214e0b3
Sha256: 056b2c8ef72113a578fa99e0f52376afc41c95c87089b00ca0314d37f92d92bc
                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 17:50:13 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 24 Sep 2022 16:50:17 GMT
ETag: "cc380d7f6c9c4b1bf403500c551c30227230c984"
Last-Modified: Tue, 20 Sep 2022 16:50:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2762
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dc66f80e5b0b65-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    039904fc7ab8463e1bc1693a77040038
Sha1:   cc380d7f6c9c4b1bf403500c551c30227230c984
Sha256: 7021bcf379df7006e1df9f44ea97854a76426952db80b550abb8792dede26f04
                                        
                                            GET /wp-content/uploads/2020/07/3_1980-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 3187
last-modified: Tue, 14 Jul 2020 06:01:08 GMT
etag: "5f0d4a24-c73"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=ACDSee Ultimate 2019, datetime=2020:07:13 06:34:46], baseline, precision 8, 100x70, components 3\012- data
Size:   3187
Md5:    f42694ceae2c5b57f15b8d77b4b7861b
Sha1:   de5fb5a5a09727a8df381047c33b609943a1d38f
Sha256: 3544684964d09ec8b55fde521c9ca618fe780c0e0973d86186e85a73962dc792
                                        
                                            GET /wp-content/uploads/2020/06/5649546-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 3383
last-modified: Thu, 18 Jun 2020 07:39:39 GMT
etag: "5eeb1a3b-d37"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 100x70, components 3\012- data
Size:   3383
Md5:    46bdb850cc1cf8360ea6180741298858
Sha1:   8ea901425d023b2302a9f227fc8a3cff716c317e
Sha256: d84e41a4e4c08375e7287b2ee56f2bbd98ef6f47e66293244aae68b8f205ce0d
                                        
                                            GET /pixel?google_nid=agentstvo_sape_limited&google_hm=CgkJsFP9KWPBAC4hAgmhbQ HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.194
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 20 Sep 2022 17:50:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   170
Md5:    e7673c60af825466f83d46da72ca1635
Sha1:   fc0fcbee0835709ba2d28798a612bfd687903fb5
Sha256: 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 17:50:13 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 24 Sep 2022 14:26:27 GMT
ETag: "60d2cd34771f8f90e9ebe94a84293e072b1be5d1"
Last-Modified: Tue, 20 Sep 2022 14:26:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2494
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dc66f81b38b4f9-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    a4d223cd4113957dea971b476da936b3
Sha1:   60d2cd34771f8f90e9ebe94a84293e072b1be5d1
Sha256: 0d089c3b446422ba679b3dff1a195767e5a047e1e47163c424185ff79415906c
                                        
                                            GET /cookie_matching_ssp/Sape-dsp/0A0909B053FD2963C1002E210209A16D HTTP/1.1 
Host: fcgi4.gnezdo.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.95.102.105
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 20 Sep 2022 17:50:13 GMT
set-cookie: uid=XV9maWMp/VVQjEtRgqqIAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2

                                        
                                            GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         188.42.191.196
HTTP/2 302 Found
                                        
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 20 Sep 2023 17:50:13 GMT; Path=/; Domain=.betweendigital.com tuuid=ff8ee715-1188-5207-9961-30e6fa48cdb3; Max-Age=31536000; Expires=Wed, 20 Sep 2023 17:50:13 GMT; Path=/; Domain=.betweendigital.com ut=Yyn9VQAL2yjrRLXOvwvK1Dxk4DKy8jjVIpFOlg==; Max-Age=31536000; Expires=Wed, 20 Sep 2023 17:50:13 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /wp-content/uploads/2020/06/%D0%BC%D0%B5%D0%B4%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D1%8B1-100x70.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 13262
last-modified: Thu, 18 Jun 2020 07:37:42 GMT
etag: "5eeb19c6-33ce"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=853, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], baseline, precision 8, 100x70, components 3\012- data
Size:   13262
Md5:    2cdcc93d64b233379d27e921bc53bfcd
Sha1:   709e16110834bc91ae7e04bdc725c0638db3f809
Sha256: ef6145235b7f404fea62afd14f5443d14afa38657819772062aebd8fd9402512
                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3587
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 17:50:13 GMT
Last-Modified: Tue, 20 Sep 2022 16:50:26 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1 
Host: ad.adriver.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.209.108.38
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 20 Sep 2022 17:50:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-6064627485; expires=Thu, 19 Sep 2024 17:50:13 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6064627485
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

                                        
                                            GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1 
Host: sync.adkernel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         77.245.57.72
HTTP/1.1 200 OK
                                        
Server: nginx
Date: Tue, 20 Sep 2022 17:50:13 GMT
Content-Length: 0
Connection: close

                                        
                                            GET /cgi-bin/sync.cgi?dsp_id=153&external_id=0A0909B053FD2963C1002E210209A16D HTTP/1.1 
Host: ssp.adriver.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.209.111.4
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Tue, 20 Sep 2022 17:50:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 17:50:13 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 04:18:18 GMT
Expires: Mon, 26 Sep 2022 04:18:17 GMT
Etag: "81959b98f864c8b48587bae773c5a8a33748b4e2"
Cache-Control: max-age=600121,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1090
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dc66f85c10b524-OSL

                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3082
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 17:50:13 GMT
Last-Modified: Tue, 20 Sep 2022 16:58:51 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 17:50:13 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 24 Sep 2022 16:40:37 GMT
ETag: "9d8fcf62daf9f76a7775b21e314eae90276a70ca"
Last-Modified: Tue, 20 Sep 2022 16:40:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2322
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dc66f87eb00b65-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    fd0b20bcd42de80758d470820230be46
Sha1:   9d8fcf62daf9f76a7775b21e314eae90276a70ca
Sha256: c076277349ac979e20ed9908cf6f9e538a92c5a948b4cdc523e82c518cd3a8bd
                                        
                                            GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.42.191.196
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 20 Sep 2023 17:50:13 GMT; Path=/; Domain=.betweendigital.com tuuid=d78e59c6-b3e8-5207-9499-862bf7b07b7e; Max-Age=31536000; Expires=Wed, 20 Sep 2023 17:50:13 GMT; Path=/; Domain=.betweendigital.com ut=Yyn9VQAMpkh35QXOEfFVpAQ0cfCsivkwPvdizA==; Max-Age=31536000; Expires=Wed, 20 Sep 2023 17:50:13 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   68
Md5:    c4a2b870062c2bb98c500bc1526c0498
Sha1:   528666ccdb12997358077bc8fcdbfb6b825c7788
Sha256: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
                                        
                                            GET /wp-content/uploads/2020/01/%D0%BF%D0%BE%D1%81%D0%BB%D0%B0%D0%BD%D0%B8%D0%B5-218x150.jpg HTTP/1.1 
Host: obzor48.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://obzor48.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.53.96.125
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx/1.14.1
date: Tue, 20 Sep 2022 17:50:10 GMT
content-length: 39058
last-modified: Wed, 22 Jan 2020 05:59:55 GMT
etag: "5e27e4db-9892"
expires: Fri, 21 Oct 2022 17:50:10 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=9, manufacturer=NIKON CORPORATION, model=NIKON D750, orientation=upper-left, xresolution=151, yresolution=159, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2020:01:21 13:42:01], baseline, precision 8, 218x150, components 3\012- data
Size:   39058
Md5:    644c0dc3256f55054f1dd2e3dd7de07c
Sha1:   edfe02bf8f5a4e70f1efd35e24910cd964b847a1
Sha256: 7f828d06bb76f361a3175027337da56a1d0c69200266e21774c034b3f24dd8ed
                                        
                                            GET /cm.gif?p=48&id=0A0909B053FD2963C1002E210209A16D HTTP/1.1 
Host: ad.mail.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.163.41.56
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Tue, 20 Sep 2022 17:50:13 GMT
content-length: 43
set-cookie: VID=380a7z3_v_oC002A_82RORoC:::0-0-0-8445615:CAASEGVBdolB98c0uUp9_8mYRIgaYETuQ_jYdjktO_wvpQHCVo3YMVzojU80-2XtZ7iBvorqSUb7xHPr6VkpbhEL-kypy0by8B7LpKpAHFxC7khubdAQeFBrsu6WDMo1Yj5lp3qB-WPqfeaqeNXaWpAF3u0Kdg; path=/; expires=Thu, 21-Sep-23 17:50:13 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Tue, 20 Sep 2022 23:50:13 GMT
cache-control: max-age=21600
last-modified: Tue, 20 Sep 2022 17:50:13 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /sync HTTP/1.1 
Host: sape-sync.rutarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         178.170.196.247
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Tue, 20 Sep 2022 17:50:13 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=7u3Xr2dIvukx
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=7u3Xr2dIvukx; Path=/; Domain=.rutarget.ru; Expires=Sun, 19 Mar 2023 17:50:13 GMT; SameSite=None; Secure

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F698BDEB736BBADF495E128761F8C5BB264418707F0F95E8A5C35CBD00D9A3C2"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16911
Expires: Tue, 20 Sep 2022 22:32:04 GMT
Date: Tue, 20 Sep 2022 17:50:13 GMT
Connection: keep-alive

                                        
                                            GET /p?ssp=sape&id=0A0909B053FD2963C1002E210209A16D HTTP/1.1 
Host: sm.rtb.mts.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.66.147.164
HTTP/1.1 301 Moved Permanently
                                        
Server: nginx
Date: Tue, 20 Sep 2022 17:50:13 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=0A0909B053FD2963C1002E210209A16D
Set-Cookie: dspid=bdb29169-3f21-4fd2-b5f7-281ac5c928bf; expires=Mon, 11 Sep 2023 17:50:13 GMT; domain=.mts.ru; path=/; secure; SameSite=None

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 17:50:13 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 14:18:44 GMT
Expires: Tue, 27 Sep 2022 14:18:43 GMT
Etag: "6a95016d800f003c5a9be4fb1a806178aeb263b3"
Cache-Control: max-age=591509,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dc66f88a96b521-OSL