medick.fo.ru/forum/5446/3220
301 Moved Permanently 175 B URL HTTP/1.1 medick.fo.ru/forum/5446/3220
IP
ASN #56806 CJSC Computing Forces
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 27d3037d4815f88b7bb724cb258524e1
092678ca1f61e13d97f37f7be9438e7b32b722e9
0c0a343c76a265d5b6b5b3708383afaf77f187eaa7f3fa8f1fec18cdf4ebe198
GET /forum/5446/3220 HTTP/1.1
Host: medick.fo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: openresty/1.19.9.1
Date: Thu, 23 Mar 2023 15:53:46 GMT
Content-Type: text/html
Content-Length: 175
Connection: keep-alive
Location: https://medick.fosite.ru/forum/5446/3220
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17954
Expires: Thu, 23 Mar 2023 20:53:00 GMT
Date: Thu, 23 Mar 2023 15:53:46 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18632
Expires: Thu, 23 Mar 2023 21:04:18 GMT
Date: Thu, 23 Mar 2023 15:53:46 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3891
Expires: Thu, 23 Mar 2023 16:58:37 GMT
Date: Thu, 23 Mar 2023 15:53:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 15:15:07 GMT
content-type: application/json
age: 2319
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: odPhgwg5VGHljfPMaBaI7VW9O60Ro42N48rdgbOmjhoP/jR1RAwhmnGqow4JLKSRGhtJ3SnfJCU=
x-amz-request-id: W5MDTQG944VE9YGC
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 15:00:00 GMT
age: 3226
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 33e6fa7401306ad6805dba28f590dd68
d3b35b762ab88eb8d6d67a47884c8295b3369ef5
b720fe6032055680c3c0113a61ac046008e574b35d7443e1734def925cf9ec16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B720FE6032055680C3C0113A61AC046008E574B35D7443E1734DEF925CF9EC16"
Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20623
Expires: Thu, 23 Mar 2023 21:37:29 GMT
Date: Thu, 23 Mar 2023 15:53:46 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 15:53:46 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 15:14:33 GMT
age: 2353
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 8d0cb704cd3caf938bc0f270a9bce251
e7c50418b560f2a149344fb7823adc2d312c2a16
a8d5e1ebe478d60c6f31f3d067e188fae1450d6a40de0cd651310de06337b836
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 15:53:47 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Mon, 27 Mar 2023 11:52:35 GMT
ETag: "e7c50418b560f2a149344fb7823adc2d312c2a16"
Last-Modified: Thu, 23 Mar 2023 11:52:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2731
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac7d9651bd5b4ed-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 23c054d3aee551b6fdc42a5a472a7040
b1a46c12ac7d65c979fd1998bdb243f3dba8f956
9e8b91ab91da9ea20dfb5f90c1c06239d2872b0eb80785534d0c59c3b51de404
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 15:53:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 050ca4dc2182e0a27573b0d9f32b7834
bec14dc5af0d0b32210470673511acd8db404308
b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6666
Expires: Thu, 23 Mar 2023 17:44:53 GMT
Date: Thu, 23 Mar 2023 15:53:47 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-54299952-1
200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-54299952-1
IP
File type ASCII text, with very long lines (2206)
Hash 7f35ce18738c8430381cec07308cfef8
cf8aadf6ca85f4e10c255771bcf91a22c8c6d9c4
6ad52628f4555842016d5af2af78f88a57c2fa679729150ecc6473d10414f980
GET /gtag/js?id=UA-54299952-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Mar 2023 15:53:47 GMT
expires: Thu, 23 Mar 2023 15:53:47 GMT
cache-control: private, max-age=900
last-modified: Thu, 23 Mar 2023 15:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44696
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.cy-pr.com/e/medick.fosite.ru_16.gif
301 Moved Permanently 178 B URL HTTP/1.1 www.cy-pr.com/e/medick.fosite.ru_16.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /e/medick.fosite.ru_16.gif HTTP/1.1
Host: www.cy-pr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: Nginx
Date: Thu, 23 Mar 2023 16:11:19 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.cy-pr.com/e/medick.fosite.ru_16.gif
editor.fosite.ru/assets/logo_4u_bigger-23ff97a225b0b071024ee0ffde8192a1117b00a39d221da2b1b12fcae66d477f.png
200 OK 4.1 kB URL HTTP/2 editor.fosite.ru/assets/logo_4u_bigger-23ff97a225b0b071024ee0ffde8192a1117b00a39d221da2b1b12fcae66d477f.png
IP
ASN #43776 Relsoft communications Ltd.
File type PNG image data, 166 x 160, 8-bit/color RGBA, non-interlaced\012- data
Hash fae3cfc1e783ef62665911bd7198f6a9
30c9c30cfee63dfc4d0af0bc05758ccdca5c8967
23ff97a225b0b071024ee0ffde8192a1117b00a39d221da2b1b12fcae66d477f
GET /assets/logo_4u_bigger-23ff97a225b0b071024ee0ffde8192a1117b00a39d221da2b1b12fcae66d477f.png HTTP/1.1
Host: editor.fosite.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 23 Mar 2023 15:53:47 GMT
content-type: image/png
content-length: 4073
last-modified: Thu, 23 Mar 2023 12:07:38 GMT
etag: "641c410a-fe9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
502 Bad Gateway 6.4 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Hash eebb75328cc8e7cc0bff252be12a3335
0624e97ad98c07671cb2c77da8e26dabcc6355fe
e48a1fb848e5b14433e028c8381591150797e54eb171bfd874cba9522dc4475e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 502 Bad Gateway
Date: Thu, 23 Mar 2023 15:53:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: cf_use_ob=0; path=/; expires=Thu, 23-Mar-23 15:54:17 GMT
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
CF-RAY: 7ac7d965a8b71c06-OSL
Server: cloudflare
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 23c054d3aee551b6fdc42a5a472a7040
b1a46c12ac7d65c979fd1998bdb243f3dba8f956
9e8b91ab91da9ea20dfb5f90c1c06239d2872b0eb80785534d0c59c3b51de404
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 15:53:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
illicium.wmtransfer.com/scripts/public/illicium_loginless_0_3.js
200 OK 12 kB URL HTTP/1.1 illicium.wmtransfer.com/scripts/public/illicium_loginless_0_3.js
IP
ASN #56806 CJSC Computing Forces
File type C source, Unicode text, UTF-8 (with BOM) text, with very long lines (34450), with CRLF line terminators
Hash 406eaaf3daa2cac93f050bea69df7c6e
3b4fc4653e68b2695d2744a298aeddd15e443d60
74733036adaa83cda0c5bac6fd18c421a4e1653840f1b63c6d19d7ce8d685ed1
GET /scripts/public/illicium_loginless_0_3.js HTTP/1.1
Host: illicium.wmtransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 23 Mar 2023 15:53:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=86400
Last-Modified: Tue, 05 Oct 2021 14:21:55 GMT
ETag: W/"cfd88f59f4b9d71:0"
Content-Encoding: gzip
counter.24log.ru/buttons/24/bg24-8_1.gif
301 Moved Permanently 162 B URL HTTP/1.1 counter.24log.ru/buttons/24/bg24-8_1.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /buttons/24/bg24-8_1.gif HTTP/1.1
Host: counter.24log.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 23 Mar 2023 15:53:47 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://counter.24log.ru/buttons/24/bg24-8_1.gif
counter.24log.ru/buttons/24/bg24-8_3.gif
301 Moved Permanently 162 B URL HTTP/1.1 counter.24log.ru/buttons/24/bg24-8_3.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /buttons/24/bg24-8_3.gif HTTP/1.1
Host: counter.24log.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 23 Mar 2023 15:53:47 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://counter.24log.ru/buttons/24/bg24-8_3.gif
counter.24log.ru/buttons/24/bg24-8_2.gif
301 Moved Permanently 162 B URL HTTP/1.1 counter.24log.ru/buttons/24/bg24-8_2.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /buttons/24/bg24-8_2.gif HTTP/1.1
Host: counter.24log.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 23 Mar 2023 15:53:47 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://counter.24log.ru/buttons/24/bg24-8_2.gif
zerossl.ocsp.sectigo.com/
502 Bad Gateway 6.5 kB URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Hash 3e7701860583a00dffa4b318ae19e82b
1801fbcc233e296b4cdc46134dc4eb544445012f
342b08d14aacac53c4ca38f082ff2544f595d23c8853ac9e707c6634b214e429
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 502 Bad Gateway
Date: Thu, 23 Mar 2023 15:53:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: cf_use_ob=0; path=/; expires=Thu, 23-Mar-23 15:54:17 GMT
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
CF-RAY: 7ac7d966ec18b521-OSL
Server: cloudflare
yastatic.net/share/static/b-share-icon.png
200 OK 4.6 kB URL HTTP/2 yastatic.net/share/static/b-share-icon.png
IP
File type PNG image data, 16 x 493, 8-bit colormap, non-interlaced\012- data
Hash 24bc3d4a0d287d95c0fb2ec150c1776e
53b50aca31779f1d2082384c113cb8bd12392dca
4518d4c73cc79f597d32c09c25b38ef44da466f502c31e2023d1005f2f899713
GET /share/static/b-share-icon.png HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 23 Mar 2023 15:53:47 GMT
content-type: image/png
content-length: 4637
access-control-allow-origin: *
cache-control: public, max-age=216009
etag: "24bc3d4a0d287d95c0fb2ec150c1776e"
expires: Sun, 26 Mar 2023 03:53:00 GMT
last-modified: Wed, 24 Oct 2018 16:00:42 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 189abe02d328acbf
accept-ranges: bytes
X-Firefox-Spdy: h2
counter.24log.ru/counter?id=163018&t=24&st=8&r=&u=https%3A//medick.fosite.ru/forum/5446/3220&s=1280x1024x24&rnd=0.021300905994001917
301 Moved Permanently 162 B URL HTTP/1.1 counter.24log.ru/counter?id=163018&t=24&st=8&r=&u=https%3A//medick.fosite.ru/forum/5446/3220&s=1280x1024x24&rnd=0.021300905994001917
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /counter?id=163018&t=24&st=8&r=&u=https%3A//medick.fosite.ru/forum/5446/3220&s=1280x1024x24&rnd=0.021300905994001917 HTTP/1.1
Host: counter.24log.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 23 Mar 2023 15:53:47 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://counter.24log.ru/counter?id=163018&t=24&st=8&r=&u=https%3A//medick.fosite.ru/forum/5446/3220&s=1280x1024x24&rnd=0.021300905994001917
www.cy-pr.com/e/medick.fosite.ru_16.gif
200 OK 1.4 kB URL HTTP/2 www.cy-pr.com/e/medick.fosite.ru_16.gif
IP
File type GIF image data, version 87a, 88 x 31\012- data
Hash c0046f314b93b4269f3f5695b07948e9
3f9a6de3edd17f51fdd82aed2c7efe891a10c030
c42b64e5cc883690aee19459c4c4a0fc99e47b9b9ac2c4a9e67491b3ebdb0a09
GET /e/medick.fosite.ru_16.gif HTTP/1.1
Host: www.cy-pr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 16:11:19 GMT
content-type: image/gif
content-length: 1382
last-modified: Fri, 28 Aug 2020 18:07:43 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Oy/7+nX7namUWsjPYWsncg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aj3ExXPM6pVWgtPcKBuBU30NoPw=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b7762cb931695301644c5c9d1978d687
8aeccbb23610b53c5f776d80c0386867a993b363
91b8549754a764fbf77f1cff14b69b1d8a4704babd9bf66d8f42f29b93acffc7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91B8549754A764FBF77F1CFF14B69B1D8A4704BABD9BF66D8F42F29B93ACFFC7"
Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4744
Expires: Thu, 23 Mar 2023 17:12:51 GMT
Date: Thu, 23 Mar 2023 15:53:47 GMT
Connection: keep-alive
stat002.fosite.ru/counters/228866.gif?ui=228866&ci=51&dn=medick.fosite.ru&un=medick.fosite.ru&lg=ru&visitorid=-1&stid=6&stdb=1&color1=D9CC7E&color2=6F4B1E&color3=000E52&color4=C29256&color5=FFFFFF&turn_on=on&img=0&&r=&pg=https%3A//medick.fosite.ru/forum/5446/3220&c=Y&uniq=T&j=N&wh=1280x1024&px=24&
404 Not Found 596 B URL HTTP/2 stat002.fosite.ru/counters/228866.gif?ui=228866&ci=51&dn=medick.fosite.ru&un=medick.fosite.ru&lg=ru&visitorid=-1&stid=6&stdb=1&color1=D9CC7E&color2=6F4B1E&color3=000E52&color4=C29256&color5=FFFFFF&turn_on=on&img=0&&r=&pg=https%3A//medick.fosite.ru/forum/5446/3220&c=Y&uniq=T&j=N&wh=1280x1024&px=24&
IP
ASN #43776 Relsoft communications Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash e630571b3d9665cc6a71aa4447074be9
0b9a0138a8e4a420531f84a5c9f43f3188b7ab22
44dbc81437de675e5c4366036ad110d465aa9d5bbdf6b243249678d65997fa8e
GET /counters/228866.gif?ui=228866&ci=51&dn=medick.fosite.ru&un=medick.fosite.ru&lg=ru&visitorid=-1&stid=6&stdb=1&color1=D9CC7E&color2=6F4B1E&color3=000E52&color4=C29256&color5=FFFFFF&turn_on=on&img=0&&r=&pg=https%3A//medick.fosite.ru/forum/5446/3220&c=Y&uniq=T&j=N&wh=1280x1024&px=24& HTTP/1.1
Host: stat002.fosite.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 404 Not Found
server: openresty/1.19.9.1
date: Thu, 23 Mar 2023 15:53:47 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
illicium.wmtransfer.com/Get/GetScript?placeId=79&elementId=place79&WmId=null&language=en&fgp=531e0abc63b0a3d92e656259ec49c2bc&w=1280&h=1024&webp=null
200 OK 638 B URL HTTP/1.1 illicium.wmtransfer.com/Get/GetScript?placeId=79&elementId=place79&WmId=null&language=en&fgp=531e0abc63b0a3d92e656259ec49c2bc&w=1280&h=1024&webp=null
IP
ASN #56806 CJSC Computing Forces
File type Unicode text, UTF-8 text, with very long lines (764), with no line terminators
Hash d8a4d4bb17ef563adddb5b003a2620ad
8e47e001cbe2ced181e0ce209c7cc64fe95deb72
e4412c347519d8e814b0ceb8978088adc3716dfc4c45c88f87894d27554b9173
GET /Get/GetScript?placeId=79&elementId=place79&WmId=null&language=en&fgp=531e0abc63b0a3d92e656259ec49c2bc&w=1280&h=1024&webp=null HTTP/1.1
Host: illicium.wmtransfer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 23 Mar 2023 15:53:47 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: private
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: history1=YJAAFOV876DpxFfxTmuS8A==; expires=Sat, 22-Apr-2023 15:53:47 GMT; path=/; secure; HttpOnly; SameSite=None
X-Powered-By: ASP.NET
Content-Encoding: gzip
counter.24log.ru/counter?id=163018&t=24&st=8&r=&u=https%3A//medick.fosite.ru/forum/5446/3220&s=1280x1024x24&rnd=0.021300905994001917
307 Temporary Redirect 32 B URL HTTP/1.1 counter.24log.ru/counter?id=163018&t=24&st=8&r=&u=https%3A//medick.fosite.ru/forum/5446/3220&s=1280x1024x24&rnd=0.021300905994001917
IP
File type HTML document, ASCII text
Hash 3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
GET /counter?id=163018&t=24&st=8&r=&u=https%3A//medick.fosite.ru/forum/5446/3220&s=1280x1024x24&rnd=0.021300905994001917 HTTP/1.1
Host: counter.24log.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 23 Mar 2023 15:53:47 GMT
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 32
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Location: http://counter.24log.ru/counter?redir=1&id=163018&t=24&st=8&r=&u=https%3A//medick.fosite.ru/forum/5446/3220&s=1280x1024x24&rnd=0.021300905994001917
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Set-Cookie: VSID=ea685d20a4da00ecc2cf98ffa378d2ae%2F8a0ac7fb%2F620727ad%2F4; expires=Sat, 29-Jan-2033 15:53:47 GMT; Max-Age=311040000; path=/; domain=24log.ru
counter.24log.ru/buttons/24/bg24-8_3.gif
200 OK 190 B URL HTTP/1.1 counter.24log.ru/buttons/24/bg24-8_3.gif
IP
File type GIF image data, version 89a, 50 x 10\012- data
Hash 2882551f594c3541de5d24d94d92895c
7fcbd626f97090f8dd62442a182554e86d86ca55
89784d3dc391161eceb6599b2bb98cc528396ee1c14088d103ea24c54d586388
GET /buttons/24/bg24-8_3.gif HTTP/1.1
Host: counter.24log.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 15:53:47 GMT
Content-Type: image/gif
Content-Length: 190
Last-Modified: Wed, 17 Aug 2011 20:03:08 GMT
Connection: keep-alive
ETag: "4e4c1e7c-be"
Accept-Ranges: bytes
counter.24log.ru/buttons/24/bg24-8_2.gif
200 OK 436 B URL HTTP/1.1 counter.24log.ru/buttons/24/bg24-8_2.gif
IP
File type GIF image data, version 89a, 38 x 21\012- data
Hash 52408040ac69291791dcaf9b215874ff
597f897f6c0b00fea5d9ae77b0422b9bb38ae4c5
33021322bf5a84386b47e53e2657373a7a2b39f64ba8751a9e1cc1ae06f14379
GET /buttons/24/bg24-8_2.gif HTTP/1.1
Host: counter.24log.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 15:53:47 GMT
Content-Type: image/gif
Content-Length: 436
Last-Modified: Wed, 17 Aug 2011 20:03:05 GMT
Connection: keep-alive
ETag: "4e4c1e79-1b4"
Accept-Ranges: bytes
counter.24log.ru/buttons/24/bg24-8_1.gif
200 OK 236 B URL HTTP/1.1 counter.24log.ru/buttons/24/bg24-8_1.gif
IP
File type GIF image data, version 89a, 38 x 10\012- data
Hash 31bb7c54c2d8767afcb277ca313ccc0e
0d95023a696f986e55ecaa8462331b1371b972a5
f79c53499d7eb87a9d17dd9d0690ec34ebad2ca899188064e43ae6b618b48dfc
GET /buttons/24/bg24-8_1.gif HTTP/1.1
Host: counter.24log.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 15:53:47 GMT
Content-Type: image/gif
Content-Length: 236
Last-Modified: Wed, 17 Aug 2011 20:03:03 GMT
Connection: keep-alive
ETag: "4e4c1e77-ec"
Accept-Ranges: bytes
counter.24log.ru/counter?redir=1&id=163018&t=24&st=8&r=&u=https%3A//medick.fosite.ru/forum/5446/3220&s=1280x1024x24&rnd=0.021300905994001917
301 Moved Permanently 162 B URL HTTP/1.1 counter.24log.ru/counter?redir=1&id=163018&t=24&st=8&r=&u=https%3A//medick.fosite.ru/forum/5446/3220&s=1280x1024x24&rnd=0.021300905994001917
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /counter?redir=1&id=163018&t=24&st=8&r=&u=https%3A//medick.fosite.ru/forum/5446/3220&s=1280x1024x24&rnd=0.021300905994001917 HTTP/1.1
Host: counter.24log.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 23 Mar 2023 15:53:47 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://counter.24log.ru/counter?redir=1&id=163018&t=24&st=8&r=&u=https%3A//medick.fosite.ru/forum/5446/3220&s=1280x1024x24&rnd=0.021300905994001917
counter.24log.ru/counter?redir=1&id=163018&t=24&st=8&r=&u=https%3A//medick.fosite.ru/forum/5446/3220&s=1280x1024x24&rnd=0.021300905994001917
200 OK 406 B URL HTTP/1.1 counter.24log.ru/counter?redir=1&id=163018&t=24&st=8&r=&u=https%3A//medick.fosite.ru/forum/5446/3220&s=1280x1024x24&rnd=0.021300905994001917
IP
File type PNG image data, 50 x 21, 4-bit colormap, non-interlaced\012- data
Hash bc0c588d28df491926ba2b2545abb0d9
6986b6560399790bea00fbeb9336c7eed41ec0e4
dcfdf54b630c6571606b866be1cebc0bea4cf26a6e149f988c10a8a6058d3cc7
GET /counter?redir=1&id=163018&t=24&st=8&r=&u=https%3A//medick.fosite.ru/forum/5446/3220&s=1280x1024x24&rnd=0.021300905994001917 HTTP/1.1
Host: counter.24log.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Mar 2023 15:53:47 GMT
Content-Type: image/png
Content-Length: 406
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Cache-Control: no-cache, must-revalidate
Expires: Mon, 26 Jul 1990 05:00:00 GMT
medick.fosite.ru/common/background/bg_78.gif
200 OK 44 kB URL HTTP/2 medick.fosite.ru/common/background/bg_78.gif
IP
ASN #43776 Relsoft communications Ltd.
File type GIF image data, version 89a, 325 x 324\012- data
Hash d5fd41e60056c34665b3d9edf5ddbc76
94c867c795baed9b4c523c08860642238a84a4c5
ade0bfdd3308f98fb62c7091384476b4d1452a98297d83671686540d87c0aec6
GET /common/background/bg_78.gif HTTP/1.1
Host: medick.fosite.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/forum/5446/3220
Cookie: mlp=1; uha-ha-ha=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 23 Mar 2023 15:53:47 GMT
content-type: image/gif
x-i1-one: 1
X-Firefox-Spdy: h2
medick.fosite.ru/common/img1/icons-s.css?12023
200 OK 2.8 kB URL HTTP/2 medick.fosite.ru/common/img1/icons-s.css?12023
IP
ASN #43776 Relsoft communications Ltd.
File type ASCII text, with CRLF line terminators
Hash 46fa7db1822d461290a9a86005b6f7d5
249f33102a20f3758ede4b1ba4f73a41d1cb17f2
4dcc7d150e3b7ad5dc86ec2a8bd61f901f93d87f6262d07a79f880380c755334
GET /common/img1/icons-s.css?12023 HTTP/1.1
Host: medick.fosite.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/forum/5446/3220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 23 Mar 2023 15:53:47 GMT
content-type: text/css
vary: Accept-Encoding
x-i1-one: 1
content-encoding: br
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash aa2a983db95f3ebdbf3fa30378129caf
ab6dadd6560a65d75a0cac81a040a432c6770c6a
7670ad5211ff11ba50bd8f15810ca7740f8d62b70b04d6d2291f58007d4c8f16
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 15:53:48 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Mon, 27 Mar 2023 14:37:15 GMT
ETag: "ab6dadd6560a65d75a0cac81a040a432c6770c6a"
Last-Modified: Thu, 23 Mar 2023 14:37:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 977
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac7d96b8d79b4ed-OSL
illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.hyperesources/indx960_hype_generated_script.js?50884
200 OK 2.5 kB URL HTTP/2 illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.hyperesources/indx960_hype_generated_script.js?50884
IP
ASN #56806 CJSC Computing Forces
Hash 59e0381b82fca0a1dcd955e4f839a942
03926c3c6dec25589a321cc85bddc9d08e17c329
7d7ea9d6bee2946c7bf96db260b191f6a84526696d3b901f9c55cd8389054d9e
GET /Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.hyperesources/indx960_hype_generated_script.js?50884 HTTP/1.1
Host: illicium.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 23 Mar 2023 15:53:48 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=172800
last-modified: Wed, 18 Aug 2021 13:20:26 GMT
etag: W/"04988ce3394d71:0"
x-powered-by: ASP.NET
content-encoding: gzip
X-Firefox-Spdy: h2
medick.fosite.ru/common/jquery/plugins/colorbox/example5/colorbox.css?12023
200 OK 1.6 kB URL HTTP/2 medick.fosite.ru/common/jquery/plugins/colorbox/example5/colorbox.css?12023
IP
ASN #43776 Relsoft communications Ltd.
File type ASCII text, with CRLF line terminators
Hash 5117dd29beb522e00cb4007e887ad2c6
f90587bd3990dc12c216ac41618306a2e78fe24a
594005fc320e978f872b5632d2cd22519157e17bfab2c1d5a8fc9010a6f31692
GET /common/jquery/plugins/colorbox/example5/colorbox.css?12023 HTTP/1.1
Host: medick.fosite.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/forum/5446/3220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 23 Mar 2023 15:53:47 GMT
content-type: text/css
vary: Accept-Encoding
x-i1-one: 1
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 342da587101df62e3e8f03dc4a87f93d
897c40f31b24adf281b804bbca7f0ffba5b86816
f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 15:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/watch.js
200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (555)
Hash 3b508682bf0d0324d820c058909f64a7
a458373545555306ea8ca12ed36094748c96b0ef
7e27b4cfc7c4c9b56f5b73394b1a570075a591380b7ef66be3e717aed9cbbac1
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 58370
date: Thu, 23 Mar 2023 15:53:48 GMT
access-control-allow-origin: *
etag: "641c239d-e402"
expires: Thu, 23 Mar 2023 16:53:48 GMT
last-modified: Thu, 23 Mar 2023 13:02:05 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.html
200 OK 26 kB URL HTTP/2 illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.html
IP
ASN #56806 CJSC Computing Forces
Hash ecab9800f7ceca743e455f84c4f41358
b51773aa834aee039347c79254fb04488dca1817
ad3a43c683d079c1035b4ba7041835a446059f37bede5c15fde0845745ec05dc
GET /Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.html HTTP/1.1
Host: illicium.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 23 Mar 2023 15:53:48 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=172800
last-modified: Wed, 18 Aug 2021 13:20:26 GMT
etag: W/"04988ce3394d71:0"
x-powered-by: ASP.NET
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat&subset=latin
200 OK 504 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat&subset=latin
IP
Hash 94ca5194a5fa29c05241e1885d5a8fef
dcdaede1e52164171aa4ee782c47199d90aa5d2c
4ec5a840392db4a16719e810792535f3abaacf5b81eee4440fb11c305161a61b
GET /css?family=Montserrat&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://illicium.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Mar 2023 15:53:48 GMT
date: Thu, 23 Mar 2023 15:53:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.hyperesources/button2.png
200 OK 474 B URL HTTP/2 illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.hyperesources/button2.png
IP
ASN #56806 CJSC Computing Forces
File type PNG image data, 33 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 08d58427b6097ad4adc33ac0331d2ec7
f7c0380067ea922948a0f62a10bda4afc655a0eb
b5f324ed54fda5b8cfd7cce6327ee53f57e556c975fabc263116965a82280286
GET /Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.hyperesources/button2.png HTTP/1.1
Host: illicium.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 23 Mar 2023 15:53:48 GMT
content-type: image/png
content-length: 474
cache-control: max-age=172800
last-modified: Wed, 18 Aug 2021 09:09:42 GMT
accept-ranges: bytes
etag: "0f9cc71094d71:0"
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
medick.fosite.ru/common/style6/style.css?12023
200 OK 12 kB URL HTTP/2 medick.fosite.ru/common/style6/style.css?12023
IP
ASN #43776 Relsoft communications Ltd.
Hash ae1f0e39374f0534fd495b6a8a5af5bf
163ed8f281f54681d3f185b82d3c22b80840d26b
fa63df4a0b8e92646e3e7b83256867a435912b160dddb6eb6fb39491f94e6da6
GET /common/style6/style.css?12023 HTTP/1.1
Host: medick.fosite.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/forum/5446/3220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 23 Mar 2023 15:53:47 GMT
content-type: text/css
vary: Accept-Encoding
x-i1-one: 1
content-encoding: br
X-Firefox-Spdy: h2
medick.fosite.ru/common/mlp/css/common.css?12023
200 OK 32 kB URL HTTP/2 medick.fosite.ru/common/mlp/css/common.css?12023
IP
ASN #43776 Relsoft communications Ltd.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 14870dc52e839f672c72f551ca62d8c2
a15fb85c966d531a4234da0ff16bc01958ec4b8c
29ebd2f0e0ee663ac273af0f5937c0bf19d714bbdb1be51f8033631650e3f29e
GET /common/mlp/css/common.css?12023 HTTP/1.1
Host: medick.fosite.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/forum/5446/3220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 23 Mar 2023 15:53:47 GMT
content-type: text/css
vary: Accept-Encoding
x-i1-one: 1
content-encoding: br
X-Firefox-Spdy: h2
illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.hyperesources/bc1.png
200 OK 278 B URL HTTP/2 illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.hyperesources/bc1.png
IP
ASN #56806 CJSC Computing Forces
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 1200698485f14e42ec6669ba718194fb
f828377c9861fd004ae3bf40d415d654b7c08bfd
7d5e22f91fbfb5ef6d0c9e1a026017ca0ffa31808c70e5c61c0cc6d2a7fd73f3
GET /Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.hyperesources/bc1.png HTTP/1.1
Host: illicium.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 23 Mar 2023 15:53:48 GMT
content-type: image/png
content-length: 278
cache-control: max-age=172800
last-modified: Wed, 18 Aug 2021 09:09:42 GMT
accept-ranges: bytes
etag: "0f9cc71094d71:0"
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5cd8c9b1a21861daf74c130682cea34e
32ceecbbe8fdfc999e4169771cf7633fdaa1f083
328369b9dcb3b3b19b031dd350a02c7cbe5fb250ba4748bf8d055da5342f0837
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 15:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 23 Mar 2023 15:53:48 GMT
access-control-allow-origin: *
etag: "641c239d-2b"
expires: Thu, 23 Mar 2023 16:53:48 GMT
accept-ranges: bytes
last-modified: Thu, 23 Mar 2023 13:02:05 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fmedick.fosite.ru%2Fforum%2F5446%2F3220&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.11.3%22%7D&browser-info=pv%3A1%3Avf%3A41za72whyvnym2kdotke5b%3Afp%3A1243%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A1%3Adp%3A0%3Als%3A1217313411481%3Ahid%3A736987926%3Az%3A0%3Ai%3A20230323155356%3Aet%3A1679586837%3Ac%3A1%3Arn%3A783248102%3Arqn%3A1%3Au%3A1679586837388481615%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A38%2C111%2C274%2C1%2C285%2C0%2C%2C483%2C34%2C%2C%2C%2C1250%3Aco%3A0%3Ans%3A1679586834431%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1679586837%3At%3A%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B5%D0%B9%20%D0%A7%D0%B5%D1%80%D0%B5%D1%88%D0%BD%D0%B5%D0%B2%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%2F%20%D0%A1%D0%B5%D1%80%D0%B4%D0%B5%D1%87%D0%BD%D0%BE-%D1%81%D0%BE%D1%81%D1%83%D0%B4%D0%B8%D1%81%D1%82%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B1%D0%BE%D0%BB%D0%B5%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F%20%2F%20%D0%91%D0%BE%D0%BB%D1%8C%20%D0%B2%20%D1%81%D0%B5%D1%80%D0%B4%D1%86%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fmedick.fosite.ru%2Fforum%2F5446%2F3220&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.11.3%22%7D&browser-info=pv%3A1%3Avf%3A41za72whyvnym2kdotke5b%3Afp%3A1243%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A1%3Adp%3A0%3Als%3A1217313411481%3Ahid%3A736987926%3Az%3A0%3Ai%3A20230323155356%3Aet%3A1679586837%3Ac%3A1%3Arn%3A783248102%3Arqn%3A1%3Au%3A1679586837388481615%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A38%2C111%2C274%2C1%2C285%2C0%2C%2C483%2C34%2C%2C%2C%2C1250%3Aco%3A0%3Ans%3A1679586834431%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1679586837%3At%3A%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B5%D0%B9%20%D0%A7%D0%B5%D1%80%D0%B5%D1%88%D0%BD%D0%B5%D0%B2%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%2F%20%D0%A1%D0%B5%D1%80%D0%B4%D0%B5%D1%87%D0%BD%D0%BE-%D1%81%D0%BE%D1%81%D1%83%D0%B4%D0%B8%D1%81%D1%82%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B1%D0%BE%D0%BB%D0%B5%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F%20%2F%20%D0%91%D0%BE%D0%BB%D1%8C%20%D0%B2%20%D1%81%D0%B5%D1%80%D0%B4%D1%86%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash cfa0d3d2e13676d625cebee76396b420
7416223e13ff9d4185630521cd240ca4610e4857
2b121d87d5a822925e6c38f615c035c754ad10af6ea82325c181fc85c209e9cb
GET /watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fmedick.fosite.ru%2Fforum%2F5446%2F3220&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.11.3%22%7D&browser-info=pv%3A1%3Avf%3A41za72whyvnym2kdotke5b%3Afp%3A1243%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A1%3Adp%3A0%3Als%3A1217313411481%3Ahid%3A736987926%3Az%3A0%3Ai%3A20230323155356%3Aet%3A1679586837%3Ac%3A1%3Arn%3A783248102%3Arqn%3A1%3Au%3A1679586837388481615%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A38%2C111%2C274%2C1%2C285%2C0%2C%2C483%2C34%2C%2C%2C%2C1250%3Aco%3A0%3Ans%3A1679586834431%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1679586837%3At%3A%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B5%D0%B9%20%D0%A7%D0%B5%D1%80%D0%B5%D1%88%D0%BD%D0%B5%D0%B2%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%2F%20%D0%A1%D0%B5%D1%80%D0%B4%D0%B5%D1%87%D0%BD%D0%BE-%D1%81%D0%BE%D1%81%D1%83%D0%B4%D0%B8%D1%81%D1%82%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B1%D0%BE%D0%BB%D0%B5%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F%20%2F%20%D0%91%D0%BE%D0%BB%D1%8C%20%D0%B2%20%D1%81%D0%B5%D1%80%D0%B4%D1%86%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://medick.fosite.ru
Referer: https://medick.fosite.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Thu, 23 Mar 2023 15:53:48 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://medick.fosite.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 23-Mar-2023 15:53:48 GMT
last-modified: Thu, 23-Mar-2023 15:53:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 15:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 15:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Hash b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://illicium.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
age: 78517
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8795e5b287f501dc39ee441cd6bd7125
9d420cfc40477940eff7fcfc1aee2c7731fd17a5
a2f6bc52d276e1f73a3e823606457e033bccf8eca8631940a55c298f952451ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 15:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 78815ec28cdd11dab4f66f2eaab35658
c6fd7f2a657d87c6e7641be6fc69913c427cd26a
f99b9d279c7ddfe7916dde9c7390be1f225e330ffa662bd7ae603ceed76e44c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 15:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12848, version 1.0\012- data
Hash f0b3206d02a2f684530117ce1d7e8ce0
f3708b707b65e241b0f1c819d5f7bf7da8412653
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://illicium.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12848
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 13:57:54 GMT
expires: Tue, 19 Mar 2024 13:57:54 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
content-type: font/woff2
age: 266154
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-54299952-1&cid=1967414773.1679586836&jid=1588178463&_u=YEBAAUAAAAAAACAAI~&z=759633454
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-54299952-1&cid=1967414773.1679586836&jid=1588178463&_u=YEBAAUAAAAAAACAAI~&z=759633454
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-54299952-1&cid=1967414773.1679586836&jid=1588178463&_u=YEBAAUAAAAAAACAAI~&z=759633454 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:53:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-54299952-1&cid=1967414773.1679586836&jid=1588178463&_u=YEBAAUAAAAAAACAAI~&z=759633454
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-54299952-1&cid=1967414773.1679586836&jid=1588178463&_u=YEBAAUAAAAAAACAAI~&z=759633454
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-54299952-1&cid=1967414773.1679586836&jid=1588178463&_u=YEBAAUAAAAAAACAAI~&z=759633454 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 15:53:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 15:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2555
Expires: Thu, 23 Mar 2023 16:36:23 GMT
Date: Thu, 23 Mar 2023 15:53:48 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a6cad75209fdd6f267646b8382348c4b
35d993c683277cba55a4a86e15afa0c378d9a1d8
f3490031d4088f3580570dd096c1daf3780b76da85039fa904a35a9f0d6298be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 15:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2555
Expires: Thu, 23 Mar 2023 16:36:23 GMT
Date: Thu, 23 Mar 2023 15:53:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 800c2662fd6ab8829a02b7d63084c38d
0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239
76545e9f75dc558fdb7b54550934c7775318fb4150a9309f60e65d982d2e576e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5950
x-amzn-requestid: ce85112e-428d-4ca1-9dac-1d6c8c6dc74a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CKyF9EI3oAMFtyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a96f2-05c5948d6f74948b1c67d68c;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 05:49:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: lnMR6Lh4T37cFhMwb1qXIxjoPBghVFOGUz7HTt65DegMaxlElZxfjQ==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:32 GMT
age: 65416
etag: "0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.hyperesources/logo.svg
200 OK 5.2 kB URL HTTP/2 illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.hyperesources/logo.svg
IP
ASN #56806 CJSC Computing Forces
Hash 734b97ad0074bf7122a5df5d26bb097a
8964763e24510d945f8afbb25f0f246f16dd8a70
18637de1471b715f252feb71fbf5c281e2a60c471070a195cd2b74f4feea8dcc
GET /Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.hyperesources/logo.svg HTTP/1.1
Host: illicium.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 23 Mar 2023 15:53:48 GMT
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=172800
last-modified: Wed, 18 Aug 2021 13:06:19 GMT
etag: W/"8057aed53194d71:0"
x-powered-by: ASP.NET
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f0b9e85381489dcf646c251722b21d4
5f7ea91288a2170bcabdca6be296718c4191eacd
911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10480
x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJptHG7JoAMFSwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: V_1L8vYf9-uS_-cGgsCstGC__IYpLZjEa0gOlsYgYOWwNJxxXJo83g==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 22:09:40 GMT
age: 63848
etag: "5f7ea91288a2170bcabdca6be296718c4191eacd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c05bfdf1411a931d8ea9adc64b07bc74
156ef59e53564a4f2b27002b2695fafecd578d82
15d17c0df2d2b0625ecf5f576a7ff630ae8b923b28be354ad23aec6a284a801a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6692
x-amzn-requestid: 3a0f6a8d-89b1-43f4-8a15-8749bdbc047b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM9d9FcOoAMFaFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b75f2-3540256d6be3d4f85bba65ea;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:41:06 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: PNAVsyfdAHjn5F6Rt1uz1U46QCIGvTCqZatbAurr6Ilu0quHWExuSw==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:34 GMT
age: 65414
etag: "156ef59e53564a4f2b27002b2695fafecd578d82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e89d0b1281259e7399294fb5fa19d2b
5035ed41f497c97faefae9cdaf42dc07ab468557
f404d286deab5b4759be6e554e6488faab3b4f7988a86eb57520dac4e0d6a192
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10284
x-amzn-requestid: e4d2c324-d0b0-436d-9739-29269e62aed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM6hjEqtIAMFvXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b713c-5a5bd6b60c1f52ab580f1757;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:21:00 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: g53sZY66fiEL8H79MzI7c7rqI-c-XxMvgB3myz79aw_lE9Aqgc66LQ==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 07:32:23 GMT
age: 30085
etag: "5035ed41f497c97faefae9cdaf42dc07ab468557"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/watch/26812653?wmode=7&page-url=https%3A%2F%2Fmedick.fosite.ru%2Fforum%2F5446%2F3220&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.11.3%22%7D&browser-info=pv%3A1%3Avf%3A41za72whyvnym2kdotke5b%3Afp%3A1243%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A1%3Adp%3A0%3Als%3A1217313411481%3Ahid%3A736987926%3Az%3A0%3Ai%3A20230323155356%3Aet%3A1679586837%3Ac%3A1%3Arn%3A783248102%3Arqn%3A1%3Au%3A1679586837388481615%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A38%2C111%2C274%2C1%2C285%2C0%2C%2C483%2C34%2C%2C%2C%2C1250%3Aco%3A0%3Ans%3A1679586834431%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1679586837%3At%3A%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B5%D0%B9%20%D0%A7%D0%B5%D1%80%D0%B5%D1%88%D0%BD%D0%B5%D0%B2%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%2F%20%D0%A1%D0%B5%D1%80%D0%B4%D0%B5%D1%87%D0%BD%D0%BE-%D1%81%D0%BE%D1%81%D1%83%D0%B4%D0%B8%D1%81%D1%82%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B1%D0%BE%D0%BB%D0%B5%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F%20%2F%20%D0%91%D0%BE%D0%BB%D1%8C%20%D0%B2%20%D1%81%D0%B5%D1%80%D0%B4%D1%86%D0%B5&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
302 Found 4.9 kB URL HTTP/2 mc.yandex.ru/watch/26812653?wmode=7&page-url=https%3A%2F%2Fmedick.fosite.ru%2Fforum%2F5446%2F3220&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.11.3%22%7D&browser-info=pv%3A1%3Avf%3A41za72whyvnym2kdotke5b%3Afp%3A1243%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A1%3Adp%3A0%3Als%3A1217313411481%3Ahid%3A736987926%3Az%3A0%3Ai%3A20230323155356%3Aet%3A1679586837%3Ac%3A1%3Arn%3A783248102%3Arqn%3A1%3Au%3A1679586837388481615%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A38%2C111%2C274%2C1%2C285%2C0%2C%2C483%2C34%2C%2C%2C%2C1250%3Aco%3A0%3Ans%3A1679586834431%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1679586837%3At%3A%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B5%D0%B9%20%D0%A7%D0%B5%D1%80%D0%B5%D1%88%D0%BD%D0%B5%D0%B2%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%2F%20%D0%A1%D0%B5%D1%80%D0%B4%D0%B5%D1%87%D0%BD%D0%BE-%D1%81%D0%BE%D1%81%D1%83%D0%B4%D0%B8%D1%81%D1%82%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B1%D0%BE%D0%BB%D0%B5%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F%20%2F%20%D0%91%D0%BE%D0%BB%D1%8C%20%D0%B2%20%D1%81%D0%B5%D1%80%D0%B4%D1%86%D0%B5&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 90f64fe111aa6e90ebf52e0335d21b75
4f25bdbffca3803b02c196c38491223684d36b4d
37894e16112286470b7fd2e0bbd5ca74944e6cb5ca6e8aff189c4515122a0d40
GET /watch/26812653?wmode=7&page-url=https%3A%2F%2Fmedick.fosite.ru%2Fforum%2F5446%2F3220&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.11.3%22%7D&browser-info=pv%3A1%3Avf%3A41za72whyvnym2kdotke5b%3Afp%3A1243%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A1%3Adp%3A0%3Als%3A1217313411481%3Ahid%3A736987926%3Az%3A0%3Ai%3A20230323155356%3Aet%3A1679586837%3Ac%3A1%3Arn%3A783248102%3Arqn%3A1%3Au%3A1679586837388481615%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A38%2C111%2C274%2C1%2C285%2C0%2C%2C483%2C34%2C%2C%2C%2C1250%3Aco%3A0%3Ans%3A1679586834431%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1679586837%3At%3A%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B5%D0%B9%20%D0%A7%D0%B5%D1%80%D0%B5%D1%88%D0%BD%D0%B5%D0%B2%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%2F%20%D0%A1%D0%B5%D1%80%D0%B4%D0%B5%D1%87%D0%BD%D0%BE-%D1%81%D0%BE%D1%81%D1%83%D0%B4%D0%B8%D1%81%D1%82%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B1%D0%BE%D0%BB%D0%B5%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F%20%2F%20%D0%91%D0%BE%D0%BB%D1%8C%20%D0%B2%20%D1%81%D0%B5%D1%80%D0%B4%D1%86%D0%B5&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://medick.fosite.ru
Connection: keep-alive
Referer: https://medick.fosite.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fmedick.fosite.ru%2Fforum%2F5446%2F3220&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.11.3%22%7D&browser-info=pv%3A1%3Avf%3A41za72whyvnym2kdotke5b%3Afp%3A1243%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A1%3Adp%3A0%3Als%3A1217313411481%3Ahid%3A736987926%3Az%3A0%3Ai%3A20230323155356%3Aet%3A1679586837%3Ac%3A1%3Arn%3A783248102%3Arqn%3A1%3Au%3A1679586837388481615%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A38%2C111%2C274%2C1%2C285%2C0%2C%2C483%2C34%2C%2C%2C%2C1250%3Aco%3A0%3Ans%3A1679586834431%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1679586837%3At%3A%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B5%D0%B9%20%D0%A7%D0%B5%D1%80%D0%B5%D1%88%D0%BD%D0%B5%D0%B2%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%2F%20%D0%A1%D0%B5%D1%80%D0%B4%D0%B5%D1%87%D0%BD%D0%BE-%D1%81%D0%BE%D1%81%D1%83%D0%B4%D0%B8%D1%81%D1%82%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B1%D0%BE%D0%BB%D0%B5%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F%20%2F%20%D0%91%D0%BE%D0%BB%D1%8C%20%D0%B2%20%D1%81%D0%B5%D1%80%D0%B4%D1%86%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Thu, 23 Mar 2023 15:53:48 GMT
access-control-allow-origin: https://medick.fosite.ru
set-cookie: yabs-sid=2453688591679586828; Path=/; SameSite=None; Secure
i=w6sz7F2A2KO8ac+4jy1rpPzGEsMRrvWDIQe0bqBjaHWs0O9xrKoXGx8reiVYsAba1kuWw312ZlD9INU1WsCe2+xAY7c=; Expires=Sun, 20-Mar-2033 15:53:42 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7344770201679586828; Expires=Sun, 20-Mar-2033 15:53:42 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None
yuidss=7344770201679586828; Expires=Fri, 22-Mar-2024 15:53:48 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1711122828.yc.1679586828#1711122828.yrts.1679586828#1711122828.yrtsi.1679586828; Expires=Fri, 22-Mar-2024 15:53:48 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 23-Mar-2023 15:53:48 GMT
last-modified: Thu, 23-Mar-2023 15:53:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4a771935927950222124e14b56046df
d07fe53e4ac41048497b2732c017f6666c3eda9e
4e8388626074646c2336711be0a170ceab367c343648a32d2389dd87640251d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4912
x-amzn-requestid: d8fcf495-12af-42ae-ad69-0ea07b1a8669
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8H3Fl1IAMFYgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b73cb-01cbd1981a57e53b3d3cde93;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 4xGMCVWy2EXLLN8keteGLQvQjOp6KH97rkn_FK10eyng0-5EudcOig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:33 GMT
etag: "d07fe53e4ac41048497b2732c017f6666c3eda9e"
content-type: image/jpeg
age: 65415
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
medick.fosite.ru/forum/5446/3220
200 OK 76 kB URL HTTP/2 medick.fosite.ru/forum/5446/3220
IP
ASN #43776 Relsoft communications Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3836), with CRLF, LF line terminators
Hash f08785bd2d8d5793af209debaa97d597
f05d6130355e455c07e99ab5695eb1febb6bf090
9943c587c8c13cb2d7e39c142f7a2e97604819a87ff5419000583ec112778fea
GET /forum/5446/3220 HTTP/1.1
Host: medick.fosite.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 23 Mar 2023 15:53:46 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-server-id: 2
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-i1-one: 1
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32536e34-d62f-40f1-b196-c4bbe784cca6.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32536e34-d62f-40f1-b196-c4bbe784cca6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f148d2e3cd5679fe5cb9cd58630517c7
b312f7c6526254709a0f7424502952e9eaff9c78
6e98a90935a53caa8871238088e77269e5d7215d16dccabe7e9e4af09f39f7b0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32536e34-d62f-40f1-b196-c4bbe784cca6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: a49dca74-54fa-457c-a5b6-e347fd139d1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8ovEgAIAMFcnA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b749e-673461e13b7d2f4e7ad66e7f;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:35:26 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: uuIP_yp-XnJjUMLZ5qCkwZhqhbAViZrp2J3GJEfFHr54ouK7s6gjlA==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:35 GMT
age: 65420
etag: "b312f7c6526254709a0f7424502952e9eaff9c78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
yandex.st/share/share.js
200 OK 0 B IP
GET /share/share.js HTTP/1.1
Host: yandex.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 23 Mar 2023 15:53:47 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
content-encoding: br
etag: W/"db7132f94e4730c128b638f72b46c899"
expires: Sun, 26 Mar 2023 03:53:21 GMT
last-modified: Wed, 24 Oct 2018 16:00:42 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 2cce2b70136e4199
X-Firefox-Spdy: h2
medick.fosite.ru/common/head/hd_474.jpg
200 OK 0 B URL HTTP/2 medick.fosite.ru/common/head/hd_474.jpg
IP
ASN #43776 Relsoft communications Ltd.
GET /common/head/hd_474.jpg HTTP/1.1
Host: medick.fosite.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/forum/5446/3220
Cookie: mlp=1; uha-ha-ha=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 23 Mar 2023 15:53:47 GMT
content-type: image/jpeg
x-i1-one: 1
X-Firefox-Spdy: h2
medick.fosite.ru/common/mlp/js/anonymous.lib.js?12023
200 OK 0 B URL HTTP/2 medick.fosite.ru/common/mlp/js/anonymous.lib.js?12023
IP
ASN #43776 Relsoft communications Ltd.
GET /common/mlp/js/anonymous.lib.js?12023 HTTP/1.1
Host: medick.fosite.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/forum/5446/3220
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 23 Mar 2023 15:53:47 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-i1-one: 1
content-encoding: br
X-Firefox-Spdy: h2
illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.hyperesources/1.svg
200 OK 0 B URL HTTP/2 illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.hyperesources/1.svg
IP
ASN #56806 CJSC Computing Forces
GET /Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.hyperesources/1.svg HTTP/1.1
Host: illicium.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 23 Mar 2023 15:53:48 GMT
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=172800
last-modified: Wed, 18 Aug 2021 13:07:08 GMT
etag: W/"026e3f23194d71:0"
x-powered-by: ASP.NET
content-encoding: gzip
X-Firefox-Spdy: h2
medick.fosite.ru/common/mlp/js/navigation_window.js
200 OK 0 B URL HTTP/2 medick.fosite.ru/common/mlp/js/navigation_window.js
IP
ASN #43776 Relsoft communications Ltd.
GET /common/mlp/js/navigation_window.js HTTP/1.1
Host: medick.fosite.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/forum/5446/3220
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 23 Mar 2023 15:53:47 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-i1-one: 1
content-encoding: br
X-Firefox-Spdy: h2
medick.fosite.ru/common/img1/popup/loading.gif
200 OK 0 B URL HTTP/2 medick.fosite.ru/common/img1/popup/loading.gif
IP
ASN #43776 Relsoft communications Ltd.
GET /common/img1/popup/loading.gif HTTP/1.1
Host: medick.fosite.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/forum/5446/3220
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 23 Mar 2023 15:53:47 GMT
content-type: image/gif
x-i1-one: 1
X-Firefox-Spdy: h2
medick.fosite.ru/spam?public_code=591490b0&w=100&h=30
200 OK 0 B URL HTTP/2 medick.fosite.ru/spam?public_code=591490b0&w=100&h=30
IP
ASN #43776 Relsoft communications Ltd.
GET /spam?public_code=591490b0&w=100&h=30 HTTP/1.1
Host: medick.fosite.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/forum/5446/3220
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 23 Mar 2023 15:53:47 GMT
content-type: image/jpeg
x-server-id: 2
x-i1-one: 1
X-Firefox-Spdy: h2
illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.hyperesources/illustr.svg
200 OK 0 B URL HTTP/2 illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.hyperesources/illustr.svg
IP
ASN #56806 CJSC Computing Forces
GET /Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.hyperesources/illustr.svg HTTP/1.1
Host: illicium.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://illicium.co/Content/html5/47fb6792-5a4e-4ff8-9d2f-cba4aca4a182/INDX%20960.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 23 Mar 2023 15:53:48 GMT
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=172800
last-modified: Wed, 18 Aug 2021 13:07:40 GMT
etag: W/"0f6f553294d71:0"
x-powered-by: ASP.NET
content-encoding: gzip
X-Firefox-Spdy: h2
medick.fosite.ru/common/popup/popup.css?12023
200 OK 0 B URL HTTP/2 medick.fosite.ru/common/popup/popup.css?12023
IP
ASN #43776 Relsoft communications Ltd.
GET /common/popup/popup.css?12023 HTTP/1.1
Host: medick.fosite.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://medick.fosite.ru/forum/5446/3220
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 23 Mar 2023 15:53:46 GMT
content-type: text/css
vary: Accept-Encoding
x-i1-one: 1
content-encoding: br
X-Firefox-Spdy: h2
91.227.52.108
142.250.74.168
23.36.77.32
104.18.32.68