r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12144
Expires: Mon, 05 Dec 2022 05:06:25 GMT
Date: Mon, 05 Dec 2022 01:44:01 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 120
Cache-Control: max-age=118156
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:01 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:33:17 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 01:20:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1431
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3743
Expires: Mon, 05 Dec 2022 02:46:24 GMT
Date: Mon, 05 Dec 2022 01:44:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Rq+r+YeZgSeXtpghhg15P5C48Dtv3Q63T2gyLbmgejkwyniaJQ0JnXbHiAcX8499ujKUcu6uDd8+yiqPtV+ZKw==
x-amz-request-id: DYA88STF9ZJEGP8P
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 00:47:11 GMT
age: 3410
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 01:44:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 01:11:19 GMT
cache-control: public,max-age=3600
age: 1962
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 129
Cache-Control: max-age=113098
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:02 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:09:00 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.208.34.131101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.34.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xejDkrHZ18Cm4TWcNet3Cg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VQOSRT70qF7gG7eaWb9HY/zOeNc=
kmaecm.edu.ua/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
91.239.232.46200 OK 15 kB URL HTTP/1.1 kmaecm.edu.ua/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type ASCII text, with very long lines (43771)
Hash d38b2c323cba671cbd72a73d7cbaea08
a46c95529ed5782a1995a0f21acf9ddf36c315a7
bcefa1e059a6ebc5ad82b911d47095bd272f56218e30c556b48e4424ad590a5d
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: text/css
Last-Modified: Wed, 13 Jul 2022 05:52:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62ce5d9e-15b64"
Expires: Wed, 04 Jan 2023 01:44:02 GMT
Pragma: public
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Content-Encoding: gzip
kmaecm.edu.ua/wp-content/plugins/embed-any-document/css/embed-public.min.css?ver=2.7.1
91.239.232.46200 OK 464 B URL HTTP/1.1 kmaecm.edu.ua/wp-content/plugins/embed-any-document/css/embed-public.min.css?ver=2.7.1
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type ASCII text, with very long lines (1217), with no line terminators
Hash a1e42ac447a8ff59524e3ff57333bc2a
f9f63c3eac6aa6a232168e2898e0eaf0f23191ba
62c10e7e3b6372d761e52d17a497d260e47e34ea7b8220bdf25d1d6a51bfe7cf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/embed-any-document/css/embed-public.min.css?ver=2.7.1 HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: text/css
Last-Modified: Fri, 11 Feb 2022 13:26:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62066407-4c1"
Expires: Wed, 04 Jan 2023 01:44:02 GMT
Pragma: public
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Content-Encoding: gzip
kmaecm.edu.ua/wp-content/plugins/cforms2/styling/minimal.css?ver=15.0.4
91.239.232.46200 OK 1.8 kB URL HTTP/1.1 kmaecm.edu.ua/wp-content/plugins/cforms2/styling/minimal.css?ver=15.0.4
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
Hash d5d11aa60bfd96da7817d6bfaf2ba456
eb5f245f6fc67180a6d1342fd47da2b68b698144
c13ee3c8bde87f826ef87575eb9e264d7cb2242c3525ac4a7c80250a8850b7b9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cforms2/styling/minimal.css?ver=15.0.4 HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: text/css
Last-Modified: Tue, 02 Feb 2021 16:05:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6019785c-1a5c"
Expires: Wed, 04 Jan 2023 01:44:02 GMT
Pragma: public
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Content-Encoding: gzip
kmaecm.edu.ua/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.0.5
91.239.232.46200 OK 620 B URL HTTP/1.1 kmaecm.edu.ua/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.0.5
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type ASCII text, with CRLF line terminators
Hash e9a7dc572b73204fb88dfbe36f079b29
2de94431dfda0ef3c9b5038ea4b75c27ecfc57e7
ced218fe5217b5cb16311d7a528036b703c1edab4ce088e2ae7b5b49a3f630d6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.0.5 HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: text/css
Last-Modified: Thu, 08 Sep 2022 05:43:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6319810d-688"
Expires: Wed, 04 Jan 2023 01:44:02 GMT
Pragma: public
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Content-Encoding: gzip
kmaecm.edu.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
91.239.232.46200 OK 4.6 kB URL HTTP/1.1 kmaecm.edu.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type ASCII text, with very long lines (11126)
Hash 413654fdfa9b24fbd3d747482e3971c9
c23c501d5f668cd83443a4847197717536d55ab8
48470f972b6a6afef4cdb0177dae59d5c891353d995e76c47c9cb142fe45766e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: application/javascript
Last-Modified: Tue, 02 Feb 2021 16:34:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60197f0f-2bd8"
Expires: Wed, 04 Jan 2023 01:44:02 GMT
Pragma: public
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Content-Encoding: gzip
kmaecm.edu.ua/wp-content/themes/yootheme/css/theme.1.css?ver=1655207910
91.239.232.46200 OK 43 kB URL HTTP/1.1 kmaecm.edu.ua/wp-content/themes/yootheme/css/theme.1.css?ver=1655207910
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type Unicode text, UTF-8 text, with very long lines (64610)
Hash 2c389ad19173b13813511ef766cf3078
30b097df025235b5ec0da1c064bf18e5be583aba
5d1ab56e6e77fea45d959fa6276df5beaf825104c856b1515f42f1a0ca7e67a8
GET /wp-content/themes/yootheme/css/theme.1.css?ver=1655207910 HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: text/css
Last-Modified: Tue, 14 Jun 2022 11:58:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62a877e6-47a5b"
Expires: Wed, 04 Jan 2023 01:44:02 GMT
Pragma: public
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Content-Encoding: gzip
kmaecm.edu.ua/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.0.5
91.239.232.46200 OK 1.4 kB URL HTTP/1.1 kmaecm.edu.ua/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.0.5
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type HTML document, ASCII text, with very long lines (570), with CRLF line terminators
Hash ced7042c19fc893ed4902f25ee42e971
f438cea4f47e6d745d6c08b95a3fa4b5828d2689
023217b86b8aea97b9bd3ca99c3e278aa6d9ec1c4eb31320802882fa93e3e961
GET /wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.0.5 HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: application/javascript
Last-Modified: Thu, 08 Sep 2022 05:43:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6319810d-bd7"
Expires: Wed, 04 Jan 2023 01:44:02 GMT
Pragma: public
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Content-Encoding: gzip
kmaecm.edu.ua/wp-content/plugins/cforms2/js/cforms.js?ver=15.0.4
91.239.232.46200 OK 5.2 kB URL HTTP/1.1 kmaecm.edu.ua/wp-content/plugins/cforms2/js/cforms.js?ver=15.0.4
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type HTML document, ASCII text
Hash 643183dbd3f2c69e5cf4896bb4cf2ab8
eff44df4c8c27aeeb55541c3c54b2b054965abc2
148a64e769c1fe53f0d6ba4b45df59827565bc73a9ebd40bc68426c0ce8b6fb4
GET /wp-content/plugins/cforms2/js/cforms.js?ver=15.0.4 HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: application/javascript
Last-Modified: Tue, 02 Feb 2021 16:05:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6019785b-4af3"
Expires: Wed, 04 Jan 2023 01:44:02 GMT
Pragma: public
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Content-Encoding: gzip
kmaecm.edu.ua/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
91.239.232.46200 OK 36 kB URL HTTP/1.1 kmaecm.edu.ua/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type ASCII text, with very long lines (65447)
Hash 96abbf76656116141973b0e86cfdc079
632869104394321388fe091bc71ad680a595257a
effb21a3afbf333abb2db6cfa76fffcd758f9c043f09251db1872355c1443012
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: application/javascript
Last-Modified: Thu, 22 Jul 2021 06:16:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60f90d24-15db1"
Expires: Wed, 04 Jan 2023 01:44:02 GMT
Pragma: public
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Content-Encoding: gzip
kmaecm.edu.ua/wp-content/themes/yootheme/vendor/yootheme/theme-analytics/app/analytics.min.js?ver=2.7.22
91.239.232.46200 OK 522 B URL HTTP/1.1 kmaecm.edu.ua/wp-content/themes/yootheme/vendor/yootheme/theme-analytics/app/analytics.min.js?ver=2.7.22
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type ASCII text, with very long lines (470)
Hash ca2366f8452590080824ebde08229ed9
abf1c973b3fe3ed3bd2b8a141faf06b666c0edd4
b3a0a93e8936bc6747f31a0a4074cd8246aefc1c81fb83ce240928282b211c32
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/yootheme/vendor/yootheme/theme-analytics/app/analytics.min.js?ver=2.7.22 HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: application/javascript
Content-Length: 522
Last-Modified: Thu, 12 May 2022 08:35:43 GMT
Connection: keep-alive
ETag: "627cc6df-20a"
Expires: Wed, 04 Jan 2023 01:44:02 GMT
Pragma: public
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
kmaecm.edu.ua/wp-content/themes/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?ver=2.7.22
91.239.232.46200 OK 53 kB URL HTTP/1.1 kmaecm.edu.ua/wp-content/themes/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?ver=2.7.22
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7d53ba973c2ff84baf82f3cbb6a04df2
2cddf00ec005c10f4eb0c382194596b22d288877
34aa63b1e5468b16344c74d07679e22846fd8e5d4e760572081bd686e73d5d22
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?ver=2.7.22 HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 May 2022 08:35:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"627cc6e1-21f5f"
Expires: Wed, 04 Jan 2023 01:44:02 GMT
Pragma: public
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Content-Encoding: gzip
kmaecm.edu.ua/wp-content/themes/yootheme/js/theme.js?ver=2.7.22
91.239.232.46200 OK 869 B URL HTTP/1.1 kmaecm.edu.ua/wp-content/themes/yootheme/js/theme.js?ver=2.7.22
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type ASCII text, with very long lines (1762)
Hash 2df6d497b7de69c74cf66b72dc4e1d0c
bcf19ad9ada81f39afbac1ad196b2ae76f83308b
6c779cf07ae4aa57f783fee11b72a291f87c5c698b3941e04a6bf47fb2b0c4e8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/yootheme/js/theme.js?ver=2.7.22 HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 May 2022 08:35:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"627cc6e3-716"
Expires: Wed, 04 Jan 2023 01:44:02 GMT
Pragma: public
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Content-Encoding: gzip
kmaecm.edu.ua/wp-content/plugins/cforms2/cforms-common.css
91.239.232.46200 OK 794 B URL HTTP/1.1 kmaecm.edu.ua/wp-content/plugins/cforms2/cforms-common.css
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
Hash e7933b3c1c001eea5721c609485d3e91
8262146d95dfeb68bd09617e2aa0d6359624c144
c7c2b95dc77a6e895eaad26b7ec23a2eaf26eda07830e02097a3e1515b5eab4b
GET /wp-content/plugins/cforms2/cforms-common.css HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/wp-content/plugins/cforms2/styling/minimal.css?ver=15.0.4
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: text/css
Content-Length: 794
Last-Modified: Tue, 02 Feb 2021 16:05:43 GMT
Connection: keep-alive
ETag: "60197857-31a"
Expires: Wed, 04 Jan 2023 01:44:02 GMT
Pragma: public
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
kmaecm.edu.ua/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
91.239.232.46200 OK 5.8 kB URL HTTP/1.1 kmaecm.edu.ua/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type ASCII text, with very long lines (15660)
Hash 9821563af79d0fbd798c5a96f11cb775
d7ad769f21b6cdbd3602ba2512449e5febe7a2ee
3a372dc0de21ae3d1a2e8d08c2d38599823eb332d06f35ec1eefd1afbbbe9f12
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: application/javascript
Last-Modified: Thu, 26 May 2022 08:36:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"628f3c07-48b9"
Expires: Wed, 04 Jan 2023 01:44:02 GMT
Pragma: public
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Content-Encoding: gzip
kmaecm.edu.ua/wp-content/themes/yootheme/vendor/assets/uikit/dist/js/uikit-icons-paladin.min.js?ver=2.7.22
91.239.232.46200 OK 21 kB URL HTTP/1.1 kmaecm.edu.ua/wp-content/themes/yootheme/vendor/assets/uikit/dist/js/uikit-icons-paladin.min.js?ver=2.7.22
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6c5656045a191c10969dd5f38efb3e5c
92523e120fc0ea50142d571083d6597aac826fcc
7dc6fb8af2b1a904c9ac8b9bed6cfe6523b69a0b3f2ff3745abab77680910fe8
GET /wp-content/themes/yootheme/vendor/assets/uikit/dist/js/uikit-icons-paladin.min.js?ver=2.7.22 HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 May 2022 08:35:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"627cc6e1-104dd"
Expires: Wed, 04 Jan 2023 01:44:02 GMT
Pragma: public
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Content-Encoding: gzip
kmaecm.edu.ua/en/home-english
91.239.232.46200 OK 22 kB URL HTTP/1.1 kmaecm.edu.ua/en/home-english
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 40f5116bbda3b2a05c1fa272f62351f3
9daef371dea5d9f8db01d019e06167499dbc1e04
8381f3b38935a82b6206ef0c7cb6a1b9bea37bed64b51ace490ac5df32ba8ada
Analyzer Verdict Alert fortinet Malware
GET /en/home-english HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.29
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Link: <https://kmaecm.edu.ua/wp-json/>; rel="https://api.w.org/", <https://kmaecm.edu.ua/wp-json/wp/v2/pages/1893>; rel="alternate"; type="application/json", <https://kmaecm.edu.ua/>; rel=shortlink
Set-Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460; path=/
Content-Encoding: gzip
kmaecm.edu.ua/wp-content/uploads/2020/12/logo_kmaeczm_alone.svg
91.239.232.46200 OK 220 kB URL HTTP/1.1 kmaecm.edu.ua/wp-content/uploads/2020/12/logo_kmaeczm_alone.svg
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size 220 kB (219805 bytes)
Hash 4f3e6e2c0ff15fbe836578c6cd256358
4c9ded23c691fabc811ca95b91382d83152251e9
3c56dd3ed814ba567ab6e2d47f59c0964d1027b3c40871a31495bdfac3e5fcdf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2020/12/logo_kmaeczm_alone.svg HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 Feb 2021 16:27:09 GMT
Content-Encoding: gzip
kmaecm.edu.ua/wp-content/plugins/embed-any-document/js/embed-public.min.js?ver=2.7.1
91.239.232.46200 OK 584 B URL HTTP/1.1 kmaecm.edu.ua/wp-content/plugins/embed-any-document/js/embed-public.min.js?ver=2.7.1
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type ASCII text, with very long lines (1175), with no line terminators
Hash 3e65daedb69e19ad0af0d4624700ecb2
f3d4e86af356a42aa0d084248f80baea1c3e8699
4c59e7894c0e2da6d1157f60e0cd41883f65038145ab00aa7b02898da9b6faf4
GET /wp-content/plugins/embed-any-document/js/embed-public.min.js?ver=2.7.1 HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 11 Feb 2022 13:26:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62066407-497"
Expires: Wed, 04 Jan 2023 01:44:02 GMT
Pragma: public
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Content-Encoding: gzip
kmaecm.edu.ua/wp-content/plugins/embed-any-document/js/pdfobject.min.js?ver=2.7.1
91.239.232.46200 OK 1.8 kB URL HTTP/1.1 kmaecm.edu.ua/wp-content/plugins/embed-any-document/js/pdfobject.min.js?ver=2.7.1
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type HTML document, ASCII text, with very long lines (3616)
Hash 71457bdcbd270fa0366777f51822200e
f388dbc9d15ae95b9ef213027e9c03e322924b21
546034c38cdf1ea1bfd9be7dcb3265905d51425dd52b7bc165a4b2cb3ebd3816
GET /wp-content/plugins/embed-any-document/js/pdfobject.min.js?ver=2.7.1 HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 11 Feb 2022 13:26:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62066407-f39"
Expires: Wed, 04 Jan 2023 01:44:02 GMT
Pragma: public
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kmaecm.edu.ua/wp-content/uploads/2020/12/logo_kmaeczm-1.svg
91.239.232.46200 OK 226 kB URL HTTP/1.1 kmaecm.edu.ua/wp-content/uploads/2020/12/logo_kmaeczm-1.svg
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size 226 kB (226409 bytes)
Hash 18bf8e60b6ec3c21ee736eda199eaae2
db57bd40d4f41ccd6b9c8863e5bad15be39668cc
00b06ef1e552afaeab622ec9e716d9c94375ce73fed1c4ab82c6c04a4db71b71
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2020/12/logo_kmaeczm-1.svg HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 Feb 2021 16:27:08 GMT
Content-Encoding: gzip
kmaecm.edu.ua/wp-content/themes/yootheme/fonts/font-4f2f472b.woff2
91.239.232.46200 OK 19 kB URL HTTP/1.1 kmaecm.edu.ua/wp-content/themes/yootheme/fonts/font-4f2f472b.woff2
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type Web Open Font Format (Version 2), TrueType, length 19420, version 1.0\012- data
Hash aeb4b1bfc96bce2be7d95d9917d8cccb
aa4746d5fe452a67e0fb02d83ea1e21d0017f8ea
f8ec7711567669ddcd7e7b165a1600d0e7a4b91eb18ac53d2428076fa9b2de0c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/yootheme/fonts/font-4f2f472b.woff2 HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kmaecm.edu.ua/wp-content/themes/yootheme/css/theme.1.css?ver=1655207910
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: font/woff2
Content-Length: 19420
Connection: keep-alive
Last-Modified: Tue, 02 Feb 2021 16:12:04 GMT
Accept-Ranges: bytes
kmaecm.edu.ua/wp-content/themes/yootheme/fonts/font-5078671a.woff2
91.239.232.46200 OK 20 kB URL HTTP/1.1 kmaecm.edu.ua/wp-content/themes/yootheme/fonts/font-5078671a.woff2
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type Web Open Font Format (Version 2), TrueType, length 20084, version 1.0\012- data
Hash c8696f38f823e82d8c9142839d0e5d5f
7ec152b6c7b584ae51cc57ee24851d0a7050075b
01897222cb646d05ba2e985322e32cd3ffaad6e80c155e9beb300c62ea732706
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/yootheme/fonts/font-5078671a.woff2 HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kmaecm.edu.ua/wp-content/themes/yootheme/css/theme.1.css?ver=1655207910
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:02 GMT
Content-Type: font/woff2
Content-Length: 20084
Connection: keep-alive
Last-Modified: Tue, 02 Feb 2021 16:12:04 GMT
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-F0EJN718D7
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-F0EJN718D7
IP 142.250.74.168:0
File type ASCII text, with very long lines (20080)
Hash 74a11ff85022f9f51064a9d4f42ef4d7
76a14883c89c171a929ceb106de826fcd6765da6
adf198766ce6c3f8395e6886c58ad0540db30fdb6f767c949721a7250f0a008d
GET /gtag/js?id=G-F0EJN718D7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kmaecm.edu.ua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 01:44:03 GMT
expires: Mon, 05 Dec 2022 01:44:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76335
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kmaecm.edu.ua/wp-content/themes/yootheme/cache/colorful-shapes-vibrant-and-dynamic-electronics-and-technology-retractable-exhibition-banner-3-bad3ee87.webp
91.239.232.46200 OK 2.0 MB URL HTTP/1.1 kmaecm.edu.ua/wp-content/themes/yootheme/cache/colorful-shapes-vibrant-and-dynamic-electronics-and-technology-retractable-exhibition-banner-3-bad3ee87.webp
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 5120x1706, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 2.0 MB (2021164 bytes)
Hash 88e423db392b46b39adccd7e18bcb33d
c13e7bab7c90a5081394444c9c33c23db1f3b6fb
fdd0e35624a1add41e46bf09357c6d94a015d636b1a245abb081eb54cc1fd18d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/yootheme/cache/colorful-shapes-vibrant-and-dynamic-electronics-and-technology-retractable-exhibition-banner-3-bad3ee87.webp HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460; pll_language=en
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:03 GMT
Content-Type: image/webp
Content-Length: 2021164
Connection: keep-alive
Last-Modified: Thu, 12 May 2022 08:55:08 GMT
Accept-Ranges: bytes
kmaecm.edu.ua/wp-content/themes/yootheme/cache/colorful-shapes-vibrant-and-dynamic-electronics-and-technology-retractable-exhibition-banner-2-1-b2c49b36.webp
91.239.232.46200 OK 2.0 MB URL HTTP/1.1 kmaecm.edu.ua/wp-content/themes/yootheme/cache/colorful-shapes-vibrant-and-dynamic-electronics-and-technology-retractable-exhibition-banner-2-1-b2c49b36.webp
IP 91.239.232.46:0
ASN #196645 Ltd Hostpro Lab
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 5120x1706, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 2.0 MB (1972956 bytes)
Hash 24a348426e443105d7cedc5d144e5b26
f855de693ba7d48820cf70123af06fe8b765eb80
f83752bfa0e42ba6323d623d6541dc13e6f4c7c16660e057c4eef93975364eaf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/yootheme/cache/colorful-shapes-vibrant-and-dynamic-electronics-and-technology-retractable-exhibition-banner-2-1-b2c49b36.webp HTTP/1.1
Host: kmaecm.edu.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kmaecm.edu.ua/en/home-english
Cookie: PHPSESSID=575a3a66289afd1debf47bfe442c9460; pll_language=en
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 01:44:03 GMT
Content-Type: image/webp
Content-Length: 1972956
Connection: keep-alive
Last-Modified: Thu, 12 May 2022 08:55:09 GMT
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10519
Expires: Mon, 05 Dec 2022 04:39:22 GMT
Date: Mon, 05 Dec 2022 01:44:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10519
Expires: Mon, 05 Dec 2022 04:39:22 GMT
Date: Mon, 05 Dec 2022 01:44:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10519
Expires: Mon, 05 Dec 2022 04:39:22 GMT
Date: Mon, 05 Dec 2022 01:44:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10519
Expires: Mon, 05 Dec 2022 04:39:22 GMT
Date: Mon, 05 Dec 2022 01:44:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F206a2aa2-193a-45ee-9210-82fa22154882.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F206a2aa2-193a-45ee-9210-82fa22154882.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe33ecc20db57514c51c90694efebb16
e00b8b1bc1f98df439a264d1cd881e1021d7fdd5
9b0e56806a9f4e7458b58c29ec2050faebcded4ff1c4ef430733171ddae68cb7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F206a2aa2-193a-45ee-9210-82fa22154882.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7396
x-amzn-requestid: c7621897-64ac-4eb2-b25a-f9ea2e7059a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKVyFr5IAMF8QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdbe-4383156307fcd0da5022d553;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tyEtTMK1H4Sl1eKyySi7qu2CJokOzMaLj0fLriYd01UWNCyS44zC5g==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 05:07:02 GMT
age: 74221
etag: "e00b8b1bc1f98df439a264d1cd881e1021d7fdd5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb029b41d342a82250aef6d6f713be6e
cd754bb6094d2e456b95dce8daace45a0de8a121
c16e364547c9e7a3c487b614073d59c7c495c5e5387b75136afab0dc68bebca4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10031
x-amzn-requestid: ca6c11c5-8842-4ffb-bb9e-5351c4e60c5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjY0CGUVIAMFxog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ad4e6-4282be9f505aa5764e9b1fa2;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 04:47:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8QEt6AHIT6gkW2X3RUuu1-K3lPlgjio-cckhiwppWK7vujPlBHrG7Q==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 18:59:33 GMT
age: 24270
etag: "cd754bb6094d2e456b95dce8daace45a0de8a121"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0402b0c3474a5bd3b1ba804528b64a8
2d47af0fb664d9fec52549bb3bdba1dfd8911bb2
7f87af77663b8bf22211e135554ada8865cdcf6499e9fcf0f3442b10ca3984e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5276
x-amzn-requestid: d337310e-59be-4268-bfd0-8cc4f2c91a11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_soE98IAMF0aA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-230591591f8fd0984c222549;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x7xrn7E3aUdw75Br3B_GcqRhg-i5FcqG2NRMo4Pa5VhqjblbsvcgDg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 14148
etag: "2d47af0fb664d9fec52549bb3bdba1dfd8911bb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1be5ade2f8eb160f9974766374c9dd01
8d3d92355304ccfcd50ae96f55b2754220f05187
5087642c70cd92613c2a490b532fc7651c4b25f8712a59b4f7a178cc44cdf90f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6827
x-amzn-requestid: d4dfc77c-65cc-46f1-b8a3-ea6cebd0976d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYE2woAMFgPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-639ca0813c23b9cb75ff24c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lhweRJZbG0P_lxekUIz506RXW5f9iVQ1Cvfg-k3gJTWHIrzTu2uenQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 04:50:02 GMT
age: 75241
etag: "8d3d92355304ccfcd50ae96f55b2754220f05187"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tsL8hmcWaBeKYVG2b4g7ebl-sQ0Z5jZaexEfvldfzq9COcOdzqLhUA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 14148
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7bde76a4dbab17f37747e7da55ad924
56ee7aa6cf94570b1218ef6e767a7036d0b8900f
bd8320fe10dc06061008034cfd1ca9f17e941b2b859b8dd12f23bcac35746aab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3707
x-amzn-requestid: e9d4dc01-cb68-471b-8da4-c6f170248387
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_xhEm-IAMFRNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d133c-5414a54751e2569f639d0dea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5XGO_QToLjgti1g7xU6jnUNtcyzzQZtc5pGmHqrtt6zD2dlVAN2BfQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 14148
etag: "56ee7aa6cf94570b1218ef6e767a7036d0b8900f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 273360
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 291800
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-F0EJN718D7>m=2oebu0&_p=1078645079&cid=1891558118.1670204641&ul=en-us&sr=1280x1024&_s=1&sid=1670204641&sct=1&seg=0&dl=http%3A%2F%2Fkmaecm.edu.ua%2Fen%2Fhome-english&dt=Main%20-%20%D0%9A%D0%B8%D1%97%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BC%D1%83%D0%BD%D1%96%D1%86%D0%B8%D0%BF%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%20%D0%B0%D0%BA%D0%B0%D0%B4%D0%B5%D0%BC%D1%96%D1%8F%20%D0%B5%D1%81%D1%82%D1%80%D0%B0%D0%B4%D0%BD%D0%BE%D0%B3%D0%BE%20%D1%82%D0%B0%20%D1%86%D0%B8%D1%80%D0%BA%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D0%BC%D0%B8%D1%81%D1%82%D0%B5%D1%86%D1%82%D0%B2&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-F0EJN718D7>m=2oebu0&_p=1078645079&cid=1891558118.1670204641&ul=en-us&sr=1280x1024&_s=1&sid=1670204641&sct=1&seg=0&dl=http%3A%2F%2Fkmaecm.edu.ua%2Fen%2Fhome-english&dt=Main%20-%20%D0%9A%D0%B8%D1%97%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BC%D1%83%D0%BD%D1%96%D1%86%D0%B8%D0%BF%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%20%D0%B0%D0%BA%D0%B0%D0%B4%D0%B5%D0%BC%D1%96%D1%8F%20%D0%B5%D1%81%D1%82%D1%80%D0%B0%D0%B4%D0%BD%D0%BE%D0%B3%D0%BE%20%D1%82%D0%B0%20%D1%86%D0%B8%D1%80%D0%BA%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D0%BC%D0%B8%D1%81%D1%82%D0%B5%D1%86%D1%82%D0%B2&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-F0EJN718D7>m=2oebu0&_p=1078645079&cid=1891558118.1670204641&ul=en-us&sr=1280x1024&_s=1&sid=1670204641&sct=1&seg=0&dl=http%3A%2F%2Fkmaecm.edu.ua%2Fen%2Fhome-english&dt=Main%20-%20%D0%9A%D0%B8%D1%97%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BC%D1%83%D0%BD%D1%96%D1%86%D0%B8%D0%BF%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%20%D0%B0%D0%BA%D0%B0%D0%B4%D0%B5%D0%BC%D1%96%D1%8F%20%D0%B5%D1%81%D1%82%D1%80%D0%B0%D0%B4%D0%BD%D0%BE%D0%B3%D0%BE%20%D1%82%D0%B0%20%D1%86%D0%B8%D1%80%D0%BA%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D0%BC%D0%B8%D1%81%D1%82%D0%B5%D1%86%D1%82%D0%B2&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip= HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://kmaecm.edu.ua
Connection: keep-alive
Referer: http://kmaecm.edu.ua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://kmaecm.edu.ua
date: Mon, 05 Dec 2022 01:44:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b4c9bc834e851e84ac0f779a505ac0c6
f9746f1a2d68290ba8ba920ec78ecf1602f11eac
a3d9e104fbe02e14a43829a34689265973087658cbb9e7430ab03ed257b6e83f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 01:36:04 GMT
expires: Mon, 05 Dec 2022 01:51:04 GMT
cache-control: public, max-age=900
age: 480
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 05 Dec 2022 01:44:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 68570b7de13c7dfdf686da25ce10d668
61c1304152f11e6a83c383fff8d5e498c4385e6f
537302c07522f4bf1e766fbb1a8da346f59526715a5fcecd3f6aa4817b6b32ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
172.217.21.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 172.217.21.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 05 Dec 2022 01:44:04 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 35c66ab0dafc0ed05c3f2e1b8829e3b7
e8fac7e103462c9cb3fab7ed1c1cfa07813ccd74
09270f5899964b5438d18e198fb9f50ed079fb0ee1c54a9cd668b96abdb8c228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7c9e0bb25e8c28e8b10038806b0a7190
9fa6097aeb8eacde8ba7c9ab80a7a7d2405ae2bc
f4864000960be2f888ed7d2467f74130231fed6f56ad48ff15861f5769e95a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
172.217.21.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 172.217.21.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash ed7ef6348128f28cb9004283d121cdc7
1f148f6455f4b53bc2eea0328109f82e8a76dde9
41f4383a3e7e0ee9b9fe267901e79bfbf899be97ce390d43eef9e6561581cd6c
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 05 Dec 2022 01:44:04 GMT
server: ESF
cache-control: private
content-length: 30869
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
216.58.207.228200 OK 14 kB URL HTTP/2 www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
IP 216.58.207.228:0
File type ASCII text, with very long lines (36143)
Hash a08dfd96c563f96f7d11b4858aecfa13
d9abee2c38b89d3dea85e76bb741bb8f4f993d49
fedde263fa3b4116029d93d0250f5eab845964d5fcf24e40ffbcd9bf292a0db4
GET /js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14211
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 19:18:12 GMT
expires: Sun, 03 Dec 2023 19:18:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
age: 109552
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/rVk_b5DPqS8/maxresdefault.webp
216.58.207.246200 OK 55 kB URL HTTP/2 i.ytimg.com/vi_webp/rVk_b5DPqS8/maxresdefault.webp
IP 216.58.207.246:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 65679e9633d07f54c492736bdaeeb22a
d2ef5a9f0a029559f362ec64d4c8b709c2e93b51
f0af1061942f6988e25cbaf86627a1cc2ab834ba1310957447bdef55acbfd6b0
GET /vi_webp/rVk_b5DPqS8/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 55278
date: Mon, 05 Dec 2022 01:44:04 GMT
expires: Mon, 05 Dec 2022 03:44:04 GMT
cache-control: public, max-age=7200
etag: "1628064816"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 35c66ab0dafc0ed05c3f2e1b8829e3b7
e8fac7e103462c9cb3fab7ed1c1cfa07813ccd74
09270f5899964b5438d18e198fb9f50ed079fb0ee1c54a9cd668b96abdb8c228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/NPqVe9uv1obhJNze98_FdxuuvB5v7sC3x0M-f9EGREdF9YLYWS5_zF48Q4XhwXjadOg9kjltgQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 6.3 kB URL HTTP/2 yt3.ggpht.com/NPqVe9uv1obhJNze98_FdxuuvB5v7sC3x0M-f9EGREdF9YLYWS5_zF48Q4XhwXjadOg9kjltgQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 92366bf9046025556cea24bdbe43c27c
95e47e704ed5dba67cd7c47fef32c065b91fa909
6adc415495cd0bd19cc5bda2c3f27bbdd0fbb634bda41ba9340b1fa7e7c469cc
GET /NPqVe9uv1obhJNze98_FdxuuvB5v7sC3x0M-f9EGREdF9YLYWS5_zF48Q4XhwXjadOg9kjltgQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6284
x-xss-protection: 0
date: Sun, 04 Dec 2022 21:49:57 GMT
expires: Mon, 05 Dec 2022 21:49:57 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 14047
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
172.217.21.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 172.217.21.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 05 Dec 2022 01:44:04 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
172.217.21.170200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 172.217.21.170:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 05a1488be7db299d5ad4ab5a2d6ac609
6c5bb2eb75cbdb2917acdc9c6c04b1ad2b8a8416
cd347cb04a81dc9e8314309b9a92218716904c743a109e8f7a451372e62b946a
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1043
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 05 Dec 2022 01:44:04 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a349d02cce160f72cc93f6fb6e45fa46
a6f82481ea0a820da0f199e8f9051a4aa4013c82
ab320118577a2dcb6ab7ad904d6350e187501a94b39b71fdd70b31cbc8853b24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6826
x-amzn-requestid: f0abdba6-14c8-4aae-ba3b-37ba0af2ff08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_t2FsLIAMFekA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1325-3452be066acddb554f528cc3;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GS4yLzXiIZt-eL9T7gjbf2-vMu8i30WKPDmc2EQDxv0CELjdW1gMVA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:46:51 GMT
age: 14239
etag: "a6f82481ea0a820da0f199e8f9051a4aa4013c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/embed/rVk_b5DPqS8?v=rVk_b5DPqS8&disablekb=1
216.58.207.238200 OK 0 B URL HTTP/2 www.youtube.com/embed/rVk_b5DPqS8?v=rVk_b5DPqS8&disablekb=1
IP 216.58.207.238:0
GET /embed/rVk_b5DPqS8?v=rVk_b5DPqS8&disablekb=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kmaecm.edu.ua/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 01:44:02 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=sTAdmMLcIy4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=hI881jO7Kkk; Domain=.youtube.com; Expires=Sat, 03-Jun-2023 01:44:02 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+493; expires=Wed, 04-Dec-2024 01:44:02 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2