Overview

URL proektanti.ru/user/work/51926
IP88.214.230.195
ASNLLC Digital Network
Location Russia
Report completed2022-09-20 14:54:58 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-20 2 proektanti.ru/user/work/51926 Malware
2022-09-20 2 proektanti.ru/user/work/51926 Malware
2022-09-20 2 proektanti.ru/public/javascripts/jquery-3.4.1.min.js Malware
2022-09-20 2 edn.whilen.ru/sta453b3qh45lr/1.4.5.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (75)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS connect.mail.ru (2) 47433 2012-05-21 15:01:23 UTC 2022-09-20 12:15:43 UTC 94.100.180.55
mnemonic passive DNS r3.o.lencr.org (24) 344 2020-12-02 08:52:13 UTC 2022-09-20 04:47:05 UTC 23.36.76.226
mnemonic passive DNS w.uptolike.com (9) 101818 2013-08-05 13:26:12 UTC 2022-09-19 17:00:22 UTC 95.163.114.203
mnemonic passive DNS ssp.bestssp.com (1) 90974 2017-06-10 08:55:20 UTC 2022-09-20 12:49:26 UTC 185.147.80.35
mnemonic passive DNS exchange.buzzoola.com (1) 18389 2014-10-17 15:20:27 UTC 2022-09-20 13:58:37 UTC 144.76.119.17
mnemonic passive DNS postabuse.ru (1) 0 2022-09-13 13:36:15 UTC 2022-09-19 21:16:55 UTC 62.109.31.26 Unknown ranking
mnemonic passive DNS ocsp.globalsign.com (5) 2075 2012-05-25 06:20:55 UTC 2022-09-20 10:16:44 UTC 104.18.21.226
mnemonic passive DNS ocsp2.globalsign.com (5) 1544 2012-05-21 07:12:19 UTC 2022-09-20 10:20:11 UTC 104.18.21.226
mnemonic passive DNS tab.reformal.ru (1) 0 2012-06-23 21:15:42 UTC 2022-09-19 04:46:13 UTC 139.162.151.130 Domain (reformal.ru) ranked at: 252221
mnemonic passive DNS ocsp.sectigo.com (4) 487 2018-12-17 11:31:55 UTC 2022-09-20 09:30:45 UTC 172.64.155.188
mnemonic passive DNS af.click.ru (1) 135475 2021-12-09 09:15:00 UTC 2022-09-19 17:00:24 UTC 217.197.112.80
mnemonic passive DNS adservice.google.no (1) 96969 2017-09-26 14:23:08 UTC 2022-09-20 04:48:10 UTC 142.250.74.98
mnemonic passive DNS redirect.frontend.weborama.fr (2) 8348 2017-05-04 15:00:27 UTC 2022-09-20 12:49:26 UTC 35.190.24.218
mnemonic passive DNS proektanti.ru (16) 0 2012-11-14 12:05:21 UTC 2022-09-09 07:45:44 UTC 88.214.230.195 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-20 05:36:22 UTC 52.43.58.150
mnemonic passive DNS acint.net (2) 22962 2014-02-14 21:23:16 UTC 2022-09-20 13:44:51 UTC 193.3.184.137
mnemonic passive DNS ssp.bidvol.com (1) 31817 2020-02-22 12:37:29 UTC 2022-09-20 13:44:39 UTC 65.109.23.99
mnemonic passive DNS ocsp.usertrust.com (1) 899 2012-05-21 15:43:18 UTC 2022-09-20 10:15:42 UTC 104.18.32.68
mnemonic passive DNS adservice.google.com (1) 76 2021-02-20 16:10:48 UTC 2022-09-20 12:44:02 UTC 142.250.74.162
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-20 08:06:10 UTC 93.184.220.29
mnemonic passive DNS ssp-rtb.sape.ru (1) 31166 2016-02-02 17:01:03 UTC 2022-09-20 13:44:39 UTC 193.3.184.135
mnemonic passive DNS ut.rktch.com (1) 41215 2018-06-04 10:29:18 UTC 2022-09-20 12:49:26 UTC 89.108.97.2
mnemonic passive DNS sync.bumlam.com (2) 3243 2015-08-10 21:04:25 UTC 2022-09-20 12:49:26 UTC 31.172.81.159
mnemonic passive DNS nr.bidderstack.com (1) 352019 2019-02-11 14:43:50 UTC 2022-09-20 12:49:26 UTC 46.4.70.80
mnemonic passive DNS stat.adlabs.ru (1) 200922 2012-07-23 15:58:30 UTC 2022-09-20 12:49:26 UTC 109.248.237.36
mnemonic passive DNS fcgi4.gnezdo.ru (1) 69027 2020-06-11 12:55:54 UTC 2022-09-20 13:44:47 UTC 93.95.102.105
mnemonic passive DNS x01.aidata.io (2) 12188 2016-03-31 15:36:46 UTC 2022-09-20 12:49:26 UTC 89.108.120.76
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-20 04:46:53 UTC 34.120.237.76
mnemonic passive DNS tech.rtb.mts.ru (1) 27360 2017-04-17 12:41:30 UTC 2022-09-20 12:49:27 UTC 213.87.44.187
mnemonic passive DNS match.new-programmatic.com (1) 33613 2020-02-18 20:50:06 UTC 2022-09-20 13:58:37 UTC 217.65.2.150
mnemonic passive DNS ad.mail.ru (1) 7643 2012-06-22 19:38:09 UTC 2022-09-20 10:20:09 UTC 95.163.41.56
mnemonic passive DNS sm.rtb.mts.ru (2) 27154 2019-03-26 14:10:01 UTC 2022-09-20 12:49:26 UTC 217.66.147.36
mnemonic passive DNS cdn.retget.ru (1) 0 2019-07-31 17:13:57 UTC 2022-09-19 23:11:56 UTC 95.217.109.66 Domain (retget.ru) ranked at: 938198
mnemonic passive DNS cm.g.doubleclick.net (1) 202 2013-05-30 23:19:45 UTC 2022-09-20 13:18:44 UTC 142.250.74.130
mnemonic passive DNS ads.betweendigital.com (4) 1571 2012-10-30 05:08:04 UTC 2022-09-20 12:26:54 UTC 188.42.191.196
mnemonic passive DNS status.thawte.com (1) 5123 2017-11-27 12:33:51 UTC 2022-09-20 10:19:59 UTC 93.184.220.29
mnemonic passive DNS sync.adkernel.com (1) 4993 2017-04-19 09:25:22 UTC 2022-09-20 12:49:26 UTC 77.245.57.72
mnemonic passive DNS prespan.ru (1) 0 2022-09-15 15:00:25 UTC 2022-09-20 06:36:08 UTC 94.250.254.126 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-20 09:16:43 UTC 143.204.55.36
mnemonic passive DNS sync.republer.com (1) 45392 2015-04-29 11:49:27 UTC 2022-09-20 12:49:26 UTC 23.88.82.46
mnemonic passive DNS sync.dmp.otm-r.com (1) 19534 2017-02-03 07:19:51 UTC 2022-09-20 12:49:26 UTC 178.63.43.235
mnemonic passive DNS px.adhigh.net (2) 10272 2013-01-03 21:02:08 UTC 2022-09-20 12:45:04 UTC 193.232.148.143
mnemonic passive DNS mc.yandex.ru (4) 2672 2017-01-29 05:34:36 UTC 2022-09-20 10:17:14 UTC 93.158.134.119
mnemonic passive DNS edn.whilen.ru (1) 322956 2021-07-16 17:41:26 UTC 2022-09-19 23:11:56 UTC 92.223.97.97
mnemonic passive DNS a.utraff.com (1) 39874 2020-01-25 04:23:15 UTC 2022-09-20 12:49:26 UTC 104.21.59.66
mnemonic passive DNS cs.agency2.ru (1) 0 2022-04-29 14:24:02 UTC 2022-09-20 13:44:49 UTC 23.111.107.44 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-09-20 04:47:45 UTC 142.250.74.3
mnemonic passive DNS 0100007f38d42963e1037a6a027e3115-sp.ops.beeline.ru (1) 0 No data No data 37.9.245.57 Domain (beeline.ru) ranked at: 20964
mnemonic passive DNS googleads.g.doubleclick.net (1) 42 2021-02-20 15:43:32 UTC 2022-09-20 13:36:28 UTC 142.250.74.98
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-20 04:47:04 UTC 34.117.237.239
mnemonic passive DNS mediatoday.ru (1) 136083 2013-05-20 20:53:32 UTC 2022-09-20 13:44:39 UTC 139.45.228.100
mnemonic passive DNS api.pinterest.com (2) 2281 2014-07-23 01:26:40 UTC 2022-09-20 12:22:55 UTC 151.101.84.84
mnemonic passive DNS log.reformal.ru (1) 660442 2012-09-09 18:04:42 UTC 2022-09-19 04:46:13 UTC 139.162.151.130
mnemonic passive DNS dm-eu.hybrid.ai (1) 28847 2021-01-25 11:48:59 UTC 2022-09-20 12:49:26 UTC 37.18.103.16
mnemonic passive DNS ad.adriver.ru (2) 19548 2012-08-31 17:10:27 UTC 2022-09-20 11:11:09 UTC 195.209.108.47
mnemonic passive DNS connect.ok.ru (2) 20169 2012-12-05 13:46:44 UTC 2022-09-20 10:58:01 UTC 217.20.155.208
mnemonic passive DNS an.yandex.ru (2) 2577 2017-01-30 05:11:51 UTC 2022-09-20 11:06:27 UTC 93.158.134.90
mnemonic passive DNS sync.upravel.com (2) 28097 2017-05-29 09:13:46 UTC 2022-09-20 12:49:26 UTC 176.9.8.252
mnemonic passive DNS nordw.ingeitn.ru (1) 310265 2021-07-16 17:46:15 UTC 2022-09-19 23:11:56 UTC 92.223.97.97
mnemonic passive DNS www.acint.net (14) 29072 2014-02-14 21:23:16 UTC 2022-09-20 12:49:26 UTC 193.3.184.137
mnemonic passive DNS securemoney.ru (1) 0 2019-11-01 03:03:03 UTC 2022-06-05 23:30:43 UTC 46.254.21.236 Unknown ranking
mnemonic passive DNS reformal.ru (1) 252221 No data No data 139.162.151.130
mnemonic passive DNS s.uuidksinc.net (1) 3423 2015-07-20 12:00:35 UTC 2022-09-20 12:49:26 UTC 31.220.27.155
mnemonic passive DNS pagead2.googlesyndication.com (1) 101 2021-02-20 15:52:05 UTC 2022-09-20 11:41:46 UTC 172.217.21.162
mnemonic passive DNS media.reformal.ru (2) 686667 2012-06-23 21:15:41 UTC 2022-09-19 04:46:13 UTC 139.162.151.130
mnemonic passive DNS ads.adlook.me (1) 43352 2018-11-28 12:50:19 UTC 2022-09-20 12:49:26 UTC 5.200.50.170
mnemonic passive DNS counter.yadro.ru (1) 7275 2014-09-09 18:41:17 UTC 2022-09-20 10:20:08 UTC 88.212.201.198
mnemonic passive DNS cdn.smntq.com (1) 194212 2021-04-22 18:02:55 UTC 2022-09-19 23:11:56 UTC 95.217.109.66
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-20 05:19:24 UTC 143.204.55.25
mnemonic passive DNS sync.1dmp.io (2) 10017 2016-02-09 11:52:58 UTC 2022-09-20 12:49:26 UTC 95.216.101.186
mnemonic passive DNS sape-sync.rutarget.ru (1) 173587 2018-08-07 14:11:47 UTC 2022-09-20 12:49:26 UTC 46.243.142.239
mnemonic passive DNS ocsp.godaddy.com (2) 698 2012-05-20 19:28:57 UTC 2022-09-20 09:29:00 UTC 192.124.249.23
mnemonic passive DNS status.geotrust.com (5) 3662 2017-12-01 08:55:31 UTC 2022-09-20 10:18:22 UTC 93.184.220.29
mnemonic passive DNS ssp.adriver.ru (2) 12439 2014-01-10 13:39:33 UTC 2022-09-20 12:49:26 UTC 195.209.111.7
mnemonic passive DNS adlmerge.com (1) 146521 2017-04-06 07:10:27 UTC 2022-09-20 12:49:26 UTC 95.211.66.35


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 88.214.230.195

Date UQ / IDS / BL URL IP
2022-09-20 14:54:58 +0000
0 - 0 - 4 proektanti.ru/user/work/51926 88.214.230.195

Last 5 reports on ASN: LLC Digital Network

Date UQ / IDS / BL URL IP
2022-12-02 08:25:23 +0000
0 - 0 - 2 89.208.103.62/pollTrack.php?Jw1xCeRwWM=ZDHKlG (...) 89.208.103.62
2022-12-02 01:40:55 +0000
0 - 0 - 6 89.208.103.75 89.208.103.75
2022-12-02 00:21:07 +0000
0 - 0 - 2 79.137.206.108/s.exe 79.137.206.108
2022-12-01 22:16:40 +0000
0 - 0 - 24 amanda-nn.com/ 89.208.104.221
2022-12-01 20:03:23 +0000
0 - 0 - 2 79.137.197.181/g93dLhG2/Plugins/cred64.dll 79.137.197.181

Last 1 reports on domain: proektanti.ru

Date UQ / IDS / BL URL IP
2022-09-20 14:54:58 +0000
0 - 0 - 4 proektanti.ru/user/work/51926 88.214.230.195

No other reports with similar screenshot



JavaScript

Executed Scripts (41)


Executed Evals (1)

#1 JavaScript::Eval (size: 31, repeated: 1) - SHA256: 6e4c074bba968f3a2899edcbccf9e893ebdad7a5a533463e4d9630f28f3baed1

                                        (a = 0) => {
    let b;
    const c = class {};
}
                                    

Executed Writes (2)

#1 JavaScript::Write (size: 50, repeated: 1) - SHA256: aa618749d45c83d58e59e489a328e9919f54103631523efd07c42a9c345488c4

                                        < script src = "//securemoney.ru/556118.js" > < /script>
                                    

#2 JavaScript::Write (size: 317, repeated: 1) - SHA256: d0062f3d499c85e676e7a7c01a8c4ec1c2283262254f012ff70e235befb0b61f

                                        < a href = 'https://www.liveinternet.ru/click'
target = _blank > < img src = 'https://counter.yadro.ru/hit?t18.16;r;s1280*1024*24;uhttps%3A//proektanti.ru/user/work/51926;0.32539882269162534'
alt = ''
title = 'LiveInternet: ?>:070=> G8A;> ?@>A<>B@>2 70 24 G0A0, ?>A5B8B5;59 70 24 G0A0 8 70 A53>4=O'
border = 0 width = 88 height = 31 > < /a>
                                    


HTTP Transactions (185)


Request Response
                                        
                                            GET /user/work/51926 HTTP/1.1 
Host: proektanti.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         88.214.230.195
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 20 Sep 2022 14:53:09 GMT
Server: Apache/2.2.22 (Debian)
Location: https://proektanti.ru/user/work/51926
Cache-Control: max-age=1
Expires: Tue, 20 Sep 2022 14:53:10 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 246
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   246
Md5:    58d59fd03b3317e5a514c6a54efc1fae
Sha1:   def90df9112386a4c45ce8fca407286a41d9064b
Sha256: 6d246a763ac3d01001e53b57dfdd38820644a03c6cdd42a55ff372fcb2cc96b7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 14:13:09 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _9214m26QEy2UG8Ks4ofhJcjSbA_54Rtv64dXKUkYj4A4ru06ay3Tg==
Age: 2498


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8374
Expires: Tue, 20 Sep 2022 17:14:21 GMT
Date: Tue, 20 Sep 2022 14:54:47 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: o70vaSWB_UFOelOqMTyIY6765-QIbDoC23ryqkGElg3TF_pxWkoOgg==
age: 37174
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 20 Sep 2022 14:54:47 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 14:54:47 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 24 Sep 2022 13:21:45 GMT
ETag: "556384b9c0a4d213493a8a70473eeb2d3aa37be4"
Last-Modified: Tue, 20 Sep 2022 13:21:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db65fc6d791c02-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    ba0d0c03de2bf92cdf43704bb5804c48
Sha1:   556384b9c0a4d213493a8a70473eeb2d3aa37be4
Sha256: c767380e035a5ac0385a0dc5563d388734bb5a06cde32081d949a3afccc2eb17
                                        
                                            GET /user/work/51926 HTTP/1.1 
Host: proektanti.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         88.214.230.195
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 20 Sep 2022 14:53:09 GMT
Server: Apache/2.2.22 (Debian)
X-Powered-By: PHP/5.4.35-0+deb7u2
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5689
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (740), with CRLF, LF line terminators
Size:   5689
Md5:    33d467bd67cd515a5298431bd844dd1b
Sha1:   e5933e0f332d34fc960b69e81dce16b49ca9d2c1
Sha256: 2218d74ae184c2727b06e0897ac3bf9abacdf85863b3fba92eca3ec094d76d67

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /stylesheets/style.css HTTP/1.1 
Host: proektanti.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/user/work/51926
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         88.214.230.195
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Tue, 22 Sep 2020 18:35:26 GMT
ETag: "19a2d-5afeb3b065780"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 16091
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ISO-8859 text
Size:   16091
Md5:    d5139897f6a1470224015ed96459ddca
Sha1:   844db22ce33c21c6e5360ee52064828ce9e14409
Sha256: f35e6e5ac6c6828d55abc87dc55e281a902b6a8b05f93673d332484d12599879
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 20 Sep 2022 14:03:22 GMT
Expires: Tue, 20 Sep 2022 14:28:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 111Cg22HQWf_FN_dW1SZ1zrfEOxju4oXel_NCgPk090DhIn6hdwD0g==
Age: 3086


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /public/javascripts/jquery-3.4.1.min.js HTTP/1.1 
Host: proektanti.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/user/work/51926
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         88.214.230.195
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Mon, 14 Oct 2019 09:13:00 GMT
ETag: "1596c-594db46323f00"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 30823
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65450), with CRLF line terminators
Size:   30823
Md5:    910c198b9f17e7e7c629a330f3bc7b4f
Sha1:   baa09a0e98d1619c59742f96e4a38162e4ea01d1
Sha256: add895f93a910a39ea7133ba3eaa2f1929ae629c25c00e467717413ca56d0745

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /public/images/systems/skype.png HTTP/1.1 
Host: proektanti.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/user/work/51926
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         88.214.230.195
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Tue, 25 Nov 2014 19:49:12 GMT
ETag: "720-508b43487be00"
Accept-Ranges: bytes
Content-Length: 1824
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 17 x 17, 8-bit/color RGBA, non-interlaced\012- data
Size:   1824
Md5:    17540ad70790e50c0badf91332331921
Sha1:   5849287671b8b6cb8d37a6f385a822a522f630a0
Sha256: 5dfe030ba2aaadbaa59994da619339955ad94a8af15bd164ff140f45146e7a48
                                        
                                            GET /public/images/systems/logo.jpg HTTP/1.1 
Host: proektanti.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/user/work/51926
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         88.214.230.195
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Sat, 31 Jan 2009 11:50:11 GMT
ETag: "2fed-461c5ec7e62c0"
Accept-Ranges: bytes
Content-Length: 12269
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 249x107, components 3\012- data
Size:   12269
Md5:    97c7b3a11cc84ab43c03a3edbf8b71ff
Sha1:   c2b52c87102e851c0c1d6427ce4f70dee21039fb
Sha256: 8c47a1c504a761b3e01590059ad678edd78bc410db3e634cdfd97241c57d0087
                                        
                                            GET /images/likep.png HTTP/1.1 
Host: proektanti.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/user/work/51926
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         88.214.230.195
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Fri, 18 Oct 2019 21:29:15 GMT
ETag: "5bf-595360698c0c0"
Accept-Ranges: bytes
Content-Length: 1471
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 14 x 14, 8-bit/color RGBA, interlaced\012- data
Size:   1471
Md5:    38217821dfcc2ada30f0a31253dd5ab4
Sha1:   71a1dde0a83ba629d2bc5522cc9bb2b016676800
Sha256: 950e1f981264ae9d50889fd578c12361f7e6e9f31bca925141b1191f4e460b68
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5225
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 14:54:48 GMT
Last-Modified: Tue, 20 Sep 2022 13:27:43 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /images/portfolio/519/s2_preview51926.jpg HTTP/1.1 
Host: proektanti.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/user/work/51926
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         88.214.230.195
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Wed, 15 Jan 2020 17:00:25 GMT
ETag: "10245-59c30a50dd375"
Accept-Ranges: bytes
Content-Length: 66117
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 825x583, components 3\012- data
Size:   66117
Md5:    f308aec8abeb81f2d3dd90a901b92334
Sha1:   e24ac69ee087ded21eda58ef2c96e06d51ae2a62
Sha256: 3af1477eaebfce9e50e5078bf72a25b4c49c43c6348fe23edfb54cc858dbc8ec
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4C982A24DA030C3F5FF194C259162FAA4171831F6072CC59357EC2D7C030B098"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11871
Expires: Tue, 20 Sep 2022 18:12:39 GMT
Date: Tue, 20 Sep 2022 14:54:48 GMT
Connection: keep-alive

                                        
                                            GET /public/images/systems/ugl.gif HTTP/1.1 
Host: proektanti.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/stylesheets/style.css
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         88.214.230.195
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Sat, 31 Jan 2009 11:50:11 GMT
ETag: "99-461c5ec7e62c0"
Accept-Ranges: bytes
Content-Length: 153
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 40 x 44\012- data
Size:   153
Md5:    d3138b814562539a5b7a1b37ddbca5dc
Sha1:   7da04f2550a0d46a19b27fd68304af0f7766d3a5
Sha256: d9206a07cc59f9c08d0ac48680f82e870d7528b47b346013d0e474e68a178f35
                                        
                                            GET /public/images/systems/l1.gif HTTP/1.1 
Host: proektanti.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/stylesheets/style.css
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         88.214.230.195
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Sat, 31 Jan 2009 11:50:11 GMT
ETag: "70-461c5ec7e62c0"
Accept-Ranges: bytes
Content-Length: 112
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 9 x 36\012- data
Size:   112
Md5:    837486ba0b2d7e6e3f822545173aae5a
Sha1:   75e3ebb8ed895e5a75d335d0b169a6a30cc3df02
Sha256: 3662ad1405fbec98de7db6a9b7d83d59df69acae0e019cc59829be7abec2132d
                                        
                                            GET /public/images/systems/portactiv.gif HTTP/1.1 
Host: proektanti.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/stylesheets/style.css
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         88.214.230.195
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Sat, 31 Jan 2009 11:50:11 GMT
ETag: "186-461c5ec7e62c0"
Accept-Ranges: bytes
Content-Length: 390
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 102 x 44\012- data
Size:   390
Md5:    87e7226cfb7974b50e7bc8b60175b1d6
Sha1:   416c11c8703c6ca07ce6997a0b09720e0ca65456
Sha256: 3c1154a92ebcc302c5f4a2ed01665de053256de7d0183b3f47ee0b962113242b
                                        
                                            GET /public/images/systems/bnotactiv.gif HTTP/1.1 
Host: proektanti.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/stylesheets/style.css
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         88.214.230.195
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Sat, 31 Jan 2009 11:50:11 GMT
ETag: "1bf-461c5ec7e62c0"
Accept-Ranges: bytes
Content-Length: 447
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 120 x 44\012- data
Size:   447
Md5:    e8c59857f4378c43e6b0a349f7859c6d
Sha1:   95ee981e18751c7e839fab78d992a41e9872323e
Sha256: 3bbfd108fb08deba8ad9de928db215c346c1e168fde297238ede17235d34609f
                                        
                                            GET /public/images/systems/otnotactive.gif HTTP/1.1 
Host: proektanti.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/stylesheets/style.css
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         88.214.230.195
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Sat, 31 Jan 2009 11:50:11 GMT
ETag: "177-461c5ec7e62c0"
Accept-Ranges: bytes
Content-Length: 375
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 90 x 44\012- data
Size:   375
Md5:    5ea39c80638bbc5595b694930b84a17e
Sha1:   bd56246e5d1d096d897a5588d7ed995c03c3eb00
Sha256: 1d7b4239de23255ae1afc585e1111baf7936b0c485d61c33ce5c2a0cf5b40930
                                        
                                            GET /aci.js HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         193.3.184.137
HTTP/2 200 OK
content-type: application/x-javascript
                                        
server: openresty
date: Tue, 20 Sep 2022 14:54:48 GMT
content-length: 7461
last-modified: Mon, 16 May 2022 07:14:50 GMT
etag: "6281f9ea-1d25"
content-encoding: gzip
expires: Wed, 21 Sep 2022 02:54:48 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1408)
Size:   7461
Md5:    ae0aab6c5a2ae2e1168e74f6e6ae4741
Sha1:   2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
Sha256: a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de
                                        
                                            GET /public/images/systems/sernottactiv.gif HTTP/1.1 
Host: proektanti.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/stylesheets/style.css
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         88.214.230.195
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Sat, 31 Jan 2009 11:50:11 GMT
ETag: "19a-461c5ec7e62c0"
Accept-Ranges: bytes
Content-Length: 410
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 114 x 44\012- data
Size:   410
Md5:    80f74f4891d4791674a61f07af999220
Sha1:   0feacf1e2185170e3e6ffc970ae4bc53c94e259f
Sha256: 6e90333fb480831e4c04e9d8122e8bc5bbf2341f31216893b345494b1606423d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4573AA467856ED1D94F4AFDB35C88006DB3E70601C2D7CE1CF448CFE489BAC84"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10690
Expires: Tue, 20 Sep 2022 17:52:58 GMT
Date: Tue, 20 Sep 2022 14:54:48 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1034D562F8E1CBB3458D0CFAE682AB3CBA8EA652757DDE7755DC634DDE665D04"
Last-Modified: Tue, 20 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10841
Expires: Tue, 20 Sep 2022 17:55:29 GMT
Date: Tue, 20 Sep 2022 14:54:48 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iGbu/o/+YD5mtKTd3IjmdQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.43.58.150
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IPjfgcPsU0LY2/XGyNwEWJxFw2c=

                                        
                                            GET /hit/?v=0.4.0&uid=5f750206-cdcc-470c-bebd-5a94d214ea7c&dp=10&tz=%2B00%3A00&nc=65368130&u=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&r=&rs=1280x1024&t=%D0%A1%D1%82%D0%BE%D0%BB%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BD%D0%B0%201000%2F2000%20%D0%BC%D0%B5%D1%81%D1%82%2F%D0%BF%D0%BE%D1%81%D0%B5%D1%89%D0%B5%D0%BD%D0%B8%D0%B9&oE=1&oP=1&dT=2022-09-20T14%3A54%3A48.705&fu=d29cca94-1503-4a87-a355-862beef83266 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         193.3.184.137
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Tue, 20 Sep 2022 14:54:48 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=fwAAAWMp1DhplAPi9Fl1AjuqXRu20YcCvkTXwmmu+7Bcbwm0; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /widgets/v3/reformal.js HTTP/1.1 
Host: media.reformal.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.162.151.130
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
                                        
Server: nginx/1.16.1
Date: Tue, 20 Sep 2022 14:54:48 GMT
Last-Modified: Wed, 27 Apr 2016 09:51:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"57208bb3-3b0d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (15116)
Size:   4794
Md5:    206c92e8c010e2f54dc2e76adf56bddc
Sha1:   cc612ba858973a9c384107e4df6453c9ed9ebf10
Sha256: 154e0789792326a4a35496859afd407e299d30d62b86709c6d4387c8f51296b9
                                        
                                            GET /mc/?dp=10 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         193.3.184.137
HTTP/2 302 Found
content-type: text/html
                                        
server: openresty
date: Tue, 20 Sep 2022 14:54:48 GMT
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Tue, 20-Sep-22 15:04:48 GMT aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   154
Md5:    cfbeaf604823f038b8b46f0ac862b98c
Sha1:   7b9eb1dac48e74fa5f418bc456cb410f88b81d98
Sha256: 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
                                        
                                            GET /public/images/systems/llogo.gif HTTP/1.1 
Host: proektanti.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/stylesheets/style.css
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         88.214.230.195
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Sat, 31 Jan 2009 11:50:11 GMT
ETag: "10a87-461c5ec7e62c0"
Accept-Ranges: bytes
Content-Length: 68231
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 680 x 130\012- data
Size:   68231
Md5:    7f134aeaf663bc58d0835dfa21afe5ac
Sha1:   9869af045fa3f069e2d34e889059af84c0fd9d03
Sha256: cae2501c253f7a69f8a8df3b56792b562c32c381b4e5b3e7ec27068208b8bce5
                                        
                                            GET /556118.js HTTP/1.1 
Host: securemoney.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         46.254.21.236
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 20 Sep 2022 14:54:48 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   8326
Md5:    6075742d564fbc306a88508d7e0e5d3d
Sha1:   769855acd94bae595564826b23fa3f738c806799
Sha256: cda0005e8be6a96fed733b0ea7cfa06fbcb3123c3692ed3d3ce7e8ee83587c63
                                        
                                            GET /human_check/74646|aHR0cHM6Ly9wcm9la3RhbnRpLnJ1L3VzZXIvd29yay81MTkyNg==||62474 HTTP/1.1 
Host: reformal.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.162.151.130
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.16.1
Date: Tue, 20 Sep 2022 14:54:48 GMT
Content-Length: 43
Last-Modified: Fri, 20 Dec 2013 07:24:29 GMT
Connection: keep-alive
ETag: "52b3f0ad-2b"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /st.php?w=3&pid=74646 HTTP/1.1 
Host: log.reformal.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.162.151.130
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.16.1
Date: Tue, 20 Sep 2022 14:54:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    45cf913e5d9d3c9b2058033056d3dd23
Sha1:   30cb5d44e276505b1d4c053c8b25525da228db30
Sha256: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
                                        
                                            GET /T9GC0LfRi9Cy0Ysg0Lgg0L%252FRgNC10LTQu9C%252B0LbQtdC90LjRjw==/FFFFFF/a08a7c60392f68cb33f77d4f56cf8c6f/right/1/tab.png HTTP/1.1 
Host: tab.reformal.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.162.151.130
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.16.1
Date: Tue, 20 Sep 2022 14:54:48 GMT
Content-Length: 6291
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 14:27:04 GMT
Expires: Fri, 30 Sep 2022 14:54:48 GMT
Cache-Control: max-age=864000


--- Additional Info ---
Magic:  PNG image data, 21 x 217, 16-bit/color RGBA, non-interlaced\012- data
Size:   6291
Md5:    d04157421f816095076e9907e0284d90
Sha1:   075d70eb0180148c0562fcdb109e82190eea2683
Sha256: 7cf04ed5fa482c73c10c6bca22d9ff45cc4c57311abedfe6f433a10d1ec5190f
                                        
                                            GET /widgets/v1/version.js?cb=cb__utl_cb_share_1663685688887890 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Cookie: utl_id2=28862114642; utl_dat="CO37k9u1MBAAIO3M3uO1MCjtzN7jtTAwADFy4kGX4j7QFbhrQMx41u0="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.163.114.203
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Server: nginx
Date: Tue, 20 Sep 2022 14:54:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 15 Sep 2022 15:59:22 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Set-Cookie: utl_id2=28862114642; Expires=Thu, 19 Sep 2024 14:54:48 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure utl_dat="CO37k9u1MBAAIO3M3uO1MCjtzN7jtTAwADFy4kGX4j7QFbhrQMx41u0="; Expires=Thu, 19 Sep 2024 14:54:48 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   84
Md5:    fed25cd0e0cf7d5b48bc523bff2c69d4
Sha1:   f16eb6b84bcd164cbc789f8dab2096a2b0f9db49
Sha256: 611d6f417b0979e7808aeb947d674a1801cfd79b0c2f582cfee5fade37c664d6
                                        
                                            GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: sync.1dmp.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.216.101.186
HTTP/2 302 Found
                                        
server: nginx
date: Tue, 20 Sep 2022 14:54:48 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=2c943702-38f4-11ed-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 20 Sep 2023 14:54:48 GMT; SameSite=None; Secure uid-legacy=2c943702-38f4-11ed-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 20 Sep 2023 14:54:48 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F38D42963E1037A6A027E3115&cs=1
X-Firefox-Spdy: h2

                                        
                                            GET /match?id=106&vid=0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: dm-eu.hybrid.ai
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.18.103.16
HTTP/2 204 No Content
                                        
date: Tue, 20 Sep 2022 14:54:48 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=1e187667103caca87443; expires=Wed, 20 Sep 2023 14:54:47 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 518
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2

                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 14:54:48 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 24 Sep 2022 11:41:26 GMT
ETag: "e17a1270be105dec70591a62034a2ae4c4af0774"
Last-Modified: Tue, 20 Sep 2022 11:41:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 156
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db66040e6b1c02-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    bed2f948f6dfdc60139daab6dfd94d3a
Sha1:   e17a1270be105dec70591a62034a2ae4c4af0774
Sha256: 9538e7f4c24fbff527a7c022bbd1f4f75fba85f801312d454f1957040ae26271
                                        
                                            GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F38D42963E1037A6A027E3115&cs=1 HTTP/1.1 
Host: sync.1dmp.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=2c943702-38f4-11ed-ad67-f832e4719dd9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         95.216.101.186
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Tue, 20 Sep 2022 14:54:48 GMT
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=2c943702-38f4-11ed-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 20 Sep 2023 14:54:48 GMT; SameSite=None; Secure uid-legacy=2c943702-38f4-11ed-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 20 Sep 2023 14:54:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9D5840FC9DEA3D55D10247F043B47715557416539DB5856830BE0275EBD1224"
Last-Modified: Mon, 19 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9370
Expires: Tue, 20 Sep 2022 17:30:58 GMT
Date: Tue, 20 Sep 2022 14:54:48 GMT
Connection: keep-alive

                                        
                                            GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1 
Host: ads.adlook.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         5.200.50.170
HTTP/2 302 Found
                                        
location: https://acint.net/match?dp=110&euid=e9bf0ceffd234e539eacc3332259abe4
server: Kestrel
set-cookie: adlm_userId=e9bf0ceffd234e539eacc3332259abe4; expires=Tue, 19 Sep 2023 21:00:00 GMT; path=/; SameSite=None; secure
date: Tue, 20 Sep 2022 14:54:48 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1339
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 14:54:49 GMT
Last-Modified: Tue, 20 Sep 2022 14:32:30 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "35D956E357EA10D02A22BCF025F803E9FA6477631F9B333FBE1629060E8E75F8"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20041
Expires: Tue, 20 Sep 2022 20:28:50 GMT
Date: Tue, 20 Sep 2022 14:54:49 GMT
Connection: keep-alive

                                        
                                            GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1 
Host: ssp.bestssp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.147.80.35
HTTP/1.1 302 Found
                                        
Server: nginx/1.16.1
Date: Tue, 20 Sep 2022 14:54:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=SRJCLKMY
Set-Cookie: uid=SRJCLKMY; Expires=Tue, 20 Sep 2032 00:00:00 GMT; mf2=1; Expires=Thu, 20 Oct 2022 00:00:00 GMT;

                                        
                                            GET /match?dp=110&euid=e9bf0ceffd234e539eacc3332259abe4 HTTP/1.1 
Host: acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         193.3.184.137
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E75315ECF71F2D2C0BBA377F986399DB9653201D0E22C93F1D6A3AF0AAF64190"
Last-Modified: Mon, 19 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1052
Expires: Tue, 20 Sep 2022 15:12:21 GMT
Date: Tue, 20 Sep 2022 14:54:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "036C9308AE0565C542B1DC222F015489D71BACD42E2921F5EED651C6A4BBA258"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17741
Expires: Tue, 20 Sep 2022 19:50:30 GMT
Date: Tue, 20 Sep 2022 14:54:49 GMT
Connection: keep-alive

                                        
                                            GET /match?dp=95&euid=SRJCLKMY HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         193.3.184.137
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1 
Host: ssp-rtb.sape.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         193.3.184.135
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: openresty
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=ACB803C139D429632400CA61020BC419
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=wQO4rGMp1DlhygAkGcQLAmodMCPewcl3YoNSNdif7bPUhhT3; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   142
Md5:    82c98e8e012b79c922655461171cc2fa
Sha1:   0828d79135573276005b04be42d79a8a3291292b
Sha256: 745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AA63E2826129E7CD08081A10D5194C70918B02A05E22BBAD8CB83C8233C9105"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6207
Expires: Tue, 20 Sep 2022 16:38:16 GMT
Date: Tue, 20 Sep 2022 14:54:49 GMT
Connection: keep-alive

                                        
                                            GET /match?dsp=sape HTTP/1.1 
Host: sync.republer.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.88.82.46
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 20 Sep 2022 14:54:49 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2

                                        
                                            GET /match/sape?id=0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: sync.dmp.otm-r.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         178.63.43.235
HTTP/2 204 No Content
                                        
server: nginx/1.17.10
date: Tue, 20 Sep 2022 14:54:49 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /matchspm?pi=1000005&pui=0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: ut.rktch.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         89.108.97.2
HTTP/1.1 302 Found
                                        
Server: nginx/1.22.0
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=ff13749a19896006298783ef610345f6aa99; Max-Age=2592000; Expires=Thu, 20 Oct 2022 14:54:49 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true

                                        
                                            GET /match?dp=14&euid=ACB803C139D429632400CA61020BC419 HTTP/1.1 
Host: acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         193.3.184.137
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /sync?ssp=sape HTTP/1.1 
Host: a.utraff.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.59.66
HTTP/2 204 No Content
content-type: text/plain
                                        
date: Tue, 20 Sep 2022 14:54:49 GMT
set-cookie: preutid=1; Expires=Thu, 20 Oct 2022 17:54:49 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/ preutid=1; Expires=Thu, 20 Oct 2022 17:54:49 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MW8sbFEMV1NK3l5UAvuwES2UmB%2F%2B4bGjyJuPCZ5p2sy9Dw0Yic8yEKWaGxce%2BLPQsFnUbgmIbWRnXhI0%2F8zbITkpCFDfIWn09%2BV7l9akMNE2niMpcduBbDxdHWWxXM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74db66049b25b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Cookie: utl_id2=28862114642; utl_dat="CO37k9u1MBAAIO3M3uO1MCjtzN7jtTAwADFy4kGX4j7QFbhrQMx41u0="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.163.114.203
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Tue, 20 Sep 2022 15:24:49 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (783)
Size:   42196
Md5:    36e31a5362200127257f343ad21c9f3e
Sha1:   f5b05b2a24ca19d756b4cecf0ec80b304a0c7d2a
Sha256: 2ff107bc4ae47641d278b80ed6fa1a75f0a6f84bcd8f9aa16be825e32aace97a
                                        
                                            GET /p?ssp=sp&uid=0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: cs.agency2.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.111.107.44
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=6ca3b0af-fd4f-444c-89a5-0893a1cd9193
Set-Cookie: uuid=6ca3b0af-fd4f-444c-89a5-0893a1cd9193; expires=Mon, 11 Sep 2023 14:54:49 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44

                                        
                                            GET /widgets/v3/gr.png HTTP/1.1 
Host: media.reformal.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.162.151.130
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.16.1
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 118
Last-Modified: Wed, 27 Apr 2016 09:51:47 GMT
Connection: keep-alive
ETag: "57208bb3-76"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 6 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   118
Md5:    29bde5521d6493312035f01af1244b8a
Sha1:   7b1799aa52f6de213e90ceabe9ffb4e6a7d20e38
Sha256: 2f604ba6ec3da955517812e4a661ccd116d37f1edc20f4909a53049e4eab1656
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "479663131DAF137B3317F4C88093F32079007076B45FDD3A0C53BCBC374E0C40"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9225
Expires: Tue, 20 Sep 2022 17:28:34 GMT
Date: Tue, 20 Sep 2022 14:54:49 GMT
Connection: keep-alive

                                        
                                            GET /match?dp=129&euid=8e2hkj9fm4 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         193.3.184.137
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9FF0F01363DBFB8A16C5BA064B6AD8AAAF50C69CD6181E65C41AC1E46CF891AD"
Last-Modified: Tue, 20 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9249
Expires: Tue, 20 Sep 2022 17:28:58 GMT
Date: Tue, 20 Sep 2022 14:54:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4F48C614F8706C55D2413C748C994CB4C7A850D7C3D526A5234AE37A8D30BA56"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3604
Expires: Tue, 20 Sep 2022 15:54:53 GMT
Date: Tue, 20 Sep 2022 14:54:49 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 14:54:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /match?dp=186&euid=6ca3b0af-fd4f-444c-89a5-0893a1cd9193 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         193.3.184.137
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match/396/?remote_uid=0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: s.uuidksinc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.220.27.155
HTTP/2 302 Found
                                        
server: nginx/1.19.0
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=o3DjvRAgHpL7HCxMhkiV
set-cookie: jcsuuid=o3DjvRAgHpL7HCxMhkiV; expires=Wed, 20 Sep 2023 14:54:49 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: proektanti.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/user/work/51926
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6; fid=d29cca94-1503-4a87-a355-862beef83266
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         88.214.230.195
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 20 Sep 2022 14:53:11 GMT
Server: Apache/2.2.22 (Debian)
X-Powered-By: PHP/5.4.35-0+deb7u2
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 104
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   104
Md5:    75598572011cc989fec26c87b4560e8a
Sha1:   33c6f5f66db17fe17f4dae289d25d38c06264ec5
Sha256: 276c1411ace246f27c11f6a32e1f4c3d13cc294262e745d0071efa30966a1082
                                        
                                            GET /core/match.gif?s=32&id=0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: mediatoday.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.228.100
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx/1.20.2
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUvgab41jf5Wwls; expires=Fri, 17-Sep-2032 14:54:49 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /hit?t18.16;r;s1280*1024*24;uhttps%3A//proektanti.ru/user/work/51926;0.32539882269162534 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.212.201.198
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 195
Connection: keep-alive
Expires: Sun, 19 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400


--- Additional Info ---
Magic:  GIF image data, version 87a, 88 x 31\012- data
Size:   195
Md5:    39df1ade7a0f036a011e562202f896c4
Sha1:   e678b9904f4f78b763c3634935c2c5bcb817bd1d
Sha256: ee75e6023b324fa84bc3bd615cca7961720a5ea2bc477970cb0e9ffdf566fe47
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FEC7401FA6C80AE83CE366CE7722BEFD451222694B98E6373A3BB75866E187AD"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6132
Expires: Tue, 20 Sep 2022 16:37:01 GMT
Date: Tue, 20 Sep 2022 14:54:49 GMT
Connection: keep-alive

                                        
                                            GET /userbind?src=sape&id=0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: match.new-programmatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.65.2.150
HTTP/1.1 204 No Content
                                        
Server: nginx/1.18.0
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

                                        
                                            GET /usersync?dspcsid=8&redirect=1 HTTP/1.1 
Host: ssp.bidvol.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.109.23.99
HTTP/2 302 Found
                                        
server: nginx/1.22.0
date: Tue, 20 Sep 2022 14:54:49 GMT
x-request-id: 0fe7f4d9-7c67-4dc4-9f1e-f94f611ad1a3
set-cookie: bvuid=8e2hkj9fm4; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None bvuid2=8e2hkj9fm4; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=8e2hkj9fm4
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    1c344638776418688d25c05b0254272e
Sha1:   d03e2c6af4ea2525d6553424fda9c1eba1ec2bc9
Sha256: c604caa9dba36ec7c301a9b5c4199e422f3dba33ac76939e23042dd8ae12e4b0
                                        
                                            GET /merge_gpsid/?sid=50&id=0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: stat.adlabs.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         109.248.237.36
HTTP/2 302 Found
                                        
server: nginx
date: Tue, 20 Sep 2022 14:42:30 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007F38D42963E1037A6A027E3115
X-Firefox-Spdy: h2

                                        
                                            GET /?src=sap1&uid=0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: sync.bumlam.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.172.81.159
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQyY2JlMzdiMi0zOGY0LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Mon, 15 Sep 2042 14:54:49 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARi5qKeZBmIgMDEwMDAwN0YzOEQ0Mjk2M0UxMDM3QTZBMDI3RTMxMTWiARAsvjeyOPQR7YbgACWQwGR8
ETag: 2cbe37b2-38f4-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

                                        
                                            GET /sape/cm?user_id=0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: nr.bidderstack.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         46.4.70.80
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=466031f1-1abb-4330-ab71-8523de4d2b23; domain=.bidderstack.com; path=/; expires=Wed, 20-Sep-2023 14:54:49 GMT;
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   44
Md5:    f9d60352c70a2ba15616d1c9421f3844
Sha1:   e9abc8bea7721a4b6a50295850d13c515006a95c
Sha256: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
                                        
                                            GET /pagead/js/adsbygoogle.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.217.21.162
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Tue, 20 Sep 2022 14:54:49 GMT
expires: Tue, 20 Sep 2022 14:54:49 GMT
cache-control: private, max-age=3600
etag: 12059346295968386644
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 58069
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2903)
Size:   58069
Md5:    1fab062400be9c6ff4fca22ca494a3ae
Sha1:   d40861657c7653c300f57f2d3c1c9741ccdd3ef1
Sha256: 845e7a835be819296533a4ebdba87c25a63e7c924983d3222e6bbc6c2a99b671
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1339
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 14:54:49 GMT
Last-Modified: Tue, 20 Sep 2022 14:32:30 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Cookie: utl_id2=28862114642; utl_dat="CO37k9u1MBAAIO3M3uO1MCjtzN7jtTAwADFy4kGX4j7QFbhrQMx41u0="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         95.163.114.203
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Tue, 20 Sep 2022 15:24:49 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (585)
Size:   4396
Md5:    51f01f98377569bbbc324944b01bdbdf
Sha1:   916b5de4cc082a3ff9414c3a88542fc32c2ec89a
Sha256: f5d5637c94689e5b58c9b3b0d9a18acc3a5ed5550f33ec9c86a3d3f25e16e7bb
                                        
                                            GET /p?ssp=sp&id=0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: 0100007f38d42963e1037a6a027e3115-sp.ops.beeline.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.9.245.57
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=5729a781-0a97-4069-a2d2-7384242fa9ad
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=5729a781-0a97-4069-a2d2-7384242fa9ad; expires=Mon, 11 Sep 2023 14:54:49 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.37
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 00:21:03 GMT
Expires: Sun, 25 Sep 2022 00:21:02 GMT
Etag: "4ae50c94f39c12046d8522d440f5bb81781d4e9a"
Cache-Control: max-age=378972,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74db6604f8c9b527-OSL

                                        
                                            GET /widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Cookie: utl_id2=28862114642; utl_dat="CO37k9u1MBAAIO3M3uO1MCjtzN7jtTAwADFy4kGX4j7QFbhrQMx41u0="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         95.163.114.203
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Tue, 20 Sep 2022 15:24:49 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (511)
Size:   624
Md5:    db0f291b1ee364d9de4ad30906fac72a
Sha1:   46ae53e00d5964e1fbd0d75c0483f4718db48e8e
Sha256: 9b2a1dadf125f7367489db7e4bd8c22b34ec3126220422467b0de51f0274f64d
                                        
                                            GET /match?dp=127&euid=o3DjvRAgHpL7HCxMhkiV HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         193.3.184.137
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /?src=sap1&s_data=CAIQARi5qKeZBmIgMDEwMDAwN0YzOEQ0Mjk2M0UxMDM3QTZBMDI3RTMxMTWiARAsvjeyOPQR7YbgACWQwGR8 HTTP/1.1 
Host: sync.bumlam.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQyY2JlMzdiMi0zOGY0LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.172.81.159
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQyY2JlMzdiMi0zOGY0LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Mon, 15 Sep 2042 14:54:49 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

                                        
                                            GET /match?dp=111&euid=5729a781-0a97-4069-a2d2-7384242fa9ad HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         193.3.184.137
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1 
Host: exchange.buzzoola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         144.76.119.17
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 115
location: https://www.acint.net/match?dp=126&euid=8d2a6af0-46a5-479f-6b0d-fe5edf6b7732
serverid: TODO
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   115
Md5:    da0d2bb23869354b8e69ef1998c74955
Sha1:   dc09b3a89fa942ff1841e77b0d56e0c5050fa37b
Sha256: 5bb8a38a1b30633ec13aec79ee10d70b96beff95d733b726c36121f3369da092
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9D9E74F7121399F63901DDA5622E7AE4E2199C44358A421780C2B1C2FC41114D"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5076
Expires: Tue, 20 Sep 2022 16:19:25 GMT
Date: Tue, 20 Sep 2022 14:54:49 GMT
Connection: keep-alive

                                        
                                            GET /pagead/html/r20220915/r20190131/zrt_lookup.html HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.98
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Mon, 19 Sep 2022 20:35:43 GMT
expires: Mon, 03 Oct 2022 20:35:43 GMT
cache-control: public, max-age=1209600
age: 65946
etag: 9671129459699598864
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Size:   4420
Md5:    682bf699cccbc0ff817e1fcb7b95262a
Sha1:   11ad3edf0008f52b733c2d6d7199e1f052318d58
Sha256: bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
                                        
                                            GET /match?dp=126&euid=8d2a6af0-46a5-479f-6b0d-fe5edf6b7732 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         193.3.184.137
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /static/buttons/fonts/icomoon.woff?qq11232333=1232131231321 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://proektanti.ru
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         95.163.114.203
HTTP/1.1 200 OK
Content-Type: application/font-woff
                                        
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 9144
Connection: keep-alive
Last-Modified: Wed, 16 Aug 2017 14:30:13 GMT
ETag: "599456f5-23b8"
Expires: Thu, 17 Nov 2022 07:48:49 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 9144, version 0.0\012- data
Size:   9144
Md5:    2596eafba8821cbd54fb4c4294eea5f2
Sha1:   53046bf3bccd35a24e515fcfbd34b31ec27c841e
Sha256: 3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29
                                        
                                            GET /widgets/v1/widgets-batch.js?params=JTVCJTdCJTIycGlkJTIyJTNBJTIyMTI3MzEwNCUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGcHJvZWt0YW50aS5ydSUyRnVzZXIlMkZ3b3JrJTJGNTE5MjYlMjIlN0QlNUQ=&mode=0&callback=callback__utl_cb_share_1663685689469749 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
Cookie: utl_id2=28862114642; utl_dat="CO37k9u1MBAAIO3M3uO1MCjtzN7jtTAwADFy4kGX4j7QFbhrQMx41u0="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         95.163.114.203
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 15 Sep 2022 15:59:22 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (374)
Size:   374
Md5:    3764d1250f5e9dbba2a763ff46b2185d
Sha1:   3bcc2a95d23f2ae51ced5aba3750c6a5684444e5
Sha256: 8a1c2f9e90e7b1f4a5bc4df3a1c6709bcc637bf085875c70ec0ba2bd0800b599
                                        
                                            GET /widgets/v1/imp?pid=1273104&url=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&vp=98f7701c-67a6-4e63-8050-b0a5819b8044&ttl=JUQwJUExJUQxJTgyJUQwJUJFJUQwJUJCJUQwJUJFJUQwJUIyJUQwJUIwJUQxJThGJTIwJUQwJUJEJUQwJUIwJTIwMTAwMCUyRjIwMDAlMjAlRDAlQkMlRDAlQjUlRDElODElRDElODIlMkYlRDAlQkYlRDAlQkUlRDElODElRDAlQjUlRDElODklRDAlQjUlRDAlQkQlRDAlQjglRDAlQjk%3D&rnd=0.21546795323655954 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
Cookie: utl_id2=28862114642; utl_dat="CO37k9u1MBAAIO3M3uO1MCjtzN7jtTAwADFy4kGX4j7QFbhrQMx41u0="
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         95.163.114.203
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *

                                        
                                            GET /widgets/v1/extra.js?rnd=0.533387151167542 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Cookie: utl_id2=28862114642; utl_dat="CO37k9u1MBAAIO3M3uO1MCjtzN7jtTAwADFy4kGX4j7QFbhrQMx41u0="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.163.114.203
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 15 Sep 2022 15:59:22 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Set-Cookie: utl_id2=28862114642; Expires=Thu, 19 Sep 2024 14:54:49 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure utl_dat="CO37k9u1MBAAIO3M3uO1MCjtzN7jtTAwADFy4kGX4j7QFbhrQMx41u0="; Expires=Thu, 19 Sep 2024 14:54:49 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (691)
Size:   1894
Md5:    6ed5b8a27e05b7dd12665149bf99d49b
Sha1:   5accc634c6e89e46b1203dfc48826a1825269b58
Sha256: 689b33ed4450203daff89082a26f9a57f721952c9d436586c4184a12ffce9ed8
                                        
                                            GET /sape/sync HTTP/1.1 
Host: sync.upravel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         176.9.8.252
HTTP/2 302 Found
content-type: image/png
                                        
server: nginx
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1663685689670;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180 session_tptc-legacy=1663685689670;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

                                        
                                            GET /pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfzjUKWPhA3pqAn4xFQ HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.130
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 20 Sep 2022 14:54:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   170
Md5:    e7673c60af825466f83d46da72ca1635
Sha1:   fc0fcbee0835709ba2d28798a612bfd687903fb5
Sha256: 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
                                        
                                            GET /cookie_matching_ssp/Sape-dsp/0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: fcgi4.gnezdo.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.95.102.105
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 20 Sep 2022 14:54:49 GMT
set-cookie: uid=XV9maWMp1DlQMEtOBuWdAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 24 Sep 2022 13:22:44 GMT
ETag: "2dcd4b0768019f5c2a6d28bee27adddca9199312"
Last-Modified: Tue, 20 Sep 2022 13:22:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3102
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db66095fc41c12-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    ddf7345b7e11c2f8b4cdc489c8169cfc
Sha1:   2dcd4b0768019f5c2a6d28bee27adddca9199312
Sha256: 9eb05b79cf3eb3f4a3df311d68e80ae6c24afa73c32b48501ef7d7000111a523
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:09:18 GMT
Expires: Tue, 27 Sep 2022 04:09:17 GMT
Etag: "c0bbb9ac61662fda8781947855cf7074484ac540"
Cache-Control: max-age=565467,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74db660918131bfa-OSL

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 24 Sep 2022 13:22:44 GMT
ETag: "2dcd4b0768019f5c2a6d28bee27adddca9199312"
Last-Modified: Tue, 20 Sep 2022 13:22:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3102
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db66096fee1c12-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    ddf7345b7e11c2f8b4cdc489c8169cfc
Sha1:   2dcd4b0768019f5c2a6d28bee27adddca9199312
Sha256: 9eb05b79cf3eb3f4a3df311d68e80ae6c24afa73c32b48501ef7d7000111a523
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 14:54:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1 
Host: ad.adriver.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.209.108.47
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 20 Sep 2022 14:54:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-4755062504; expires=Thu, 19 Sep 2024 14:54:49 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4755062504
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4484
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 14:54:49 GMT
Last-Modified: Tue, 20 Sep 2022 13:40:05 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         188.42.191.196
HTTP/2 302 Found
                                        
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:49 GMT; Path=/; Domain=.betweendigital.com tuuid=64acb941-83c1-5207-b3f8-d26cd0d10655; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:49 GMT; Path=/; Domain=.betweendigital.com ut=YynUOQANG3jUb92UZnC7YmULm8Wbg81yUjv0fQ==; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:49 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: ssp.adriver.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.209.111.7
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 14:54:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 04:18:18 GMT
Expires: Mon, 26 Sep 2022 04:18:17 GMT
Etag: "81959b98f864c8b48587bae773c5a8a33748b4e2"
Cache-Control: max-age=600121,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1638
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db6609ea450b51-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 14:54:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:09:18 GMT
Expires: Tue, 27 Sep 2022 04:09:17 GMT
Etag: "c0bbb9ac61662fda8781947855cf7074484ac540"
Cache-Control: max-age=565467,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74db6608dd71b527-OSL

                                        
                                            GET /adsid/integrator.js?domain=proektanti.ru HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.162
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 20 Sep 2022 14:54:49 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   100
Md5:    917951a58be8c6c6f3680159550ba3c2
Sha1:   21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
Sha256: cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
                                        
                                            GET /adsid/integrator.js?domain=proektanti.ru HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.98
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 20 Sep 2022 14:54:49 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   100
Md5:    917951a58be8c6c6f3680159550ba3c2
Sha1:   21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
Sha256: cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
                                        
                                            GET /cm.gif?p=48&id=0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: ad.mail.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.163.41.56
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 43
set-cookie: VID=1VduaT0owk2C0022Ca1AS7oC:::0-0-0-8442cf9:CAASEMLMxGjjZ9Vr-1mF-FW2a-gaYPwsctKAJVwQ58qm0JK3jmKk1OuK2YLK5sTkTFTN5OTKL0KgYN_QleFuds1plSm5lRwEw0j2hbrUy-xlpnPLBAd177X1bkRpz06m3i0TYRmBR4dS_ThCRe14o51WnIY4FA; path=/; expires=Thu, 21-Sep-23 14:54:49 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Tue, 20 Sep 2022 20:54:49 GMT
cache-control: max-age=21600
last-modified: Tue, 20 Sep 2022 14:54:49 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match?bidder_id=73&external_user_id=0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         188.42.191.196
HTTP/2 302 Found
                                        
location: /match?bidder_id=73&external_user_id=0100007F38D42963E1037A6A027E3115&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:49 GMT; Path=/; Domain=.betweendigital.com tuuid=943d9ea8-b797-5207-9994-ba51fabd6e68; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:49 GMT; Path=/; Domain=.betweendigital.com ut=YynUOQAOiqhUbI71X9JNnhFKfjKNpbz9fa_3dw==; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:49 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /sync HTTP/1.1 
Host: sape-sync.rutarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         46.243.142.239
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=S7_m_VG1oVCT
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=S7_m_VG1oVCT; Path=/; Domain=.rutarget.ru; Expires=Sun, 19 Mar 2023 14:54:49 GMT; SameSite=None; Secure

                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6379
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 14:54:49 GMT
Last-Modified: Tue, 20 Sep 2022 13:08:31 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 14:54:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 24 Sep 2022 13:40:27 GMT
ETag: "8d2c97c9b30db6984ad0e77fadbadee562ec0959"
Last-Modified: Tue, 20 Sep 2022 13:40:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2773
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db660a99171c12-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    102e9869dae24623786fc3ac21cc9f8e
Sha1:   8d2c97c9b30db6984ad0e77fadbadee562ec0959
Sha256: 3429a8bc8ae10f35e72c118e539b737f6109bbfdbf9b53b069d480210f05fad2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 14:18:44 GMT
Expires: Tue, 27 Sep 2022 14:18:43 GMT
Etag: "6a95016d800f003c5a9be4fb1a806178aeb263b3"
Cache-Control: max-age=602032,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74db660a69231bfa-OSL

                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 24 Sep 2022 12:28:19 GMT
ETag: "ae60a0e04a455699c212370f1def3ac5c59f7226"
Last-Modified: Tue, 20 Sep 2022 12:28:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2802
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db660abe411c02-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    ec6bc0b105a11e1ef32820fd9ec46bc4
Sha1:   ae60a0e04a455699c212370f1def3ac5c59f7226
Sha256: 3347445e20bc00df77e9eea71cc59e7115bd0c50d1edaff66c823fbb4ca2e25b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7475606A3386C57C9829723235B6BBE9372A7E818D8A7AE4DCA979341EB089B4"
Last-Modified: Sun, 18 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6524
Expires: Tue, 20 Sep 2022 16:43:34 GMT
Date: Tue, 20 Sep 2022 14:54:50 GMT
Connection: keep-alive

                                        
                                            GET /p?ssp=sape&id=0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: sm.rtb.mts.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.66.147.36
HTTP/1.1 301 Moved Permanently
                                        
Server: nginx
Date: Tue, 20 Sep 2022 15:05:46 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F38D42963E1037A6A027E3115
Set-Cookie: dspid=5af5ff13-8145-4d0f-b5bd-27fd3b61d556; expires=Mon, 11 Sep 2023 14:54:50 GMT; domain=.mts.ru; path=/; secure; SameSite=None

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Length: 939
Connection: keep-alive
Expires: Sat, 24 Sep 2022 12:59:03 GMT
ETag: "bf1c5981543ec12ecd64010b1bdd47e219fa502d"
Last-Modified: Tue, 20 Sep 2022 12:59:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 610
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db660ae9af1c12-OSL

                                        
                                            GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1 
Host: sync.adkernel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         77.245.57.72
HTTP/1.1 200 OK
                                        
Server: nginx
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Length: 0
Connection: close

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9D84484B080308C2E23647E7FAA96E8B925B04883018C9281D21D524CDA3DCD3"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4230
Expires: Tue, 20 Sep 2022 16:05:20 GMT
Date: Tue, 20 Sep 2022 14:54:50 GMT
Connection: keep-alive

                                        
                                            GET /p/cm/sape?u=0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: px.adhigh.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         193.232.148.143
HTTP/2 302 Found
                                        
server: nginx
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 0
x-backend-id: f4-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=L5FWXBDff3m.AikABlGDW2UCxQ;Path=/;Domain=.adhigh.net;Expires=Wed, 20-Sep-2023 14:54:50 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=0100007F38D42963E1037A6A027E3115&bounced=1
X-Firefox-Spdy: h2

                                        
                                            GET /0.gif?pid=9401454&id=0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: x01.aidata.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         89.108.120.76
HTTP/2 302 Found
                                        
server: nginx
date: Tue, 20 Sep 2022 14:54:50 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=0100007F38D42963E1037A6A027E3115&bounce=1
expires: Tue, 20 Sep 2022 14:54:49 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Tue, 20 Sep 2022 14:54:49 GMT
set-cookie: __upin=QTTkz0VK+VhIFNSXyptesw;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure __upints=1663685690;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.23
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 19 Sep 2022 23:02:02 GMT
Expires: Tue, 20 Sep 2022 23:02:02 GMT
ETag: "dd9fffff169c0167b16c26cf258d424dfd6f0c3b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    23eb71533da85236650e57e30d927351
Sha1:   dd9fffff169c0167b16c26cf258d424dfd6f0c3b
Sha256: 556cf8176a8284f288115c61ac8c83089789a90012fc7c53e62772fd2df796f4
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "85716A0829AA2FC83AA802512CB64B15534E31B098EFEBEB4180037433DF111A"
Last-Modified: Sun, 18 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6471
Expires: Tue, 20 Sep 2022 16:42:41 GMT
Date: Tue, 20 Sep 2022 14:54:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4D841781CDD5AC51FBC57B80A6C6AA4A872103A6B71F2A6FACB69A3856C3AD3F"
Last-Modified: Sun, 18 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9538
Expires: Tue, 20 Sep 2022 17:33:48 GMT
Date: Tue, 20 Sep 2022 14:54:50 GMT
Connection: keep-alive

                                        
                                            GET /match?dp=104&euid=S7_m_VG1oVCT HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         193.3.184.137
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Tue, 20 Sep 2022 14:54:50 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.42.191.196
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:50 GMT; Path=/; Domain=.betweendigital.com tuuid=8048538a-4dde-5207-a262-63f2c14bb7c8; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:50 GMT; Path=/; Domain=.betweendigital.com ut=YynUOgABdwCypQs8Ydx6jGVA1l8XBO0n_sGHkg==; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:50 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   68
Md5:    c4a2b870062c2bb98c500bc1526c0498
Sha1:   528666ccdb12997358077bc8fcdbfb6b825c7788
Sha256: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
                                        
                                            GET /collect_stat.js HTTP/1.1 
Host: af.click.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.197.112.80
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Length: 913
Last-Modified: Fri, 22 Jul 2022 11:33:41 GMT
Connection: keep-alive
ETag: "62da8b15-391"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   913
Md5:    9531806d16d72f9659eaab01bd09689b
Sha1:   7640f092c2b928c614bb46251477a3c80b3e820b
Sha256: a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa
                                        
                                            GET /match?bidder_id=73&external_user_id=0100007F38D42963E1037A6A027E3115&crf=1 HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.42.191.196
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:50 GMT; Path=/; Domain=.betweendigital.com tuuid=226dda94-e3db-5207-8bab-998fe8824db5; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:50 GMT; Path=/; Domain=.betweendigital.com ut=YynUOgABioiJJAGn-HrW4M3FpM3iWqNT8Zjj8Q==; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:50 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   68
Md5:    c4a2b870062c2bb98c500bc1526c0498
Sha1:   528666ccdb12997358077bc8fcdbfb6b825c7788
Sha256: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
                                        
                                            GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP/1.1 
Host: redirect.frontend.weborama.fr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.24.218
HTTP/2 302 Found
                                        
server: Weborama Collect Frontend
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1100929475
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Tue, 20 Sep 2022 14:54:50 GMT
set-cookie: AFFICHE_W=u2XHmL32HWi740; expires=Wed, 18 Oct 2023 14:54:50 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /0.gif?pid=9401454&id=0100007F38D42963E1037A6A027E3115&bounce=1 HTTP/1.1 
Host: x01.aidata.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         89.108.120.76
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 20 Sep 2022 14:54:50 GMT
expires: Tue, 20 Sep 2022 14:54:49 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Tue, 20 Sep 2022 14:54:49 GMT
set-cookie: __upin=O4mY5MZEiZD9zPitLnahXQ;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure __upints=1663685690;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

                                        
                                            GET /match/second?ssp=30&exu=0100007F38D42963E1037A6A027E3115 HTTP/1.1 
Host: sm.rtb.mts.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.66.147.36
HTTP/1.1 301 Moved Permanently
                                        
Server: nginx
Date: Tue, 20 Sep 2022 15:05:46 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://tech.rtb.mts.ru/

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4575
Expires: Tue, 20 Sep 2022 16:11:05 GMT
Date: Tue, 20 Sep 2022 14:54:50 GMT
Connection: keep-alive

                                        
                                            GET /p/cm/sape?u=0100007F38D42963E1037A6A027E3115&bounced=1 HTTP/1.1 
Host: px.adhigh.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         193.232.148.143
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 49
x-backend-id: f4-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   49
Md5:    889bc1fffc025af4685839fb516a0b8b
Sha1:   7f105137a4eafe93213ecd8cc34dd907c340467c
Sha256: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
                                        
                                            GET /sou/ HTTP/1.1 
Host: prespan.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         94.250.254.126
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.13.12
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Length: 0
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Last-Modified: Tuesday, 20-Sep-2022 14:54:50 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Length: 938
Connection: keep-alive
Expires: Sat, 24 Sep 2022 13:45:48 GMT
ETag: "8518487e9c96e39ab7c480ee385f9507b2f515eb"
Last-Modified: Tue, 20 Sep 2022 13:45:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 258
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db660b9a6e1c12-OSL

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11145
x-amzn-requestid: dcb726a6-2f43-4170-a53c-4f0d2883309e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yuh7yHfHIAMFu4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e37e-11bf06e96123e01c11854cbb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:47:42 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DwufJXA1yHz_jnJL0PWjCQYF9fa3jlJ0e-2hIomInAXCpmPISX3mjg==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:33 GMT
age: 60737
etag: "ff8286c4d2cf87a1865d56d082bc5235dba60ad7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11145
Md5:    c283017ec789693602177a2785177e21
Sha1:   ff8286c4d2cf87a1865d56d082bc5235dba60ad7
Sha256: 520db2567ad5529d35d2ac63b94d4186848382e9c86d0c4355ab979b34f0e0ab
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:07:05 GMT
age: 60465
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11832
Md5:    2ed7323b395e757f7766ea0045efdaca
Sha1:   8b91bc3069a3217bc719c27959d578b353b5d9dc
Sha256: 8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4575
Expires: Tue, 20 Sep 2022 16:11:05 GMT
Date: Tue, 20 Sep 2022 14:54:50 GMT
Connection: keep-alive

                                        
                                            GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1100929475 HTTP/1.1 
Host: redirect.frontend.weborama.fr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.24.218
HTTP/2 204 No Content
                                        
server: Weborama Collect Frontend
date: Tue, 20 Sep 2022 14:54:49 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Tue, 20 Sep 2022 14:54:50 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4575
Expires: Tue, 20 Sep 2022 16:11:05 GMT
Date: Tue, 20 Sep 2022 14:54:50 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9865
x-amzn-requestid: 7eeeff5b-cb13-4060-96a6-bf5a4be57331
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugokGQVoAMFXmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e169-4211dbbe1a22d0255a45aff0;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zDPKSOJ7SJImKcluUMhGvVMHv4t2oKLD2AJfGKAFSfedsdSA4VgZ_g==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:56 GMT
etag: "b8484fb5443344b03e52dd56b1d6c5682eb6221a"
age: 60714
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9865
Md5:    1a7d863845e96c5927e812f325c08c16
Sha1:   b8484fb5443344b03e52dd56b1d6c5682eb6221a
Sha256: fcb382029332a44deaf212298b618074a752d674d0c735a1b8b861ab4bb6ff0f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 21:50:04 GMT
age: 61486
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9873
Md5:    7ca0c1a7f205ad07f1cce80b26448873
Sha1:   0e14f5062e40ce94346494ff947bfcf74b5e88c1
Sha256: ebc960279032671136749823c126ec807334d9eaf2b019abcc63b41bcdbf4a7f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 02:46:17 GMT
age: 43713
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10894
Md5:    d3e70b2859ca89b353682d03f6b46b93
Sha1:   ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
Sha256: 43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4575
Expires: Tue, 20 Sep 2022 16:11:05 GMT
Date: Tue, 20 Sep 2022 14:54:50 GMT
Connection: keep-alive

                                        
                                            GET /yaml/ HTTP/1.1 
Host: postabuse.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         62.109.31.26
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.13.12
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Length: 0
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Last-Modified: Tuesday, 20-Sep-2022 14:54:50 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9543
x-amzn-requestid: 17be04c9-54f0-4988-82dd-f13911a2a629
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugINHN1IAMF8iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09a-35496b4c21c23dec75257964;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y3urrVdjZEds_DKf3yL2XfaOy-5UPBwU-YVWe5eKYsDpl3JPmqffsw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:23:30 GMT
age: 59480
etag: "a852edb64a7220532aa619ab2a440c3a7e11b97a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9543
Md5:    30fbdfee7ec4513a5ff3dfcb7282f816
Sha1:   a852edb64a7220532aa619ab2a440c3a7e11b97a
Sha256: 4adee59f97bea412c6a0a786d0a27e431a497198b9047a75841b0a530803bdfe
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 14:54:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-U