cmahospital.com/
135.181.176.108200 OK 9.6 kB IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (29331)
Hash b8807cca0928b7a020c1422c4eb24b22
8b5e51d337e5ddadbc4cd10f0c7926065d8b8895
bce6709bba35c4b27bcd0e5c8b611a6b411c2a760cc4c7cfb4b038a36bb0c02b
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:43 GMT
Server: Apache
Accept-Ranges: bytes
X-Mod-Pagespeed: 1.13.35.2-0
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=0, no-cache, s-maxage=10
Content-Length: 9564
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17295
Expires: Fri, 02 Dec 2022 13:51:58 GMT
Date: Fri, 02 Dec 2022 09:03:43 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4907
Cache-Control: max-age=96556
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:43 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:52:59 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 08:18:11 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2732
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14208
Expires: Fri, 02 Dec 2022 13:00:31 GMT
Date: Fri, 02 Dec 2022 09:03:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +vfdhDeiwrdz9OsSjtejUoWQZM4Or2bxUhT8iV/vpXUOeVPdUgdXH8wAQ7YZX1fgrOGRRZUVA8H2jMyYSwtDGA==
x-amz-request-id: G9TPNSYFXFVRH5J8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 08:46:38 GMT
age: 1025
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
cmahospital.com/assets/vendor,_bootstrap,_js,_bootstrap.bundle.min.js+js,_jquery.easing.min.js+vendor,_php-email-form,_validate.js.pagespeed.jc.IJc_HRxDqO.js
135.181.176.108200 OK 24 kB URL HTTP/1.1 cmahospital.com/assets/vendor,_bootstrap,_js,_bootstrap.bundle.min.js+js,_jquery.easing.min.js+vendor,_php-email-form,_validate.js.pagespeed.jc.IJc_HRxDqO.js
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash 43e6c819aa773659798be865cebd4e0e
1776e2baa7d03398dfad039104846e42ab187a16
3158ac5ef22f5ef46fb9c33b63c46c5e4935b6d8a97754ba5e91611824b6733f
Analyzer Verdict Alert fortinet Phishing
GET /assets/vendor,_bootstrap,_js,_bootstrap.bundle.min.js+js,_jquery.easing.min.js+vendor,_php-email-form,_validate.js.pagespeed.jc.IJc_HRxDqO.js HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:43 GMT
Server: Apache
Accept-Ranges: bytes
Expires: Sat, 02 Dec 2023 09:03:36 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Fri, 02 Dec 2022 09:03:36 GMT
X-Original-Content-Length: 91487
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23574
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
cmahospital.com/assets/js/main.js.pagespeed.jm.IE5ERUjJ7z.js
135.181.176.108200 OK 1.5 kB URL HTTP/1.1 cmahospital.com/assets/js/main.js.pagespeed.jm.IE5ERUjJ7z.js
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (4728), with no line terminators
Hash 0071cc9675ec6b278e6b985959030a0c
6a72570f2d3159da53823f0836db81933f864bfd
cba89d313dc1a754c8bce1c396af8f3bc57786f1425e3b0a657e74173e2ae387
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/main.js.pagespeed.jm.IE5ERUjJ7z.js HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:43 GMT
Server: Apache
Accept-Ranges: bytes
Expires: Sat, 02 Dec 2023 09:03:36 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Fri, 02 Dec 2022 09:03:36 GMT
X-Original-Content-Length: 7373
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1507
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 90b4caf4c10d4aedbbf15a03650df1f8
f2da7656691c4bc1238df9c60f4439dde08541dc
2c67636d085bb985e6cc0a524aeb26d2a8d1f574d538e394349d2196587e1219
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4849
Cache-Control: max-age=170312
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:43 GMT
Etag: "6389a2c6-116"
Expires: Sun, 04 Dec 2022 08:22:15 GMT
Last-Modified: Fri, 02 Dec 2022 07:01:26 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
cmahospital.com/runtime.c37bc91c7cbecdda.js.pagespeed.ce.ERQzuEZCWJ.js
135.181.176.108200 OK 640 B URL HTTP/1.1 cmahospital.com/runtime.c37bc91c7cbecdda.js.pagespeed.ce.ERQzuEZCWJ.js
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1070), with no line terminators
Hash 9cce0e216bb16ac2e478adafbe6b53d1
b8535091fe48c3e283e24cf08f80292209a1165b
6ada938ac740afc747ae55183daa2c697a55005aa4639981d178b5c9e3d66da3
Analyzer Verdict Alert fortinet Phishing
GET /runtime.c37bc91c7cbecdda.js.pagespeed.ce.ERQzuEZCWJ.js HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:43 GMT
Server: Apache
Accept-Ranges: bytes
X-Original-Content-Length: 1070
Last-Modified: Thu, 24 Nov 2022 12:48:30 GMT
Expires: Sat, 02 Dec 2023 09:03:43 GMT
Cache-Control: max-age=31536000
Etag: W/"0-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 640
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:03:43 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cmahospital.com/polyfills.6d4c9925ccb99c38.js.pagespeed.ce.yC_HNdM014.js
135.181.176.108200 OK 12 kB URL HTTP/1.1 cmahospital.com/polyfills.6d4c9925ccb99c38.js.pagespeed.ce.yC_HNdM014.js
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (33867), with no line terminators
Hash 2e68a76a26c962e042112591fcd0ec5e
7170b6b2f2cac609ae1e6f89176b607b385bef48
84dc0bc716ce0c60fa551486cca71fc1777c11fcfe25094890462cad60ff648a
Analyzer Verdict Alert fortinet Phishing
GET /polyfills.6d4c9925ccb99c38.js.pagespeed.ce.yC_HNdM014.js HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:43 GMT
Server: Apache
Accept-Ranges: bytes
X-Original-Content-Length: 33867
Last-Modified: Thu, 24 Nov 2022 12:48:30 GMT
Expires: Sat, 02 Dec 2023 09:03:43 GMT
Cache-Control: max-age=31536000
Etag: W/"0-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11984
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
cmahospital.com/assets/vendor,_waypoints,_jquery.waypoints.min.js+vendor,_counterup,_counterup.min.js+vendor,_isotope-layout,_isotope.pkgd.min.js+vendor,_venobox,_venobox.min.js+js,_owl.carousel.min.js+vendor,_aos,_aos.js.pagespeed.jc.qWzdJHwtZO.js
135.181.176.108200 OK 29 kB URL HTTP/1.1 cmahospital.com/assets/vendor,_waypoints,_jquery.waypoints.min.js+vendor,_counterup,_counterup.min.js+vendor,_isotope-layout,_isotope.pkgd.min.js+vendor,_venobox,_venobox.min.js+js,_owl.carousel.min.js+vendor,_aos,_aos.js.pagespeed.jc.qWzdJHwtZO.js
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (35951)
Hash 6f5417c7e20d8f753ff290fbb5e0d605
211f3485e32475c946c7a13c9e3afe8a92ac8aff
9abd8c5ac2e66c7850494898ebe0bc48787697bc15555c4d932e8812e9543786
Analyzer Verdict Alert fortinet Phishing
GET /assets/vendor,_waypoints,_jquery.waypoints.min.js+vendor,_counterup,_counterup.min.js+vendor,_isotope-layout,_isotope.pkgd.min.js+vendor,_venobox,_venobox.min.js+js,_owl.carousel.min.js+vendor,_aos,_aos.js.pagespeed.jc.qWzdJHwtZO.js HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:43 GMT
Server: Apache
Accept-Ranges: bytes
Expires: Sat, 02 Dec 2023 09:03:36 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Fri, 02 Dec 2022 09:03:36 GMT
X-Original-Content-Length: 91498
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 29243
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6f32d3238eb07ffa44dad668d2cf8f13
d144992f3ce23834eb502de016e7c752b51b7eaf
5039e9d0850d1cbb5e2b895d5d1dc45ca1dc63a829ff10968c49454e93f65756
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4169
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:43 GMT
Last-Modified: Fri, 02 Dec 2022 07:54:14 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
cmahospital.com/scripts.4c4bc5ec0f005d98.js.pagespeed.ce.1VOc2gNcF6.js
135.181.176.108200 OK 32 kB URL HTTP/1.1 cmahospital.com/scripts.4c4bc5ec0f005d98.js.pagespeed.ce.1VOc2gNcF6.js
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash 569222a052151c09078f1a433e20a575
7f578bd1fc0497764a2afddae3672f11a200a068
eab182a8dc520c6581451c49b2b46fa406204882f5dd0eca3bb3975f8b8112d9
Analyzer Verdict Alert fortinet Phishing
GET /scripts.4c4bc5ec0f005d98.js.pagespeed.ce.1VOc2gNcF6.js HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:43 GMT
Server: Apache
Accept-Ranges: bytes
X-Original-Content-Length: 89309
Last-Modified: Thu, 24 Nov 2022 12:48:30 GMT
Expires: Sat, 02 Dec 2023 09:03:43 GMT
Cache-Control: max-age=31536000
Etag: W/"0-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 31852
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
code.jquery.com/jquery-3.5.1.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.5.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65451)
Hash 3700d0b271343804b9b9aa1c13efa521
3d6b03dbd74872ca3dfbb0529f6c80943788f918
fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cmahospital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 09:03:43 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669971823.dop209.sk1.t,1669971823.cds212.sk1.hn,1669971823.cds208.sk1.c
X-Firefox-Spdy: h2
cmahospital.com/main.210b25bc21c3bc17.js.pagespeed.ce.DAR2l_Qsqs.js
135.181.176.108200 OK 266 kB URL HTTP/1.1 cmahospital.com/main.210b25bc21c3bc17.js.pagespeed.ce.DAR2l_Qsqs.js
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Size 266 kB (266045 bytes)
Hash b3ace736fd8226305abffa9b87167d70
6866be5ededa43581630960bb5df5c40bb492839
e0471ea66ed7ff1b14667f4b8e763eb2a9e05e8f6f691caa153b2654c98f6573
Analyzer Verdict Alert fortinet Phishing
GET /main.210b25bc21c3bc17.js.pagespeed.ce.DAR2l_Qsqs.js HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:43 GMT
Server: Apache
Accept-Ranges: bytes
X-Original-Content-Length: 1010663
Last-Modified: Thu, 24 Nov 2022 12:48:30 GMT
Expires: Sat, 02 Dec 2023 09:03:43 GMT
Cache-Control: max-age=31536000
Etag: W/"0-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cmahospital.com/assets/wt.png.pagespeed.ce.vl361IBI4u.png
135.181.176.108200 OK 8.5 kB URL HTTP/1.1 cmahospital.com/assets/wt.png.pagespeed.ce.vl361IBI4u.png
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image\012- data
Hash be5dfad48048e2e4ed9e1eebe2caf2d7
c2c8f35af9014fba95b12aeb781e9a086fa6dabd
6e3ba2713aa2003d2ff04f3be9d58165bc93d7d78eb40b138eb41884695e1c1a
GET /assets/wt.png.pagespeed.ce.vl361IBI4u.png HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:43 GMT
Server: Apache
Link: <http://cmahospital.com/assets/wt.png>; rel="canonical"
Accept-Ranges: bytes
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Expires: Sat, 02 Dec 2023 09:03:43 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
X-Original-Content-Length: 8500
Content-Length: 8500
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
kit.fontawesome.com/a076d05399.js
104.18.22.52403 Forbidden 22 B URL HTTP/2 kit.fontawesome.com/a076d05399.js
IP 104.18.22.52:0
File type ASCII text, with no line terminators
Hash fd97e4f669829c0ab67c2203a6840a09
3cf1ecf50b3c929fb32a43896505db3ff9602275
6ee8906b2c990cc0ccd14c16ed0482a5b6dcacf438908ff2d8a98a4c4d5a35e3
GET /a076d05399.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cmahospital.com
Connection: keep-alive
Referer: http://cmahospital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Fri, 02 Dec 2022 09:03:43 GMT
content-type: text/plain; charset=utf-8
content-length: 22
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; preload
x-request-id: Fyzuhqbt7EcKGrfEw-cB
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7732e41a6b19b518-OSL
X-Firefox-Spdy: h2
cmahospital.com/assets/vendor/ionicons/css/A.ionicons.min.css.pagespeed.cf.tRNH2Z561x.css
135.181.176.108200 OK 7.8 kB URL HTTP/1.1 cmahospital.com/assets/vendor/ionicons/css/A.ionicons.min.css.pagespeed.cf.tRNH2Z561x.css
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (50800), with no line terminators
Hash a6cc0bfdc495046cb6b0ecf23f9f6cda
4f944c93695d61da22b281293c343e1f0f407289
32f56b37209eb7957dd85d5abb067df8bb1d1d5c23ad1763ae47313a7035095e
GET /assets/vendor/ionicons/css/A.ionicons.min.css.pagespeed.cf.tRNH2Z561x.css HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Accept-Ranges: bytes
Expires: Sat, 02 Dec 2023 09:03:38 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Fri, 02 Dec 2022 09:03:38 GMT
X-Original-Content-Length: 51284
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7791
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
cmahospital.com/assets/vendor/aos/A.aos.css.pagespeed.cf.J8x5I2X53e.css
135.181.176.108200 OK 2.2 kB URL HTTP/1.1 cmahospital.com/assets/vendor/aos/A.aos.css.pagespeed.cf.J8x5I2X53e.css
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (26225), with no line terminators
Hash 8e76a04319b62700dbb15c006703bc71
07a60d1ab3115371aca1968c873a9c8ec10df489
134b1abc6a8abffe72247b203eb05f5c0662d3b341a02f3d622701ad2bf72cbb
GET /assets/vendor/aos/A.aos.css.pagespeed.cf.J8x5I2X53e.css HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Accept-Ranges: bytes
Expires: Sat, 02 Dec 2023 09:03:38 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Fri, 02 Dec 2022 09:03:38 GMT
X-Original-Content-Length: 29892
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2208
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cmahospital.com/assets/vendor/animate.css/A.animate.min.css.pagespeed.cf.M3aj0gs58u.css
135.181.176.108200 OK 4.9 kB URL HTTP/1.1 cmahospital.com/assets/vendor/animate.css/A.animate.min.css.pagespeed.cf.M3aj0gs58u.css
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash cbc7ceac9dbdb83f0dc39f65d0d563af
a61dfcf0b87ccdd30ad3efc48d4a2dcef765e1a1
5cd6aaac84a0226716efa3ee9ecec1ea65252e7d97b69930cbf56c7230c39e7d
GET /assets/vendor/animate.css/A.animate.min.css.pagespeed.cf.M3aj0gs58u.css HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Accept-Ranges: bytes
Expires: Sat, 02 Dec 2023 09:03:38 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Fri, 02 Dec 2022 09:03:38 GMT
X-Original-Content-Length: 71752
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4934
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cmahospital.com/assets/vendor/font-awesome/css/A.font-awesome.min.css.pagespeed.cf.jBrWCt-D4j.css
135.181.176.108200 OK 6.8 kB URL HTTP/1.1 cmahospital.com/assets/vendor/font-awesome/css/A.font-awesome.min.css.pagespeed.cf.jBrWCt-D4j.css
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (30800), with no line terminators
Hash d3439476f3bb19847c96723285de0d28
46475fe55ff670a511bea04c607e000a70ccc452
cd9322824e011f76d50fdc8062a9270ac59666579810f82efe38e1307d831083
GET /assets/vendor/font-awesome/css/A.font-awesome.min.css.pagespeed.cf.jBrWCt-D4j.css HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Accept-Ranges: bytes
Expires: Sat, 02 Dec 2023 09:03:38 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Fri, 02 Dec 2022 09:03:38 GMT
X-Original-Content-Length: 31000
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6823
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cmahospital.com/assets/vendor/owl.carousel/assets/A.owl.carousel.min.css.pagespeed.cf.XgsDem09xO.css
135.181.176.108200 OK 969 B URL HTTP/1.1 cmahospital.com/assets/vendor/owl.carousel/assets/A.owl.carousel.min.css.pagespeed.cf.XgsDem09xO.css
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (3213), with no line terminators
Hash 2617765d00c25e60517e00ea8f78bf06
1bfa0506b7b6fbbe27d955707ac4ccc75b84cfbb
39daddab56675a372f4eadcab41ef93a094cdb4b5489eb4da59b21b988dfe28f
GET /assets/vendor/owl.carousel/assets/A.owl.carousel.min.css.pagespeed.cf.XgsDem09xO.css HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Accept-Ranges: bytes
Expires: Sat, 02 Dec 2023 09:03:38 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Fri, 02 Dec 2022 09:03:38 GMT
X-Original-Content-Length: 3351
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 969
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
cmahospital.com/assets/vendor/bootstrap/css/bootstrap.min.css.pagespeed.ce.Ov4V6XZzTZ.css
135.181.176.108200 OK 24 kB URL HTTP/1.1 cmahospital.com/assets/vendor/bootstrap/css/bootstrap.min.css.pagespeed.ce.Ov4V6XZzTZ.css
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65324)
Hash d8b8037e618e0918d03629a24a43a355
7077dc2c260d5f0d65986a308a38f3053c290458
acbb0054514eb6bd2c1abf982c5a077e8e2b1feaf59beb0dfc4ccec937f16bef
GET /assets/vendor/bootstrap/css/bootstrap.min.css.pagespeed.ce.Ov4V6XZzTZ.css HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Accept-Ranges: bytes
X-Original-Content-Length: 160403
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Expires: Sat, 02 Dec 2023 09:03:44 GMT
Cache-Control: max-age=31536000
Etag: W/"0-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23845
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cmahospital.com/assets/css/A.style.css.pagespeed.cf.POlxdHmrso.css
135.181.176.108200 OK 6.1 kB URL HTTP/1.1 cmahospital.com/assets/css/A.style.css.pagespeed.cf.POlxdHmrso.css
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (24256), with CRLF line terminators
Hash 11c3841441e96f44c6ebd8ac0acd2e79
719d3e6f6e925a570c510c7cf9bfa85a7dc89c8b
407a4228ff8fe3bbb8045b85f045c44c6807f75355a2922dc9fe9cf60f68e065
GET /assets/css/A.style.css.pagespeed.cf.POlxdHmrso.css HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Accept-Ranges: bytes
Expires: Sat, 02 Dec 2023 09:03:38 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Fri, 02 Dec 2022 09:03:38 GMT
X-Original-Content-Length: 49616
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6062
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
cmahospital.com/assets/vendor/venobox/A.venobox.css.pagespeed.cf.kq0U_MbBme.css
135.181.176.108200 OK 2.7 kB URL HTTP/1.1 cmahospital.com/assets/vendor/venobox/A.venobox.css.pagespeed.cf.kq0U_MbBme.css
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (18735), with no line terminators
Hash c471c57f8de87eda1f3c95de77dc27c1
04311d71a72939e69badb092665bb08431b10027
1cfa9e843f907a19fafd4a17c2c35466a2324cdb65708a85f1b76f72b65389b0
GET /assets/vendor/venobox/A.venobox.css.pagespeed.cf.kq0U_MbBme.css HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Accept-Ranges: bytes
Expires: Sat, 02 Dec 2023 09:03:38 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Fri, 02 Dec 2022 09:03:38 GMT
X-Original-Content-Length: 20309
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2730
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 08:11:15 GMT
cache-control: public,max-age=3600
age: 3149
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
142.250.74.35200 OK 39 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 39372, version 1.0\012- data
Hash 40b6965b5cd26213faf61e5ab6765bb9
8b040e0fc0c40e0e7ce54eba07eda98f35512948
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cmahospital.com
Connection: keep-alive
Referer: http://cmahospital.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 22:37:34 GMT
expires: Sun, 26 Nov 2023 22:37:34 GMT
cache-control: public, max-age=31536000
age: 469570
last-modified: Mon, 15 Aug 2022 18:20:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cmahospital.com/assets/img/ambulance.png
135.181.176.108200 OK 13 kB URL HTTP/1.1 cmahospital.com/assets/img/ambulance.png
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 310 x 310, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f7fe077c9494b2d72eaa07570813214
1824f6debead1b22c0f3afcaaad1a42ba6b05bf6
9a008e79348bbc6f917a1666198710ffb529399d77ce384d7c02c5cd6cb6da0a
GET /assets/img/ambulance.png HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 12563
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
cmahospital.com/assets/img/map.jpg
135.181.176.108200 OK 16 kB URL HTTP/1.1 cmahospital.com/assets/img/map.jpg
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash cfc4da7810da241e0e6b2d8f3772ef84
db67e5187b552b6a4bed177eb2b7f4c348159e2e
9951ec290cf543f006c713ab008c2a41526d49484c25fe35571930107f4e3a5c
GET /assets/img/map.jpg HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 15508
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
cmahospital.com/assets/img/telmed.png
135.181.176.108200 OK 20 kB URL HTTP/1.1 cmahospital.com/assets/img/telmed.png
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 7bb8915cc3bae39f63b38fb418bc9e1f
bad9e7dcf1e62d66b20908bef59aa8da9c27fc0f
ba68881fd0aa852c01bcd8a7f65cb9ecd5f6a61c8370ff8bcae0b9f1b8639c5c
GET /assets/img/telmed.png HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 20420
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
cmahospital.com/assets/img/Ambulatory.jpg
135.181.176.108200 OK 50 kB URL HTTP/1.1 cmahospital.com/assets/img/Ambulatory.jpg
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, orientation=upper-left, software=Adobe Photoshop CC 2018 (Macintosh)], baseline, precision 8, 1024x582, components 3\012- data
Hash 227aee749665d01325d278a848a3edd5
798fc4946725ce65aac37f461cfa1fd4965ec998
881ac68b472d71820bca979771c650808ad6e2da076aa7a095566547af558ac2
GET /assets/img/Ambulatory.jpg HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 50296
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
cmahospital.com/assets/img/sub.png
135.181.176.108200 OK 35 kB URL HTTP/1.1 cmahospital.com/assets/img/sub.png
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 4c74fc69bc8e23be6c9dd5bfbb2f86ad
cf4c43bda380cc5f94b77bbb83648758a1b753b0
0f9ad3a8481344b624dc33423e32bda278071bfd56f66d8398b931f55e6a9742
GET /assets/img/sub.png HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 35436
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
cmahospital.com/assets/img/logonew.png
135.181.176.108200 OK 22 kB URL HTTP/1.1 cmahospital.com/assets/img/logonew.png
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 380 x 86, 8-bit/color RGBA, non-interlaced\012- data
Hash ff015a04a0bac51b792171c1612b055b
cbf9c188de55af0c8227ed49abad6cc92d2a9688
cd083abbae2c3454be3cab03bd54d23a62396f5c965f8de489577b11d8a23b04
GET /assets/img/logonew.png HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 22030
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
cmahospital.com/assets/img/Subscribers.jpg
135.181.176.108200 OK 108 kB URL HTTP/1.1 cmahospital.com/assets/img/Subscribers.jpg
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left], baseline, precision 8, 1600x910, components 3\012- data
Size 108 kB (107804 bytes)
Hash a3e7e5217dbe0e4d2a939cfecf1e0eaf
5a399eef49dac2c40e64b6fcf4f1daaf78cfe0fa
6673e28accbfe13cb1937d7c8b505434a421373125e9f61d0a90b775d47dc28f
GET /assets/img/Subscribers.jpg HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 107804
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
cmahospital.com/assets/img/Telemedicine.jpg
135.181.176.108200 OK 156 kB URL HTTP/1.1 cmahospital.com/assets/img/Telemedicine.jpg
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [\012- TIFF image data, big-endian, direntries=3, orientation=upper-left], baseline, precision 8, 1600x910, components 3\012- data
Size 156 kB (155791 bytes)
Hash 778d04c7605d5de9078b668bc62fdc5e
0ae71a78d0a59b2c1d8748bd3dc57034ef1a8e3e
5c30ec0f366b797cb100a80c18c5a44e3ac0beabab51004c7f38c4a8845ff5a6
GET /assets/img/Telemedicine.jpg HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 155791
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
cmahospital.com/assets/img/entt.jpg
135.181.176.108200 OK 51 kB URL HTTP/1.1 cmahospital.com/assets/img/entt.jpg
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 632x464, components 3\012- data
Hash c0f2cfe80c3dec14ded550e07c372cb8
d42785ea73733044f4191b646ca8c442e6d78bb2
42218dd5edf9e01cb99928e7153151f0123093cc5355082c40fce1cb5bc6ac73
GET /assets/img/entt.jpg HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 51185
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
cmahospital.com/assets/img/Psychiatrist.jpg
135.181.176.108200 OK 84 kB URL HTTP/1.1 cmahospital.com/assets/img/Psychiatrist.jpg
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=Paint.NET v3.5.11], baseline, precision 8, 632x464, components 3\012- data
Hash 46140c248ec1c650f3978b93f5c077fe
b251d93bb586b95e1a71f97676ae127434da4f22
5861f08831e4794ac37e21f378f81c45b4a117c646487618b73f54e64db84f00
GET /assets/img/Psychiatrist.jpg HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 84021
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4900
Cache-Control: max-age=91485
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:44 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:28:29 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
cmahospital.com/assets/img/Findnear.jpg
135.181.176.108200 OK 310 kB URL HTTP/1.1 cmahospital.com/assets/img/Findnear.jpg
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 1600x910, components 3\012- data
Size 310 kB (310352 bytes)
Hash fc1099b9360f501fd88df876c4855cb3
4a12b7486344547e571be85ae268edfb3de2658b
9d3c9e4507a2530345a123316402236de3dc041ee81e0b78ed65747498dd91a4
GET /assets/img/Findnear.jpg HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 310352
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
cmahospital.com/assets/img/facts-img.png
135.181.176.108404 Not Found 315 B URL HTTP/1.1 cmahospital.com/assets/img/facts-img.png
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /assets/img/facts-img.png HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
cmahospital.com/assets/img/sore-throat.png
135.181.176.108200 OK 31 kB URL HTTP/1.1 cmahospital.com/assets/img/sore-throat.png
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash c1d0bfbb8934621ce9f1a3a66e296c4e
782d24eaefa1066a85ec7f6440cd16e9e322e60b
c72a51cd554a5aa66c37f9d092cdce5a3e4778be484ec4ddfef1fd69dad3d61b
GET /assets/img/sore-throat.png HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 30749
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
cmahospital.com/assets/img/Cardiology1.jpg
135.181.176.108200 OK 106 kB URL HTTP/1.1 cmahospital.com/assets/img/Cardiology1.jpg
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 632x464, components 3\012- data
Size 106 kB (106498 bytes)
Hash 97a16e69a1fe1ac930f6025febcea134
9778a792557f12b87ab7493f0681660cc537d033
2ec1f5095858a15c57b5a717b151a444b467422b57d76aa35f970c076402c987
GET /assets/img/Cardiology1.jpg HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 106498
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
cmahospital.com/assets/img/mental-health.png
135.181.176.108200 OK 40 kB URL HTTP/1.1 cmahospital.com/assets/img/mental-health.png
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 9142dbe5c8d1b68153de8ba9c0125f3f
29b718d4ff7fa79e78a8cde13d27062764002c12
86798dc146ead7e345ca5ab12e4f20aad0e3bccde51b260d19f9d58337d8f25b
GET /assets/img/mental-health.png HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 39912
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
cmahospital.com/assets/img/508735.png
135.181.176.108200 OK 22 kB URL HTTP/1.1 cmahospital.com/assets/img/508735.png
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash c20936b068bbf259023c3561bb8e3d95
01d7a69c12623d0766709b262397d952454dc02b
66733d2b96a87f8d3ea80de8af9d67c8273c8dc1dc8a199c07d46d1f57c985bb
GET /assets/img/508735.png HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 22424
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
cmahospital.com/assets/img/intro-carousel/doc.png
135.181.176.108200 OK 35 kB URL HTTP/1.1 cmahospital.com/assets/img/intro-carousel/doc.png
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 770x512, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 69b019bb9be2232f7e40ca34d844f540
d915314010ac1e1422c2135eadfb191b067a5239
cd2727678b82cc0647461e98bc759c37035a230f3095a2cfbdb92acc60d0b066
GET /assets/img/intro-carousel/doc.png HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 35218
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
cmahospital.com/assets/img/flier.jpeg
135.181.176.108200 OK 32 kB URL HTTP/1.1 cmahospital.com/assets/img/flier.jpeg
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [\012- TIFF image data, big-endian, direntries=3, orientation=upper-left], baseline, precision 8, 336x336, components 3\012- data
Hash 9b3683e7a2bef0d61c8ab657f167b549
83b2f792bbad6c7a0b8397328150b1fbf985a9df
88af2b5e0e6057a111264093f862f9ca862a55055596553990aa597fd09b5ae6
Analyzer Verdict Alert fortinet Phishing
GET /assets/img/flier.jpeg HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 32490
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
cmahospital.com/assets/img/intro-carousel/2.jpg
135.181.176.108200 OK 110 kB URL HTTP/1.1 cmahospital.com/assets/img/intro-carousel/2.jpg
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", baseline, precision 8, 818x586, components 3\012- data
Size 110 kB (109474 bytes)
Hash 4896e235352a60dfa374d4de83e916a6
b39952750fdeb29dde7eabdf485559405e5896bf
0485f9f433e420569eddcc3938c1bb8dd1f7c139da5ec7ed07d656601d7adf3e
GET /assets/img/intro-carousel/2.jpg HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 109474
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
142.250.74.35200 OK 128 kB URL HTTP/2 fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 128360, version 1.0\012- data
Size 128 kB (128360 bytes)
Hash 393b5d8b3fd798486652801f3ee8c6ea
979383e09be691921a211f5fc4ef97fc4406e4dd
83be7b2f504af2c948c5106fa907dc4224380a7b75a993a7bff52cd71ec8c7d3
GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cmahospital.com
Connection: keep-alive
Referer: http://cmahospital.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128360
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 20:30:48 GMT
expires: Fri, 01 Dec 2023 20:30:48 GMT
cache-control: public, max-age=31536000
age: 45176
last-modified: Thu, 25 Aug 2022 00:09:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cmahospital.com/assets/img/intro-carousel/dentist.jpg
135.181.176.108200 OK 92 kB URL HTTP/1.1 cmahospital.com/assets/img/intro-carousel/dentist.jpg
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1200x900, components 3\012- data
Hash c893d1eb176c7fde642a95685e3bb18d
58e7e71561fb08634b949e962194213ed1397bdf
bea8f4ebb7fef7c96c743ad84cb37455cbffaa941df170cda5ca72548c11bc03
GET /assets/img/intro-carousel/dentist.jpg HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 91457
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
cmahospital.com/assets/img/intro-carousel/medicine.jpg
135.181.176.108200 OK 904 kB URL HTTP/1.1 cmahospital.com/assets/img/intro-carousel/medicine.jpg
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 2550x1700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 904 kB (903916 bytes)
Hash 61ae559697ce8b8db850bad6bb7916ff
5f696524107160d8d7ac3f78c21de20a123eef2d
564c1e1628608e3c389f3c606e360b9b041d1da53fbb3dcbae99dc1fc5b05f79
GET /assets/img/intro-carousel/medicine.jpg HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 903916
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
cmahospital.com/styles.636e12b175650be6.css.pagespeed.ce.icG8EB-BZR.css
135.181.176.108200 OK 16 kB URL HTTP/1.1 cmahospital.com/styles.636e12b175650be6.css.pagespeed.ce.icG8EB-BZR.css
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9deaee13f088a905f4f8ad54ee886069
f8ee038ec527b7a6c5f0756156fb9ab1a07cecfb
494d6d0db07f1621392b1edd6529ed8fc59ea4f8c99f14507431358df9b26761
GET /styles.636e12b175650be6.css.pagespeed.ce.icG8EB-BZR.css HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Accept-Ranges: bytes
X-Original-Content-Length: 132122
Last-Modified: Thu, 24 Nov 2022 12:48:30 GMT
Expires: Sat, 02 Dec 2023 09:03:44 GMT
Cache-Control: max-age=31536000
Etag: W/"0-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16436
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
cmahospital.com/favicon.ico
135.181.176.108200 OK 15 kB URL HTTP/1.1 cmahospital.com/favicon.ico
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 0ad92f6400755ddc8d5d6fa924f1194e
497842a3a38bce7960a2192dba106fc37d61dfff
0cecea708b35c1a0f45e571bf72f30f0636e682e9d9024875339cb47453a91e8
GET /favicon.ico HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Fri, 12 Aug 2022 15:26:34 GMT
Accept-Ranges: bytes
Content-Length: 15406
Vary: Accept-Encoding
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/x-icon
cmahospital.com/assets/vendor/ionicons/fonts/ionicons.ttf?v=2.0.0
135.181.176.108200 OK 188 kB URL HTTP/1.1 cmahospital.com/assets/vendor/ionicons/fonts/ionicons.ttf?v=2.0.0
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type TrueType Font data, 15 tables, 1st "FFTM", 14 names, Macintosh\012- data
Size 188 kB (188508 bytes)
Hash 24712f6c47821394fba7942fbb52c3b2
1b0a0de084905946a20300ca8c354865dec46764
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
Analyzer Verdict Alert fortinet Phishing
GET /assets/vendor/ionicons/fonts/ionicons.ttf?v=2.0.0 HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cmahospital.com/assets/vendor/ionicons/css/A.ionicons.min.css.pagespeed.cf.tRNH2Z561x.css
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 188508
Vary: Accept-Encoding
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/ttf
cmahospital.com/assets/vendor/icofont/fonts/icofont.woff2
135.181.176.108200 OK 538 kB URL HTTP/1.1 cmahospital.com/assets/vendor/icofont/fonts/icofont.woff2
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format (Version 2), TrueType, length 537868, version 1.0\012- data
Size 538 kB (537868 bytes)
Hash 50a4ab76e700a83e649be213f820fbbd
28ad9e9ac82f86c50eb4dd3d713a0698473bdbb3
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1
Analyzer Verdict Alert fortinet Phishing
GET /assets/vendor/icofont/fonts/icofont.woff2 HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://cmahospital.com/assets/vendor/icofont/A.icofont.min.css.pagespeed.cf.Vfk_Jh7Ldv.css
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:03:44 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 08:52:04 GMT
Accept-Ranges: bytes
Content-Length: 537868
Vary: Accept-Encoding
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff2
push.services.mozilla.com/
54.149.149.164101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.149.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: r5bEAo0QtI6PWnQmxZosaA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: e6u1FQDmp7yf8mpAWySiKdwN8Aw=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da32e4b24f4f95e4e807cff2459f54c3
02db1c6d628b2f51fa0b46fcb79a71178780bc47
4d6ff368a64dc83f4a637fbf44b2256523ca7c43b824022f8f6428de6cfae368
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.102200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.102:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 08:51:04 GMT
expires: Fri, 02 Dec 2022 09:06:04 GMT
cache-control: public, max-age=900
age: 761
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 02 Dec 2022 09:03:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da32e4b24f4f95e4e807cff2459f54c3
02db1c6d628b2f51fa0b46fcb79a71178780bc47
4d6ff368a64dc83f4a637fbf44b2256523ca7c43b824022f8f6428de6cfae368
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 02 Dec 2022 09:03:45 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 315873c315af2be891e63f8b421bae65
5277bb0c4fea2b036c6faf28d66395c96166ffd2
3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 0bcc282e3b2f3512582c93f79c6f020e
96e75da8c2c2842af274821051fc62f09f070801
e479bc9e6253c44592b20693896b6968759b7dc039ab1e6c9eddc7ee16386604
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 02 Dec 2022 09:03:45 GMT
server: ESF
cache-control: private
content-length: 30813
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/YkfklCtf3s5-_1quWHAnTHHVaBZ-i7ToAeXFpu3i2Ro.js
142.250.74.132200 OK 14 kB URL HTTP/2 www.google.com/js/th/YkfklCtf3s5-_1quWHAnTHHVaBZ-i7ToAeXFpu3i2Ro.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (36162)
Hash e9bf756aa2fac02f3307febffa242635
d0da1ab271c03a49fe6499a38e6f3c34d396c5d4
12655f58f30c13fae1942aae99ace0d8e450ead33ec120b89d78fd98a279e0bb
GET /js/th/YkfklCtf3s5-_1quWHAnTHHVaBZ-i7ToAeXFpu3i2Ro.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14349
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:04:55 GMT
expires: Wed, 29 Nov 2023 05:04:55 GMT
cache-control: public, max-age=31536000
age: 273530
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ebd276a987cbfec50bf95ce593a6dbc6
0b03e0bb38915c84e23d9369d7f2947d6d73bafb
de4074bc2d166b559380d23f3d9e70e7eda87fd0fef61d5104db6d2ba221f45c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a7b2c025a2920fe089ddebaf876d45d
f189d6c447af2b5405fd62036e2a42d15fcdccf6
752b233c690105130d22c8d7df624c97b21e9864e7ae140987ecf04d153c0dfa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15798
Expires: Fri, 02 Dec 2022 13:27:03 GMT
Date: Fri, 02 Dec 2022 09:03:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15798
Expires: Fri, 02 Dec 2022 13:27:03 GMT
Date: Fri, 02 Dec 2022 09:03:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15798
Expires: Fri, 02 Dec 2022 13:27:03 GMT
Date: Fri, 02 Dec 2022 09:03:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15798
Expires: Fri, 02 Dec 2022 13:27:03 GMT
Date: Fri, 02 Dec 2022 09:03:45 GMT
Connection: keep-alive
yt3.ggpht.com/ytc/AMLnZu-TN65idhNwGzHHpnGZHHGpTas7f5i76TdsMiJotQv90S1DsubPAo7KPspRrf1P=s68-c-k-c0x00ffffff-no-rj
216.58.207.225200 OK 948 B URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu-TN65idhNwGzHHpnGZHHGpTas7f5i76TdsMiJotQv90S1DsubPAo7KPspRrf1P=s68-c-k-c0x00ffffff-no-rj
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 850ae53e8602475e72cbd3c1cf2ee6ce
7bba9b8eee738fbd3f116896ec0eff408a7ac697
ae3f45d545960c7d2b36005faebdc24dc0a48c705c2774373a5f36e515ff5ed4
GET /ytc/AMLnZu-TN65idhNwGzHHpnGZHHGpTas7f5i76TdsMiJotQv90S1DsubPAo7KPspRrf1P=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 948
x-xss-protection: 0
date: Fri, 02 Dec 2022 08:54:36 GMT
expires: Sat, 03 Dec 2022 08:54:36 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 549
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash ebf5b2b90d6f2bfaefc153a58c4fa1a5
f69f5764aad51fcd8876969597f3eeb3c8983074
029f01bd8f7b506caa9a6f8f2f7304cc2ad61db3370646ce286b82632f14828b
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 02 Dec 2022 09:03:45 GMT
server: ESF
cache-control: private
content-length: 31057
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 34 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
Hash d18e277db2d761fd9d988c1c89f907a9
9a6c2556ca2dd17656dec1d4d9e10baa265b8a99
cf1b43f3b6126dd013e6203a4108f7b33bf4fab2ac528e062276733eba607890
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 00:54:54 GMT
age: 29331
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 41338
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d147ccb10bda82b153a596c3c967cd6a
ffd0763f997e71a8c1458523fc17cafe8849dfdf
1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:08:56 GMT
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
content-type: image/jpeg
age: 39289
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 498ab4412ed5cf977bc23e4e870894b0
23753fe8af09ec8ffa10eed4d201a71833885c99
036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 17nFm7AQdmRYS_af-EJ4XBVw8l3YudcphlpcZMveuVjvjhhYdkAQsw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:33:10 GMT
age: 37835
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82ea44d6cb116fb1f5752ce9bb87e345
f799dfd89a4f5a452dc837b8616549f578fb4184
e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15495
x-amzn-requestid: 977cdbce-3a9c-4006-a5a1-5c4c82bd4a94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDIFxzIAMFzEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-4b2cb3a16ca745537a8caf8c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nwKxQKsw8g5zCzfMFu_XpOac5rhImez29TKrycGJzozZyHTzoCHASw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:20:06 GMT
age: 38619
etag: "f799dfd89a4f5a452dc837b8616549f578fb4184"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c7113338bc3310b13d23ca415c177e2
2cb4edc6b161c6d2d5b47aa498ae54e677966466
3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10270
x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfG1nEvYoAMFliA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NQ21d2_5JO2Ym-LEnDecub9bK6wUyvM2zUf_XpfMGag83fVWlMjT8w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:09 GMT
age: 40416
etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cmahospital.com/mod_pagespeed_beacon?url=http%3A%2F%2Fcmahospital.com%2F
135.181.176.108204 No Content 0 B URL HTTP/1.1 cmahospital.com/mod_pagespeed_beacon?url=http%3A%2F%2Fcmahospital.com%2F
IP 135.181.176.108:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
POST /mod_pagespeed_beacon?url=http%3A%2F%2Fcmahospital.com%2F HTTP/1.1
Host: cmahospital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 41
Origin: http://cmahospital.com
Connection: keep-alive
Referer: http://cmahospital.com/
HTTP/1.1 204 No Content
Date: Fri, 02 Dec 2022 09:03:45 GMT
Server: Apache
Cache-Control: max-age=0, no-cache
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
i.ytimg.com/vi/UQ97YgjJQlo/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGGUgVShMMA8=&rs=AOn4CLDddsLcY-nxs65hskNJGmGiNQfa4Q
142.250.74.54200 OK 41 kB URL HTTP/2 i.ytimg.com/vi/UQ97YgjJQlo/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGGUgVShMMA8=&rs=AOn4CLDddsLcY-nxs65hskNJGmGiNQfa4Q
IP 142.250.74.54:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash c294369cf6030fded80055e9178d8049
9c11cb788689922e829d54630f935e9060df0275
dd0e330385407164f43e594e1828f63745a5e7283d40fd323daced9fe931ef2a
GET /vi/UQ97YgjJQlo/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGGUgVShMMA8=&rs=AOn4CLDddsLcY-nxs65hskNJGmGiNQfa4Q HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 41325
date: Fri, 02 Dec 2022 09:03:45 GMT
expires: Fri, 02 Dec 2022 11:03:45 GMT
cache-control: public, max-age=7200
etag: "1622183596"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/F8wnDtI55Vo/sddefault.webp
142.250.74.54200 OK 36 kB URL HTTP/2 i.ytimg.com/vi_webp/F8wnDtI55Vo/sddefault.webp
IP 142.250.74.54:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7c128471b3a0d434bad0639bec97b393
d0fa823d74498bcb51a091fe478805641b7c6f9a
8790188cd7ad03022ecc9a21dbe6c3ef8dd3bf3014964dd8894f1e4912b8839d
GET /vi_webp/F8wnDtI55Vo/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 36280
date: Fri, 02 Dec 2022 09:03:45 GMT
expires: Fri, 02 Dec 2022 11:03:45 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ebd276a987cbfec50bf95ce593a6dbc6
0b03e0bb38915c84e23d9369d7f2947d6d73bafb
de4074bc2d166b559380d23f3d9e70e7eda87fd0fef61d5104db6d2ba221f45c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a7b2c025a2920fe089ddebaf876d45d
f189d6c447af2b5405fd62036e2a42d15fcdccf6
752b233c690105130d22c8d7df624c97b21e9864e7ae140987ecf04d153c0dfa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:03:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 02 Dec 2022 09:03:45 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0fc684e61682c4078a82ee3d901ae52
ea65ad98933ec58afa3fa5c7642491d77db7e6c2
5e953012dba2b85cfda5befe2448ab87fbc2432a071e11a33b44be4f5148a4a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6752
x-amzn-requestid: f398ce98-353e-4783-aa42-dbf1ad036ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepE6roAMF4zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0753d209291e197e7c6422a6;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JZAFwGz7kAWplsA1qeraQTjirrZb29JTnUPii5BcPg5tzxcBLtt0WA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:24:25 GMT
etag: "ea65ad98933ec58afa3fa5c7642491d77db7e6c2"
content-type: image/jpeg
age: 38367
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
188.114.99.234200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP 188.114.99.234:0
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cmahospital.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 09:03:43 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 15416071
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7732e41a6cfdfac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.14200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.14:0
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cmahospital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Fri, 02 Dec 2022 09:03:43 GMT
date: Fri, 02 Dec 2022 09:03:43 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=vFdjRO16ibE; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=OtrMVm3Ffh4; Domain=.youtube.com; Expires=Wed, 31-May-2023 09:03:43 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+512; expires=Sun, 01-Dec-2024 09:03:43 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2