firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 14:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zpPvknUirIXNWq3UL03P8-1F-5DD3t231E2DcJYSebIJdEVcgM8F0Q==
Age: 901
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9634
Expires: Mon, 26 Sep 2022 17:10:53 GMT
Date: Mon, 26 Sep 2022 14:30:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1017811d25642601e984edc1676d118d
c177c4f7a897584bf91347fa4990c83d6bfd0321
f35bb3a8c877dd8d3c5920f3c917722f12b157aff398e2ec30fab51fa6caa2ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5976
Expires: Mon, 26 Sep 2022 16:09:55 GMT
Date: Mon, 26 Sep 2022 14:30:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jeikleIKMLg9RphJEBrtHo0BQLDd3GCJI1kpoHZwCsVkbo+82im6vTBOEGwhZwqqXnGIk5gsCgw=
x-amz-request-id: DW9A28QM1S7YM5GQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 26 Sep 2022 13:48:43 GMT
age: 2496
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
kushaem.com/recipe.asp?id=316&lang=ru&name=%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82+%CC%84%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%25c
199.233.255.67200 OK 2.9 kB URL HTTP/1.1 kushaem.com/recipe.asp?id=316&lang=ru&name=%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82+%CC%84%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%25c
IP 199.233.255.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (568), with CRLF, LF line terminators
Hash 48f9b7918a696f74f9e504fbbca1461d
c01a1fc2892b65c228dd0cd333e7226ddcee415f
f9e130f2fa82daff808fa55587d64ba89934d6552e3e8b13064eff8b8a401cf0
GET /recipe.asp?id=316&lang=ru&name=%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82+%CC%84%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%25c HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 2930
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
Server:
Set-Cookie: lang=ru; path=/
ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; path=/
ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e;Path=/;Domain=kushaem.com
WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; Path=/; HttpOnly
BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==; path=/
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:18 GMT
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 14:30:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/show_ads.js
142.250.74.66200 OK 41 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (2535)
Hash b28b9075b9acb42cf4f17bd0dd6d7bd8
f4b2fa3078397c694cb92031432b9edf8f3bfc10
815e283ec94500a870c38b3f46062f686221827d8b39b31bd7cf9e86f9f0dfae
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Mon, 26 Sep 2022 14:30:19 GMT
Expires: Mon, 26 Sep 2022 14:30:19 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 13577424403791236866
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 40715
X-XSS-Protection: 0
kushaem.com/css/main.css
199.233.255.67200 OK 739 B IP 199.233.255.67:0
File type ASCII text, with CRLF line terminators
Hash bb6519f4075d1b1d5706c5e4e1a284a4
f6b7bd97e18e2ba55250e6e6f6b181e1086be7b5
90ef32ef3f74a9ca784a825b821fc5f429e3615986e215d2ade8d92bfa3a6424
GET /css/main.css HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/recipe.asp?id=316&lang=ru&name=%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82+%CC%84%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%25c
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 739
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sun, 28 Aug 2016 15:35:46 GMT
Accept-Ranges: bytes
ETag: "58fed9d8411d21:0"
Vary: Accept-Encoding
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:18 GMT
kushaem.com/css/structure.css
199.233.255.67200 OK 2.4 kB URL HTTP/1.1 kushaem.com/css/structure.css
IP 199.233.255.67:0
File type ASCII text, with CRLF line terminators
Hash c3f20f4e95bd99b022019e24c9d5dc90
6171c07cf3a6e316b4eef0f0764b4ea71578a6df
041b6767a0d797eb5a9399db82719e3cad4a1a9b0f225d76c039528c5c8e77c4
GET /css/structure.css HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/recipe.asp?id=316&lang=ru&name=%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82+%CC%84%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%25c
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 2379
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sun, 28 Aug 2016 15:35:47 GMT
Accept-Ranges: bytes
ETag: "6ac28d9411d21:0"
Vary: Accept-Encoding
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:18 GMT
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 14:10:46 GMT
Expires: Mon, 26 Sep 2022 14:30:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cxKS6C0jJ-DIBS5z-LG0vbOzCHKCJEsRdIDfK-S14xLsRd-v0JRPpA==
Age: 1173
kushaem.com/js/common.js
199.233.255.67200 OK 1.4 kB IP 199.233.255.67:0
File type ASCII text, with CRLF line terminators
Hash 1a32d8c1953481844e5d2495295c9891
00ea33bad7e1aa2614a6936b8705b7b0923a850b
0841ba4c87f5cc131a5b28ef3c12e03d6caf132872288f06cf5660c3d32ceecf
Analyzer Verdict Alert fortinet Malware
GET /js/common.js HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/recipe.asp?id=316&lang=ru&name=%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82+%CC%84%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%25c
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 1416
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Sun, 28 Aug 2016 15:36:16 GMT
Accept-Ranges: bytes
ETag: "245d31ea411d21:0"
Vary: Accept-Encoding
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
kushaem.com/css/basestyle.css
199.233.255.67200 OK 430 B URL HTTP/1.1 kushaem.com/css/basestyle.css
IP 199.233.255.67:0
File type ASCII text, with CRLF line terminators
Hash ce0602780231a1ab074f33d5c20f6323
5364714dfd9b5572dba40cbb7b9e36a955ace259
feb86fa8e6cde0595e96555baeed3ad506298f38f75353d13ae9dbca5b103bc8
GET /css/basestyle.css HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/css/structure.css
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 430
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sun, 28 Aug 2016 15:35:46 GMT
Accept-Ranges: bytes
ETag: "c99e99d8411d21:0"
Vary: Accept-Encoding
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
kushaem.com/js/comments.js
199.233.255.67404 Not Found 4.8 kB URL HTTP/1.1 kushaem.com/js/comments.js
IP 199.233.255.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Hash 8959473c329c5ec7f8db7098c0dd1290
32a1e06adc6e439e95578ad35f3e9697955d1b82
4667b6ab20a14aec9e91f99a33ea4be5aa3611ca1f852d3849757f368226b8de
Analyzer Verdict Alert fortinet Malware
GET /js/comments.js HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/recipe.asp?id=316&lang=ru&name=%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82+%CC%84%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%25c
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Length: 4848
Content-Type: text/html; charset=utf-8
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:18 GMT
www.russiantable.com/store/affiliate/showban.asp?id=4500&img=
104.21.67.63403 Forbidden 2.4 kB URL HTTP/1.1 www.russiantable.com/store/affiliate/showban.asp?id=4500&img=
IP 104.21.67.63:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1490)
Hash 8fcf4dfc7c739d418281beee29f91b2a
643d6aa1ba3c97c3cf1db7af519b81af136282fc
2b41b4cfcd1cd67dc3d5838469a49eb735b22d863a11f72f338c3b1e58346912
GET /store/affiliate/showban.asp?id=4500&img= HTTP/1.1
Host: www.russiantable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/
HTTP/1.1 403 Forbidden
Date: Mon, 26 Sep 2022 14:30:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWvz%2FrXEM12ER1A6%2Bu5lBsL9P34zXAYDKymihGSWfosdnZH0IGzWckyXv6WMtqa1bdIsh9lpevxqa6IzvCVmkLyl3fcBwaJ1zGq%2FJ%2FBE5Pb2zi3%2FyihSK5dLGaStaNZTHgpULQLwhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750cb2662e9fb500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.russiantable.com/store/affiliate/showban2.asp?id=4500&img=167x250/russiantable_167x250_07.gif&emp_cat=Banners%20%20167?250
104.21.67.63403 Forbidden 2.5 kB URL HTTP/1.1 www.russiantable.com/store/affiliate/showban2.asp?id=4500&img=167x250/russiantable_167x250_07.gif&emp_cat=Banners%20%20167?250
IP 104.21.67.63:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1578)
Hash 5b789382f1b600ba2fe5591cc1ce9c83
c20c61da9e6eceba90325e0d74d7dffa6e9a3e95
f6b37ece294b5d4fe304a47049293f32887f826b93c974ac2dc5ea149374bc35
GET /store/affiliate/showban2.asp?id=4500&img=167x250/russiantable_167x250_07.gif&emp_cat=Banners%20%20167?250 HTTP/1.1
Host: www.russiantable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/
HTTP/1.1 403 Forbidden
Date: Mon, 26 Sep 2022 14:30:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6eu%2BQVUsQ1iUaNOD1D85YuYNINsfB73e2H%2B5zRKETtHjNI%2Fw%2B3fSecgmFNa2bHJHR%2F0qZ4lcoZ3%2FnPPczuxWsbqm4uAFsZhfRQ88zOVJWjs5zoAbivARPR6S%2F%2BieQoCp%2BUhSpqYefw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750cb2662b02b515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5683
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:30:19 GMT
Last-Modified: Mon, 26 Sep 2022 12:55:36 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
kushaem.com/img/logo.png
199.233.255.67200 OK 2.0 kB IP 199.233.255.67:0
File type PNG image data, 260 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash 5cd454598835fc0a28355a71cbf7be90
01f2c173d6a3f2fc95545f4aadbc84c2a59454ab
75f6c316c8dfd0cef45aaf6b4d55320849aa702ae2ac1c45a59253b9de33790e
GET /img/logo.png HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/recipe.asp?id=316&lang=ru&name=%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82+%CC%84%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%25c
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 1968
Content-Type: image/png
Last-Modified: Sun, 28 Aug 2016 15:36:08 GMT
Accept-Ranges: bytes
ETag: "5c9297e5411d21:0"
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
kushaem.com/img/icon_search.png
199.233.255.67200 OK 2.3 kB URL HTTP/1.1 kushaem.com/img/icon_search.png
IP 199.233.255.67:0
File type PNG image data, 36 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash 7d34ec9b8d1d1bad096147adafca879b
ff763e2d62df50c944dea257dac1f8cc6f3f679b
bad31292efd85d491a53c3597ef86f4c68edb0a92166b0cf262f6981133254b4
GET /img/icon_search.png HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/recipe.asp?id=316&lang=ru&name=%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82+%CC%84%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%25c
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 2284
Content-Type: image/png
Last-Modified: Sun, 28 Aug 2016 15:36:07 GMT
Accept-Ranges: bytes
ETag: "d13257e5411d21:0"
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
kushaem.com/js/comments.js
199.233.255.67404 Not Found 4.8 kB URL HTTP/1.1 kushaem.com/js/comments.js
IP 199.233.255.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Hash 8959473c329c5ec7f8db7098c0dd1290
32a1e06adc6e439e95578ad35f3e9697955d1b82
4667b6ab20a14aec9e91f99a33ea4be5aa3611ca1f852d3849757f368226b8de
Analyzer Verdict Alert fortinet Malware
GET /js/comments.js HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/recipe.asp?id=316&lang=ru&name=%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82+%CC%84%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%25c
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Length: 4848
Content-Type: text/html; charset=utf-8
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
kushaem.com/img/cnt_top.png
199.233.255.67200 OK 1.0 kB URL HTTP/1.1 kushaem.com/img/cnt_top.png
IP 199.233.255.67:0
File type PNG image data, 550 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash e9fc559ff8a88de8a13374779e3952bf
1d3f6db70276bfbe365215545c1ca8d44c82aac6
5cc3055ff8c1d639cbc601514cf0a333c0404eb501a1dd54e3fa3a7f63f21674
GET /img/cnt_top.png HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/css/structure.css
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 1026
Content-Type: image/png
Last-Modified: Sun, 28 Aug 2016 15:35:56 GMT
Accept-Ranges: bytes
ETag: "d6e3cde411d21:0"
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
www.russiantable.com/store/affiliate/showban.asp?id=4500&img=
104.21.67.63403 Forbidden 2.5 kB URL HTTP/1.1 www.russiantable.com/store/affiliate/showban.asp?id=4500&img=
IP 104.21.67.63:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1490)
Hash 1641e232a6507a3a659ada99af14e81d
0322bd795f454bb5baeda915986613d555ac8a26
fac952ec7aee5a99cb7db1a52995906e8e609981da13430c6eca4d018662781c
GET /store/affiliate/showban.asp?id=4500&img= HTTP/1.1
Host: www.russiantable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/
HTTP/1.1 403 Forbidden
Date: Mon, 26 Sep 2022 14:30:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hN7RIGtJIesTP8Dak69%2FNJgyDO65IeruxteXUzk0Xu1rgAYu3gsTT1wJtaLvCkydxc7VrLI2UAC%2FGN8mvaVXMCZGUsKMNuNirUJ1OPswm9J%2F2Z0QrQEpyrPCFtHaC5t4t8mxU6aKjA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750cb2678d28b515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.russiantable.com/store/affiliate/showban2.asp?id=4500&img=167x250/russiantable_167x250_07.gif&emp_cat=Banners%20%20167?250
104.21.67.63403 Forbidden 2.5 kB URL HTTP/1.1 www.russiantable.com/store/affiliate/showban2.asp?id=4500&img=167x250/russiantable_167x250_07.gif&emp_cat=Banners%20%20167?250
IP 104.21.67.63:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1578)
Hash 88bdee25c848328901dc2af6b29898ab
9eb7783922f0793b6e1ec05fee2d73a47857c45a
481c3e056453882bb1bbe81fce432a380830fd83803af5bc29f3a44105768f1f
GET /store/affiliate/showban2.asp?id=4500&img=167x250/russiantable_167x250_07.gif&emp_cat=Banners%20%20167?250 HTTP/1.1
Host: www.russiantable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/
HTTP/1.1 403 Forbidden
Date: Mon, 26 Sep 2022 14:30:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1L9zsetNnUyOG5NmJPtnNeG6MtXFZEqWImfx5ek9%2Fe8U7aVwdidetctLzlRXErbrBnt5kGccxVfVPhngIF8DpFUn90IDKAG8kUV4IFTTJCvo6FxMPQDUWaZFhp%2F64ohrOKEM9kJtiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750cb267887db500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.google-analytics.com/ga.js
142.250.74.174200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Mon, 26 Sep 2022 13:04:57 GMT
Expires: Mon, 26 Sep 2022 15:04:57 GMT
Cache-Control: public, max-age=7200
Age: 5123
Last-Modified: Sun, 11 Sep 2022 13:50:09 GMT
Content-Type: text/javascript
kushaem.com/img/cnt_bg.png
199.233.255.67200 OK 219 B URL HTTP/1.1 kushaem.com/img/cnt_bg.png
IP 199.233.255.67:0
File type PNG image data, 550 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 561e1e7c88fda479da2d223d276ee94d
812dedaefb8d877edc0069cbc911c274b005184f
200f504b6a8a38b287302a3412e3fe32ff4271fd56775aa3c6520366713ab80c
GET /img/cnt_bg.png HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/css/structure.css
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 219
Content-Type: image/png
Last-Modified: Sun, 28 Aug 2016 15:35:55 GMT
Accept-Ranges: bytes
ETag: "a611fedd411d21:0"
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
kushaem.com/img/arrow_blue.gif
199.233.255.67200 OK 54 B URL HTTP/1.1 kushaem.com/img/arrow_blue.gif
IP 199.233.255.67:0
File type GIF image data, version 89a, 7 x 9\012- data
Hash c69ed3d6e18b6077d7c34e7f6ebb8f26
0232d4415737b3ec6832ca7d5166e823f174443f
b335fe1c83ee3d7845a77fc901ba8aab12346b5a6995c290efe7f20c5803f724
GET /img/arrow_blue.gif HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/css/structure.css
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 54
Content-Type: image/gif
Last-Modified: Sun, 28 Aug 2016 15:35:50 GMT
Accept-Ranges: bytes
ETag: "abbc1fdb411d21:0"
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
push.services.mozilla.com/
34.215.56.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.56.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wCJsPIye56vBZbiBXRERMw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OzdFy8t9UwAsTl3DyWtR9VZthiI=
kushaem.com/img/c_sm_top.gif
199.233.255.67200 OK 4.6 kB URL HTTP/1.1 kushaem.com/img/c_sm_top.gif
IP 199.233.255.67:0
File type GIF image data, version 89a, 218 x 1000\012- data
Hash b5db151a701edb0a62d18d871e0889ea
633eef17ee494ffb756e58d8312af4e576fcd0c4
0fe8041ec934ffd1edc2b645eeb0b70230bdc0806a923179fda0ecf336426922
GET /img/c_sm_top.gif HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/css/structure.css
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 4609
Content-Type: image/gif
Last-Modified: Sun, 28 Aug 2016 15:35:58 GMT
Accept-Ranges: bytes
ETag: "84aec0df411d21:0"
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
kushaem.com/img/bg_contentfooter.gif
199.233.255.67200 OK 7.1 kB URL HTTP/1.1 kushaem.com/img/bg_contentfooter.gif
IP 199.233.255.67:0
File type GIF image data, version 89a, 550 x 213\012- data
Hash bf52d41233e119c0e82e7e31af9587b4
441c6c348f4464fec76f820259ec90994e3816a9
6a5f6d67270df0e5670090f73168a3cea32ddaa4b60a312fa9d0f7914a82e7d6
GET /img/bg_contentfooter.gif HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/css/structure.css
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 7056
Content-Type: image/gif
Last-Modified: Sun, 28 Aug 2016 15:35:53 GMT
Accept-Ranges: bytes
ETag: "f97179dc411d21:0"
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
kushaem.com/img/cnt_top_accent.png
199.233.255.67200 OK 23 kB URL HTTP/1.1 kushaem.com/img/cnt_top_accent.png
IP 199.233.255.67:0
File type PNG image data, 526 x 97, 8-bit/color RGBA, non-interlaced\012- data
Hash d3efa0cfe98665752e921f8cfa8589c8
76b9e12bee90dbddb336216a1bd3d6b44e2002a6
8986b5a1ca9f874e029f0bb2fca0dc37687b26d1de05097a88563cae265b909a
GET /img/cnt_top_accent.png HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/recipe.asp?id=316&lang=ru&name=%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82+%CC%84%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%25c
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 22639
Content-Type: image/png
Last-Modified: Sun, 28 Aug 2016 15:35:56 GMT
Accept-Ranges: bytes
ETag: "a2a99de411d21:0"
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
kushaem.com/img/icon_heart.gif
199.233.255.67200 OK 567 B URL HTTP/1.1 kushaem.com/img/icon_heart.gif
IP 199.233.255.67:0
File type GIF image data, version 89a, 14 x 12\012- data
Hash 8855d91b365c7f294b1a699b40332d6e
46a7b3cf0e0a6ca4d70cd37e27d8cd356e866a99
46af2d9881b90ff9e4fca902d31683f10738fea04cffb97107d37bf6e8ec8a86
GET /img/icon_heart.gif HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/css/structure.css
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 567
Content-Type: image/gif
Last-Modified: Sun, 28 Aug 2016 15:36:06 GMT
Accept-Ranges: bytes
ETag: "c9b193e4411d21:0"
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
kushaem.com/img/icon_print.gif
199.233.255.67200 OK 226 B URL HTTP/1.1 kushaem.com/img/icon_print.gif
IP 199.233.255.67:0
File type GIF image data, version 89a, 14 x 14\012- data
Hash dfccbb3b665895fe759c117701b8938e
2d5049ca739de519bf59f86c35b057a4024426e0
ccaea15d45cb60d2f9aa2a24eca8cebf3218339e0ce60a966901ca1239882385
GET /img/icon_print.gif HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/css/structure.css
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 226
Content-Type: image/gif
Last-Modified: Sun, 28 Aug 2016 15:36:07 GMT
Accept-Ranges: bytes
ETag: "6011d4e4411d21:0"
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
kushaem.com/img/logo_copyright.gif
199.233.255.67200 OK 2.1 kB URL HTTP/1.1 kushaem.com/img/logo_copyright.gif
IP 199.233.255.67:0
File type GIF image data, version 89a, 169 x 22\012- data
Hash dd0511b748acf9530785feaf318c5d7a
d87aefb68912135dd4cf363c10a5993dea9c6a09
cb3f47cad1494754954d041dec4d4639c8ed0ad92e5fcdf0f44feaef6bb45187
GET /img/logo_copyright.gif HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/css/structure.css
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 2052
Content-Type: image/gif
Last-Modified: Sun, 28 Aug 2016 15:36:08 GMT
Accept-Ranges: bytes
ETag: "e7f1d7e5411d21:0"
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
kushaem.com/img/menu.png
199.233.255.67200 OK 6.8 kB IP 199.233.255.67:0
File type PNG image data, 242 x 347, 8-bit/color RGBA, non-interlaced\012- data
Hash f760054a18181f1334466597f57cf848
360adbf495d3634655520f5cb6541980fe484250
5ccdb758856cbf0a86085887e7a9d0d3021de0002b3c91b01ddbf93050f85b11
GET /img/menu.png HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/css/structure.css
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 6760
Content-Type: image/png
Last-Modified: Sun, 28 Aug 2016 15:36:09 GMT
Accept-Ranges: bytes
ETag: "9d9f26e6411d21:0"
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
kushaem.com/img/dots_hr.gif
199.233.255.67200 OK 43 B URL HTTP/1.1 kushaem.com/img/dots_hr.gif
IP 199.233.255.67:0
File type GIF image data, version 89a, 3 x 1\012- data
Hash a2f8a4da03bda186cab6d2fa85758acf
6b3b9aee6ef1639d7ec29485021743c43b10de24
ffe635957fa69d591ab3667c4dc1376af172100a564ba6e2c6e8e5ad4a014f0b
GET /img/dots_hr.gif HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/css/main.css
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 43
Content-Type: image/gif
Last-Modified: Sun, 28 Aug 2016 15:35:58 GMT
Accept-Ranges: bytes
ETag: "13e1e0411d21:0"
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
kushaem.com/img/arrow_menu_off.gif
199.233.255.67200 OK 54 B URL HTTP/1.1 kushaem.com/img/arrow_menu_off.gif
IP 199.233.255.67:0
File type GIF image data, version 89a, 7 x 9\012- data
Hash c2610dad9772a33ed2701e4cf2615f69
c9e1b3e16f5e3498af7a717d587417ac2cc22e60
908463c930cddff197ded22f0f3f9b8b8c5e7dfbb90d09b624b5e17be677fef9
GET /img/arrow_menu_off.gif HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/css/main.css
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 54
Content-Type: image/gif
Last-Modified: Sun, 28 Aug 2016 15:35:51 GMT
Accept-Ranges: bytes
ETag: "dfb95ddb411d21:0"
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
kushaem.com/img/btn_search.png
199.233.255.67200 OK 911 B URL HTTP/1.1 kushaem.com/img/btn_search.png
IP 199.233.255.67:0
File type PNG image data, 46 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 4368c17426bf76dfeb697ba3aff22827
96f12a5dce59dfb92aeacd5b66ea5794987062a9
62237791dc5cbde52b74713313810a889fc1a939b0e178ed9d91129d213b80be
GET /img/btn_search.png HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/css/structure.css
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 911
Content-Type: image/png
Last-Modified: Sun, 28 Aug 2016 15:35:54 GMT
Accept-Ranges: bytes
ETag: "88527ddd411d21:0"
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
kushaem.com/img/arrow_white_reverse.gif
199.233.255.67200 OK 54 B URL HTTP/1.1 kushaem.com/img/arrow_white_reverse.gif
IP 199.233.255.67:0
File type GIF image data, version 89a, 7 x 9\012- data
Hash d3d4d4d126bc37720fc4ada1b2a8cba0
864f234adaedce47a76606ba41ce6b5095888fdc
d9cb1530915137f17b1211dc2132cbced86b66528a6ff732e1b03324ae3595f6
GET /img/arrow_white_reverse.gif HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/css/structure.css
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 54
Content-Type: image/gif
Last-Modified: Sun, 28 Aug 2016 15:35:52 GMT
Accept-Ranges: bytes
ETag: "4bc42adc411d21:0"
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
kushaem.com/img/bg_header.gif
199.233.255.67200 OK 763 B URL HTTP/1.1 kushaem.com/img/bg_header.gif
IP 199.233.255.67:0
File type GIF image data, version 89a, 4 x 132\012- data
Hash 3e0180b8c41e6c1367aea2c6ed3ee615
51a0f59e53b5ec2e552ef4dbbf76f5707bb795aa
8f362f4f1bba29414e1b889f5e6217e117ed880d189e4058d6973256767f1675
GET /img/bg_header.gif HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/css/structure.css
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 763
Content-Type: image/gif
Last-Modified: Sun, 28 Aug 2016 15:35:54 GMT
Accept-Ranges: bytes
ETag: "a2903add411d21:0"
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=962440963&utmhn=kushaem.com&utmcs=windows-1251&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A1%D0%B0%D0%BB%D0%B0%D1%82%20%D0%B8%D0%B7%20%D0%BE%D1%82%D0%B2%D0%B0%D1%80%D0%BD%D0%BE%D0%B9%20%D0%B3%D0%BE%D0%B2%D1%8F%D0%B4%D0%B8%D0%BD%D1%8B*%20%3A%20kushaem.com&utmhid=787006345&utmr=-&utmp=%2Frecipe.asp%3Fid%3D316%26lang%3Dru%26name%3D%2525C3%252583%2525C2%252583%2525C3%252582%2525C2%252583%2525C3%252583%2525C2%252582%2525C3%252582%2525C2%252583%2525C3%252583%2525C2%252583%2525C3%252582%2525C2%252582%2525C3%252583%2525C2%252582%2525C3%252582%2525C2%252583%2525C3%252583%2525C2%252583%2525C3%252582%2525C2%252583%2525C3%252583%2525C2%252582%2525C3%252582%2525C2%252582%2525C3%252583%2525C2%252583%2525C3%252582%2525C2%252582%2525C3%252583%2525C2%252582%2B%2525CC%252584%2525C3%252583%2525C2%252583%2525C3%252582%2525C2%252583%2525C3%252583%2525C2%252582%2525C3%252582%2525C2%252582%2525C3%252583%2525C2%252583%252525c&utmht=1664202618375&utmac=UA-469859-5&utmcc=__utma%3D58297008.922544184.1664202618.1664202618.1664202618.1%3B%2B__utmz%3D58297008.1664202618.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=323193412&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.174200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=962440963&utmhn=kushaem.com&utmcs=windows-1251&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A1%D0%B0%D0%BB%D0%B0%D1%82%20%D0%B8%D0%B7%20%D0%BE%D1%82%D0%B2%D0%B0%D1%80%D0%BD%D0%BE%D0%B9%20%D0%B3%D0%BE%D0%B2%D1%8F%D0%B4%D0%B8%D0%BD%D1%8B*%20%3A%20kushaem.com&utmhid=787006345&utmr=-&utmp=%2Frecipe.asp%3Fid%3D316%26lang%3Dru%26name%3D%2525C3%252583%2525C2%252583%2525C3%252582%2525C2%252583%2525C3%252583%2525C2%252582%2525C3%252582%2525C2%252583%2525C3%252583%2525C2%252583%2525C3%252582%2525C2%252582%2525C3%252583%2525C2%252582%2525C3%252582%2525C2%252583%2525C3%252583%2525C2%252583%2525C3%252582%2525C2%252583%2525C3%252583%2525C2%252582%2525C3%252582%2525C2%252582%2525C3%252583%2525C2%252583%2525C3%252582%2525C2%252582%2525C3%252583%2525C2%252582%2B%2525CC%252584%2525C3%252583%2525C2%252583%2525C3%252582%2525C2%252583%2525C3%252583%2525C2%252582%2525C3%252582%2525C2%252582%2525C3%252583%2525C2%252583%252525c&utmht=1664202618375&utmac=UA-469859-5&utmcc=__utma%3D58297008.922544184.1664202618.1664202618.1664202618.1%3B%2B__utmz%3D58297008.1664202618.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=323193412&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=962440963&utmhn=kushaem.com&utmcs=windows-1251&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A1%D0%B0%D0%BB%D0%B0%D1%82%20%D0%B8%D0%B7%20%D0%BE%D1%82%D0%B2%D0%B0%D1%80%D0%BD%D0%BE%D0%B9%20%D0%B3%D0%BE%D0%B2%D1%8F%D0%B4%D0%B8%D0%BD%D1%8B*%20%3A%20kushaem.com&utmhid=787006345&utmr=-&utmp=%2Frecipe.asp%3Fid%3D316%26lang%3Dru%26name%3D%2525C3%252583%2525C2%252583%2525C3%252582%2525C2%252583%2525C3%252583%2525C2%252582%2525C3%252582%2525C2%252583%2525C3%252583%2525C2%252583%2525C3%252582%2525C2%252582%2525C3%252583%2525C2%252582%2525C3%252582%2525C2%252583%2525C3%252583%2525C2%252583%2525C3%252582%2525C2%252583%2525C3%252583%2525C2%252582%2525C3%252582%2525C2%252582%2525C3%252583%2525C2%252583%2525C3%252582%2525C2%252582%2525C3%252583%2525C2%252582%2B%2525CC%252584%2525C3%252583%2525C2%252583%2525C3%252582%2525C2%252583%2525C3%252583%2525C2%252582%2525C3%252582%2525C2%252582%2525C3%252583%2525C2%252583%252525c&utmht=1664202618375&utmac=UA-469859-5&utmcc=__utma%3D58297008.922544184.1664202618.1664202618.1664202618.1%3B%2B__utmz%3D58297008.1664202618.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=323193412&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Mon, 26 Sep 2022 14:30:20 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
kushaem.com/img/c_sm_bot.gif
199.233.255.67200 OK 4.6 kB URL HTTP/1.1 kushaem.com/img/c_sm_bot.gif
IP 199.233.255.67:0
File type GIF image data, version 89a, 218 x 1000\012- data
Hash 4ad6c10375430de3605f10872c3d14d2
933bf9bc73880ce5776f879ab98fd9ffbde4cdf3
d1aaad87b8f29d8b6549670b74510878f026f41509d12f1697a8d2d28073c2bb
GET /img/c_sm_bot.gif HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/css/structure.css
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==
HTTP/1.1 200 OK
Content-Length: 4619
Content-Type: image/gif
Last-Modified: Sun, 28 Aug 2016 15:35:58 GMT
Accept-Ranges: bytes
ETag: "316374df411d21:0"
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:19 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d095ec6a56142cb2084481b06881ef4
82ff236023008fbfb871aaa7c1e976e0cf15e91a
791ac45152415413d4af27f3dde61a021c9c57dcf7ca5b0e65300ebc3cd8815d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:30:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/show_ads_impl_with_ama_fy2021.js?client=pub-1749770216186949&plah=kushaem.com&bust=31069740
142.250.74.66200 OK 125 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/show_ads_impl_with_ama_fy2021.js?client=pub-1749770216186949&plah=kushaem.com&bust=31069740
IP 142.250.74.66:0
File type ASCII text, with very long lines (5885)
Size 125 kB (125282 bytes)
Hash 95b1a5b0434e3ca2b8a95bafc026d6bc
53e1942951f2b48c179004464d34b6ef1bed3f73
7c39694bf84726bfd6b286b6a1b6ef3ff919938aec9559f5fc5b1a4c62d9a5e6
GET /pagead/managed/js/adsense/m202209200101/show_ads_impl_with_ama_fy2021.js?client=pub-1749770216186949&plah=kushaem.com&bust=31069740 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kushaem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 26 Sep 2022 14:30:20 GMT
expires: Mon, 26 Sep 2022 14:30:20 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 13716890411112350832
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 125282
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d095ec6a56142cb2084481b06881ef4
82ff236023008fbfb871aaa7c1e976e0cf15e91a
791ac45152415413d4af27f3dde61a021c9c57dcf7ca5b0e65300ebc3cd8815d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:30:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kushaem.com/favicon.ico
199.233.255.67404 Not Found 4.8 kB IP 199.233.255.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Hash 49013a2e7d9f7895bd1754f42120d012
a89b83cc2120ca3b24aebda7184c0cd27d85a87d
dd9cdb1a10c4fa1d12896ea4da8ba369a431f701c325da851683fefe86b490d8
GET /favicon.ico HTTP/1.1
Host: kushaem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kushaem.com/recipe.asp?id=316&lang=ru&name=%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82+%CC%84%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%25c
Cookie: lang=ru; ASPSESSIONIDSSRBSBTT=MBPCPJOCHFNIJABNJNEKIBIC; ARRAffinity=6fe1b7ab3dc258e502a30911e9b1ddeb1cc792271fad1b1309672dd71d55508e; WAWebSiteSID=f77f6a3206924f3e8a33485dee803cb1; BIGipServerEL_Customer_HTTP2=!vTgfo7qjP/gDVV1eEe65VNrtxl1X+xYoa8gvfEx8qIL+57EIOQcjL5ibquUf1RMgSg8+ZI+kNRHLDQ==; __utma=58297008.922544184.1664202618.1664202618.1664202618.1; __utmb=58297008.1.10.1664202618; __utmc=58297008; __utmz=58297008.1664202618.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Length: 4842
Content-Type: text/html; charset=utf-8
Server:
X-Powered-By: ASP.NET
Date: Mon, 26 Sep 2022 14:30:20 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 83ce30306f9844b38a8e5d4c9146e333
a2a8a135c949784b4d2153954593411074fd0425
939a3899d3ba41e4868adabbfe5f0c49ecaa1bce8b1cb109327dc2dd6311ad5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4474bfba80fa3257384d1c908e1353bf
9a2869a3888743d575e6f87d2a7479d5d97fa123
63378e949c0ea9564e7660ea0522ce7a59727a0a5232b81b77f8525899f67a2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=kushaem.com&callback=_gfp_s_&client=ca-pub-1749770216186949
172.217.21.162200 OK 202 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=kushaem.com&callback=_gfp_s_&client=ca-pub-1749770216186949
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 25347d5980a318e6e50c6a8796978182
096fe3036d1f4eba2a5b6e306b9d7bdaa6075a9b
d06fbd154aa7f134a77f784d9d1918388543a06b5de2b30da28bc4a70fbc8bed
GET /gampad/cookie.js?domain=kushaem.com&callback=_gfp_s_&client=ca-pub-1749770216186949 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kushaem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 26 Sep 2022 14:30:21 GMT
server: cafe
cache-control: private
content-length: 202
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=kushaem.com
216.58.207.194200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=kushaem.com
IP 216.58.207.194:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=kushaem.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kushaem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 26 Sep 2022 14:30:21 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8cd97aaf3e95e1e9bbdf8b739727d7cd
858cf438048356fc972c737cc84e1439c18dec5e
18e601b130747b5b70afa4a4614e9b7d8c7f3df5cd72725e1488c5b411a452e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=kushaem.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=kushaem.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=kushaem.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kushaem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 26 Sep 2022 14:30:21 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4474bfba80fa3257384d1c908e1353bf
9a2869a3888743d575e6f87d2a7479d5d97fa123
63378e949c0ea9564e7660ea0522ce7a59727a0a5232b81b77f8525899f67a2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9f61c5ada09e4fa747144a96e95a943f
e7f3119b4d75a72dd0409673b9789ac1f3233d23
95afa75f054462b0db7b7b59ebadecc07ce8e4eac12b07e76645848983c52bcf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a347d1a00b963f1d6a2a1ede4a5a7922
f853fc68ad2d4adf3742b5e437fe1e74262f1f70
c156ac5fa69d56ee8d64ae91fcff3b209d11e98d28614b8b2c908a3981174af8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kushaem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Mon, 26 Sep 2022 14:30:21 GMT
expires: Mon, 26 Sep 2022 14:30:21 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kushaem.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 13:42:03 GMT
expires: Mon, 25 Sep 2023 13:42:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 89298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13175
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 14:30:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13175
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 14:30:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f164d87-257d-468b-9a99-3559bced005c.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f164d87-257d-468b-9a99-3559bced005c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 988b0c94c41a21c736b330c3256d0a3c
c16a6f018bd80c6390b7a07f4e6698db7bfd28b0
3034912f83810b3999ffa90f5eeaf0f45773c592cfd3cf2bfb794ea1b150158c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f164d87-257d-468b-9a99-3559bced005c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9070
x-amzn-requestid: 2aceb075-d4bc-45b8-8330-5e719c565f77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSKEEdPoAMFsNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca40-3f120e0774b1d58a08898c39;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:08 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: feNiTFDhUx-BfoiybnKj83hCq6CCoiMeOSEHyFs8b7cLIgKvnO1Cdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:05:32 GMT
age: 59089
etag: "c16a6f018bd80c6390b7a07f4e6698db7bfd28b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fe8c4f0c70fb6c1f4259eabedc7015e
85e378d0fff856832a8dd01743516b9476fed8c6
508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 58805
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mToVKJcSAtJB1AOuQ-Y9o_EZzyhUuZJivVa3DLql5FwzK4NC82kh5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:06:17 GMT
age: 59044
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:19 GMT
age: 60782
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZRG0Axnhc5RY5rDbnnbauco9dpPeFdkP01UxkpNYI5pgSbfGKWcikw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:16:26 GMT
age: 58435
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bfaf0f-e716-4cf7-9785-ffcd146aed68.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bfaf0f-e716-4cf7-9785-ffcd146aed68.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75a459d4f554d38a1701e727185c7e91
042d4b6927f80c5a44bb7baf77b763577c19ed36
c01b0d3a28ed31ec9432d879310cffa313260f97044f1ed473aa0331bdba5607
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bfaf0f-e716-4cf7-9785-ffcd146aed68.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7648
x-amzn-requestid: 359116cc-4e08-4c57-8aba-0aa7bd232c98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSKWG2BIAMFlHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca42-2130239f2dab781c0f49f0e4;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: caqLwNG92a0CRHwZLzFYIndWri6UOUyN9Bm8pqEytrumcpAMAo0WmQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:47:32 GMT
age: 60169
etag: "042d4b6927f80c5a44bb7baf77b763577c19ed36"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bc7883d0a03d9c3559288a600fecc70a
b0e538996510ec8c861264cba4bf79fa73f6f7d6
c3bdc9bb12c7c951ca2d861c95156de2c724acc82386e882864c464132e07ac3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 14:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 13ae1f44d43b3c928dc5c6996816d1bf
b94d5a3be305cd7cc82a954d4d3103c0c9346d85
75cabb439132c409a3dba587a0445d4ad16a6e4c0309b1ac551e6ce68a44d0c1
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kushaem.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 26 Sep 2022 14:30:21 GMT
date: Mon, 26 Sep 2022 14:30:21 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-RmFFEKSFm4pIUe2Dz5JYpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2