Overview

URL activecitizens.in.ua/project1.xls
IP46.4.104.103
ASNHetzner Online GmbH
Location Germany
Report completed2022-10-04 15:59:18 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 activecitizens.in.ua/project1.xls Malware
2022-10-04 2 activecitizens.in.ua/project1.xls Malware
2022-10-04 2 activecitizens.in.ua/dist/img/pryamuemo-razom-logo.svg Malware
2022-10-04 2 activecitizens.in.ua/dist/fonts/apercu-regular-pro.woff2 Malware
2022-10-04 2 activecitizens.in.ua/dist/img/ac_logo2.svg Malware
2022-10-04 2 activecitizens.in.ua/dist/fonts/apercu-bold-pro.woff2 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (20)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 15:06:58 UTC 143.204.55.115
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-04 04:16:51 UTC 34.117.237.239
mnemonic passive DNS www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-10-04 09:46:28 UTC 142.250.74.3
mnemonic passive DNS activecitizens.in.ua (16) 0 2020-11-18 17:32:42 UTC 2022-10-04 12:12:22 UTC 46.4.104.103 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-10-04 04:17:22 UTC 23.36.77.32
mnemonic passive DNS ocsp.pki.goog (10) 175 2017-06-14 07:23:31 UTC 2022-10-04 04:17:09 UTC 142.250.74.3
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-04 04:45:06 UTC 34.215.91.121
mnemonic passive DNS maxcdn.bootstrapcdn.com (2) 724 2014-06-18 00:37:31 UTC 2022-10-04 07:04:49 UTC 104.18.11.207
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-04 11:55:48 UTC 142.250.74.10
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-04 04:29:41 UTC 143.204.55.49
mnemonic passive DNS cdn.jsdelivr.net (3) 439 2012-09-30 00:15:09 UTC 2022-10-04 04:19:28 UTC 151.101.85.229
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-10-04 04:22:54 UTC 104.18.20.226
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-10-04 09:37:43 UTC 142.250.74.168
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-10-04 13:19:06 UTC 142.250.74.164
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-04 04:18:32 UTC 34.120.237.76
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-10-04 04:47:48 UTC 104.17.25.14
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-10-04 04:24:58 UTC 69.16.175.10
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-04 15:17:25 UTC 93.184.220.29
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-10-04 08:39:57 UTC 142.250.74.174
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-10-04 05:06:06 UTC 74.125.131.154


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 46.4.104.103

Date UQ / IDS / BL URL IP
2022-10-20 22:34:23 +0000
0 - 0 - 1 aprize.com.ua/artists.xls 46.4.104.103
2022-10-13 08:42:19 +0000
0 - 0 - 1 aprize.com.ua/Artists.xls 46.4.104.103
2022-10-12 22:01:38 +0000
0 - 0 - 1 aprize.com.ua/Artists.xls 46.4.104.103
2022-10-10 01:47:11 +0000
0 - 0 - 1 aprize.com.ua/Artists.xls 46.4.104.103
2022-10-09 01:18:35 +0000
0 - 0 - 1 aprize.com.ua/Artists.xls 46.4.104.103

Last 5 reports on ASN: Hetzner Online GmbH

Date UQ / IDS / BL URL IP
2022-11-29 01:06:41 +0000
0 - 0 - 1 95.217.31.208/972721779826.zip 95.217.31.208
2022-11-29 00:57:36 +0000
0 - 0 - 36 melodie-festsaal.de/ 136.243.20.96
2022-11-29 00:52:30 +0000
0 - 0 - 2 dl3.topfiles.net/files/2/61/31519/bGc4RTQA3WV (...) 88.99.67.38
2022-11-29 00:51:39 +0000
0 - 0 - 1 95.217.31.208/740331734698.zip 95.217.31.208
2022-11-29 00:50:30 +0000
0 - 0 - 23 china.sipon.eu/ 94.130.205.31

Last 5 reports on domain: activecitizens.in.ua

Date UQ / IDS / BL URL IP
2022-10-08 15:36:49 +0000
0 - 0 - 6 activecitizens.in.ua/project1.xls 46.4.104.103
2022-10-06 13:35:48 +0000
0 - 0 - 6 activecitizens.in.ua/project1.xls 46.4.104.103
2022-10-04 15:59:18 +0000
0 - 0 - 6 activecitizens.in.ua/project1.xls 46.4.104.103
2022-09-12 19:43:43 +0000
0 - 0 - 6 activecitizens.in.ua/Project1.xls 46.4.104.103
2022-09-12 12:40:46 +0000
0 - 0 - 6 activecitizens.in.ua/Project1.xls 46.4.104.103

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-08 15:36:49 +0000
0 - 0 - 6 activecitizens.in.ua/project1.xls 46.4.104.103
2022-10-06 13:35:48 +0000
0 - 0 - 6 activecitizens.in.ua/project1.xls 46.4.104.103
2022-09-12 19:43:43 +0000
0 - 0 - 6 activecitizens.in.ua/Project1.xls 46.4.104.103
2022-09-12 12:40:46 +0000
0 - 0 - 6 activecitizens.in.ua/Project1.xls 46.4.104.103
2022-09-12 01:18:48 +0000
0 - 0 - 6 activecitizens.in.ua/Project1.xls 46.4.104.103


JavaScript

Executed Scripts (9)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (59)


Request Response
                                        
                                            GET /project1.xls HTTP/1.1 
Host: activecitizens.in.ua
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         46.4.104.103
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Location: https://activecitizens.in.ua/project1.xls
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/7.1.29, ASP.NET
Date: Tue, 04 Oct 2022 15:59:08 GMT
Content-Length: 170


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   170
Md5:    1d21e0f801a940f4d1ce53843e4bd9e6
Sha1:   a240fa6094f71ba6c84f5478736d1425449efd54
Sha256: bf27e331f24a4fd4d06931a774d62dfb9e792aa5323e585fab79320c48f569d8

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 15:06:44 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8dBlqeEsjphZNUIZhW2t7YsgkgUhLaaxy3LQB5kUHfEbU-4bW0i9Xg==
Age: 3144


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3993
Expires: Tue, 04 Oct 2022 17:05:41 GMT
Date: Tue, 04 Oct 2022 15:59:08 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5QmEZN9hXI408TChRXaJfvzihjLhEWc0TMUvRAGG_ct1QstBZXOj5w==
age: 37841
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 15:59:08 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E2140CFBAA46540CCAC430EE4A63C0358C602142B88A575B4FD381AF09BD685E"
Last-Modified: Tue, 04 Oct 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21558
Expires: Tue, 04 Oct 2022 21:58:26 GMT
Date: Tue, 04 Oct 2022 15:59:08 GMT
Connection: keep-alive

                                        
                                            GET /project1.xls HTTP/1.1 
Host: activecitizens.in.ua
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         46.4.104.103
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/7.1.29, ASP.NET
Date: Tue, 04 Oct 2022 15:59:08 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8282), with CRLF line terminators
Size:   101809
Md5:    f1079607f308d936ce3b33705f09fda5
Sha1:   e3881dfcf2413bf4fcc5a14667a8fd747ae2117f
Sha256: a54e5a090901758d21875f83beed4a46231b67f000bc938055509d4855ff591c

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /dist/css/styles.css HTTP/1.1 
Host: activecitizens.in.ua
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/project1.xls
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.4.104.103
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Sat, 27 Mar 2021 18:28:12 GMT
Accept-Ranges: bytes
ETag: "046a4f13623d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 15:59:08 GMT
Content-Length: 4153


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   4153
Md5:    3aaea0f0a2fe28b4ca2ab72e973306e8
Sha1:   6bc9af95c2f3ed05b38aba841d741b8bbffe53ff
Sha256: 2e28835ba533ce7d77fbe26b7d11861f6a8a9db131f0accafb635614570d6696
                                        
                                            GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://activecitizens.in.ua
Connection: keep-alive
Referer: https://activecitizens.in.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 15:59:09 GMT
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2843574
expires: Sun, 24 Sep 2023 15:59:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hjm0EMq1JYs%2FBcMwad%2Be1gG4V3ygiCJ14aAFkXZ%2BK5h1Ek4rqr5NabMWGwIkmnLMbn1aXUOVkjG4ARQuKirXwl65Qv%2BQHD1GWfzh%2BjUYnCS5lfWLVIupjTWogULWRIB0afe%2F2QdE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 754f1f8198c60b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19015)
Size:   6157
Md5:    7b4114faa411d059a9a5ac4b5b4d9dee
Sha1:   277da4486916fa3a4ab3375f47bc98f58dbf90f6
Sha256: 60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9
                                        
                                            GET /gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 3.5.7
x-jsd-version-type: version
etag: W/"10a9d-YYFBLnOWZpbQjh5bEkOlctDyK6Y"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 04 Oct 2022 15:59:09 GMT
age: 5591788
x-served-by: cache-fra19161-FRA, cache-bma1623-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22012
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (31972)
Size:   22012
Md5:    4d34dbd8ea98c872e60866111a4cfca8
Sha1:   67bc498c32e10d3b3ed85ffb6bb564250d16e04f
Sha256: c786e39636aac1979c7bad96cdb0de715c961b3f7ca650d05f8b07a50df69141
                                        
                                            GET /jquery-3.2.1.slim.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://activecitizens.in.ua
Connection: keep-alive
Referer: https://activecitizens.in.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 15:59:09 GMT
content-encoding: gzip
content-length: 23856
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664899149.dop010.sk1.t,1664899149.cds209.sk1.hn,1664899149.cds235.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32012)
Size:   23856
Md5:    30f5157a965bc792a83e9bacfe265f03
Sha1:   8330886371fe27f3cbac509e0ac9712207574c66
Sha256: 4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0
                                        
                                            GET /gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 3.5.7
x-jsd-version-type: version
etag: W/"31fb-G+m3m+AqHPxdlsSl4P649HK6vZU"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 04 Oct 2022 15:59:09 GMT
age: 13884655
x-served-by: cache-fra19160-FRA, cache-bma1623-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3096
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12795), with no line terminators
Size:   3096
Md5:    18b46dae08e98971b16123ea48913d23
Sha1:   e0a1aa82445a38538413b488924613c44861c59d
Sha256: 62c06f2ea24cfdf0003164fca05560cc8b5333f6ef312016458e05ecbb7c8f62
                                        
                                            GET /npm/jquery@3.5.1/dist/jquery.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 3.5.1
x-jsd-version-type: version
etag: W/"15d84-yOHIs4bcW3qRhMdjyI0Zo0brM0I"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 04 Oct 2022 15:59:09 GMT
age: 12058933
x-served-by: cache-fra19132-FRA, cache-bma1623-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30948
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30948
Md5:    bbc8f6114a362db58499472704e99604
Sha1:   460b78a75ac45d4ad1c77c1d483b7e12439a3628
Sha256: 4f54c477fb39f3cc3997ce3ea3be84208836c160aab8be38339d699b5138486a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:59:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:59:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 15:29:33 GMT
Expires: Tue, 04 Oct 2022 16:18:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yjI9KOYOjnaWRbm6sfKZJRgAHX1fKIbgA8wQ7GUiuXozrjby4IvJiw==
Age: 1776


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:59:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "04606A0B07F2F635639CFFAFB39AC2F78E62166D"
Expires: Wed, 05 Oct 2022 03:00:00 GMT
Last-Modified: Tue, 04 Oct 2022 15:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 176
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754f1f8269fab51b-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    69a23f4f8e38e4c87fe92294a4cb39a6
Sha1:   155a5326306460e65efd9f278e6b3ee8dc35f09e
Sha256: dbe189577441a6affbf735207b66d4e02f350799021c5a76e39c6320cbe23fee
                                        
                                            GET /gtag/js?id=UA-19682996-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 15:59:09 GMT
expires: Tue, 04 Oct 2022 15:59:09 GMT
cache-control: private, max-age=900
last-modified: Tue, 04 Oct 2022 15:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42395
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   42395
Md5:    d726092e280db6ecf61e3a33f329bfaf
Sha1:   2b4ed5e1abb7baec4cf1114604cd1e4df3d646e5
Sha256: e075dfa93a2d3c9277e7ad49281fee964ab1db7c6a32bd76f6725c220400ec79
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:59:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4198
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 15:59:09 GMT
Last-Modified: Tue, 04 Oct 2022 14:49:11 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:59:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /dist/img/pryamuemo-razom-logo.svg HTTP/1.1 
Host: activecitizens.in.ua
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/project1.xls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.4.104.103
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Last-Modified: Mon, 25 Jan 2021 18:57:26 GMT
Accept-Ranges: bytes
ETag: "8bb1fec4bf3d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 15:59:09 GMT
Content-Length: 12516


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1524)
Size:   12516
Md5:    b2975a8c3d5eeef1e1353d8dfccca0ad
Sha1:   e2baa5b8a03bcfa847feb83732c466a07a921dac
Sha256: be14ff4b090088fba21447b1e70e941bf63eca28a8abc40c2bf6a36631123227

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /dist/img/mitsna_hromada.png HTTP/1.1 
Host: activecitizens.in.ua
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/project1.xls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.4.104.103
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Sun, 24 Jan 2021 06:57:10 GMT
Accept-Ranges: bytes
ETag: "0a7c0221ef2d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 15:59:09 GMT
Content-Length: 104207


--- Additional Info ---
Magic:  PNG image data, 500 x 233, 8-bit/color RGBA, non-interlaced\012- data
Size:   104207
Md5:    7525c47fdb2e2451d979300e819a3ead
Sha1:   dd60cec0a418b639e227715abfba2bdcaf5c887a
Sha256: 0561cb07fa31e130df90624ece635474c87a3739925d3a8e2f47313c0d92d2f7
                                        
                                            GET /dist/img/Molodizhna-platforma.png HTTP/1.1 
Host: activecitizens.in.ua
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/project1.xls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.4.104.103
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Sun, 24 Jan 2021 06:57:22 GMT
Accept-Ranges: bytes
ETag: "0b5e7291ef2d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 15:59:09 GMT
Content-Length: 72073


--- Additional Info ---
Magic:  PNG image data, 500 x 281, 8-bit/color RGBA, non-interlaced\012- data
Size:   72073
Md5:    54f553c730477875c53df31f8f4a6b1f
Sha1:   6a605937559d96367bac890b4da69d25d10d6672
Sha256: fdbc90146fcc038d9578b3726f71864a113ab1ff03a504e8c59e16bdcc6eb5b7
                                        
                                            GET /dist/fonts/apercu-regular-pro.woff2 HTTP/1.1 
Host: activecitizens.in.ua
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://activecitizens.in.ua/dist/css/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         46.4.104.103
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Last-Modified: Fri, 15 Jan 2021 06:54:42 GMT
Accept-Ranges: bytes
ETag: "0e5d14cbebd61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 15:59:09 GMT
Content-Length: 47512


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 47512, version 1.0\012- data
Size:   47512
Md5:    2333a1d21f530639dd033e144c5fd2fb
Sha1:   417e985b5e4833b1ac6f53f0e49f429420fc9888
Sha256: e7f9f03b575a718693645cfd1184c7af2baf85d940df3f5925716fb2b5c22657

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /dist/img/ac_logo2.svg HTTP/1.1 
Host: activecitizens.in.ua
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/project1.xls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.4.104.103
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Last-Modified: Tue, 19 Jan 2021 22:41:15 GMT
Accept-Ranges: bytes
ETag: "b1191332b4eed61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 15:59:09 GMT
Content-Length: 3004


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (667)
Size:   3004
Md5:    8b8169fef2a44bc9905b8cce8b7b0f1f
Sha1:   71f4291991b7467cb1332e38f0d499af45539a0d
Sha256: 56a8b34490d916eed724823b71d48d378e540511df627cbf37a3640d0bc4d740

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /dist/fonts/apercu-bold-pro.woff2 HTTP/1.1 
Host: activecitizens.in.ua
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://activecitizens.in.ua/dist/css/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         46.4.104.103
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Last-Modified: Fri, 15 Jan 2021 06:54:42 GMT
Accept-Ranges: bytes
ETag: "0e5d14cbebd61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 15:59:09 GMT
Content-Length: 46660


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 46660, version 1.0\012- data
Size:   46660
Md5:    ea96e87226e7edc6d46a59d76e2055f5
Sha1:   43c575af65cee3f30c553f22a37f06e81c34b8d6
Sha256: 47a6d427b9f549f52ec7103a6ad5ce45c0f69e29b740eb88be8dfa053db21441

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /dist/img/platforma.png HTTP/1.1 
Host: activecitizens.in.ua
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/project1.xls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.4.104.103
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Sun, 24 Jan 2021 07:13:00 GMT
Accept-Ranges: bytes
ETag: "026ff5820f2d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 15:59:09 GMT
Content-Length: 8814


--- Additional Info ---
Magic:  PNG image data, 500 x 78, 8-bit/color RGBA, non-interlaced\012- data
Size:   8814
Md5:    ea7a447d8fb340bed73372014283a7b4
Sha1:   713fbadc000470ee265b12c3dd73e69019647e7b
Sha256: d7f8f8a6329ef5b833de8d9707b733d532a99d3eb52aad5a35502b9b622e0b33
                                        
                                            GET /dist/img/british_council.png HTTP/1.1 
Host: activecitizens.in.ua
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/project1.xls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.4.104.103
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Sun, 24 Jan 2021 06:56:46 GMT
Accept-Ranges: bytes
ETag: "08b72141ef2d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 15:59:09 GMT
Content-Length: 20650


--- Additional Info ---
Magic:  PNG image data, 500 x 142, 8-bit/color RGBA, non-interlaced\012- data
Size:   20650
Md5:    e8ed00b507d3a19688422e4be7d29565
Sha1:   28e05749dd882cec018800d2a2a00550d8148be1
Sha256: 16829cf0fb7a8256f21db4cf4ea08e0eb6bd1ec72536e03df34b5006bc1e7865
                                        
                                            GET /dist/img/pryamuemo_razom.png HTTP/1.1 
Host: activecitizens.in.ua
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/project1.xls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.4.104.103
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Mon, 15 Feb 2021 20:13:15 GMT
Accept-Ranges: bytes
ETag: "c4ed7ffed63d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 15:59:09 GMT
Content-Length: 23231


--- Additional Info ---
Magic:  PNG image data, 500 x 119, 8-bit/color RGB, non-interlaced\012- data
Size:   23231
Md5:    870068df6094252528e4b407dc7739d6
Sha1:   41b5978c2026707ab09f995eecf2374ce4324697
Sha256: a683b4e5311601822ced449db1087c61faf64e408c3bc327e9b2064791c66811
                                        
                                            GET /dist/img/pictoric.png HTTP/1.1 
Host: activecitizens.in.ua
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/project1.xls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.4.104.103
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Sat, 27 Mar 2021 17:53:27 GMT
Accept-Ranges: bytes
ETag: "736321173223d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 15:59:09 GMT
Content-Length: 8946


--- Additional Info ---
Magic:  PNG image data, 500 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size:   8946
Md5:    68bce35abd4f176523662965f3caa668
Sha1:   b1040d27c55bd1d26a5b9de6bc3f66de4c483f20
Sha256: cce3a5d3dffacf968a90853b8a716977cf7ba8f579bacfe62031a35ce10c39c4
                                        
                                            GET /dist/img/objednannya.png HTTP/1.1 
Host: activecitizens.in.ua
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/project1.xls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.4.104.103
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Sun, 24 Jan 2021 06:58:48 GMT
Accept-Ranges: bytes
ETag: "0442a5d1ef2d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 15:59:09 GMT
Content-Length: 36079


--- Additional Info ---
Magic:  PNG image data, 500 x 170, 8-bit/color RGBA, non-interlaced\012- data
Size:   36079
Md5:    816c21a2b116cd3a6c85a1cdd1db56f8
Sha1:   e3b4582d48fac1e162ce8ce173a538551f86ea41
Sha256: 2e39a23a570c8995dc3eb9c3f3bcb6022551fe23559c875a2019de3b780b7591
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eAzeabl2ob3Qs9OjcjiGhw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.215.91.121
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: idLFnfAq43gwKMxxokNMk027Wrc=

                                        
                                            GET /dist/img/ac_teaser.png HTTP/1.1 
Host: activecitizens.in.ua
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/project1.xls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.4.104.103
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Tue, 19 Jan 2021 08:26:52 GMT
Accept-Ranges: bytes
ETag: "9c3eb1d63ceed61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 15:59:09 GMT
Content-Length: 740516


--- Additional Info ---
Magic:  PNG image data, 2000 x 1100, 8-bit/color RGBA, non-interlaced\012- data
Size:   740516
Md5:    00fc34800aa8e9ed5ea4cae5f17a11c7
Sha1:   d2a2e1e1c11840c66c6b01f47e11720aa816adfa
Sha256: 9ae591d487234ac74517ba6e17a77e85eb6f83bc381307d280d8bbe5e3c6ae4c
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 04 Oct 2022 14:41:09 GMT
expires: Tue, 04 Oct 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 4680
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: activecitizens.in.ua
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/project1.xls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.4.104.103
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/7.1.29, ASP.NET
Date: Tue, 04 Oct 2022 15:59:09 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8282), with CRLF line terminators
Size:   101809
Md5:    f1079607f308d936ce3b33705f09fda5
Sha1:   e3881dfcf2413bf4fcc5a14667a8fd747ae2117f
Sha256: a54e5a090901758d21875f83beed4a46231b67f000bc938055509d4855ff591c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:59:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-19682996-1&cid=626454974.1664899149&jid=1741320010&gjid=1230174842&_gid=1848728588.1664899149&_u=YEBAAUAAAAAAACAAI~&z=1169437688 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://activecitizens.in.ua
Connection: keep-alive
Referer: https://activecitizens.in.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         74.125.131.154
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://activecitizens.in.ua
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Oct 2022 15:59:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:59:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:59:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:59:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-19682996-1&cid=626454974.1664899149&jid=1741320010&_u=YEBAAUAAAAAAACAAI~&z=1073146645 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 15:59:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-19682996-1&cid=626454974.1664899149&jid=1741320010&_u=YEBAAUAAAAAAACAAI~&z=1073146645 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 15:59:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:59:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 15:59:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4457
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 15:59:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4457
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 15:59:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4457
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 15:59:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4457
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 15:59:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4457
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 15:59:10 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:53 GMT
age: 40577
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 64996
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 64944
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4858
Md5:    6779181f9c06975f2a662da743893939
Sha1:   585e7146fd24cdc2496b05baafea04091dc541e2
Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tJwzKfs7HnQ7dVcINwnlzxTChXiEi4JPj8jrS8p5KhurRx_o3ZVOZQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
age: 64091
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11955
Md5:    54b3ef7aa50273b78b59c24511b0c1f9
Sha1:   e2ea2ef6805e391c497e62e101e76a0bdecfce64
Sha256: 296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 62991
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5504
Md5:    6c6882c60d7ca6f918c77104e3ad1d52
Sha1:   20ef861be49c652a938e0145e4ca3a60159367e2
Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5adb9dd0-c21d-4cd0-8ffd-04efc8b9dc4b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16247
x-amzn-requestid: b81ea53b-2591-4c86-b019-d0f1a330c1db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTHR3oAMF6eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-43713e23070d4d935033616a;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: s4l1Qez6weaSsAf-StBGbZb2B3YS2d53YC19MWvHVkMjJ53OCVWpOQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:44 GMT
age: 64946
etag: "b5103d52781a6a139cb87fbcd41757d79347bc97"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16247
Md5:    d0bf28d3c594b68bdaff2db4a30c479a
Sha1:   b5103d52781a6a139cb87fbcd41757d79347bc97
Sha256: c9c0e66132efff0ba7fda3a5ff771a089d36b9566aac0cd3b1ccde3adc67b043
                                        
                                            GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://activecitizens.in.ua
Connection: keep-alive
Referer: https://activecitizens.in.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.11.207
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 15:59:09 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/20/2022 02:32:25
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: ddcf86647f57ab3fc3436522a8509e89
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 754f1f819c120af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Open+Sans:wght@400;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://activecitizens.in.ua/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 15:59:09 GMT
date: Tue, 04 Oct 2022 15:59:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://activecitizens.in.ua
Connection: keep-alive
Referer: https://activecitizens.in.ua/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.11.207
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Tue, 04 Oct 2022 15:59:09 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/20/2022 02:36:43
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 06df9f9deb43898936713ac46e863c6f
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 754f1f816bd80af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---