mms-swr06801266181.ukit.me/
185.129.100.126301 Moved Permanently 0 B URL HTTP/1.1 mms-swr06801266181.ukit.me/
IP 185.129.100.126:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: mms-swr06801266181.ukit.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg1_=hVFElR4aN3CgWnAQJzSV; Domain=.ukit.me; HttpOnly; Path=/; Expires=Mon, 01-Jan-2024 06:06:00 GMT
Date: Sun, 01 Jan 2023 06:06:00 GMT
X-Powered-By: Express
Location: https://mms-swr06801266181.ukit.me/
x-cms: ukit
Cache-Control: public, max-age=600
Transfer-Encoding: chunked
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5c6a87f6d6b5c54dcb1b630ae6001c73
e0315c9936d6f2f58ff7d078e74a8ec7802265a8
d88ef07b9fcfb42d27a490cb57df4adaf3261efc7d0b38246db387da3ca32a8d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D88EF07B9FCFB42D27A490CB57DF4ADAF3261EFC7D0B38246DB387DA3CA32A8D"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2880
Expires: Sun, 01 Jan 2023 06:54:00 GMT
Date: Sun, 01 Jan 2023 06:06:00 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0e93d32de9bcebd3483b40a8fed30718
7e1fe5db1f08b75a079780717e4f18ad76767212
4f0aaacfefd27c89225a1a0d2fbe778ec4f3369b5e4e1599255bf12866196cd4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F0AAACFEFD27C89225A1A0D2FBE778EC4F3369B5E4E1599255BF12866196CD4"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15639
Expires: Sun, 01 Jan 2023 10:26:39 GMT
Date: Sun, 01 Jan 2023 06:06:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 01 Jan 2023 05:47:16 GMT
content-type: application/json
age: 1125
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6d6d99cd1201f65eeb7d437b62bad1f3
6d5e41d7a2786ccaad7c7276ecdd9411f8cbd6ba
db2b42007fc4ad126c8af8d7cce27af88947231d09ded56da33cfee3d2594e23
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB2B42007FC4AD126C8AF8D7CCE27AF88947231D09DED56DA33CFEE3D2594E23"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10267
Expires: Sun, 01 Jan 2023 08:57:08 GMT
Date: Sun, 01 Jan 2023 06:06:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ET5/LCjNBWM8z85wGhnW7+Lvvjj9BGoH1PCyi8oTvgu8VSFjTIL41gTmR+hoeA2+Q0OI4bqwepQ=
x-amz-request-id: VT5M9RJZDAFR7N6M
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 01 Jan 2023 05:59:57 GMT
age: 364
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 01 Jan 2023 06:06:01 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 403af72fbeb6e312f6d10c26de2c0c02
6c1be5cdaac08304a9beaf3e1cc26386193e1bb4
c24dad0d6234b55880358269d045766401ce135f766fbedf5a152cc4ef462894
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 06:06:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 29 Dec 2022 19:50:44 GMT
Expires: Thu, 05 Jan 2023 19:50:43 GMT
Etag: "6c1be5cdaac08304a9beaf3e1cc26386193e1bb4"
Cache-Control: max-age=394481,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 782911094fcab4fa-OSL
mms-swr06801266181.ukit.me/img/markup/locked.png
185.129.100.126200 OK 2.5 kB URL HTTP/2 mms-swr06801266181.ukit.me/img/markup/locked.png
IP 185.129.100.126:0
File type PNG image data, 90 x 117, 8-bit/color RGBA, non-interlaced\012- data
Hash f8f10edeb00e43ee59948db6a036e3f1
0b883ec8c07fc060c26cc7cf4c9a56e1f038a71a
2fbae599d32f01942b7ef1f5e495d281f0c4c8f933f1cbff297d6633efb5c874
GET /img/markup/locked.png HTTP/1.1
Host: mms-swr06801266181.ukit.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mms-swr06801266181.ukit.me/
Cookie: __ddg1_=4u88KBV2ibh16FQvQHfq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sun, 01 Jan 2023 06:06:01 GMT
content-type: image/png
content-length: 2474
last-modified: Wed, 07 Dec 2016 14:14:05 GMT
cache-control: max-age=3600, must-revalidate, public
accept-ranges: bytes
etag: "5848192d-9aa"
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
mms-swr06801266181.ukit.me/css/base.css
185.129.100.126200 OK 30 kB URL HTTP/2 mms-swr06801266181.ukit.me/css/base.css
IP 185.129.100.126:0
File type Unicode text, UTF-8 text, with very long lines (2834)
Hash 2155fb0171bd3f6ea0a55f2410dc0611
ba7d88ab36bc684ea01ef41de0bcd7a34dd4cd3d
a38f646367da50bbfb2fba2bb15db7431ebd14204584a639b049c60b7b3689a2
GET /css/base.css HTTP/1.1
Host: mms-swr06801266181.ukit.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mms-swr06801266181.ukit.me/
Cookie: __ddg1_=4u88KBV2ibh16FQvQHfq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sun, 01 Jan 2023 06:06:01 GMT
content-type: text/css
last-modified: Tue, 28 Dec 2021 16:23:20 GMT
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
etag: "61cb39f8-49b89"
age: 0
content-length: 29684
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
mms-swr06801266181.ukit.me/css/markup/system_messages.css
185.129.100.126200 OK 638 B URL HTTP/2 mms-swr06801266181.ukit.me/css/markup/system_messages.css
IP 185.129.100.126:0
Hash 70f6b632b1d66c06332e9f7f0741cef3
2a8a1f82c159d299efe1d6191eb8982e40ae2af6
544daccbc50dee2f88df92bd186a7ede2acbe4a231558f8b7e65d9983c21b82e
GET /css/markup/system_messages.css HTTP/1.1
Host: mms-swr06801266181.ukit.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mms-swr06801266181.ukit.me/
Cookie: __ddg1_=4u88KBV2ibh16FQvQHfq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sun, 01 Jan 2023 06:06:01 GMT
content-type: text/css
last-modified: Wed, 19 Dec 2018 09:22:13 GMT
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
etag: "5c1a0dc5-64b"
age: 0
content-length: 638
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
mms-swr06801266181.ukit.me/js/lib/requirejs.min.js?v=2022_12_28T09_36_27_03_00_2e63471eb0c141d2dda8b1d7d86c7d376eeead8d
185.129.100.126200 OK 6.4 kB URL HTTP/2 mms-swr06801266181.ukit.me/js/lib/requirejs.min.js?v=2022_12_28T09_36_27_03_00_2e63471eb0c141d2dda8b1d7d86c7d376eeead8d
IP 185.129.100.126:0
File type ASCII text, with very long lines (539)
Hash c84f878af509ba6ef7f714d3daf4ed77
23c7826c3d3379189d5c5bb99f248e5e52c2e034
a4f2e544e70bc1516d2c67e0d822c265c57d8c92b0797f443e4719580458128c
GET /js/lib/requirejs.min.js?v=2022_12_28T09_36_27_03_00_2e63471eb0c141d2dda8b1d7d86c7d376eeead8d HTTP/1.1
Host: mms-swr06801266181.ukit.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mms-swr06801266181.ukit.me/
Cookie: __ddg1_=4u88KBV2ibh16FQvQHfq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sun, 01 Jan 2023 06:06:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 07 Dec 2016 14:14:06 GMT
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
etag: "5848192e-3b81"
age: 0
content-length: 6355
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
mms-swr06801266181.ukit.me/js/requireConf.js?v=2022_12_28T09_36_27_03_00_2e63471eb0c141d2dda8b1d7d86c7d376eeead8d
185.129.100.126200 OK 9.8 kB URL HTTP/2 mms-swr06801266181.ukit.me/js/requireConf.js?v=2022_12_28T09_36_27_03_00_2e63471eb0c141d2dda8b1d7d86c7d376eeead8d
IP 185.129.100.126:0
File type ASCII text, with very long lines (32065)
Hash 5cbe31e6f269f259f7d1748e92cd4e4d
621db3fcf3d94200c3d5e477fd768e50210a0421
b54284212826fd5bf32f629d3c26bd8ff83c583227f4107cca60abb90f487dd0
GET /js/requireConf.js?v=2022_12_28T09_36_27_03_00_2e63471eb0c141d2dda8b1d7d86c7d376eeead8d HTTP/1.1
Host: mms-swr06801266181.ukit.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mms-swr06801266181.ukit.me/
Cookie: __ddg1_=4u88KBV2ibh16FQvQHfq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sun, 01 Jan 2023 06:06:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 28 Dec 2022 09:43:43 GMT
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
etag: "63ac0fcf-d5f3"
age: 0
content-length: 9804
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 01 Jan 2023 05:33:33 GMT
age: 1948
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
mms-swr06801266181.ukit.me/css/lib/bootstrap.css
185.129.100.126200 OK 4.7 kB URL HTTP/2 mms-swr06801266181.ukit.me/css/lib/bootstrap.css
IP 185.129.100.126:0
File type assembler source, ASCII text, with very long lines (540)
Hash 88c7070759d7deb40a8a9ea432ddc86c
1707cd7c915d56a6756c28c2f2fb4d288cbf1609
a8db2014ef90d72c8ccfd9ed25f103f9742faa3c127d77810bc1549d1ce2a13b
GET /css/lib/bootstrap.css HTTP/1.1
Host: mms-swr06801266181.ukit.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mms-swr06801266181.ukit.me/
Cookie: __ddg1_=4u88KBV2ibh16FQvQHfq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sun, 01 Jan 2023 06:06:01 GMT
content-type: text/css
last-modified: Wed, 07 Dec 2016 14:14:05 GMT
cache-control: max-age=3600, must-revalidate, public
content-encoding: br
vary: Accept-Encoding
etag: "5848192d-66cd"
age: 0
content-length: 4717
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3679c651bdffb33838e04abe2fe3ed2d
eb05867a9df7fb86ea4aa715ccceb854ce8bbd7a
17c6dded32ee45c9381841e96b97b81b3a8b6d0af8cf5839f08779699a79479e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5837
Cache-Control: max-age=143047
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 06:06:01 GMT
Etag: "63b097c3-117"
Expires: Mon, 02 Jan 2023 21:50:08 GMT
Last-Modified: Sat, 31 Dec 2022 20:12:51 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
fast.fonts.net/t/1.css?apiType=css&projectid=eaf19cf5-485d-41eb-803b-07b10d75c4ce
104.17.225.78200 OK 0 B URL HTTP/2 fast.fonts.net/t/1.css?apiType=css&projectid=eaf19cf5-485d-41eb-803b-07b10d75c4ce
IP 104.17.225.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/1.css?apiType=css&projectid=eaf19cf5-485d-41eb-803b-07b10d75c4ce HTTP/1.1
Host: fast.fonts.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mms-swr06801266181.ukit.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 01 Jan 2023 06:06:01 GMT
content-type: text/css; charset=utf-8
content-length: 0
x-amz-id-2: O8zfmxp2yHXD8Bh2aTv77f0OiAUSyqmImTNr1ppIBWgHdOJyhVK5GX75wp5NC4tIeP+CJn8e4YA=
x-amz-request-id: 40KEAX80YPRPAVX1
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public, max-age=0, s-maxage=604800
x-amz-meta-mtime: 1519217722
x-amz-version-id: null
cf-cache-status: HIT
age: 173242
accept-ranges: bytes
set-cookie: __cf_bm=keKRtPmjbzMPuMEjPUj.yMG6Cruer6qcxep7q65moQQ-1672553161-0-AbQUGLMRtIDviLh8KeGDz652O9YdaXXKXxFuGihXgo8HZ6lU63jFL4VXyU1d/q/O6O+bpSscFrmUuGaaX44Df1E=; path=/; expires=Sun, 01-Jan-23 06:36:01 GMT; domain=.fonts.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7829110c6e5bb4f3-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash afc798d7819a9c19437d20a92eb6f6ec
badde0ed90ac423d5796dc35808a3cd6cec09820
f101fbf84795c278d89aafdadf23cca6c5010b372a48d39a5354555bfb961e61
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5537
Cache-Control: max-age=102786
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 06:06:01 GMT
Etag: "63affbaa-1d7"
Expires: Mon, 02 Jan 2023 10:39:07 GMT
Last-Modified: Sat, 31 Dec 2022 09:06:50 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
151.101.193.229200 OK 86 kB URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
IP 151.101.193.229:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash 7ffa06a6434a46f38f3a58cecebdfe8e
371c8efd7d7c9464d052482435c2474b0e9847f8
877b4a7e19c52b354c083c73ca53f752e9ab21963c11f22e1259d6e716c3e36b
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mms-swr06801266181.ukit.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.255.0
x-jsd-version-type: version
etag: W/"34dfe-lTaq29MlUt6eCLmFLZo4qfZAEqA"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 01 Jan 2023 06:06:01 GMT
age: 42053
x-served-by: cache-fra-eddf8230060-FRA, cache-bma1620-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 85687
X-Firefox-Spdy: h2
mms-swr06801266181.ukit.me/fonts/baseFont/8b1d5802-f86f-4cc1-95a8-261eabda1d22.woff2
185.129.100.126200 OK 50 kB URL HTTP/2 mms-swr06801266181.ukit.me/fonts/baseFont/8b1d5802-f86f-4cc1-95a8-261eabda1d22.woff2
IP 185.129.100.126:0
File type Web Open Font Format (Version 2), TrueType, length 50516, version 1.0\012- data
Hash c87bf145d04b5f12c4d6c9605648df6e
3e68a9dc8b5220999175b00279e4b7b5849c1809
bfcc1ef464c127eb2db10bffe6543d295ba77867bc941688a7632ef2bb61f715
Analyzer Verdict Alert fortinet Phishing
GET /fonts/baseFont/8b1d5802-f86f-4cc1-95a8-261eabda1d22.woff2 HTTP/1.1
Host: mms-swr06801266181.ukit.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mms-swr06801266181.ukit.me/css/base.css
Cookie: __ddg1_=4u88KBV2ibh16FQvQHfq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sun, 01 Jan 2023 06:06:01 GMT
content-type: application/octet-stream
content-length: 50516
last-modified: Wed, 07 Dec 2016 14:14:05 GMT
etag: "5848192d-c554"
cache-control: max-age=3600, must-revalidate, public
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
151.101.2.133200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 151.101.2.133:0
Hash da7fa7c4c14f5a06a6cb5b4d1bdd94a6
2b273f25c5a3fd787069558b2d11eae5309e6ab8
fa3f063b9092e816fe1a9394ec9485bbedbb51279cb107c4b7d53bf4f7b8a6e6
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "0450B085103E0B40B3F4FFC132AFD18114A31A34"
Expires: Sun, 01 Jan 2023 17:00:00 UTC
Last-Modified: Sun, 01 Jan 2023 05:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Sun, 01 Jan 2023 06:06:01 GMT
Via: 1.1 varnish
Age: 1489
X-Served-By: cache-bma1635-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1672553162.813446,VS0,VE1
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0468fec435ade9da599ed1f46bb61464
61294530d9be7c2a732758fb6b06ae51170f02b6
48497874c626a3cd466af1566fa28103970006af3756f9b5c0256cddcbd9dade
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 06:06:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mms-swr06801266181.ukit.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 01 Jan 2023 05:34:02 GMT
expires: Sun, 01 Jan 2023 07:34:02 GMT
cache-control: public, max-age=7200
age: 1919
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0468fec435ade9da599ed1f46bb61464
61294530d9be7c2a732758fb6b06ae51170f02b6
48497874c626a3cd466af1566fa28103970006af3756f9b5c0256cddcbd9dade
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 06:06:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mms-swr06801266181.ukit.me/
185.129.100.126200 OK 1.8 kB URL HTTP/2 mms-swr06801266181.ukit.me/
IP 185.129.100.126:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (326)
Hash f73cc268a42a5862996599cd02fd4bc1
e8bb44c0c9ef1ddc288caa2aceee02264967e7ab
5737c06d38c6caee047a63df9f3a71b9ebc83d77c38a34c68d7d2f66808e0ddf
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: mms-swr06801266181.ukit.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=4u88KBV2ibh16FQvQHfq; Domain=.ukit.me; HttpOnly; Path=/; Expires=Mon, 01-Jan-2024 06:06:01 GMT
date: Sun, 01 Jan 2023 06:06:01 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
vary: Accept-Encoding
content-encoding: gzip
x-cms: ukit
cache-control: public, max-age=600
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
151.101.2.133200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 151.101.2.133:0
Hash 3d648e998824534c53b7d7af881ddaaf
5def341c44de219b591e404ae24dc1967f7da688
11f5ae3259e9d17f28360c39aaadd6d1f97fccf462954f4995b176d2f5d6be85
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 938
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 05 Jan 2023 05:13:35 GMT
ETag: "5def341c44de219b591e404ae24dc1967f7da688"
Last-Modified: Sun, 01 Jan 2023 05:13:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 01 Jan 2023 06:06:02 GMT
Age: 3145
X-Served-By: cache-qpg1244-QPG, cache-bma1635-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 251
X-Timer: S1672553162.101344,VS0,VE0
mc.yandex.ru/watch/62223091?wmode=7&page-url=https%3A%2F%2Fmms-swr06801266181.ukit.me%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A1019%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A1085196470304%3Ahid%3A121544364%3Az%3A0%3Ai%3A20230101060554%3Aet%3A1672553155%3Ac%3A1%3Arn%3A800242811%3Arqn%3A1%3Au%3A1672553155837293689%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C143%2C120%2C0%2C355%2C0%2C%2C351%2C2%2C%2C%2C%2C1014%3Aco%3A0%3Ans%3A1672553153453%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1672553155%3At%3AuKit%20%E2%80%94%20Website%27s%20trial%20period%20has%20expired&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.250.119302 Found 433 B URL HTTP/2 mc.yandex.ru/watch/62223091?wmode=7&page-url=https%3A%2F%2Fmms-swr06801266181.ukit.me%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A1019%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A1085196470304%3Ahid%3A121544364%3Az%3A0%3Ai%3A20230101060554%3Aet%3A1672553155%3Ac%3A1%3Arn%3A800242811%3Arqn%3A1%3Au%3A1672553155837293689%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C143%2C120%2C0%2C355%2C0%2C%2C351%2C2%2C%2C%2C%2C1014%3Aco%3A0%3Ans%3A1672553153453%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1672553155%3At%3AuKit%20%E2%80%94%20Website%27s%20trial%20period%20has%20expired&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (433), with no line terminators
Hash 1a00eea556c21522a5762a97b4963114
1b650cd6ff5d3adca39af45b27927e3e82034832
e3c54073380037c05f9c504b5b766a1b626609bf8fe7a23805509d688c70b444
GET /watch/62223091?wmode=7&page-url=https%3A%2F%2Fmms-swr06801266181.ukit.me%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A1019%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A1085196470304%3Ahid%3A121544364%3Az%3A0%3Ai%3A20230101060554%3Aet%3A1672553155%3Ac%3A1%3Arn%3A800242811%3Arqn%3A1%3Au%3A1672553155837293689%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C143%2C120%2C0%2C355%2C0%2C%2C351%2C2%2C%2C%2C%2C1014%3Aco%3A0%3Ans%3A1672553153453%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1672553155%3At%3AuKit%20%E2%80%94%20Website%27s%20trial%20period%20has%20expired&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mms-swr06801266181.ukit.me
Connection: keep-alive
Referer: https://mms-swr06801266181.ukit.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/62223091/1?wmode=7&page-url=https%3A%2F%2Fmms-swr06801266181.ukit.me%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A1019%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A1085196470304%3Ahid%3A121544364%3Az%3A0%3Ai%3A20230101060554%3Aet%3A1672553155%3Ac%3A1%3Arn%3A800242811%3Arqn%3A1%3Au%3A1672553155837293689%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C143%2C120%2C0%2C355%2C0%2C%2C351%2C2%2C%2C%2C%2C1014%3Aco%3A0%3Ans%3A1672553153453%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1672553155%3At%3AuKit%20%E2%80%94%20Website%27s%20trial%20period%20has%20expired&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sun, 01 Jan 2023 06:06:02 GMT
access-control-allow-origin: https://mms-swr06801266181.ukit.me
set-cookie: yabs-sid=1734268681672553162; Path=/; SameSite=None; Secure
i=93XAGU+6Etq9TQIsgAO1cDtIwB7rZKnvV7QmSJzcsswzWz4aCKKXqX00uTudV2mDoWwaZTZTBC5JYU3/NDmgMasRAV0=; Expires=Wed, 29-Dec-2032 06:05:58 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=5213018861672553162; Expires=Mon, 01-Jan-2024 06:06:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5213018861672553162; Expires=Mon, 01-Jan-2024 06:06:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1704089162.yc.1672553162#1704089162.yrts.1672553162#1704089162.yrtsi.1672553162; Expires=Mon, 01-Jan-2024 06:06:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 01-Jan-2023 06:06:02 GMT
last-modified: Sun, 01-Jan-2023 06:06:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mms-swr06801266181.ukit.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 01 Jan 2023 06:06:02 GMT
access-control-allow-origin: *
etag: "63ae6ee1-2b"
expires: Sun, 01 Jan 2023 07:06:02 GMT
accept-ranges: bytes
last-modified: Fri, 30 Dec 2022 07:53:53 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17380
Expires: Sun, 01 Jan 2023 10:55:43 GMT
Date: Sun, 01 Jan 2023 06:06:03 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17380
Expires: Sun, 01 Jan 2023 10:55:43 GMT
Date: Sun, 01 Jan 2023 06:06:03 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17380
Expires: Sun, 01 Jan 2023 10:55:43 GMT
Date: Sun, 01 Jan 2023 06:06:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56ecc912-7c04-44d7-a43d-91f5105e563b.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56ecc912-7c04-44d7-a43d-91f5105e563b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9c106ab8d6891b9865ef89c4cd6c6cb
784caa00a9877cb4cc6ad9037a9676b6d3b37fd2
84440ac9326499d9ce81d6fe8b58fa4f7430f60d5624a2acf5d66f906fe6f898
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56ecc912-7c04-44d7-a43d-91f5105e563b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4560
x-amzn-requestid: 26f5e408-f9d0-46b9-90a7-5cdf29d5a27c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eB__3ETBoAMFU3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b0ad32-2b1520235d6b63862bebc2d5;Sampled=0
x-amzn-remapped-date: Sat, 31 Dec 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _rjDZLvICb3vlPm6dyfbx8GbjCj43moCVpzoez77yFUFGNvej2ygTA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 31 Dec 2022 22:05:16 GMT
age: 28847
etag: "784caa00a9877cb4cc6ad9037a9676b6d3b37fd2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfb3fa2-ee9d-4094-8997-5333a1a1f58c.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfb3fa2-ee9d-4094-8997-5333a1a1f58c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c602e4ea098bceb3fee2a04f9e563aa9
68a1f45f4ddc79cec4e681e45e283c84bdefd4b0
a117be1cffe9e42162f217efce88ec6c5a59e8796b119b2fb7d56e5cdcec6e85
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfb3fa2-ee9d-4094-8997-5333a1a1f58c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7046
x-amzn-requestid: 6a7882d5-9bf1-4acc-a222-db45f6134711
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d_GoJGNnIAMFSew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af849a-7cfacd5e5849f78f275431d8;Sampled=0
x-amzn-remapped-date: Sat, 31 Dec 2022 00:38:50 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: -vXSyOmqhERzF-hzBA1HXOt8G_jjhtRTYz39OxUNlm8VWpk5t_c37w==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 6af3b573d8970d5db2a4d03354335b84.cloudfront.net (CloudFront), 1.1 google
date: Sat, 31 Dec 2022 07:47:42 GMT
age: 80301
etag: "68a1f45f4ddc79cec4e681e45e283c84bdefd4b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a9375cec16bfe696766c8d373d9b54
2167c2f197dd44558ac2dea500d8b6b3cfa50e83
6f94fe0c817b031d913d53fee6b317148bdabea044102b8f0c9df8a3737d59f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10696
x-amzn-requestid: 2117681b-ee8b-4881-b860-087a8662a3c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7xM1FK7oAMFd4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae2f1e-5a3648ba2ac7ba01177f361d;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 00:21:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CpPZkZcwPWBN4qFQeb6hLMr-dP6SrlxludndGa7wsuCzNPKVgYkfLQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 31 Dec 2022 07:51:53 GMT
age: 80050
etag: "2167c2f197dd44558ac2dea500d8b6b3cfa50e83"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F151a214a-7044-496c-9662-1b2876c624f1.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F151a214a-7044-496c-9662-1b2876c624f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af3364657e9f5fc73ad87a8bfbcc74a9
09275100c95963905ea2c6ad0cfe719d44e731ad
773ef6723580164ae4f978de9d5d806b4903c827f32f0cd76184ec59abf62772
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F151a214a-7044-496c-9662-1b2876c624f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6146
x-amzn-requestid: b428336f-ff33-4425-b753-bbabfcae4c52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dsOHKFN2oAMF7SA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a7f6fa-5e9739cb09f539507cbf7f81;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 07:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9_j5M39bx6NOls-GtljmKs1CGzL1rR7SmHhQ7LPYkHeJ4L4TE34CRQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 31 Dec 2022 16:10:51 GMT
age: 50112
etag: "09275100c95963905ea2c6ad0cfe719d44e731ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68f62f24-c2ce-40d9-b8b6-d160b5dc9ad8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68f62f24-c2ce-40d9-b8b6-d160b5dc9ad8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 535eb6b8d57fc5b9f74bcd81479aa52a
464b621007fa223e5b22cf3c097bf98990e0865f
28a05e5950da01b731ec0be060e9614cd344f8f56a9dbd3052a09af32e8677b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68f62f24-c2ce-40d9-b8b6-d160b5dc9ad8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10706
x-amzn-requestid: 8a57047f-81b3-4dbf-ad44-39b8a506a68c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d42LGED1IAMFc2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ad03e0-3a493e06092446212392d625;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 03:05:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YnTgrEhb0GIcMunrtYKds4XUTPwnpCOJJ4kWfmZglRsbu_ZIZXsqyg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 04:03:13 GMT
age: 7370
etag: "464b621007fa223e5b22cf3c097bf98990e0865f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde88cf0a-80b2-4e81-a42f-8bac76392967.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde88cf0a-80b2-4e81-a42f-8bac76392967.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 440fd30380c1a4024dce6ae42229a5f3
d9fb5a0246d0ce5747d5a6bd447973b688ba5872
2914a365051a06858e54a7ed50c5b913f40f5bcd155a886dbf049117d2db32d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde88cf0a-80b2-4e81-a42f-8bac76392967.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11757
x-amzn-requestid: 9ceae71d-a9f3-4bf0-a367-b6f532e36573
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: do62MFC4IAMFTjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a6a4f4-05e166ec5203232503df378e;Sampled=0
x-amzn-remapped-date: Sat, 24 Dec 2022 07:06:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EMSRfghTmEDlR82Tr8xv6l6MyHurHbAs7E9fJAcWv2ZVdcZwk0h2OQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 03:49:07 GMT
age: 8216
etag: "d9fb5a0246d0ce5747d5a6bd447973b688ba5872"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/62223091?wmode=0&wv-part=1&wv-hit=121544364&page-url=https%3A%2F%2Fmms-swr06801266181.ukit.me%2F&rn=155001445&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1672553157%3Aw%3A1280x939%3Av%3A952%3Az%3A0%3Ai%3A20230101060557%3Au%3A1672553155837293689%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1672553157&t=gdpr(14)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/62223091?wmode=0&wv-part=1&wv-hit=121544364&page-url=https%3A%2F%2Fmms-swr06801266181.ukit.me%2F&rn=155001445&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1672553157%3Aw%3A1280x939%3Av%3A952%3Az%3A0%3Ai%3A20230101060557%3Au%3A1672553155837293689%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1672553157&t=gdpr(14)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/62223091?wmode=0&wv-part=1&wv-hit=121544364&page-url=https%3A%2F%2Fmms-swr06801266181.ukit.me%2F&rn=155001445&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1672553157%3Aw%3A1280x939%3Av%3A952%3Az%3A0%3Ai%3A20230101060557%3Au%3A1672553155837293689%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1672553157&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 5013
Origin: https://mms-swr06801266181.ukit.me
Connection: keep-alive
Referer: https://mms-swr06801266181.ukit.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 01 Jan 2023 06:06:04 GMT
access-control-allow-origin: https://mms-swr06801266181.ukit.me
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 01-Jan-2023 06:06:04 GMT
last-modified: Sun, 01-Jan-2023 06:06:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/62223091?wmode=0&wv-part=1&wv-hit=121544364&page-url=https%3A%2F%2Fmms-swr06801266181.ukit.me%2F&rn=260978040&wv-type=3&browser-info=we%3A1%3Aet%3A1672553158%3Aw%3A1280x939%3Av%3A952%3Az%3A0%3Ai%3A20230101060557%3Au%3A1672553155837293689%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1672553158&t=gdpr(14)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/62223091?wmode=0&wv-part=1&wv-hit=121544364&page-url=https%3A%2F%2Fmms-swr06801266181.ukit.me%2F&rn=260978040&wv-type=3&browser-info=we%3A1%3Aet%3A1672553158%3Aw%3A1280x939%3Av%3A952%3Az%3A0%3Ai%3A20230101060557%3Au%3A1672553155837293689%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1672553158&t=gdpr(14)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/62223091?wmode=0&wv-part=1&wv-hit=121544364&page-url=https%3A%2F%2Fmms-swr06801266181.ukit.me%2F&rn=260978040&wv-type=3&browser-info=we%3A1%3Aet%3A1672553158%3Aw%3A1280x939%3Av%3A952%3Az%3A0%3Ai%3A20230101060557%3Au%3A1672553155837293689%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1672553158&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: https://mms-swr06801266181.ukit.me
Connection: keep-alive
Referer: https://mms-swr06801266181.ukit.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 01 Jan 2023 06:06:04 GMT
access-control-allow-origin: https://mms-swr06801266181.ukit.me
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 01-Jan-2023 06:06:04 GMT
last-modified: Sun, 01-Jan-2023 06:06:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/62223091?wv-check=4456&wv-type=0&wmode=0&wv-part=1&wv-hit=121544364&page-url=https%3A%2F%2Fmms-swr06801266181.ukit.me%2F&rn=874706475&browser-info=we%3A1%3Aet%3A1672553163%3Aw%3A1280x939%3Av%3A952%3Az%3A0%3Ai%3A20230101060602%3Au%3A1672553155837293689%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1672553163&t=gdpr(14)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/62223091?wv-check=4456&wv-type=0&wmode=0&wv-part=1&wv-hit=121544364&page-url=https%3A%2F%2Fmms-swr06801266181.ukit.me%2F&rn=874706475&browser-info=we%3A1%3Aet%3A1672553163%3Aw%3A1280x939%3Av%3A952%3Az%3A0%3Ai%3A20230101060602%3Au%3A1672553155837293689%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1672553163&t=gdpr(14)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/62223091?wv-check=4456&wv-type=0&wmode=0&wv-part=1&wv-hit=121544364&page-url=https%3A%2F%2Fmms-swr06801266181.ukit.me%2F&rn=874706475&browser-info=we%3A1%3Aet%3A1672553163%3Aw%3A1280x939%3Av%3A952%3Az%3A0%3Ai%3A20230101060602%3Au%3A1672553155837293689%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1672553163&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 44
Origin: https://mms-swr06801266181.ukit.me
Connection: keep-alive
Referer: https://mms-swr06801266181.ukit.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 01 Jan 2023 06:06:09 GMT
access-control-allow-origin: https://mms-swr06801266181.ukit.me
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 01-Jan-2023 06:06:09 GMT
last-modified: Sun, 01-Jan-2023 06:06:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/62223091?wmode=0&wv-part=2&wv-hit=121544364&page-url=https%3A%2F%2Fmms-swr06801266181.ukit.me%2F&rn=1004570014&wv-type=3&browser-info=we%3A1%3Aet%3A1672553163%3Aw%3A1280x939%3Av%3A952%3Az%3A0%3Ai%3A20230101060602%3Au%3A1672553155837293689%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1672553163&t=gdpr(14)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/62223091?wmode=0&wv-part=2&wv-hit=121544364&page-url=https%3A%2F%2Fmms-swr06801266181.ukit.me%2F&rn=1004570014&wv-type=3&browser-info=we%3A1%3Aet%3A1672553163%3Aw%3A1280x939%3Av%3A952%3Az%3A0%3Ai%3A20230101060602%3Au%3A1672553155837293689%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1672553163&t=gdpr(14)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/62223091?wmode=0&wv-part=2&wv-hit=121544364&page-url=https%3A%2F%2Fmms-swr06801266181.ukit.me%2F&rn=1004570014&wv-type=3&browser-info=we%3A1%3Aet%3A1672553163%3Aw%3A1280x939%3Av%3A952%3Az%3A0%3Ai%3A20230101060602%3Au%3A1672553155837293689%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1672553163&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 21
Origin: https://mms-swr06801266181.ukit.me
Connection: keep-alive
Referer: https://mms-swr06801266181.ukit.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 01 Jan 2023 06:06:09 GMT
access-control-allow-origin: https://mms-swr06801266181.ukit.me
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 01-Jan-2023 06:06:09 GMT
last-modified: Sun, 01-Jan-2023 06:06:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/62223091?wmode=0&wv-part=2&wv-hit=121544364&page-url=https%3A%2F%2Fmms-swr06801266181.ukit.me%2F&rn=559516933&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1672553163%3Aw%3A1280x939%3Av%3A952%3Az%3A0%3Ai%3A20230101060602%3Au%3A1672553155837293689%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1672553163&t=gdpr(14)ti(2)
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/62223091?wmode=0&wv-part=2&wv-hit=121544364&page-url=https%3A%2F%2Fmms-swr06801266181.ukit.me%2F&rn=559516933&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1672553163%3Aw%3A1280x939%3Av%3A952%3Az%3A0%3Ai%3A20230101060602%3Au%3A1672553155837293689%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1672553163&t=gdpr(14)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/62223091?wmode=0&wv-part=2&wv-hit=121544364&page-url=https%3A%2F%2Fmms-swr06801266181.ukit.me%2F&rn=559516933&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1672553163%3Aw%3A1280x939%3Av%3A952%3Az%3A0%3Ai%3A20230101060602%3Au%3A1672553155837293689%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1672553163&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 15
Origin: https://mms-swr06801266181.ukit.me
Connection: keep-alive
Referer: https://mms-swr06801266181.ukit.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 01 Jan 2023 06:06:09 GMT
access-control-allow-origin: https://mms-swr06801266181.ukit.me
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 01-Jan-2023 06:06:09 GMT
last-modified: Sun, 01-Jan-2023 06:06:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mms-swr06801266181.ukit.me/favicon.ico
185.129.100.126200 OK 0 B URL HTTP/2 mms-swr06801266181.ukit.me/favicon.ico
IP 185.129.100.126:0
GET /favicon.ico HTTP/1.1
Host: mms-swr06801266181.ukit.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mms-swr06801266181.ukit.me/
Cookie: __ddg1_=4u88KBV2ibh16FQvQHfq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sun, 01 Jan 2023 06:06:01 GMT
content-type: image/x-icon
last-modified: Fri, 25 Mar 2022 16:55:47 GMT
etag: W/"623df413-1536"
cache-control: max-age=3600, must-revalidate, public
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
mms-swr06801266181.ukit.me/fonts/baseFont/61f9ec25-f5d7-431f-9606-553aa690b3ae.woff2
185.129.100.126200 OK 0 B URL HTTP/2 mms-swr06801266181.ukit.me/fonts/baseFont/61f9ec25-f5d7-431f-9606-553aa690b3ae.woff2
IP 185.129.100.126:0
Analyzer Verdict Alert fortinet Phishing
GET /fonts/baseFont/61f9ec25-f5d7-431f-9606-553aa690b3ae.woff2 HTTP/1.1
Host: mms-swr06801266181.ukit.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mms-swr06801266181.ukit.me/css/base.css
Cookie: __ddg1_=4u88KBV2ibh16FQvQHfq
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Sun, 01 Jan 2023 06:06:01 GMT
content-type: application/octet-stream
content-length: 64568
last-modified: Wed, 07 Dec 2016 14:14:05 GMT
etag: "5848192d-fc38"
cache-control: max-age=3600, must-revalidate, public
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2