Overview

URL chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
IP212.109.221.144
ASNJSC IOT
Location Russia
Report completed2022-09-29 23:47:23 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-29 2 chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html Malware
2022-09-29 2 chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html Malware
2022-09-29 2 chel-week.ru/templates/flatty/js/libs.js Malware
2022-09-29 2 chel-week.ru/templates/flatty/fonts/fontawesome-webfont.woff2?v=4.5.0 Malware
2022-09-29 2 chel-week.ru/uploads/posts/2020-06/1591614881_original.jpeg Malware
2022-09-29 2 chel-week.ru/engine/ajax/controller.php?mod=adminfunction Malware
2022-09-29 2 edn.whilen.ru/sta453b3qh45lr/1.4.5.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (89)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS chel-week.ru (33) 0 2014-07-12 10:10:31 UTC 2022-09-26 22:35:54 UTC 212.109.221.144 Unknown ranking
mnemonic passive DNS acint.net (2) 22962 2014-02-14 21:23:16 UTC 2022-09-29 19:48:45 UTC 185.12.125.26
mnemonic passive DNS sape-sync.rutarget.ru (1) 173587 2018-08-07 14:11:47 UTC 2022-09-29 19:47:56 UTC 188.72.107.194
mnemonic passive DNS cdn.smntq.com (1) 194212 2021-04-22 18:02:55 UTC 2022-09-29 11:25:28 UTC 95.217.109.66
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-29 04:56:09 UTC 34.117.237.239
mnemonic passive DNS a.utraff.com (1) 39874 2020-01-25 04:23:15 UTC 2022-09-29 08:05:21 UTC 104.21.59.66
mnemonic passive DNS sync.republer.com (1) 45392 2015-04-29 11:49:27 UTC 2022-09-29 08:05:21 UTC 23.88.82.46
mnemonic passive DNS target.smi2.ru (1) 59252 2014-01-15 23:09:17 UTC 2022-09-29 06:53:35 UTC 82.202.225.229
mnemonic passive DNS ad.mail.ru (1) 7643 2012-06-22 19:38:09 UTC 2022-09-29 19:49:25 UTC 95.163.41.56
mnemonic passive DNS adlmerge.com (1) 146521 2017-04-06 07:10:27 UTC 2022-09-29 19:47:57 UTC 95.211.66.35
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-29 04:56:27 UTC 142.250.74.72
mnemonic passive DNS sync.upravel.com (2) 28097 2017-05-29 09:13:46 UTC 2022-09-29 08:05:21 UTC 144.76.138.28
mnemonic passive DNS mc.yandex.ru (14) 2672 2017-01-29 05:34:36 UTC 2022-09-29 15:04:57 UTC 87.250.251.119
mnemonic passive DNS smi2.net (1) 234264 2012-06-25 15:47:39 UTC 2022-09-29 15:15:23 UTC 82.202.225.240
mnemonic passive DNS ads.betweendigital.com (4) 1571 2012-10-30 05:08:04 UTC 2022-09-29 19:47:55 UTC 188.42.196.115
mnemonic passive DNS nr.bidderstack.com (1) 352019 2019-02-11 14:43:50 UTC 2022-09-29 08:17:03 UTC 148.251.217.100
mnemonic passive DNS match.new-programmatic.com (1) 33613 2020-02-18 20:50:06 UTC 2022-09-29 14:22:04 UTC 217.65.2.150
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-29 19:24:11 UTC 93.184.220.29
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-09-29 04:57:11 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS www.google-analytics.com (2) 40 2012-10-03 01:04:21 UTC 2022-09-29 14:44:34 UTC 142.250.74.174
mnemonic passive DNS dm-eu.hybrid.ai (1) 28847 2021-01-25 11:48:59 UTC 2022-09-29 05:31:43 UTC 37.18.103.16
mnemonic passive DNS exchange.buzzoola.com (1) 18389 2014-10-17 15:20:27 UTC 2022-09-29 08:05:21 UTC 167.235.33.113
mnemonic passive DNS cs.agency2.ru (1) 0 2022-04-29 14:24:02 UTC 2022-09-29 14:21:57 UTC 23.111.107.44 Unknown ranking
mnemonic passive DNS ocsp.usertrust.com (1) 899 2012-05-21 15:43:18 UTC 2022-09-29 05:03:14 UTC 172.64.155.188
mnemonic passive DNS sync.adkernel.com (1) 4993 2017-04-19 09:25:22 UTC 2022-09-29 19:47:57 UTC 77.245.57.72
mnemonic passive DNS connect.mail.ru (2) 47433 2012-05-21 15:01:23 UTC 2022-09-29 06:44:42 UTC 94.100.180.55
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-29 19:17:52 UTC 142.250.74.164
mnemonic passive DNS ssp.bidvol.com (1) 31817 2020-02-22 12:37:29 UTC 2022-09-29 19:47:57 UTC 65.109.65.187
mnemonic passive DNS adservice.google.no (1) 96969 2017-09-26 14:23:08 UTC 2022-09-29 04:57:21 UTC 142.250.74.98
mnemonic passive DNS status.thawte.com (1) 5123 2017-11-27 12:33:51 UTC 2022-09-29 13:43:02 UTC 93.184.220.29
mnemonic passive DNS redirect.frontend.weborama.fr (2) 8348 2017-05-04 15:00:27 UTC 2022-09-29 19:47:57 UTC 35.190.24.218
mnemonic passive DNS fcgi5.gnezdo.ru (1) 102648 2021-02-25 06:35:49 UTC 2022-09-29 12:43:23 UTC 185.148.37.79
mnemonic passive DNS ssp-rtb.sape.ru (1) 31166 2016-02-02 17:01:03 UTC 2022-09-29 19:47:54 UTC 193.3.184.200
mnemonic passive DNS ssp.adriver.ru (2) 12439 2014-01-10 13:39:33 UTC 2022-09-29 19:47:57 UTC 195.209.111.7
mnemonic passive DNS www.googleadservices.com (1) 107 2012-07-21 05:05:30 UTC 2022-09-29 21:56:03 UTC 142.250.74.66
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-29 16:06:01 UTC 143.204.55.115
mnemonic passive DNS s.uuidksinc.net (1) 3423 2015-07-20 12:00:35 UTC 2022-09-29 19:47:57 UTC 31.220.27.155
mnemonic passive DNS stat.media (4) 19991 2015-06-30 04:48:18 UTC 2022-09-29 06:53:35 UTC 82.148.14.194
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-29 04:56:14 UTC 64.233.165.154
mnemonic passive DNS avatars.mds.yandex.net (1) 6545 2014-12-15 11:43:59 UTC 2022-09-29 19:47:56 UTC 87.250.247.184
mnemonic passive DNS ads.adlook.me (1) 43352 2018-11-28 12:50:19 UTC 2022-09-29 08:05:21 UTC 5.200.43.243
mnemonic passive DNS an.yandex.ru (15) 2577 No data No data 87.250.250.90
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-29 19:01:11 UTC 142.250.74.10
mnemonic passive DNS static8.smi2.net (1) 76429 2015-06-04 11:30:03 UTC 2022-09-29 09:02:43 UTC 185.162.95.126
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-09-29 14:36:13 UTC 34.120.237.76
mnemonic passive DNS partner.googleadservices.com (1) 798 2012-10-03 01:04:21 UTC 2022-09-29 05:01:48 UTC 172.217.21.162
mnemonic passive DNS ysa-static.passport.yandex.ru (1) 21278 2017-01-30 04:32:10 UTC 2022-09-29 19:47:58 UTC 87.250.250.114
mnemonic passive DNS www.acint.net (13) 29072 2014-02-14 21:23:16 UTC 2022-09-29 19:47:56 UTC 185.12.125.26
mnemonic passive DNS ssp.bestssp.com (1) 90974 2017-06-10 08:55:20 UTC 2022-09-29 05:31:48 UTC 185.147.80.35
mnemonic passive DNS static4.smi2.net (1) 75398 2014-12-02 09:32:09 UTC 2022-09-29 08:15:51 UTC 185.162.95.126
mnemonic passive DNS cm.g.doubleclick.net (1) 202 2013-05-30 23:19:45 UTC 2022-09-29 19:47:56 UTC 142.250.74.162
mnemonic passive DNS adsvisit.ru (1) 0 2015-01-06 12:36:11 UTC 2022-09-29 21:15:45 UTC 92.63.102.100 Unknown ranking
mnemonic passive DNS favicon.yandex.net (1) 9338 2017-01-29 09:03:57 UTC 2022-09-29 19:47:57 UTC 77.88.21.36
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-29 05:03:41 UTC 143.204.55.49
mnemonic passive DNS news.gnezdo.ru (2) 130363 2012-06-18 17:05:40 UTC 2022-09-29 12:43:08 UTC 93.95.100.117
mnemonic passive DNS sync.bumlam.com (2) 3243 2015-08-10 21:04:25 UTC 2022-09-29 05:00:15 UTC 31.172.81.172
mnemonic passive DNS ocsp.godaddy.com (2) 698 2012-05-20 19:28:57 UTC 2022-09-29 04:56:11 UTC 192.124.249.24
mnemonic passive DNS tag.digitaltarget.ru (2) 98193 2015-07-21 14:24:58 UTC 2022-09-29 19:47:56 UTC 185.15.175.144
mnemonic passive DNS edn.whilen.ru (1) 322956 2021-07-16 17:41:26 UTC 2022-09-29 11:25:29 UTC 92.223.97.97
mnemonic passive DNS w.uptolike.com (11) 101818 2013-08-05 13:26:12 UTC 2022-09-29 11:25:27 UTC 95.163.114.204
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-29 05:06:32 UTC 35.162.110.205
mnemonic passive DNS pagead2.googlesyndication.com (1) 101 2021-02-20 15:52:05 UTC 2022-09-29 22:03:17 UTC 142.250.74.130
mnemonic passive DNS adservice.google.com (1) 76 2021-02-20 16:10:48 UTC 2022-09-29 21:30:48 UTC 216.58.211.2
mnemonic passive DNS status.geotrust.com (5) 3662 2017-12-01 08:55:31 UTC 2022-09-29 05:20:48 UTC 93.184.220.29
mnemonic passive DNS px.adhigh.net (2) 10272 2013-01-03 21:02:08 UTC 2022-09-29 07:13:48 UTC 193.232.148.146
mnemonic passive DNS ad.adriver.ru (2) 19548 2012-08-31 17:10:27 UTC 2022-09-29 19:47:57 UTC 195.209.108.35
mnemonic passive DNS api.pinterest.com (2) 2281 2014-07-23 01:26:40 UTC 2022-09-29 11:21:29 UTC 151.101.84.84
mnemonic passive DNS r3.o.lencr.org (28) 344 2020-12-02 08:52:13 UTC 2022-09-29 04:57:37 UTC 23.36.77.32
mnemonic passive DNS sync.1dmp.io (2) 10017 2016-02-09 11:52:58 UTC 2022-09-29 05:02:42 UTC 95.216.101.186
mnemonic passive DNS ocsp.sectigo.com (4) 487 2018-12-17 11:31:55 UTC 2022-09-29 18:19:35 UTC 172.64.155.188
mnemonic passive DNS mediatoday.ru (1) 136083 2013-05-20 20:53:32 UTC 2022-09-29 08:05:25 UTC 139.45.228.111
mnemonic passive DNS yastatic.net (6) 72282 2014-03-11 07:15:28 UTC 2022-09-29 15:24:10 UTC 178.154.131.217
mnemonic passive DNS yandex.ru (1) 671 2012-05-21 21:15:36 UTC 2022-09-29 19:11:04 UTC 77.88.55.88
mnemonic passive DNS ocsp.pki.goog (24) 175 2017-06-14 07:23:31 UTC 2022-09-29 04:56:10 UTC 142.250.74.3
mnemonic passive DNS smi2.ru (2) 25747 2012-06-18 17:05:39 UTC 2022-09-29 06:53:35 UTC 5.188.198.148
mnemonic passive DNS 0100007f802e3663d600fa7d02af3333-sp.ops.beeline.ru (1) 0 No data No data 37.9.245.57 Domain (beeline.ru) ranked at: 20964
mnemonic passive DNS postabuse.ru (1) 0 2022-09-13 13:36:15 UTC 2022-09-29 21:17:04 UTC 62.109.31.26 Unknown ranking
mnemonic passive DNS nordw.ingeitn.ru (1) 310265 2021-07-16 17:46:15 UTC 2022-09-29 11:25:29 UTC 92.223.97.97
mnemonic passive DNS ocsp.globalsign.com (13) 2075 2012-05-25 06:20:55 UTC 2022-09-29 05:10:45 UTC 104.18.21.226
mnemonic passive DNS googleads.g.doubleclick.net (1) 42 2021-02-20 15:43:32 UTC 2022-09-29 19:27:23 UTC 142.250.74.34
mnemonic passive DNS 91a40db7-9b69-4adc-9a29-62cb48e1e867.sync.upravel.com (1) 0 No data No data 176.9.8.252 Domain (upravel.com) ranked at: 27764
mnemonic passive DNS dmp.gotechnology.io (2) 48839 2019-06-17 16:08:58 UTC 2022-09-29 19:47:57 UTC 142.132.209.136
mnemonic passive DNS sm.rtb.mts.ru (2) 27154 2019-03-26 14:10:01 UTC 2022-09-29 14:21:57 UTC 217.66.147.41
mnemonic passive DNS dmg.digitaltarget.ru (4) 21471 2015-04-23 14:50:51 UTC 2022-09-29 19:47:58 UTC 185.15.175.146
mnemonic passive DNS ocsp2.globalsign.com (4) 1544 2012-05-21 07:12:19 UTC 2022-09-29 15:04:35 UTC 104.18.21.226
mnemonic passive DNS stat.adlabs.ru (1) 200922 2012-07-23 15:58:30 UTC 2022-09-29 08:05:21 UTC 109.248.237.36
mnemonic passive DNS fcgi4.gnezdo.ru (1) 69027 2020-06-11 12:55:54 UTC 2022-09-29 19:47:57 UTC 93.95.102.105
mnemonic passive DNS x01.aidata.io (2) 12188 2016-03-31 15:36:46 UTC 2022-09-29 19:47:57 UTC 89.108.119.43
mnemonic passive DNS connect.ok.ru (2) 20169 2012-12-05 13:46:44 UTC 2022-09-29 06:44:42 UTC 217.20.155.208


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 212.109.221.144

Date UQ / IDS / BL URL IP
2022-09-29 23:47:23 +0000
0 - 0 - 7 chel-week.ru/33713-goroskop-majja-na-2022-god (...) 212.109.221.144

Last 5 reports on ASN: JSC IOT

Date UQ / IDS / BL URL IP
2022-12-05 11:29:26 +0000
0 - 0 - 1 soft-windows10.ru/distributives/videofrom.exe 94.250.254.230
2022-12-05 08:52:02 +0000
0 - 0 - 11 qaz.im/load/TsQiiy/52zsF6%5CnDelete: 82.202.173.45
2022-12-05 08:09:57 +0000
0 - 0 - 29 2022-11-21znegeulfluxsisilafamille.git.xn--q- (...) 80.87.203.251
2022-12-05 06:09:27 +0000
0 - 0 - 4 wwt.file1.site/ 62.109.8.203
2022-12-05 06:08:25 +0000
0 - 0 - 4 itc.file1.site/ 62.109.8.203

Last 1 reports on domain: chel-week.ru

Date UQ / IDS / BL URL IP
2022-09-29 23:47:23 +0000
0 - 0 - 7 chel-week.ru/33713-goroskop-majja-na-2022-god (...) 212.109.221.144

No other reports with similar screenshot



JavaScript

Executed Scripts (75)


Executed Evals (1)

#1 JavaScript::Eval (size: 31, repeated: 1) - SHA256: 6e4c074bba968f3a2899edcbccf9e893ebdad7a5a533463e4d9630f28f3baed1

                                        (a = 0) => {
    let b;
    const c = class {};
}
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 1391, repeated: 1) - SHA256: 060f6b753d3f8095ba9d8e9a776e6b0bfb667d4e5593752bbf03c275165e20e7

                                        < script > "use strict";
var p = ["https://yastatic.net/q/set/s/rsya-tag-users/bundle.js"],
    m = /^(?:(?:https?:)?\/\/)?(?:an\.)?yandex\.[a-z]+\//gi,
    t = window.parent;
window.addEventListener("message", function(e) {
    if ("string" == typeof e.data) try {
        t = JSON.parse(e.data)
    } catch (e) {
        return
    } else t = e.data;
    var t = (e = t || {}).name,
        n = e.namespace,
        a = e.days,
        r = e.urls,
        o = e.adblockCountToXhr,
        i = e.countToXhr,
        e = e.bundle,
        s = "load_image" === t || "load_script" === t,
        n = function(e, t) {
            if (t && e) {
                e = "".concat(e, "=1");
                if (-1 !== document.cookie.indexOf(e)) return !1;
                var t = 86400 * t * 1e3,
                    n = new Date,
                    n = new Date(Number(n) + t).toUTCString();
                document.cookie = "".concat(e, "; expires=").concat(n, "; SameSite=None; Secure")
            }
            return !0
        }(n, a),
        a = Array.isArray(r) && 0 < r.length;
    if (s && n && a)
        if ("load_image" === t)
            for (var c = r, d = o, u = i, f = e, l = 0; l < c.length; l++)(u && m.test(c[l]) || "adblock" === f && d ? function(e) {
                var t = new XMLHttpRequest;
                t.open("GET", e, !0), t.withCredentials = !0, t.send()
            } : function(e) {
                (new Image).src = e
            })(c[l]);
        else "load_script" === t && r.filter(function(e) {
            return p.includes(e)
        }).forEach(function(e) {
            return e = e, (t = document.createElement("script")).src = e, void document.body.appendChild(t);
            var t
        })
});

function n(e) {
    "pagehide" === e.type && e.persisted || a || (a = !0, t.postMessage({
        name: "CONFIRM_FRAME_UNLOADED"
    }, "*"))
}
var a = !1;
["beforeunload", "pagehide", "unload"].forEach(function(e) {
    return window.addEventListener(e, n)
}), t.postMessage({
    name: "CONFIRM_FRAME_READY"
}, "*"); < /script>
                                    


HTTP Transactions (285)


Request Response
                                        
                                            GET /33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         212.109.221.144
HTTP/1.0 301 Moved Permanently
Content-Type: text/html; charset=windows-1251
                                        
Date: Thu, 29 Sep 2022 23:47:11 GMT
Server: Apache/2.4.10 (Debian)
Set-Cookie: PHPSESSID=jfeo5km5ohirgu6g9omeagq1s5; path=/; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Content-Length: 8
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   8
Md5:    4202ef115ebede37eb22297113f5fb32
Sha1:   58cfcdca5ed542240131e60e7a5af5e83f61e786
Sha256: 171a10659e4f55415bf9eca0b9310d69e3df6ea85ee20419e0d6f4d95d98621f

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 23:16:01 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lN-J1oeDxZuDM1Gh90ZLK3sM-b3vdjBzvcQG9VPA0Ismm6B7VA8kuw==
Age: 1870


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6482
Expires: Fri, 30 Sep 2022 01:35:13 GMT
Date: Thu, 29 Sep 2022 23:47:11 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cXAHPbsfwS1hWoQ92kxBP49xp_bIhJB72XX2GN7HfMBMQc98qbCEXw==
age: 65924
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 23:47:11 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F89CA5C90ADEADA2AE5C676015C023160F1A9F5E755FCC72445B8B06EAE3E84A"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9085
Expires: Fri, 30 Sep 2022 02:18:36 GMT
Date: Thu, 29 Sep 2022 23:47:11 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 29 Sep 2022 23:29:33 GMT
Expires: Thu, 29 Sep 2022 23:45:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GlbRO8P7_T6DtaNgAH25mNDpoiBCgW6fvTOxI0m5yMlTHPtyTbaFHg==
Age: 1058


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Thu, 29 Sep 2022 23:47:11 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Set-Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2; path=/; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Sun, 25 Sep 2022 22:13:50 +0500 GMT
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16471
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (735), with CRLF, LF line terminators
Size:   16471
Md5:    ff4be02f331783a2b61ea87cb6a5ac0f
Sha1:   92f6367dac1e196f39220f42082445c61e93ea15
Sha256: e6b7b3dbc8b04a80e1755655826ad471af312a3565c38746f4c0a8348f83375b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /templates/flatty/style/styles.css HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Tue, 20 Sep 2022 07:27:13 GMT
ETag: "5f28-5e916c1d1db48-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5953
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   5953
Md5:    89b3db88d9d4bba2d1c15dccd30e0e1d
Sha1:   cc868c975cebceb02ddd806707ba19fdcbb7d38e
Sha256: ad2c456acb8113162c208e65c1f730346deaf83121196ada4dd92d8546de1eaa
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2942
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 23:47:12 GMT
Last-Modified: Thu, 29 Sep 2022 22:58:10 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=UA-22991532-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 29 Sep 2022 23:47:12 GMT
expires: Thu, 29 Sep 2022 23:47:12 GMT
cache-control: private, max-age=900
last-modified: Thu, 29 Sep 2022 21:05:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42385
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   42385
Md5:    8dffb44935f3843226b3f45900f36710
Sha1:   f6b09698160cf305e7de0c46b6d2306cc31d894d
Sha256: ec1bdbe077f8d2f8525ced2de5aa8afa04abd240464d5c52a049b777215e5ce6
                                        
                                            GET /engine/classes/min/index.php?charset=utf-8&g=general&v=24 HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Expires: Fri, 29 Sep 2023 23:47:12 GMT
Vary: Accept-Encoding
Last-Modified: Fri, 23 Feb 2018 10:18:00 GMT
ETag: "pub1519381080;gz"
Cache-Control: max-age=31536000
Content-Length: 29779
Content-Encoding: gzip
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065), with CRLF line terminators
Size:   29779
Md5:    d53b6078eba5b9e73ac9052e8599ecb4
Sha1:   77d1657c9cf82e5c36da1bb2716e0ca3f00ed2c6
Sha256: c2a76413a6f266a6a1fcf3f90c65f07d20534ba5d7131f53acdb9102bb3d77ae
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /templates/flatty/js/libs.js HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Mon, 11 Nov 2019 10:16:29 GMT
ETag: "19a1-5970f6cca1a84-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2159
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ISO-8859 text
Size:   2159
Md5:    58cb78e400ca0aa1c3543a9af7c57897
Sha1:   29949eb5cd726bb478003cdc00a8361ef62272d6
Sha256: 4e7f671c198f8e9e478eb1b5fe837795b1291b3606ef74c6012936e4f55bdf49

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css?family=Open+Sans:400,600,700&subset=latin,cyrillic HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Sep 2022 23:47:12 GMT
date: Thu, 29 Sep 2022 23:47:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1155
Md5:    f8172644b646b47307d17def43f11f33
Sha1:   a9667c6e7a52e6235f361d913af25cbfeb1ce715
Sha256: 90e3d4ad27ca7530dcd42d5a56abd9c9f63a5c72f3ca5d6b9da6e6790836bf55
                                        
                                            GET /templates/flatty/style/engine.css HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Fri, 21 Apr 2017 06:45:54 GMT
ETag: "15f86-54da79be66c80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 29677
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (13482), with CRLF line terminators
Size:   29677
Md5:    54e69f538f2012e6c45fdbe20aeb6a33
Sha1:   3b56854c6ecad0794821aca7131f6349cd2845fc
Sha256: 54a4b781d17400fe8ec1d15205ec51c4628b1507ac479d0439900c0501dff79c
                                        
                                            GET /engine/classes/min/index.php?charset=utf-8&f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/masha/masha.js&v=24 HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Expires: Fri, 29 Sep 2023 23:47:12 GMT
Vary: Accept-Encoding
Last-Modified: Sun, 01 Apr 2018 03:54:00 GMT
ETag: "pub1522554840;gz"
Cache-Control: max-age=31536000
Content-Length: 41334
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (18446), with CRLF line terminators
Size:   41334
Md5:    908e47a02643de0df5fd62dc5dab85a8
Sha1:   333c98fea1d2cce5e0bb2a6b536878745ca164c4
Sha256: 6b6c402131e2fef0494c4b58c3ca2de2b5f4b4e26da51e5bd323761566ffe568
                                        
                                            GET /uploads/posts/2011-04/thumbs/1303319862_tumblr_kvybczqi6h1qatcd3o1_500.jpg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 20 Apr 2011 17:17:14 GMT
ETag: "2985-4a15ccbbbfa80"
Accept-Ranges: bytes
Content-Length: 10629
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 145x145, components 3\012- data
Size:   10629
Md5:    0d2a83feaeffcc6cf14e7df87c49889b
Sha1:   4f827896a1c997d0aa5baa480b8d334a2d136af3
Sha256: 953ae9ea3346367d682eb2c166daccb772c5f939c179941833f2f59d56fb2b9b
                                        
                                            GET /uploads/posts/2014-10/1414067065_11.jpg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 23 Oct 2014 12:23:46 GMT
ETag: "3336-5061622c5f880"
Accept-Ranges: bytes
Content-Length: 13110
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 280x231, components 3\012- data
Size:   13110
Md5:    9ea55663a0efc8e0f4ea71a1c1c89959
Sha1:   ad634a2990d200d48492149bbc9a49516c8c4470
Sha256: bb3ef9c7bbf4345d3843e947f31a9abb132946c490271560a06f0c956a5b26e5
                                        
                                            GET /uploads/posts/2022-09/1664266149_vrach-izuchaet-rentgenovskij-snimok-legkih1.jpg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Tue, 27 Sep 2022 08:08:28 GMT
ETag: "596c-5e9a4262ddb7c"
Accept-Ranges: bytes
Content-Length: 22892
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", progressive, precision 8, 700x350, components 3\012- data
Size:   22892
Md5:    e6b14025ecb0300cb7280be091f6756b
Sha1:   b5ed1b2eb86a8962f9aff85650c87f7999f219fb
Sha256: 5c4ba3b168b1a769be57f09caca64a6c4d9a0f628c2b38a51f7128fb34e34ffa
                                        
                                            GET /templates/flatty/dleimages/no_image.jpg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 29 Oct 2015 11:28:00 GMT
ETag: "92fe-5233c9a763000"
Accept-Ranges: bytes
Content-Length: 37630
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2014:04:13 11:41:34], baseline, precision 8, 300x200, components 3\012- data
Size:   37630
Md5:    ffce54c5ca2bff2147b0a21f9873fb5a
Sha1:   740e8c66c7b70c77f354829eaeabdd6f66b1220d
Sha256: cae9e67597737f508f25656888d749015f9fed9a3a895e2b647a2b4fc2f5a3a4
                                        
                                            GET /uploads/posts/2022-06/1655716038_60b943f0a6ef12bb4ef39a56cf09c0e8.jpg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Mon, 20 Jun 2022 09:06:46 GMT
ETag: "a541-5e1dd6c7019a3"
Accept-Ranges: bytes
Content-Length: 42305
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 640x425, components 3\012- data
Size:   42305
Md5:    4b460bb5152f5824e9438519b90fbf41
Sha1:   d9296c2ce291ed0ebeda036d2496543f70d1ee75
Sha256: 5ffa53dc49b1ac4900e5c11901b5ee0b780f94fb0b8668137ecd54386a97da1f
                                        
                                            GET /uploads/posts/2022-06/1655715525_upl_1553610385_254358.jpg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Mon, 20 Jun 2022 08:57:21 GMT
ETag: "854f-5e1dd4ac28947"
Accept-Ranges: bytes
Content-Length: 34127
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 700x350, components 3\012- data
Size:   34127
Md5:    73c9efbc83cbc08cee1355a96ff9ed71
Sha1:   aa4244851b6512df2582fcbce9e76c034c55da22
Sha256: dc16c4d770b82dc49a70b8d6cc37345fc2e0d1c2a68db3ecab88dfed1067f19c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B3EC1D236F8500A59B1B331CCD64B85AA580B3325DD4B3E2BB5B4CB287CEB962"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6324
Expires: Fri, 30 Sep 2022 01:32:36 GMT
Date: Thu, 29 Sep 2022 23:47:12 GMT
Connection: keep-alive

                                        
                                            GET /widgets/v1/zp.js?pid=tl3cb1c170f00e25d07c5387ac93373c73bbafe68c HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.163.114.204
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Server: nginx
Date: Thu, 29 Sep 2022 23:47:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: utl_id2=28993114475; Expires=Sat, 28 Sep 2024 23:47:12 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure utl_dat="CPLLlt24MBAAIPKc4eW4MCjynOHluDAwAIOvbpqQQGrMv7+qE5qKBG0="; Expires=Sat, 28 Sep 2024 23:47:12 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
Cache-Control: max-age=31556926
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (585)
Size:   11200
Md5:    56731d150bd1939dcda872ba9431b40a
Sha1:   8d89667992b0371f6ca00065f5e8d356d12992b7
Sha256: 32b6363d13f2c66688fb70d75345d487755cfe5be41bb1abc9afe994f9a7f334
                                        
                                            GET /uploads/posts/2015-05/thumbs/1431368899_using_sdating_1.jpg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Mon, 11 May 2015 18:28:08 GMT
ETag: "738d-515d28a1c9e00"
Accept-Ranges: bytes
Content-Length: 29581
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 432x418, components 3\012- data
Size:   29581
Md5:    98dd37f0bc6665da44ff22ec65edc2a8
Sha1:   48400e212aa0d58c17d4ba51bc6de8b96c3b7c9c
Sha256: 9b7e6a4a4014cc04dc608ed82992fdeda4a8d101305077085eef5df62380bb9f
                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chel-week.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 18:01:25 GMT
expires: Sun, 24 Sep 2023 18:01:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
age: 452747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chel-week.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 19:01:39 GMT
expires: Tue, 26 Sep 2023 19:01:39 GMT
cache-control: public, max-age=31536000
age: 276333
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 26240, version 1.0\012- data
Size:   26240
Md5:    4a90976686fcbd8296c7d7fccc04c273
Sha1:   bcb82e93ac7ad1fa2af6a37009a200f79f4cb4e5
Sha256: 59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
                                        
                                            GET /templates/flatty/images/logo.png HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 13 Sep 2018 08:49:27 GMT
ETag: "5ac5-575bcc8db6c8a"
Accept-Ranges: bytes
Content-Length: 23237
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 200 x 60, 8-bit/color RGB, non-interlaced\012- data
Size:   23237
Md5:    aa05e3531dfc01c4ef200418a190750b
Sha1:   cd83d07ec4285e6fcc08886fa18938cc4c02e4d9
Sha256: 211cbdc3729da0ca8092dcd994a8db55256e10bbfb51cce77443377a7e526f03
                                        
                                            GET /uploads/posts/2022-06/1655714952_123.jpg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Mon, 20 Jun 2022 08:48:50 GMT
ETag: "b4f1-5e1dd2c4f0c7e"
Accept-Ranges: bytes
Content-Length: 46321
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=9, height=417, orientation=upper-left, xresolution=72, yresolution=72, resolutionunit=2, datetime=2022:06:20 13:48:36, width=626], baseline, precision 8, 626x417, components 3\012- data
Size:   46321
Md5:    b4a680dfbc817bf28444f9384dbd521d
Sha1:   a8a4020c44239b55a9e9347876fd7b70d678f24a
Sha256: 01c86f789c8e8c3248927ca1cfeb5f2222de57b245ff4fabfb54282989873dd7
                                        
                                            GET /aci.js HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: application/x-javascript
                                        
server: openresty
date: Thu, 29 Sep 2022 23:47:12 GMT
content-length: 7461
last-modified: Mon, 16 May 2022 07:14:50 GMT
etag: "6281f9ea-1d25"
content-encoding: gzip
expires: Fri, 30 Sep 2022 11:47:12 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1408)
Size:   7461
Md5:    ae0aab6c5a2ae2e1168e74f6e6ae4741
Sha1:   2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
Sha256: a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: e+waXPXaHTzb+U7c4AfIfg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.162.110.205
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5+7773XpCrK1H3hfdcNexnoLToI=

                                        
                                            GET /uploads/posts/2022-06/1655713998_-muzhchina-i-zhenschina-konec-otnoshenija-chelovecheskaja-golova-profilja-198281879.jpg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Mon, 20 Jun 2022 08:33:04 GMT
ETag: "8b9f-5e1dcf3eb708d"
Accept-Ranges: bytes
Content-Length: 35743
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, copyright=Animak | Dreamstime.com], progressive, precision 8, 800x800, components 3\012- data
Size:   35743
Md5:    3c7f9f9d6effb10f75f6e2a56a4c0047
Sha1:   0aee653cdec78ba085131e7a4d867b8ce11bacbd
Sha256: 6b923acf95cf17da2d9fb07bf7e4227ef10ab9854db879a267824b5c63d5c27a
                                        
                                            GET /templates/flatty/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://chel-week.ru/templates/flatty/style/engine.css
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 19 Apr 2017 15:14:02 GMT
ETag: "10440-54d867971a280"
Accept-Ranges: bytes
Content-Length: 66624
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Size:   66624
Md5:    db812d8a70a4e88e888744c1c9a27e89
Sha1:   638c652d623280a58144f93e7b552c66d1667a11
Sha256: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /uploads/posts/2017-02/thumbs/1487746838_kak_sdelat_chtoby_devyshkavlybilas_v_tebya1.jpg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 22 Feb 2017 06:58:58 GMT
ETag: "7a99-5491907d59080"
Accept-Ranges: bytes
Content-Length: 31385
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 432x432, components 3\012- data
Size:   31385
Md5:    b8d380bdd404c98b3361f43e72afff8c
Sha1:   2acf22b070752a47fadf78dfe23d8f105bb76510
Sha256: bbfc8ab46f27f46938405b8b0f356b3cf9051e754db1b13745e369ed8f88a128
                                        
                                            GET /uploads/posts/2015-05/thumbs/1431094245_strojn-450x285.jpg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Fri, 08 May 2015 14:10:18 GMT
ETag: "5e2a-5159296810680"
Accept-Ranges: bytes
Content-Length: 24106
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 432x285, components 3\012- data
Size:   24106
Md5:    18f57f3e7d7d9aa873a0129e0375dbbc
Sha1:   344f866d67a1909741579a75644dcd149fd2f1b4
Sha256: 9a22b8ab2eaed21d57eb5c0be3488f73fb12037592abcf28c4dd4b80bd6d0255
                                        
                                            GET /uploads/posts/2020-06/1591614881_original.jpeg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Mon, 08 Jun 2020 11:13:12 GMT
ETag: "d404-5a790b254a4ed"
Accept-Ranges: bytes
Content-Length: 54276
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 800x592, components 3\012- data
Size:   54276
Md5:    734fdd74819c00af2ea1b77ef61fda54
Sha1:   9227fee07e983eb1cf1f4182a42b3946419219c8
Sha256: ca62d9fadd4d5475b85984be4eb63ce342a95e282cea7e9082cbf019fd846193

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /templates/flatty/images/share.png HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/templates/flatty/style/styles.css
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Fri, 21 Apr 2017 06:46:12 GMT
ETag: "1682-54da79cf91500"
Accept-Ranges: bytes
Content-Length: 5762
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 65 x 390, 8-bit/color RGBA, non-interlaced\012- data
Size:   5762
Md5:    3a796268dbb178122c25e9983ff26173
Sha1:   20398eb04f5ae2a8fdf5f5f987d40b155cad12c0
Sha256: 91d5b067fefe73273b036fab32d3f2cd93de193292accc675defda11a848540a
                                        
                                            GET /mc/?dp=10 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 302 Found
content-type: text/html
                                        
server: openresty
date: Thu, 29 Sep 2022 23:47:12 GMT
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Thu, 29-Sep-22 23:57:12 GMT aid=wQO4iWM2LoBWhwSN6yRiAlE6SywZ/vAsV/lw9126Mf8/sQfG; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   154
Md5:    cfbeaf604823f038b8b46f0ac862b98c
Sha1:   7b9eb1dac48e74fa5f418bc456cb410f88b81d98
Sha256: 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
                                        
                                            GET /hit/?v=0.4.0&uid=fa182cd8-bab2-43cc-9a6a-fbeb41401896&dp=10&tz=%2B00%3A00&nc=44238369&u=https%3A%2F%2Fchel-week.ru%2F33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html&r=&rs=1280x1024&t=%D0%93%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF%20%D0%9C%D0%B0%D0%B9%D1%8F%20%D0%BD%D0%B0%202022%20%D0%B3%D0%BE%D0%B4%20%D0%BF%D0%BE%20%D0%B4%D0%B0%D1%82%D0%B5%20%D1%80%D0%BE%D0%B6%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F&oE=1&oP=1&dT=2022-09-29T23%3A47%3A09.647&fu=0e649376-5a27-4e61-8246-d6696fd7b594 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Thu, 29 Sep 2022 23:47:12 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=fwAAAWM2LoB9+gDWMzOvAny5dJWTBBc6L4I+RWGJ0/W4krNd; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /uploads/posts/2017-02/thumbs/1486078267_maxresdefault.jpg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 02 Feb 2017 23:30:44 GMT
ETag: "a8a7-547948dd79100"
Accept-Ranges: bytes
Content-Length: 43175
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 432x432, components 3\012- data
Size:   43175
Md5:    ce2c5874812e1d1ca93fed1135c626f0
Sha1:   88bca47a78e02c2f57cde9cfa2e6e2299a0e4aba
Sha256: 353c18405c7a24fa3a459ca3cc5504854b5510f8fdcba4f1412dd6852a391ab9
                                        
                                            GET /uploads/posts/2015-04/thumbs/1430036307_actual_teaser_661346_48655133.jpg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Sun, 26 Apr 2015 08:17:16 GMT
ETag: "acb0-5149c41dcdb00"
Accept-Ranges: bytes
Content-Length: 44208
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 432x396, components 3\012- data
Size:   44208
Md5:    4601996e7f343c0746f4af5fc9e041fe
Sha1:   0c3bf39db1e3fcffb0f1d5756e459b86062eeb6a
Sha256: f1942ee06f86f5b297c216eb716b18cd868ae89bd91dba15d2bdda3590b727aa
                                        
                                            GET /uploads/posts/2014-04/1396289489_imgpreview.jpg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Mon, 31 Mar 2014 18:09:54 GMT
ETag: "27f8-4f5eaf5554080"
Accept-Ranges: bytes
Content-Length: 10232
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 231x173, components 3\012- data
Size:   10232
Md5:    7327c0dbe1a9f8e2c78b5412e9a6c34c
Sha1:   6d59dd55436abe765af33e9263dd46fcc5668a83
Sha256: 33b74d75447c5e0efb52edcc02fe4bbd35f22ebd1c0cb4acbf7c293419d19a2e
                                        
                                            GET /uploads/posts/2014-03/1395936513_podguzniki2.jpg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 27 Mar 2014 16:07:04 GMT
ETag: "4376-4f598c6ae7a00"
Accept-Ranges: bytes
Content-Length: 17270
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 333x250, components 3\012- data
Size:   17270
Md5:    07525cd2c2a171032fe895dae85a7ad3
Sha1:   a334d31ee9f319747b95730e887942f3412ae717
Sha256: c12f5056e95e6f778f10ddf7330a06ffec35e764cb04594904b001a30b3cec0c
                                        
                                            GET /widgets/v1/version.js?cb=cb__utl_cb_share_1664495229652415 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Cookie: utl_id2=28993114475; utl_dat="CPLLlt24MBAAIPKc4eW4MCjynOHluDAwAIOvbpqQQGrMv7+qE5qKBG0="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.163.114.204
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Server: nginx
Date: Thu, 29 Sep 2022 23:47:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 27 Sep 2022 18:30:06 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Set-Cookie: utl_id2=28993114475; Expires=Sat, 28 Sep 2024 23:47:12 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure utl_dat="CPLLlt24MBAAIPKc4eW4MCjynOHluDAwAIOvbpqQQGrMv7+qE5qKBG0="; Expires=Sat, 28 Sep 2024 23:47:12 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   83
Md5:    6624c1fae4f0d2e6babf038d4052475e
Sha1:   4edcff951cd4b0b2c330aa7e21dca983cd286766
Sha256: 6125f56367b429304a5ce1b426590f9f2ada40fa1739080931fdb53584120989
                                        
                                            GET /widgets/v1/uptolike.js HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.163.114.204
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Server: nginx
Date: Thu, 29 Sep 2022 23:47:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: utl_id2=28993114493; Expires=Sat, 28 Sep 2024 23:47:12 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure utl_dat="CK/Nlt24MBAAIK+e4eW4MCivnuHluDAwAKfncJP9HT6FfGjyHjHAO4k="; Expires=Sat, 28 Sep 2024 23:47:12 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
Cache-Control: max-age=1800
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Expires: Fri, 30 Sep 2022 00:17:12 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (565)
Size:   8326
Md5:    6075742d564fbc306a88508d7e0e5d3d
Sha1:   769855acd94bae595564826b23fa3f738c806799
Sha256: cda0005e8be6a96fed733b0ea7cfa06fbcb3123c3692ed3d3ce7e8ee83587c63
                                        
                                            GET /templates/flatty/dleimages/marker.png HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/templates/flatty/style/engine.css
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 29 Oct 2015 11:28:00 GMT
ETag: "75b-5233c9a763000"
Accept-Ranges: bytes
Content-Length: 1883
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 32 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   1883
Md5:    004417a6a98320b4f11641d6c2441105
Sha1:   222d969222cb52fa16eb621e5930e8978995b79a
Sha256: e393ab33da5f5e3cb8a5fd7beece758d61ae71f7646f9dd100dc562aa667b723
                                        
                                            GET /uploads/posts/2017-02/thumbs/1487746629_33_main1.jpg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 22 Feb 2017 06:55:46 GMT
ETag: "66f5-54918fc63e080"
Accept-Ranges: bytes
Content-Length: 26357
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 432x432, components 3\012- data
Size:   26357
Md5:    70c3e7d2b713f40140f2370340e05b70
Sha1:   dc4e35ebdd03088276230064021795cd432b07b5
Sha256: 81d033860f654a8890c47cc22073a4ce78802d987edfbd5ef46c44dbb5033087
                                        
                                            GET /uploads/posts/2014-10/thumbs/1414427270_11.jpg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Mon, 27 Oct 2014 16:26:34 GMT
ETag: "94ea-50669fe758280"
Accept-Ranges: bytes
Content-Length: 38122
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 432x300, components 3\012- data
Size:   38122
Md5:    900a45525cf2577e0fc75b5e5c5919da
Sha1:   2fb0e9fed0caa770485b3d9aa9566e7f8421983a
Sha256: f4af32025633c950d3af09715cc726765ad147ce5335fb90697cd1357abdd8a5
                                        
                                            GET /uploads/posts/2015-05/thumbs/1431190913_f9ed7f504a28d0cde0a0cba22d199271_xl.jpg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Sat, 09 May 2015 17:01:08 GMT
ETag: "7fed-515a9174afd00"
Accept-Ranges: bytes
Content-Length: 32749
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 432x350, components 3\012- data
Size:   32749
Md5:    d4ef22fbf808f877826103fddee55666
Sha1:   bd4f4484395c4ed4401086a0455b97c73934b7e0
Sha256: 2958fedcb4fa3494d7cb3d0676589b7d057f8af41d0766e04765044bef24f7d7
                                        
                                            GET /uploads/posts/2022-09/1664125863_goroskop-mayya1.jpg HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Sun, 25 Sep 2022 17:09:33 GMT
ETag: "4e0d3-5e9837990bd94"
Accept-Ranges: bytes
Content-Length: 319699
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=649, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1000], progressive, precision 8, 800x533, components 3\012- data
Size:   319699
Md5:    d38bb06d3acf78fb6038eb6fac1e8c0d
Sha1:   1fa75b2c387fc60f9e3aa0259cb166790d75b24a
Sha256: 2df7a714d8fa9f00bd5319d7515a5fe1f2e0610abe1313db35ecfbcfc4af55ad
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6145
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 23:47:12 GMT
Last-Modified: Thu, 29 Sep 2022 22:04:48 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Thu, 29 Sep 2022 22:41:09 GMT
expires: Fri, 30 Sep 2022 00:41:09 GMT
cache-control: public, max-age=7200
age: 3963
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3F79A4E016A352D916E35462B4E0ADFC4C122BB7D32523C3B2618A89360F17B2"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13603
Expires: Fri, 30 Sep 2022 03:33:55 GMT
Date: Thu, 29 Sep 2022 23:47:12 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /sync?ssp=sape HTTP/1.1 
Host: a.utraff.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.59.66
HTTP/2 204 No Content
content-type: text/plain
                                        
date: Thu, 29 Sep 2022 23:47:12 GMT
set-cookie: preutid=1; Expires=Sun, 30 Oct 2022 02:47:12 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/ preutid=1; Expires=Sun, 30 Oct 2022 02:47:12 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5Owbw%2Br5cr1GlX%2Bw76yauFAIhcn%2F7BISBYSFjLRdEcO%2FoPqxw%2B%2BNshaE1QIG1ferScnx00BR50xToiGxrx1KCtAaUkBP1D%2Fo1sR6GV%2BmvwE2PxL%2FY3v6WxBAM4MtwI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75289a4539bf0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /match?id=106&vid=0100007F802E3663D600FA7D02AF3333 HTTP/1.1 
Host: dm-eu.hybrid.ai
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.18.103.16
HTTP/2 204 No Content
                                        
date: Thu, 29 Sep 2022 23:47:12 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=cc21dff017047b693440; expires=Fri, 29 Sep 2023 23:47:11 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 507
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2

                                        
                                            GET /data/js/100603.js HTTP/1.1 
Host: smi2.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         5.188.198.148
HTTP/1.1 200
Content-Type: application/javascript;charset=utf-8
                                        
Server: nginx
Date: Thu, 29 Sep 2022 23:47:12 GMT
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
X-MaxSize: 2
X-MaxShm: 2
X-ShmTol: 10
X-Loc: 3143244
X-MID: 46
X-Node: ads5-2sselp12
X-TotalPrimary: 5263
X-TotalPrimaryPayable: 2643
X-ChosenPrimary: 2
X-TotalPrimaryExchange: 2620
X-TotalReserve: 279
Set-Cookie: _sm_uid=63889b79-83b0-4491-a537-1b6eb85c81bc; Domain=.smi2.ru; Expires=Fri, 29-Sep-2023 23:47:12 GMT; Path=/; SameSite=None; Secure _sm_udt=1664495232924; Domain=.smi2.ru; Expires=Fri, 29-Sep-2023 23:47:12 GMT; Path=/; SameSite=None; Secure _sm_sid=cdd0a595-e2dc-41e0-8e38-340602452f15; Domain=.smi2.ru; Expires=Fri, 30-Sep-2022 00:17:12 GMT; Path=/; SameSite=None; Secure nid=ads5-2sselp12; Domain=.smi2.ru; Expires=Sat, 07-Jan-2023 23:47:12 GMT; Path=/; SameSite=None; Secure clk=""; Domain=.smi2.ru; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; SameSite=None; Secure qw=""; Domain=smi2.ru; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; SameSite=None; Secure qw=NtXSamM2LoBbWiqa; Domain=.smi2.ru; Expires=Mon, 28-Nov-2022 23:47:12 GMT; Path=/; SameSite=None; Secure qws=""; Domain=smi2.ru; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; SameSite=None; Secure qws=TnRYU2FtTTJMb0JiV2lxYQ~~#1W0YntZ5Z0vwZbOV60CSPw~~; Domain=.smi2.ru; Expires=Mon, 28-Nov-2022 23:47:12 GMT; Path=/; SameSite=None; Secure
Last-Modified: Thursday, 29-Sep-2022 23:47:12 GMT
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (3848), with no line terminators
Size:   1599
Md5:    768dd92ccdca16f525d27b1ead635575
Sha1:   52f6c4a6033629e9a7bae2d2cf6a46545398a02f
Sha256: d3ec300d81ca2b79b304db2b6899f2db580fe12c3a5abd9f49786e702d6e52f4
                                        
                                            POST /j/collect?v=1&_v=j97&a=530039506&t=pageview&_s=1&dl=https%3A%2F%2Fchel-week.ru%2F33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html&ul=en-us&de=UTF-8&dt=%D0%93%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF%20%D0%9C%D0%B0%D0%B9%D1%8F%20%D0%BD%D0%B0%202022%20%D0%B3%D0%BE%D0%B4%20%D0%BF%D0%BE%20%D0%B4%D0%B0%D1%82%D0%B5%20%D1%80%D0%BE%D0%B6%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=2002478202&gjid=1844313838&cid=1270255547.1664495230&tid=UA-22991532-1&_gid=389762107.1664495230&_r=1&gtm=2ou9s0&z=1136431927 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://chel-week.ru
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://chel-week.ru
date: Thu, 29 Sep 2022 23:47:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    cc7a1e792bca8ccb1946b7a07f6dbc03
Sha1:   11a2757082428311f587b7664fa9840376137f80
Sha256: de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
                                        
                                            GET /pagead/js/adsbygoogle.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.130
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Thu, 29 Sep 2022 23:47:12 GMT
expires: Thu, 29 Sep 2022 23:47:12 GMT
cache-control: private, max-age=3600
etag: 16814917446560940790
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 54701
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2910)
Size:   54701
Md5:    a688b5550aa6e3e2d3ebb779f67b8135
Sha1:   a0faf6effcdb74f284c1769b0d32a23f0d7a05eb
Sha256: c24297787bccd86e90a52ee12e79ca29de37d91476192e567ac98cf8043e00ce
                                        
                                            GET /templates/flatty/images/favicon.png HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2; fid=0e649376-5a27-4e61-8246-d6696fd7b594
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 29 Sep 2022 23:47:12 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 09 Mar 2016 13:45:52 GMT
ETag: "6fa-52d9dea906400"
Accept-Ranges: bytes
Content-Length: 1786
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced\012- data
Size:   1786
Md5:    137db765a36d4f9235f08678ebb9e4af
Sha1:   0943e06099b1243eddb12b0942abcdad9adfc5f1
Sha256: 81145d0ca61d82d7127e0b96537c595a7613639b278d9f15368fc705bce0d763
                                        
                                            GET /widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Cookie: utl_id2=28993114493; utl_dat="CK/Nlt24MBAAIK+e4eW4MCivnuHluDAwAKfncJP9HT6FfGjyHjHAO4k="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.163.114.204
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Server: nginx
Date: Thu, 29 Sep 2022 23:47:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Fri, 30 Sep 2022 00:17:12 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (783)
Size:   42196
Md5:    36e31a5362200127257f343ad21c9f3e
Sha1:   f5b05b2a24ca19d756b4cecf0ec80b304a0c7d2a
Sha256: 2ff107bc4ae47641d278b80ed6fa1a75f0a6f84bcd8f9aa16be825e32aace97a
                                        
                                            GET /loader.min.js HTTP/1.1 
Host: news.gnezdo.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.95.100.117
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.3
Date: Thu, 29 Sep 2022 23:47:12 GMT
Content-Length: 20690
Last-Modified: Mon, 26 Sep 2022 07:54:12 GMT
Connection: keep-alive
ETag: "63315aa4-50d2"
Content-Encoding: gzip
Expires: Fri, 30 Sep 2022 23:47:12 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Set-Cookie: uid=XV9kdWM2LoBwZwZ5+1EWAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; secure; SameSite=none
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"


--- Additional Info ---
Magic:  ASCII text, with very long lines (32107)
Size:   20690
Md5:    9aac1d2431914b3e1d6fdb14bd07d01d
Sha1:   16f41bb95f9d791c2924e9e7abc3c0cd3bcd4375
Sha256: 978eacbf0aa59f2448075240c45eb6e6514b4234989c759f5f1a179dfc5b548d
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 939
Connection: keep-alive
Expires: Mon, 03 Oct 2022 22:19:35 GMT
ETag: "fa87f07df374fad272d325df89507177a5a17598"
Last-Modified: Thu, 29 Sep 2022 22:19:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1012
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75289a4659260b3d-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7FED9D5CD5E721EEBE20AECD3DB583F1452714330D916B25F2DC167328443E08"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7314
Expires: Fri, 30 Sep 2022 01:49:07 GMT
Date: Thu, 29 Sep 2022 23:47:13 GMT
Connection: keep-alive

                                        
                                            GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1 
Host: ssp-rtb.sape.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         193.3.184.200
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: openresty
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=A9B803C1812E36634D00DFAD02668229
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=wQO4qWM2LoGt3wBNKYJmArnSITPOfZHCHVoc3QJcncJYjsq2; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   142
Md5:    82c98e8e012b79c922655461171cc2fa
Sha1:   0828d79135573276005b04be42d79a8a3291292b
Sha256: 745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 940
Connection: keep-alive
Expires: Mon, 03 Oct 2022 22:04:06 GMT
ETag: "08243188a097d6c7eedf18376b13f0a5aee5184f"
Last-Modified: Thu, 29 Sep 2022 22:04:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2657
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75289a46b9420b3d-OSL

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 938
Connection: keep-alive
Expires: Mon, 03 Oct 2022 22:06:42 GMT
ETag: "4c202d252ec473680433ac23909b1f8d0fdd519d"
Last-Modified: Thu, 29 Sep 2022 22:06:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 348
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75289a46b9460b3d-OSL

                                        
                                            GET /sape/sync HTTP/1.1 
Host: sync.upravel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         144.76.138.28
HTTP/2 302 Found
content-type: image/png
                                        
server: nginx
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1664495233076;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180 session_tptc-legacy=1664495233076;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6146
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 23:47:13 GMT
Last-Modified: Thu, 29 Sep 2022 22:04:48 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Cookie: utl_id2=28993114493; utl_dat="CK/Nlt24MBAAIK+e4eW4MCivnuHluDAwAKfncJP9HT6FfGjyHjHAO4k="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         95.163.114.204
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: nginx
Date: Thu, 29 Sep 2022 23:47:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Fri, 30 Sep 2022 00:17:13 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (511)
Size:   624
Md5:    db0f291b1ee364d9de4ad30906fac72a
Sha1:   46ae53e00d5964e1fbd0d75c0483f4718db48e8e
Sha256: 9b2a1dadf125f7367489db7e4bd8c22b34ec3126220422467b0de51f0274f64d
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 03 Oct 2022 22:36:21 GMT
ETag: "bda339247f8e069d008d17456ab9c34e4ba48c5d"
Last-Modified: Thu, 29 Sep 2022 22:36:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1561
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75289a472fbcb515-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    074056a28850a3f8de1b57f8e9ebd59f
Sha1:   bda339247f8e069d008d17456ab9c34e4ba48c5d
Sha256: d601952e543d40ee824dc3fca4b066fbbc4ab9b2020d8ed934f11557f453d0fa
                                        
                                            GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F802E3663D600FA7D02AF3333 HTTP/1.1 
Host: sync.1dmp.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.216.101.186
HTTP/2 302 Found
                                        
server: nginx
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=0a860f80-4051-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 29 Sep 2023 23:47:13 GMT; SameSite=None; Secure uid-legacy=0a860f80-4051-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 29 Sep 2023 23:47:13 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F802E3663D600FA7D02AF3333&cs=1
X-Firefox-Spdy: h2

                                        
                                            GET /match?dp=14&euid=A9B803C1812E36634D00DFAD02668229 HTTP/1.1 
Host: acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWM2LoB9+gDWMzOvAny5dJWTBBc6L4I+RWGJ0/W4krNd; cSyncDp7v2=1664495232; cSyncDp14v3=1664495232; cSyncDp17=1664495232; cSyncDp32=1664495232; cSyncDp45v3=1664495232; cSyncDp53=1664495232; cSyncDp54v2=1664495232; cSyncDp62=1664495232; cSyncDp67v2=1664495232; cSyncDp68=1664495232; cSyncDp71=1664495232; cSyncDp77=1664495232; cSyncDp84=1664495232; cSyncDp85=1664495232; cSyncDp95v3=1664495232; cSyncDp101=1664495232; cSyncDp104v2=1664495232; cSyncDp107=1664495232; cSyncDp110=1664495232; cSyncDp111v2=1664495232; cSyncDp112v2=1664495232; cSyncDp125v2=1664495232; cSyncDp126=1664495232; cSyncDp127=1664495232; cSyncDp129=1664495232; cSyncDp136v2=1664495232; cSyncDp138=1664495232; cSyncDp144=1664495232; cSyncDp146=1664495232; cSyncDp148=1664495232; cSyncDp149=1664495232; cSyncDp151=1664495232; cSyncDp178=1664495232; cSyncDp179=1664495232; cSyncDp186=1664495232; cSyncDp221=1664495232
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1 
Host: sync.upravel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1664495233076
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         144.76.138.28
HTTP/2 302 Found
content-type: image/png
                                        
server: nginx
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 0
location: https://91a40db7-9b69-4adc-9a29-62cb48e1e867.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
set-cookie: user_id=91a40db7-9b69-4adc-9a29-62cb48e1e867;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000 user_id-legacy=91a40db7-9b69-4adc-9a29-62cb48e1e867;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

                                        
                                            GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F802E3663D600FA7D02AF3333&cs=1 HTTP/1.1 
Host: sync.1dmp.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=0a860f80-4051-11ed-8ff0-f832e4719dd9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         95.216.101.186
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=0a860f80-4051-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 29 Sep 2023 23:47:13 GMT; SameSite=None; Secure uid-legacy=0a860f80-4051-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 29 Sep 2023 23:47:13 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /match?dp=110&euid=a904427ff5e84b168a24805896c7c152 HTTP/1.1 
Host: acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWM2LoB9+gDWMzOvAny5dJWTBBc6L4I+RWGJ0/W4krNd; cSyncDp7v2=1664495232; cSyncDp14v3=1664495232; cSyncDp17=1664495232; cSyncDp32=1664495232; cSyncDp45v3=1664495232; cSyncDp53=1664495232; cSyncDp54v2=1664495232; cSyncDp62=1664495232; cSyncDp67v2=1664495232; cSyncDp68=1664495232; cSyncDp71=1664495232; cSyncDp77=1664495232; cSyncDp84=1664495232; cSyncDp85=1664495232; cSyncDp95v3=1664495232; cSyncDp101=1664495232; cSyncDp104v2=1664495232; cSyncDp107=1664495232; cSyncDp110=1664495232; cSyncDp111v2=1664495232; cSyncDp112v2=1664495232; cSyncDp125v2=1664495232; cSyncDp126=1664495232; cSyncDp127=1664495232; cSyncDp129=1664495232; cSyncDp136v2=1664495232; cSyncDp138=1664495232; cSyncDp144=1664495232; cSyncDp146=1664495232; cSyncDp148=1664495232; cSyncDp149=1664495232; cSyncDp151=1664495232; cSyncDp178=1664495232; cSyncDp179=1664495232; cSyncDp186=1664495232; cSyncDp221=1664495232
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C8B83278215D0AB59065E1228897273D0D79DDD90074096D32A7C316FE4C24F7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7535
Expires: Fri, 30 Sep 2022 01:52:48 GMT
Date: Thu, 29 Sep 2022 23:47:13 GMT
Connection: keep-alive

                                        
                                            GET /metrika/tag.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         87.250.251.119
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 72341
date: Thu, 29 Sep 2022 23:47:13 GMT
access-control-allow-origin: *
etag: "633583ac-11a95"
expires: Fri, 30 Sep 2022 00:47:13 GMT
last-modified: Thu, 29 Sep 2022 14:38:20 GMT
cache-control: max-age=3600
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Size:   72341
Md5:    7a68c8644032413981e4ba5bc0d66c4a
Sha1:   2d46ca8055e8577ae7138140e34a6e633434973c
Sha256: e0573e9a9cbfc3f00a921fa64c50270f5941a1ebb253ab70af2cc0dac45cb0d5
                                        
                                            GET /widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Cookie: utl_id2=28993114493; utl_dat="CK/Nlt24MBAAIK+e4eW4MCivnuHluDAwAKfncJP9HT6FfGjyHjHAO4k="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         95.163.114.204
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: nginx
Date: Thu, 29 Sep 2022 23:47:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Fri, 30 Sep 2022 00:17:13 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (585)
Size:   4396
Md5:    51f01f98377569bbbc324944b01bdbdf
Sha1:   916b5de4cc082a3ff9414c3a88542fc32c2ec89a
Sha256: f5d5637c94689e5b58c9b3b0d9a18acc3a5ed5550f33ec9c86a3d3f25e16e7bb
                                        
                                            GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1 
Host: ssp.bestssp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.147.80.35
HTTP/1.1 302 Found
                                        
Server: nginx/1.16.1
Date: Thu, 29 Sep 2022 23:47:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=NYUCCYLH
Set-Cookie: uid=NYUCCYLH; Expires=Fri, 30 Sep 2032 00:00:00 GMT; mf2=1; Expires=Sun, 30 Oct 2022 00:00:00 GMT;

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "98D2C6CDB0D2151214963504E3776803DD07BF2CE8B18A0620CC106073C63CFA"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7151
Expires: Fri, 30 Sep 2022 01:46:24 GMT
Date: Thu, 29 Sep 2022 23:47:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 15:41:04 GMT
Expires: Tue, 04 Oct 2022 15:41:03 GMT
Etag: "3cd43b1b901958dbdc3b2697251332928597c3b7"
Cache-Control: max-age=402229,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75289a476c0bb4eb-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CD937E2BF6A1703D5B87509F2762E483D0264124D14B0F70D01C7657EAFB5411"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5563
Expires: Fri, 30 Sep 2022 01:19:56 GMT
Date: Thu, 29 Sep 2022 23:47:13 GMT
Connection: keep-alive

                                        
                                            GET /merge_gpsid/?sid=50&id=0100007F802E3663D600FA7D02AF3333 HTTP/1.1 
Host: stat.adlabs.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         109.248.237.36
HTTP/2 302 Found
                                        
server: nginx
date: Thu, 29 Sep 2022 23:34:42 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007F802E3663D600FA7D02AF3333
X-Firefox-Spdy: h2

                                        
                                            GET /match?dsp=sape HTTP/1.1 
Host: sync.republer.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.88.82.46
HTTP/2 204 No Content
                                        
server: nginx
date: Thu, 29 Sep 2022 23:47:13 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2

                                        
                                            GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1 
Host: exchange.buzzoola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         167.235.33.113
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 115
location: https://www.acint.net/match?dp=126&euid=2974da5e-dcc1-42fc-6b50-c53c6e6e7d3c
serverid: TODO
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   115
Md5:    f147cdffc9ebf1c7c058165e95e0bb71
Sha1:   5d0c16e7afdbf05502d9ed4f34ecb1f30b2dcf8e
Sha256: 8a28ed6a31c6540b4326d8656b693ef4924f5440b3546623d34aaf0131b38857
                                        
                                            GET /match/396/?remote_uid=0100007F802E3663D600FA7D02AF3333 HTTP/1.1 
Host: s.uuidksinc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.220.27.155
HTTP/2 302 Found
                                        
server: nginx/1.19.0
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=UTDzoJNTx2shnR7D7iJc
set-cookie: jcsuuid=UTDzoJNTx2shnR7D7iJc; expires=Fri, 29 Sep 2023 23:47:13 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /metrika/watch.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         87.250.251.119
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 57285
date: Thu, 29 Sep 2022 23:47:13 GMT
access-control-allow-origin: *
etag: "633583ac-dfc5"
expires: Fri, 30 Sep 2022 00:47:13 GMT
last-modified: Thu, 29 Sep 2022 14:38:20 GMT
cache-control: max-age=3600
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (570)
Size:   57285
Md5:    44366cc385a5c0f49df4f22b71434b42
Sha1:   3f56349f8a3fff52e28a3300052bdc2bde97371c
Sha256: 485ba52769d75db2ed79f65318d37070d09ce3441680aa22caa10ae3cdcb45cd
                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 03 Oct 2022 19:53:50 GMT
ETag: "3f054461a69c7c58ce05b4e4e7532d81c5802a3e"
Last-Modified: Thu, 29 Sep 2022 19:53:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2943
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75289a4809be0b3d-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    f740451c93ff30eb0099ebc5a8e19fbe
Sha1:   3f054461a69c7c58ce05b4e4e7532d81c5802a3e
Sha256: 47ef44e86ef4117276f6f4815920a8e7dc66919669493dbcbad5cc634bf8e367
                                        
                                            GET /mc/?dp=10&tc=1 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chel-week.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWM2LoB9+gDWMzOvAny5dJWTBBc6L4I+RWGJ0/W4krNd
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: text/html
                                        
server: openresty
date: Thu, 29 Sep 2022 23:47:12 GMT
set-cookie: cSyncDp7v2=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp14v3=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp17=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp32=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp45v3=1664495232; expires=Fri, 30-Sep-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp53=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp54v2=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp62=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp67v2=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp68=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp71=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp77=1664495232; expires=Thu, 13-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp84=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp85=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp95v3=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp101=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp104v2=1664495232; expires=Thu, 13-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp107=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp110=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp111v2=1664495232; expires=Thu, 13-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp112v2=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp125v2=1664495232; expires=Fri, 14-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp126=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp127=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp129=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp136v2=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp138=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp144=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp146=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp148=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp149=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp151=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp178=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp179=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp186=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp221=1664495232; expires=Sat, 29-Oct-22 23:47:12 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   1466
Md5:    f40a77d9d228d05dc55acedbb7ddcce0
Sha1:   cc7eae7a880ade928b457f1da2544ddf747e02f2
Sha256: 69171966b9ec9968c029dd860ae9c623c3f4be4ea3affa84606f3772c6a1839c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6C887C1A16C03A379FCD3C3C2B99674F6855D216129059EBB3D1EA6F804C8ECB"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17917
Expires: Fri, 30 Sep 2022 04:45:50 GMT
Date: Thu, 29 Sep 2022 23:47:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7EA1CEE9AC8D3D78270991C4C20D608D4E8282F277E2CB2CB1E74B6071A9066D"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7517
Expires: Fri, 30 Sep 2022 01:52:30 GMT
Date: Thu, 29 Sep 2022 23:47:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C86A644408A68C10F57DED9F7D7CF4296B9AA804DB55C68DB74F3036525BB3B4"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6906
Expires: Fri, 30 Sep 2022 01:42:19 GMT
Date: Thu, 29 Sep 2022 23:47:13 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5770C871FF7F6D82E240B9FCEC3AD2E05C6129E30774FE3AD778F1A7D9D16681"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4189
Expires: Fri, 30 Sep 2022 00:57:02 GMT
Date: Thu, 29 Sep 2022 23:47:13 GMT
Connection: keep-alive

                                        
                                            GET /p?ssp=sp&id=0100007F802E3663D600FA7D02AF3333 HTTP/1.1 
Host: 0100007f802e3663d600fa7d02af3333-sp.ops.beeline.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.9.245.57
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=60adab7a-a562-4c3c-ac4f-3919ca922291
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=60adab7a-a562-4c3c-ac4f-3919ca922291; expires=Wed, 20 Sep 2023 23:47:13 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.60
X-Firefox-Spdy: h2

                                        
                                            GET /pagead/html/r20220927/r20190131/zrt_lookup.html HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.34
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Thu, 29 Sep 2022 00:28:25 GMT
expires: Thu, 13 Oct 2022 00:28:25 GMT
cache-control: public, max-age=1209600
age: 83928
etag: 9671129459699598864
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Size:   4420
Md5:    682bf699cccbc0ff817e1fcb7b95262a
Sha1:   11ad3edf0008f52b733c2d6d7199e1f052318d58
Sha256: bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
                                        
                                            GET /p?ssp=sp&uid=0100007F802E3663D600FA7D02AF3333 HTTP/1.1 
Host: cs.agency2.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.111.107.44
HTTP/1.1 301 Moved Permanently
                                        
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=8aa58acb-c84b-49fd-8542-12dd1c2d5bf3
Set-Cookie: uuid=8aa58acb-c84b-49fd-8542-12dd1c2d5bf3; expires=Wed, 20 Sep 2023 23:47:13 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44

                                        
                                            GET /core/match.gif?s=32&id=0100007F802E3663D600FA7D02AF3333 HTTP/1.1 
Host: mediatoday.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.228.111
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx/1.22.0
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUH6n60bJFlQw55; expires=Sun, 26-Sep-2032 23:47:13 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /sape/cm?user_id=0100007F802E3663D600FA7D02AF3333 HTTP/1.1 
Host: nr.bidderstack.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         148.251.217.100
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=15b27989-1aa5-42c2-963d-d75f5b40c668; domain=.bidderstack.com; path=/; expires=Fri, 29-Sep-2023 23:47:13 GMT;
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   44
Md5:    f9d60352c70a2ba15616d1c9421f3844
Sha1:   e9abc8bea7721a4b6a50295850d13c515006a95c
Sha256: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4D8225D7F038CA66EC4DE3E156CEBE3AE0BB89DC12543B7929087B67165E0B45"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16380
Expires: Fri, 30 Sep 2022 04:20:13 GMT
Date: Thu, 29 Sep 2022 23:47:13 GMT
Connection: keep-alive

                                        
                                            GET /userbind?src=sape&id=0100007F802E3663D600FA7D02AF3333 HTTP/1.1 
Host: match.new-programmatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.65.2.150
HTTP/1.1 204 No Content
                                        
Server: nginx/1.18.0
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6B9106C96C3D8DA6CB9F24D4B42DC0D85CBD4F7C9152D95BD24C29CF6B8F98E0"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10210
Expires: Fri, 30 Sep 2022 02:37:23 GMT
Date: Thu, 29 Sep 2022 23:47:13 GMT
Connection: keep-alive

                                        
                                            GET /?src=sap1&uid=0100007F802E3663D600FA7D02AF3333 HTTP/1.1 
Host: sync.bumlam.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.172.81.172
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQwYWFhMDNmZS00MDUxLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Wed, 24 Sep 2042 23:47:13 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARiB3diZBmIgMDEwMDAwN0Y4MDJFMzY2M0Q2MDBGQTdEMDJBRjMzMzOiARAKqgP-QFER7YZEACWQyCQ3
ETag: 0aaa03fe-4051-11ed-8644-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6B9106C96C3D8DA6CB9F24D4B42DC0D85CBD4F7C9152D95BD24C29CF6B8F98E0"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10210
Expires: Fri, 30 Sep 2022 02:37:23 GMT
Date: Thu, 29 Sep 2022 23:47:13 GMT
Connection: keep-alive

                                        
                                            GET /sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP/1.1 
Host: 91a40db7-9b69-4adc-9a29-62cb48e1e867.sync.upravel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1664495233076; user_id=91a40db7-9b69-4adc-9a29-62cb48e1e867
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         176.9.8.252
HTTP/2 302 Found
content-type: image/png
                                        
server: nginx
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=91a40db7-9b69-4adc-9a29-62cb48e1e867;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000 user_id-legacy=91a40db7-9b69-4adc-9a29-62cb48e1e867;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=91a40db7-9b69-4adc-9a29-62cb48e1e867
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 939
Connection: keep-alive
Expires: Mon, 03 Oct 2022 22:13:14 GMT
ETag: "3b64a8bbd24cb037c2280ebdadc8af57b2cad2e8"
Last-Modified: Thu, 29 Sep 2022 22:13:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 692
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75289a48ca120b3d-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6B9106C96C3D8DA6CB9F24D4B42DC0D85CBD4F7C9152D95BD24C29CF6B8F98E0"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10210
Expires: Fri, 30 Sep 2022 02:37:23 GMT
Date: Thu, 29 Sep 2022 23:47:13 GMT
Connection: keep-alive

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 939
Connection: keep-alive
Expires: Mon, 03 Oct 2022 22:13:14 GMT
ETag: "3b64a8bbd24cb037c2280ebdadc8af57b2cad2e8"
Last-Modified: Thu, 29 Sep 2022 22:13:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 692
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75289a48ea240b3d-OSL

                                        
                                            GET /sm.js HTTP/1.1 
Host: stat.media
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         82.148.14.194
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Thu, 29 Sep 2022 23:47:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 02 Dec 2021 13:53:02 GMT
ETag: W/"61a8cfbe-13481"
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Vary: Accept-Encoding, Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1713)
Size:   28220
Md5:    71d58878e917f1a6e08fc545ecaa30a9
Sha1:   2751bbc783d4358c8354f12649beb4145015ad0a
Sha256: de006a5565e1c4d5fba5019f3245f526917caa1a3ff161f2559c725b1cd51982
                                        
                                            GET /partner-code-bundles/658838/aaf863f179e3b7ad382c.js HTTP/1.1 
Host: yastatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://chel-week.ru
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         178.154.131.217
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx/1.17.9
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 18574
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "52c7131368b8c72bfc0ebee85a8dfa64"
expires: Sun, 29 Sep 2052 06:18:47 GMT
last-modified: Wed, 28 Sep 2022 15:12:21 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65494)
Size:   18574
Md5:    52c7131368b8c72bfc0ebee85a8dfa64
Sha1:   04c265c99a6ac79f3205c3c5ca1915182e4432e3
Sha256: 323cef0f8d1d3ba3860c93581a3970e6c43e11e9091ef416786942ec0383149d
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 939
Connection: keep-alive
Expires: Mon, 03 Oct 2022 22:13:14 GMT
ETag: "3b64a8bbd24cb037c2280ebdadc8af57b2cad2e8"
Last-Modified: Thu, 29 Sep 2022 22:13:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 692
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75289a490a2c0b3d-OSL

                                        
                                            GET /static/buttons/fonts/icomoon.woff?qq11232333=1232131231321 HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chel-week.ru
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         95.163.114.204
HTTP/1.1 200 OK
Content-Type: application/font-woff
                                        
Server: nginx
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 9144
Connection: keep-alive
Last-Modified: Wed, 16 Aug 2017 14:30:13 GMT
ETag: "599456f5-23b8"
Expires: Thu, 17 Nov 2022 07:57:02 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 9144, version 0.0\012- data
Size:   9144
Md5:    2596eafba8821cbd54fb4c4294eea5f2
Sha1:   53046bf3bccd35a24e515fcfbd34b31ec27c841e
Sha256: 3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29
                                        
                                            GET /partner-code-bundles/658838/a4074028f8b0cc4c3bb2.js HTTP/1.1 
Host: yastatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://chel-week.ru
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         178.154.131.217
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx/1.17.9
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 94239
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "a6b95a2a9652befb6640c44b22da1f30"
expires: Sun, 29 Sep 2052 06:18:41 GMT
last-modified: Wed, 28 Sep 2022 15:12:21 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65497)
Size:   94239
Md5:    a6b95a2a9652befb6640c44b22da1f30
Sha1:   1c4ca31a991134b09c9e1c3e48c451a0877973cb
Sha256: caaf8e9916a1a97814f6abc3a240bec006c4f1ce785d7001dfc91d3679b0fdd6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /img/192x256/10467365.jpeg HTTP/1.1 
Host: static4.smi2.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.162.95.126
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 18989
Connection: keep-alive
ETag: W/"633302cb-3d94"
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 95", baseline, precision 8, 192x256, components 3\012- data
Size:   18989
Md5:    a0efe1d3af1b07dfd2247d912a521a33
Sha1:   cf677a413782ac58744b94fad776dec879e7719b
Sha256: 7797913e965b41e0a782bcde01c1d8f2a93408d5513ff7159046e07c42ee0da7
                                        
                                            GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1 
Host: ads.adlook.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         5.200.43.243
HTTP/2 302 Found
                                        
location: https://acint.net/match?dp=110&euid=a904427ff5e84b168a24805896c7c152
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=a904427ff5e84b168a24805896c7c152; expires=Fri, 29 Sep 2023 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Thu, 29 Sep 2022 23:47:13 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   8878
Md5:    f80882bf67cf261aa08d636da095149a
Sha1:   3e5bf3fbdb45c9696f9b925d3e71b2e9777c82cd
Sha256: 4794febaad77bf94edba1c860dbcf9612722ad0a18b95831dad359b0bba4bed6
                                        
                                            GET /cycounter?chel-week.ru&theme=light&lang=ru HTTP/1.1 
Host: yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         77.88.55.88
HTTP/2 200 OK
content-type: image/png
                                        
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-content-type-options: nosniff
set-cookie: is_gdpr=1; Path=/; Domain=.yandex.ru; Expires=Sat, 28 Sep 2024 23:47:13 GMT; SameSite=None; Secure is_gdpr_b=CPe0cBDqjAEYAQ==; Path=/; Domain=.yandex.ru; Expires=Sat, 28 Sep 2024 23:47:13 GMT; SameSite=None; Secure _yasc=s7xlJfSI/OX/M2JQGxXN50tXvNBpjKojiALVGFqt11DLKqSz; domain=.yandex.ru; path=/; expires=Sat, 29-Oct-2022 23:47:13 GMT; secure i=/9TVUNRkY/8MTQ4dvJzWt2VvjXZYl1yGClUTKMRJkwsmto9ordDhEpynCyxbQGsawp3zVVihRVkNi2EYxDsj5is159Q=; Expires=Sat, 28-Sep-2024 23:47:13 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
expires: Fri, 07 Oct 2022 10:37:49 GMT
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Sep 2022 10:37:49 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 88 x 31, 8-bit/color RGBA, non-interlaced\012- data
Size:   27027
Md5:    a1a2350d7ee01a72d542a34cb5dfdf51
Sha1:   912797638575a01b44d99ffd1e6fcbf7706cfe76
Sha256: 4f447d9fb20a07e9342786101a2970237ef915a64703bcef2d9d781f55fc9f2e
                                        
                                            GET /img/192x256/10473103.jpeg HTTP/1.1 
Host: static8.smi2.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.162.95.126
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 23165
Connection: keep-alive
ETag: W/"6335a9ba-1232f"
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 95", baseline, precision 8, 192x256, components 3\012- data
Size:   23165
Md5:    78a7fad2c2ea839df8672ef23c1d1e82
Sha1:   b7e9402fdb519c9dd89e898ba123faacdecbb797
Sha256: e25d9675d856cdf04f32b486583a553662f10be892e462d5bff617756e14fa16
                                        
                                            GET /partner-code-bundles/658838/a8d9f307b0a12f62ab18.js HTTP/1.1 
Host: yastatic.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://chel-week.ru
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         178.154.131.217
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx/1.17.9
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 4463
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "150187bec3fe2ab89d96197ebf6ab69f"
expires: Sun, 29 Sep 2052 06:18:49 GMT
last-modified: Wed, 28 Sep 2022 15:12:21 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13535)
Size:   4463
Md5:    150187bec3fe2ab89d96197ebf6ab69f
Sha1:   598719fcbf3bab2ef461e820e490cd4441fc39b3
Sha256: ecee0bc1b71e21934c183f54d96c25d3912a058431c4ad9f39a61a6da5d491e2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 23:26:51 GMT
Expires: Wed, 05 Oct 2022 23:26:50 GMT
Etag: "f9946ad52be11ce408920114af2612f791f441b8"
Cache-Control: max-age=516576,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75289a486cabb4eb-OSL

                                        
                                            GET /match?dp=95&euid=NYUCCYLH HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWM2LoB9+gDWMzOvAny5dJWTBBc6L4I+RWGJ0/W4krNd; cSyncDp7v2=1664495232; cSyncDp14v3=1664495232; cSyncDp17=1664495232; cSyncDp32=1664495232; cSyncDp45v3=1664495232; cSyncDp53=1664495232; cSyncDp54v2=1664495232; cSyncDp62=1664495232; cSyncDp67v2=1664495232; cSyncDp68=1664495232; cSyncDp71=1664495232; cSyncDp77=1664495232; cSyncDp84=1664495232; cSyncDp85=1664495232; cSyncDp95v3=1664495232; cSyncDp101=1664495232; cSyncDp104v2=1664495232; cSyncDp107=1664495232; cSyncDp110=1664495232; cSyncDp111v2=1664495232; cSyncDp112v2=1664495232; cSyncDp125v2=1664495232; cSyncDp126=1664495232; cSyncDp127=1664495232; cSyncDp129=1664495232; cSyncDp136v2=1664495232; cSyncDp138=1664495232; cSyncDp144=1664495232; cSyncDp146=1664495232; cSyncDp148=1664495232; cSyncDp149=1664495232; cSyncDp151=1664495232; cSyncDp178=1664495232; cSyncDp179=1664495232; cSyncDp186=1664495232; cSyncDp221=1664495232
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match/sape?id=0100007F802E3663D600FA7D02AF3333 HTTP/1.1 
Host: dmp.gotechnology.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.132.209.136
HTTP/2 302 Found
                                        
server: nginx
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=0100007F802E3663D600FA7D02AF3333&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

                                        
                                            GET /fingerprintjs/dist/fp.min.js HTTP/1.1 
Host: news.gnezdo.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.95.100.117
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.3
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 14018
Connection: keep-alive
Last-Modified: Tue, 17 May 2022 10:26:58 GMT
ETag: "8a8a-5df32949faa6a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Set-Cookie: uid=XV9kdWM2LoFwZwZ5+1EdAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; secure; SameSite=none
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (35130)
Size:   14018
Md5:    6c509314839b2d4fd9119459556eb833
Sha1:   a7c7b7e6836a1ba988508ccc2a87ee8cfae37e16
Sha256: 61035ee2a8f82bb87a58b73e9b32b6e3897ddfce0da10655b8af5b73afaa7f88
                                        
                                            GET /counter/settings?payload=COuYAxIkNjM4ODliNzktODNiMC00NDkxLWE1MzctMWI2ZWI4NWM4MWJjGJzPlt24MCIkY2RkMGE1OTUtZTJkYy00MWUwLThlMzgtMzQwNjAyNDUyZjE1&cb=_callbacks____0l8nphfn4 HTTP/1.1 
Host: stat.media
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         82.148.14.194
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 29 Sep 2022 23:47:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
set-cookie: _sm_uid=63889b79-83b0-4491-a537-1b6eb85c81bc; Max-Age=31536000; Expires=Fri, 29 Sep 2023 23:47:13 GMT; Path=/; Domain=stat.media; Secure; SameSite=None _sm_udt=1664495232924; Max-Age=31536000; Expires=Fri, 29 Sep 2023 23:47:13 GMT; Path=/; Domain=stat.media; Secure; SameSite=None _sm_sid=cdd0a595-e2dc-41e0-8e38-340602452f15; Max-Age=1800; Expires=Fri, 30 Sep 2022 00:17:13 GMT; Path=/; Domain=stat.media; Secure; SameSite=None _sm_cm=6; Max-Age=2592000; Expires=Sat, 29 Oct 2022 23:47:13 GMT; Path=/; Domain=stat.media; Secure; SameSite=None
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (672), with no line terminators
Size:   457
Md5:    0ba5db774438d188540a4b31da22f106
Sha1:   0cd68c78895df726bdc90f182eac2e9dc9512b65
Sha256: 9d37060c41859025d2fbc65ca47de2aa398b7c1e3951975d5c9e2424a204cb14
                                        
                                            GET /match?dp=126&euid=2974da5e-dcc1-42fc-6b50-c53c6e6e7d3c HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWM2LoB9+gDWMzOvAny5dJWTBBc6L4I+RWGJ0/W4krNd; cSyncDp7v2=1664495232; cSyncDp14v3=1664495232; cSyncDp17=1664495232; cSyncDp32=1664495232; cSyncDp45v3=1664495232; cSyncDp53=1664495232; cSyncDp54v2=1664495232; cSyncDp62=1664495232; cSyncDp67v2=1664495232; cSyncDp68=1664495232; cSyncDp71=1664495232; cSyncDp77=1664495232; cSyncDp84=1664495232; cSyncDp85=1664495232; cSyncDp95v3=1664495232; cSyncDp101=1664495232; cSyncDp104v2=1664495232; cSyncDp107=1664495232; cSyncDp110=1664495232; cSyncDp111v2=1664495232; cSyncDp112v2=1664495232; cSyncDp125v2=1664495232; cSyncDp126=1664495232; cSyncDp127=1664495232; cSyncDp129=1664495232; cSyncDp136v2=1664495232; cSyncDp138=1664495232; cSyncDp144=1664495232; cSyncDp146=1664495232; cSyncDp148=1664495232; cSyncDp149=1664495232; cSyncDp151=1664495232; cSyncDp178=1664495232; cSyncDp179=1664495232; cSyncDp186=1664495232; cSyncDp221=1664495232
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match?dp=127&euid=UTDzoJNTx2shnR7D7iJc HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWM2LoB9+gDWMzOvAny5dJWTBBc6L4I+RWGJ0/W4krNd; cSyncDp7v2=1664495232; cSyncDp14v3=1664495232; cSyncDp17=1664495232; cSyncDp32=1664495232; cSyncDp45v3=1664495232; cSyncDp53=1664495232; cSyncDp54v2=1664495232; cSyncDp62=1664495232; cSyncDp67v2=1664495232; cSyncDp68=1664495232; cSyncDp71=1664495232; cSyncDp77=1664495232; cSyncDp84=1664495232; cSyncDp85=1664495232; cSyncDp95v3=1664495232; cSyncDp101=1664495232; cSyncDp104v2=1664495232; cSyncDp107=1664495232; cSyncDp110=1664495232; cSyncDp111v2=1664495232; cSyncDp112v2=1664495232; cSyncDp125v2=1664495232; cSyncDp126=1664495232; cSyncDp127=1664495232; cSyncDp129=1664495232; cSyncDp136v2=1664495232; cSyncDp138=1664495232; cSyncDp144=1664495232; cSyncDp146=1664495232; cSyncDp148=1664495232; cSyncDp149=1664495232; cSyncDp151=1664495232; cSyncDp178=1664495232; cSyncDp179=1664495232; cSyncDp186=1664495232; cSyncDp221=1664495232
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match?dp=129&euid=66bo9y1bhc HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWM2LoB9+gDWMzOvAny5dJWTBBc6L4I+RWGJ0/W4krNd; cSyncDp7v2=1664495232; cSyncDp14v3=1664495232; cSyncDp17=1664495232; cSyncDp32=1664495232; cSyncDp45v3=1664495232; cSyncDp53=1664495232; cSyncDp54v2=1664495232; cSyncDp62=1664495232; cSyncDp67v2=1664495232; cSyncDp68=1664495232; cSyncDp71=1664495232; cSyncDp77=1664495232; cSyncDp84=1664495232; cSyncDp85=1664495232; cSyncDp95v3=1664495232; cSyncDp101=1664495232; cSyncDp104v2=1664495232; cSyncDp107=1664495232; cSyncDp110=1664495232; cSyncDp111v2=1664495232; cSyncDp112v2=1664495232; cSyncDp125v2=1664495232; cSyncDp126=1664495232; cSyncDp127=1664495232; cSyncDp129=1664495232; cSyncDp136v2=1664495232; cSyncDp138=1664495232; cSyncDp144=1664495232; cSyncDp146=1664495232; cSyncDp148=1664495232; cSyncDp149=1664495232; cSyncDp151=1664495232; cSyncDp178=1664495232; cSyncDp179=1664495232; cSyncDp186=1664495232; cSyncDp221=1664495232
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /?src=sap1&s_data=CAIQARiB3diZBmIgMDEwMDAwN0Y4MDJFMzY2M0Q2MDBGQTdEMDJBRjMzMzOiARAKqgP-QFER7YZEACWQyCQ3 HTTP/1.1 
Host: sync.bumlam.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQwYWFhMDNmZS00MDUxLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.172.81.172
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQwYWFhMDNmZS00MDUxLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Wed, 24 Sep 2042 23:47:13 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

                                        
                                            GET /match?dp=111&euid=60adab7a-a562-4c3c-ac4f-3919ca922291 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWM2LoB9+gDWMzOvAny5dJWTBBc6L4I+RWGJ0/W4krNd; cSyncDp7v2=1664495232; cSyncDp14v3=1664495232; cSyncDp17=1664495232; cSyncDp32=1664495232; cSyncDp45v3=1664495232; cSyncDp53=1664495232; cSyncDp54v2=1664495232; cSyncDp62=1664495232; cSyncDp67v2=1664495232; cSyncDp68=1664495232; cSyncDp71=1664495232; cSyncDp77=1664495232; cSyncDp84=1664495232; cSyncDp85=1664495232; cSyncDp95v3=1664495232; cSyncDp101=1664495232; cSyncDp104v2=1664495232; cSyncDp107=1664495232; cSyncDp110=1664495232; cSyncDp111v2=1664495232; cSyncDp112v2=1664495232; cSyncDp125v2=1664495232; cSyncDp126=1664495232; cSyncDp127=1664495232; cSyncDp129=1664495232; cSyncDp136v2=1664495232; cSyncDp138=1664495232; cSyncDp144=1664495232; cSyncDp146=1664495232; cSyncDp148=1664495232; cSyncDp149=1664495232; cSyncDp151=1664495232; cSyncDp178=1664495232; cSyncDp179=1664495232; cSyncDp186=1664495232; cSyncDp221=1664495232
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match?dp=186&euid=8aa58acb-c84b-49fd-8542-12dd1c2d5bf3 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWM2LoB9+gDWMzOvAny5dJWTBBc6L4I+RWGJ0/W4krNd; cSyncDp7v2=1664495232; cSyncDp14v3=1664495232; cSyncDp17=1664495232; cSyncDp32=1664495232; cSyncDp45v3=1664495232; cSyncDp53=1664495232; cSyncDp54v2=1664495232; cSyncDp62=1664495232; cSyncDp67v2=1664495232; cSyncDp68=1664495232; cSyncDp71=1664495232; cSyncDp77=1664495232; cSyncDp84=1664495232; cSyncDp85=1664495232; cSyncDp95v3=1664495232; cSyncDp101=1664495232; cSyncDp104v2=1664495232; cSyncDp107=1664495232; cSyncDp110=1664495232; cSyncDp111v2=1664495232; cSyncDp112v2=1664495232; cSyncDp125v2=1664495232; cSyncDp126=1664495232; cSyncDp127=1664495232; cSyncDp129=1664495232; cSyncDp136v2=1664495232; cSyncDp138=1664495232; cSyncDp144=1664495232; cSyncDp146=1664495232; cSyncDp148=1664495232; cSyncDp149=1664495232; cSyncDp151=1664495232; cSyncDp178=1664495232; cSyncDp179=1664495232; cSyncDp186=1664495232; cSyncDp221=1664495232
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match?dp=71&euid=91a40db7-9b69-4adc-9a29-62cb48e1e867 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWM2LoB9+gDWMzOvAny5dJWTBBc6L4I+RWGJ0/W4krNd; cSyncDp7v2=1664495232; cSyncDp14v3=1664495232; cSyncDp17=1664495232; cSyncDp32=1664495232; cSyncDp45v3=1664495232; cSyncDp53=1664495232; cSyncDp54v2=1664495232; cSyncDp62=1664495232; cSyncDp67v2=1664495232; cSyncDp68=1664495232; cSyncDp71=1664495232; cSyncDp77=1664495232; cSyncDp84=1664495232; cSyncDp85=1664495232; cSyncDp95v3=1664495232; cSyncDp101=1664495232; cSyncDp104v2=1664495232; cSyncDp107=1664495232; cSyncDp110=1664495232; cSyncDp111v2=1664495232; cSyncDp112v2=1664495232; cSyncDp125v2=1664495232; cSyncDp126=1664495232; cSyncDp127=1664495232; cSyncDp129=1664495232; cSyncDp136v2=1664495232; cSyncDp138=1664495232; cSyncDp144=1664495232; cSyncDp146=1664495232; cSyncDp148=1664495232; cSyncDp149=1664495232; cSyncDp151=1664495232; cSyncDp178=1664495232; cSyncDp179=1664495232; cSyncDp186=1664495232; cSyncDp221=1664495232
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.26
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DEC164CECAE82E9F63374E5292D0EF84631F2CDE45096760A6CA0155FB9F2C8A"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7320
Expires: Fri, 30 Sep 2022 01:49:13 GMT
Date: Thu, 29 Sep 2022 23:47:13 GMT
Connection: keep-alive

                                        
                                            GET /init/?blockid=100603&siteid=52331&bw=1280&bh=939&rnd=2554726944665 HTTP/1.1 
Host: target.smi2.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         82.202.225.229
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 29 Sep 2022 23:47:13 GMT
Content-Length: 95
Connection: keep-alive
Expires: Thu, 29 Sep 2022 23:47:12 GMT
X-Target-Version: 2
X-Time-Request: 0.00017
X-Target-Final: 20220930024713-0
X-Target-Host: target2-1.ssel21
X-Powered-By: HHVM/3.9.1
Cache-Control: no-cache, private


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Size:   95
Md5:    71a50dbba44c78128b221b7df7bb51f1
Sha1:   0ec63b140374ba704a58fa0c743cb357683313dd
Sha256: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
                                        
                                            GET /match/sape?id=0100007F802E3663D600FA7D02AF3333&chk=1 HTTP/1.1 
Host: dmp.gotechnology.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.132.209.136
HTTP/2 302 Found
                                        
server: nginx
date: Thu, 29 Sep 2022 23:47:13 GMT
content-length: 0
location: https://an.yandex.ru/mapuid/gonetdspis/YTVjMmQ5NTI5YzM5MQ
set-cookie: pid=YTVjMmQ5NTI5YzM5MQ; expires=Fri, 29 Sep 2023 23:47:13 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

                                        
                                            POST /counter/view HTTP/1.1 
Host: stat.media
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 698
Origin: https://chel-week.ru
Connection: keep-alive
Referer: https://chel-week.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         82.148.14.194
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Thu, 29 Sep 2022 23:47:13 GMT
Connection: keep-alive
access-control-allow-origin: *

                                        
                                            POST /engine/ajax/controller.php?mod=adminfunction HTTP/1.1 
Host: chel-week.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://chel-week.ru
Connection: keep-alive
Referer: https://chel-week.ru/33713-goroskop-majja-na-2022-god-po-date-rozhdenija.html
Cookie: PHPSESSID=6povljlkk6vcna4dhk1ts3tgp2; fid=0e649376-5a27-4e61-8246-d6696fd7b594; _ga=GA1.2.1270255547.1664495230; _gid=GA1.2.389762107.1664495230; _gat_gtag_UA_22991532_1=1; _ym_uid=166449523039355273; _ym_d=1664495230
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         212.109.221.144
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Thu, 29 Sep 2022 23:47:13 GMT
Server: Apache/2.4.10 (Debian)
Strict-Transport-Security: max-age=31536000; preload
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 2
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org