r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11659
Expires: Tue, 31 Jan 2023 11:24:49 GMT
Date: Tue, 31 Jan 2023 08:10:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12016
Expires: Tue, 31 Jan 2023 11:30:46 GMT
Date: Tue, 31 Jan 2023 08:10:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 07:35:52 GMT
content-type: application/json
age: 2078
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2965
Expires: Tue, 31 Jan 2023 08:59:55 GMT
Date: Tue, 31 Jan 2023 08:10:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PSTV6r3u7eU/yeg4CzMOsnZ0t7Zs+agvI2s+X/wMlZb3B4XdHJXO4265AuiSEWsvBJHs2aHGn9M=
x-amz-request-id: DTQJXZHHWXHNGCS5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 07:51:05 GMT
age: 1165
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:10:30 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 07:49:04 GMT
age: 1287
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6378
Expires: Tue, 31 Jan 2023 09:56:49 GMT
Date: Tue, 31 Jan 2023 08:10:31 GMT
Connection: keep-alive
maxclinic.ru/excels/error.php
91.189.114.8301 Moved Permanently 370 B URL HTTP/1.1 maxclinic.ru/excels/error.php
IP 91.189.114.8:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b71e4be1ae3c45acf72e7a9bc76dc291
6ab32ad4cecf98caa360aff2f8c978287d510843
ae070c3dcff74a04054d21c4f857c225867d1e6302019b092f6ee8c5377663bf
Analyzer Verdict Alert fortinet Phishing
GET /excels/error.php HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: openresty
Date: Tue, 31 Jan 2023 08:10:31 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 370
Connection: keep-alive
Location: https://maxclinic.ru/excels/error.php
push.services.mozilla.com/
35.83.201.49101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.201.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xrBMaljb8/ExntzVARyZng==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1ROGyWNeAjT2e0HGQ6GIlGqEmVw=
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 7707b3ce3a1b158d4ff83ce9dddcf915
0b7f4128e62d119b497cb6f860b3c78efd8b508f
418e9a5afa0c81ad3ede3922580f46748650315b6c5322567c53d5c4bd01f0a9
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:10:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 04 Feb 2023 08:02:28 GMT
ETag: "0b7f4128e62d119b497cb6f860b3c78efd8b508f"
Last-Modified: Tue, 31 Jan 2023 08:02:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7920f8abec37fac4-OSL
maxclinic.ru/excels/error.php
91.189.114.8301 Moved Permanently 0 B URL HTTP/2 maxclinic.ru/excels/error.php
IP 91.189.114.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /excels/error.php HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: openresty
date: Tue, 31 Jan 2023 08:10:32 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://maxclinic.ru
x-powered-by: PHP/7.4.29
expires: Tue, 31 Jan 2023 09:10:32 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11818
Expires: Tue, 31 Jan 2023 11:27:30 GMT
Date: Tue, 31 Jan 2023 08:10:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11818
Expires: Tue, 31 Jan 2023 11:27:30 GMT
Date: Tue, 31 Jan 2023 08:10:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11818
Expires: Tue, 31 Jan 2023 11:27:30 GMT
Date: Tue, 31 Jan 2023 08:10:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11818
Expires: Tue, 31 Jan 2023 11:27:30 GMT
Date: Tue, 31 Jan 2023 08:10:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa70b0b84-f0e7-44e4-a574-ee3e55fbc0d3.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa70b0b84-f0e7-44e4-a574-ee3e55fbc0d3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b43468b05cd1fd11c398263a80e4edb2
02e964ea5a88c866267ac6c5601bfcde26ffd42b
19783f05297f7ed5d7ca8cec0fc0e1676831275ac48f1510a4f410dbe2802314
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa70b0b84-f0e7-44e4-a574-ee3e55fbc0d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4634
x-amzn-requestid: 2941da94-203c-47d1-99ee-d864bdbf6993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffCAHF9kIAMFrUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e39a-78bb7189351d830a7ef70c67;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hWONP8eVA6h5VMyREx_CgRY2zeb9KUxipWiXdx9dHBtU2YDV07lGXQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 05:35:57 GMT
age: 9275
etag: "02e964ea5a88c866267ac6c5601bfcde26ffd42b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5965fef2-c5a7-4a82-bcdc-41aebc355aff.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5965fef2-c5a7-4a82-bcdc-41aebc355aff.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83d9e98a4575077e7400343c7f2038d2
6ac3ca84e97fa35afff9045f35d45499c0b34a23
da6d6d90a5ea8f5a864f3739591693b5f4b9793f2c4bb971486572f6bf2e940c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5965fef2-c5a7-4a82-bcdc-41aebc355aff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7334
x-amzn-requestid: e62c149b-ca5f-4d0c-8d2d-e8bb2a7f9d8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbvSzH2soAMFiYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d49278-1214fc750a312e46527b2fd7;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 03:11:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: e9kVyPl84SxMlIqs-0wE831KRF1kg1HOPTgntElaEp1RGOsgqB19ZA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 04:10:37 GMT
age: 14395
etag: "6ac3ca84e97fa35afff9045f35d45499c0b34a23"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e575f4c5e3aa793f846cadc8baf386c
f482a4e8e80ea5b6afc29e5cc1a9a2b8c2f0434d
09a5bbe4fb7f23ee43228267f30c1ef0cd8747e515e01c963df0756b866f23ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9700
x-amzn-requestid: 713e2d23-21a3-4b9f-af7b-497d15494cdc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffCYTEBToAMFQMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e434-24782bb73c8760d277497ded;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:12:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _-Hp-dTdgO95bYRa5Y5UkAUHHxHPMM9GFP2qKtbLIIylFOc2SGXjBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 04:10:01 GMT
age: 14431
etag: "f482a4e8e80ea5b6afc29e5cc1a9a2b8c2f0434d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 00:33:02 GMT
age: 27450
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d143b65b98551bde96a7f026808d4583
3e995e5933e6f8c15ecd3bc642ce1778a11f7ca7
004be88ebe2a4840bb718a5148fcf7d2dc1400f6c1c880cee4428d66ba91dbd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9972
x-amzn-requestid: 8a609804-1429-4a2d-abdc-7dc74a83a35b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcWB-GO8oAMF5Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4d072-0a0afc9625eb840c0b14b259;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:36:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uOHt5PEtB9XCEUi1eFA_7pTZsZgHQnvadZNw7BiXJTYMmnYgAzZ7pQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:50:58 GMT
age: 15574
etag: "3e995e5933e6f8c15ecd3bc642ce1778a11f7ca7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49c7c3dd-3b94-47e5-83e3-d08d77011a06.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49c7c3dd-3b94-47e5-83e3-d08d77011a06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5167f99b892b964436e3c85ec115e25d
4f35912cf744f1f8fe875ff13d333ff19a775155
8b2350b0d3cf009164143a9591e62c1fd77fa127cfe01ab6204fe8accd3d11b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49c7c3dd-3b94-47e5-83e3-d08d77011a06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10000
x-amzn-requestid: f4b22eb2-3e65-4b0b-bec9-b2782103cec7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcSZ6FznIAMF_AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4caa5-787125d9270792e5417f2891;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4SuH8GRiQqYRDlMFy3MI4KFbhHKwlDUbovcMITVrWtELKGQGTP-epw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 20:41:22 GMT
age: 41350
etag: "4f35912cf744f1f8fe875ff13d333ff19a775155"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
maxclinic.ru/wp-includes/css/classic-themes.min.css?ver=1
91.189.114.8200 OK 217 B URL HTTP/2 maxclinic.ru/wp-includes/css/classic-themes.min.css?ver=1
IP 91.189.114.8:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: text/css
content-length: 217
last-modified: Sun, 15 Jan 2023 23:18:40 GMT
etag: "63c489d0-d9"
accept-ranges: bytes
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/plugins/comfortable-reading/css/custom.css?ver=6.1.1
91.189.114.8200 OK 978 B URL HTTP/2 maxclinic.ru/wp-content/plugins/comfortable-reading/css/custom.css?ver=6.1.1
IP 91.189.114.8:0
File type ASCII text, with CRLF line terminators
Hash 9431a36057ec36f14e1e59e6aba2af87
e07868288e296de18935be3683e29952ddf179a4
60a84abaf12e44b36fee2b789a4b6ef13cfdca1f3bd7f4912598b57cd29dc2d3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/comfortable-reading/css/custom.css?ver=6.1.1 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: text/css
content-length: 978
last-modified: Tue, 17 Mar 2020 06:14:01 GMT
etag: "5e706aa9-3d2"
accept-ranges: bytes
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
91.189.114.8200 OK 7.5 kB URL HTTP/2 maxclinic.ru/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
IP 91.189.114.8:0
File type Web Open Font Format, TrueType, length 7536, version 1.0\012- data
Hash 04eb8fc57f27498e5ae37523e3bfb2c7
d942ae11706c3f7e511e3c49b0e4574d7ad199c4
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: font/woff
content-length: 7536
last-modified: Mon, 18 Apr 2022 01:39:38 GMT
etag: "625cc15a-1d70"
accept-ranges: bytes
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/uploads/2016/07/logo-nft-2.png
91.189.114.8200 OK 6.6 kB URL HTTP/2 maxclinic.ru/wp-content/uploads/2016/07/logo-nft-2.png
IP 91.189.114.8:0
File type PNG image data, 262 x 80, 8-bit/color RGB, non-interlaced\012- data
Hash 0703074d9e19bb94f0d1c21f81eeb663
17d20e668f823805e401214134ce7ec1fe8e6e64
62ed2e5e99eebe04a5bbb2c27b0e0d1e57692920da24980bdfc996f3bad8f1f8
GET /wp-content/uploads/2016/07/logo-nft-2.png HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: image/png
content-length: 6607
last-modified: Mon, 23 Apr 2018 16:22:55 GMT
etag: "5ade085f-19cf"
accept-ranges: bytes
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/themes/jupiter/assets/images/jupiter-logo.png
91.189.114.8200 OK 12 kB URL HTTP/2 maxclinic.ru/wp-content/themes/jupiter/assets/images/jupiter-logo.png
IP 91.189.114.8:0
File type PNG image data, 200 x 91, 8-bit/color RGBA, non-interlaced\012- data
Hash 41e336581fc561fccaec696add576b6a
dc6e0cac65c8143f1e697c7d50569d46daba77c7
215c4e746976358e5868721da1a32282406f027c529e09508fb0364bb7caeff0
GET /wp-content/themes/jupiter/assets/images/jupiter-logo.png HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: image/png
content-length: 11826
last-modified: Tue, 01 Feb 2022 02:47:48 GMT
etag: "61f89f54-2e32"
accept-ranges: bytes
X-Firefox-Spdy: h2
maxclinic.ru/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
91.189.114.8200 OK 13 kB URL HTTP/2 maxclinic.ru/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 91.189.114.8:0
Hash 261ee5816bffb6b1cc88dd0fe9d4f467
d78e83f7025c125068c7511e5bd339ca3cfd213f
b1b421fdf42a31a20d14ed4a5a7926abfa72289245ad2079d9950f16bb4492eb
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: text/css
last-modified: Sun, 15 Jan 2023 23:18:40 GMT
vary: Accept-Encoding
etag: W/"63c489d0-172a9"
content-encoding: gzip
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/plugins/revslider/public/assets/assets/dummy.png
91.189.114.8200 OK 68 B URL HTTP/2 maxclinic.ru/wp-content/plugins/revslider/public/assets/assets/dummy.png
IP 91.189.114.8:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: image/png
content-length: 68
last-modified: Mon, 18 Apr 2022 01:39:38 GMT
etag: "625cc15a-44"
accept-ranges: bytes
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/themes/jupiter/custom.css?ver=6.1.1
91.189.114.8200 OK 23 B URL HTTP/2 maxclinic.ru/wp-content/themes/jupiter/custom.css?ver=6.1.1
IP 91.189.114.8:0
Hash dc905e8a035c135da58dbf3b2e7ff2ad
1bd78a6df2336c4fb311311c5c381e02ede71dd0
ac53f1881f7a8792b927ececbaa641e4e84e444307b9298ab8dbb46ae15fb47f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jupiter/custom.css?ver=6.1.1 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: text/css
content-length: 23
last-modified: Wed, 02 Nov 2016 00:26:17 GMT
etag: "581932a9-17"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:10:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:10:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maxclinic.ru/wp-content/uploads/mk_assets/theme-options-production.css?ver=1674872712
91.189.114.8200 OK 5.7 kB URL HTTP/2 maxclinic.ru/wp-content/uploads/mk_assets/theme-options-production.css?ver=1674872712
IP 91.189.114.8:0
Hash d8ca4e89a9c3df9a0622ddac86b04c92
dde76a7c9e18d5c002e003e65fd745970a3dddfa
13d8f9f8b873c73a547bb032918e7eb836d04260acba937e57aac8e394f11782
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/mk_assets/theme-options-production.css?ver=1674872712 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: text/css
last-modified: Wed, 25 Jan 2023 23:53:54 GMT
vary: Accept-Encoding
etag: W/"63d1c112-8c63"
content-encoding: gzip
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/uploads/mk_assets/components-production.min.css?ver=1674872712
91.189.114.8200 OK 12 kB URL HTTP/2 maxclinic.ru/wp-content/uploads/mk_assets/components-production.min.css?ver=1674872712
IP 91.189.114.8:0
Hash 06cd9cd40ec49db95675624d86cdc7c9
f8249163027df3f7554ba6e4bed542d687807800
7c0dd3d92390b8909d3ec758a078c309490aed5307062a556e455b8e16a39716
GET /wp-content/uploads/mk_assets/components-production.min.css?ver=1674872712 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: text/css
last-modified: Sat, 28 Jan 2023 02:25:12 GMT
vary: Accept-Encoding
etag: W/"63d48788-13ce7"
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-127651383-1
142.250.74.72200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-127651383-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1759)
Hash bfc056f6e8bd2a098754fc90c0b7bd67
c2246f45ed65456271a5b8572326e2dd730f056f
04fcd238cbf8982dff04090a342114750c19f369aae7be3283475278a61903bd
GET /gtag/js?id=UA-127651383-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 31 Jan 2023 08:10:33 GMT
expires: Tue, 31 Jan 2023 08:10:33 GMT
cache-control: private, max-age=900
last-modified: Tue, 31 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44094
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?onload=c4wp_onloadCallback&render=explicit&hl=en
216.58.207.228200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=c4wp_onloadCallback&render=explicit&hl=en
IP 216.58.207.228:0
File type ASCII text, with very long lines (914), with no line terminators
Hash 58b345846ab2e0d3f81e2a206b652aa4
887c610fb902a05186df4cb79214842efc485161
901c819b733449fc3a529467efb68d496bc47d7b45e01d1a57379f065e62da29
GET /recaptcha/api.js?onload=c4wp_onloadCallback&render=explicit&hl=en HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 31 Jan 2023 08:10:33 GMT
date: Tue, 31 Jan 2023 08:10:33 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:10:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:10:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maxclinic.ru/
91.189.114.8200 OK 37 kB IP 91.189.114.8:0
Hash 6b240c259de6581514bd5c589dc4c4d7
262f85d4a03dec0d4a3691c91ae26c9cd0b745a7
8edccbda6246acffad7b848568cb6149c4a5fe36ff0fa66c9765f80a987b3ef9
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.29
link: <https://maxclinic.ru/wp-json/>; rel="https://api.w.org/", <https://maxclinic.ru/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json", <https://maxclinic.ru/>; rel=shortlink
content-encoding: gzip
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.12.1
91.189.114.8200 OK 3.7 kB URL HTTP/2 maxclinic.ru/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.12.1
IP 91.189.114.8:0
Hash 86a65e0537242ab776fce252f57cde84
1cc22b6b93b391e4a847b0f9bd16ff2e3a9bd580
33a1a8bcb8a341099a3557e608fb811206c5c6413acf2cdf655371102dfe3bcc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.12.1 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 23:19:52 GMT
vary: Accept-Encoding
etag: W/"63c48a18-2e3b"
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
216.58.207.227200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 26240, version 1.0\012- data
Hash 4a90976686fcbd8296c7d7fccc04c273
bcb82e93ac7ad1fa2af6a37009a200f79f4cb4e5
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maxclinic.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 07:52:01 GMT
expires: Thu, 25 Jan 2024 07:52:01 GMT
cache-control: public, max-age=31536000
age: 519512
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maxclinic.ru/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
91.189.114.8200 OK 52 kB URL HTTP/2 maxclinic.ru/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 91.189.114.8:0
Hash b78d1cea1a419e1d66be1511931a9ea9
f6b230338f995d686c6e791581c0def8c9773d6e
21529eab2c0bd9b150fb76887355e1fa14b64147e36e8b1c24822e76b6091933
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 23:18:40 GMT
vary: Accept-Encoding
etag: W/"63c489d0-53c0"
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 6e5577a3ae06883a63503d4ded8cfa0d
8800b5f0c0c8946cafec5ceaf6b5b3b5026c3ee1
544bc1cd3ada7ea9dec77b9b369fd2d3e1ad54fa527b5f33d2c604adfb2d4f4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2185
Cache-Control: max-age=113597
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:10:33 GMT
Etag: "63d7dd2d-2d7"
Expires: Wed, 01 Feb 2023 15:43:50 GMT
Last-Modified: Mon, 30 Jan 2023 15:07:25 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 727
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:10:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
crm.hotlead.io/collector.js/34319543712181fa693d10bbb3bcf61d
95.181.203.36200 OK 7.0 kB URL HTTP/1.1 crm.hotlead.io/collector.js/34319543712181fa693d10bbb3bcf61d
IP 95.181.203.36:0
File type ASCII text, with very long lines (12168)
Hash 3c7239759eb76665710986f0fc12a3a0
cff05b253b68efc88e73270f22299c79f7d73494
b9ca449d3b1721c76d85a1e20d26b5bef87a84b5f38fb31a08d29876ee223acb
GET /collector.js/34319543712181fa693d10bbb3bcf61d HTTP/1.1
Host: crm.hotlead.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Tue, 31 Jan 2023 08:10:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Set-Cookie: PHPSESSID=0gp9r64jelfti9aj3020ft8uo1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
216.58.207.227200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maxclinic.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 09:41:19 GMT
expires: Wed, 24 Jan 2024 09:41:19 GMT
cache-control: public, max-age=31536000
age: 599355
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:10:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:10:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:10:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:10:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:10:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.w.org/images/core/emoji/14.0.0/svg/1f604.svg
192.0.77.48200 OK 920 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f604.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (920), with no line terminators
Hash 626aaed496ac12bbdb68a86b46871a1f
cc1476e9af4279477199b257785aac278cec6ccc
aa02ba3edc78a206b1d9851b16f2d97eb5943c6405fbec0893d52f3d5144aa2b
GET /images/core/emoji/14.0.0/svg/1f604.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:10:34 GMT
content-type: image/svg+xml
content-length: 920
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
www.youtube.com/embed/ikicIPXAAg8?feature=oembed
142.250.74.142200 OK 43 kB URL HTTP/2 www.youtube.com/embed/ikicIPXAAg8?feature=oembed
IP 142.250.74.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58560)
Hash 342f0845d8034de3f86d24732a964b7a
a51a4695cc095da7acfaef99dc9d696ddce1f866
f11ade350a03a29f378deb730fbbedfd06245dcd1b676b3556805e15caf536d2
GET /embed/ikicIPXAAg8?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 31 Jan 2023 08:10:34 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=pFj61y8omQc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TkRjeU5UYzNPVEF3TlRNNU9EQTFNZz09EPqZ454GGPqZ454G; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 08:10:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=S06VuWmSpOc; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 08:10:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+537; expires=Thu, 30-Jan-2025 08:10:34 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/embed/vd2mlQwFvqI?feature=oembed
142.250.74.142200 OK 44 kB URL HTTP/2 www.youtube.com/embed/vd2mlQwFvqI?feature=oembed
IP 142.250.74.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58594)
Hash 1288dfd8d72393ef4935974956d7213b
9794d15e9bc88d85cd423af6957fec81726b3168
584c76bb22aae0b457e4685546aa6cfc5c592c66bb939cd06966be602092ca25
GET /embed/vd2mlQwFvqI?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 31 Jan 2023 08:10:34 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=xXqqRqrCaqc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TkRjeU5UYzNPVEU1TmpjNE5qY3dOUT09EPqZ454GGPqZ454G; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 08:10:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=vUrERrn9dGo; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 08:10:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+960; expires=Thu, 30-Jan-2025 08:10:34 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f60a.svg
192.0.77.48200 OK 110 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f60a.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1055), with no line terminators
Size 110 kB (109982 bytes)
Hash cd50bd3b1565c814bd50d44a3dcdebf2
5c6958fa792b32a17e66e614080ea42de308935c
42e0df52f05b36db3ff83f5604b9b26ff113236a9d7c416ab446180cb042600f
GET /images/core/emoji/14.0.0/svg/1f60a.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:10:34 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.youtube.com/embed/HwsxE4NsROA?feature=oembed
142.250.74.142200 OK 639 kB URL HTTP/2 www.youtube.com/embed/HwsxE4NsROA?feature=oembed
IP 142.250.74.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58522)
Size 639 kB (639089 bytes)
Hash ae4768ec7fd9a74215af9c8991ac50fd
94c68e6778e736239116e68d4f267bf39773d8ce
a238ef2cd47e1bb3377be27c2d6a4614aa5d71b5e7912e090df6e67ac0d8fbf8
GET /embed/HwsxE4NsROA?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 31 Jan 2023 08:10:34 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=8aUABFkB190; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TkRjeU5UYzNPVGsxTlRVeU56YzBOUT09EPqZ454GGPqZ454G; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 08:10:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=mgmxWRNEve8; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 08:10:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+572; expires=Thu, 30-Jan-2025 08:10:34 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/plugins/revslider/public/assets/assets/loader.gif
91.189.114.8200 OK 2.5 kB URL HTTP/2 maxclinic.ru/wp-content/plugins/revslider/public/assets/assets/loader.gif
IP 91.189.114.8:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 4b3afb84b2b71ef56df09997a350bd04
accdac8a7abeab0e21c49539aad0a973addb28ef
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.20
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:34 GMT
content-type: image/gif
content-length: 2545
last-modified: Mon, 18 Apr 2022 01:39:38 GMT
etag: "625cc15a-9f1"
accept-ranges: bytes
X-Firefox-Spdy: h2
crm.hotlead.io/calltracking/allocate/phone/34319543712181fa693d10bbb3bcf61d
95.181.203.36200 OK 20 B URL HTTP/1.1 crm.hotlead.io/calltracking/allocate/phone/34319543712181fa693d10bbb3bcf61d
IP 95.181.203.36:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /calltracking/allocate/phone/34319543712181fa693d10bbb3bcf61d HTTP/1.1
Host: crm.hotlead.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Tue, 31 Jan 2023 08:10:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Set-Cookie: PHPSESSID=g3e468c5o6d1ls6cu2fet5o4j1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash d7d4e42ebd348aca07f1c42d3c004e28
5afc9cb43bff8db7967456dd054cfeb04d1ec736
d885f0dd5b0417c7c444e0aeb5ac97920c81e2582a5d8ec170bbd399f4224ca5
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:10:34 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sat, 04 Feb 2023 06:07:31 GMT
ETag: "5afc9cb43bff8db7967456dd054cfeb04d1ec736"
Last-Modified: Tue, 31 Jan 2023 06:07:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 324
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7920f8bf9c42fac4-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash d7d4e42ebd348aca07f1c42d3c004e28
5afc9cb43bff8db7967456dd054cfeb04d1ec736
d885f0dd5b0417c7c444e0aeb5ac97920c81e2582a5d8ec170bbd399f4224ca5
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:10:34 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sat, 04 Feb 2023 06:07:31 GMT
ETag: "5afc9cb43bff8db7967456dd054cfeb04d1ec736"
Last-Modified: Tue, 31 Jan 2023 06:07:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 324
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7920f8bfc8e2b505-OSL
informer.yandex.ru/informer/50737834/3_0_217989FF_015969FF_1_pageviews
87.250.250.119200 OK 1.4 kB URL HTTP/2 informer.yandex.ru/informer/50737834/3_0_217989FF_015969FF_1_pageviews
IP 87.250.250.119:0
File type PNG image data, 88 x 31, 8-bit/color RGBA, non-interlaced\012- data
Hash d4e0dd385900bb7a6483329300d89994
9d23cbd83a5220cda3377ca88215da569b7c3930
be7efe8846ea54da6071b49311d0d58ea1f3b7a9c7453ad9bdc0f5651c1b26f8
GET /informer/50737834/3_0_217989FF_015969FF_1_pageviews HTTP/1.1
Host: informer.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 1427
last-modified: Tue, 31-Jan-2023 08:10:34 GMT
content-type: image/png
pragma: no-cache
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 31-Jan-2023 08:10:34 GMT
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 0161419dde077a2616d856466e1e2d79
74aedd55cb2909a3e323bb0bdfba773f6bde0e53
acae2e59bf55cc6930c25ed9870dff9c3ed05a6752cc984be39a6301680989d3
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:10:34 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sat, 04 Feb 2023 05:56:25 GMT
ETag: "74aedd55cb2909a3e323bb0bdfba773f6bde0e53"
Last-Modified: Tue, 31 Jan 2023 05:56:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3186
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7920f8c00c94fac4-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 0161419dde077a2616d856466e1e2d79
74aedd55cb2909a3e323bb0bdfba773f6bde0e53
acae2e59bf55cc6930c25ed9870dff9c3ed05a6752cc984be39a6301680989d3
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:10:34 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sat, 04 Feb 2023 05:56:25 GMT
ETag: "74aedd55cb2909a3e323bb0bdfba773f6bde0e53"
Last-Modified: Tue, 31 Jan 2023 05:56:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3186
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7920f8c02ca6fac4-OSL
mc.yandex.ru/metrika/watch.js
87.250.250.119200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (554)
Hash 315a601116a9b3b0fbc85feb58375ba4
5d283ed923d0b3beb8a2ec4e80c2958d1d132fbf
251ba0fc04953e3615e7c19a9a10c5d6a4f25cc03bef190f8a5e7c6cd72a991a
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 58140
date: Tue, 31 Jan 2023 08:10:34 GMT
access-control-allow-origin: *
etag: "63c93a4b-e31c"
expires: Tue, 31 Jan 2023 09:10:34 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
87.250.250.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash a236c7014c1f1a1e52d356f59e5d665a
b66c638eb2346287364c37725819bbab1f409d66
ad2d57579e453af0eac49156840bcd1dcfbd802a82135af98f41f714d7e698f2
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73769
date: Tue, 31 Jan 2023 08:10:34 GMT
access-control-allow-origin: *
etag: "63c93a4b-12029"
expires: Tue, 31 Jan 2023 09:10:34 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter?id=3063232;t=384;l=1
95.163.52.67302 Found 0 B URL HTTP/2 top-fwz1.mail.ru/counter?id=3063232;t=384;l=1
IP 95.163.52.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /counter?id=3063232;t=384;l=1 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 31 Jan 2023 08:10:34 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?id=3063232;t=384;l=1
set-cookie: FTID=1RMYgQ0tkIIF:1675152634:3063232:::; path=/; expires=Thu, 01-Feb-24 08:10:34 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter?js=13;id=3063232;u=https%3A//maxclinic.ru/;st=1675152650174;title=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=c897f242dc5ec226;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1675152651595%3A1675152651597%3A1%3A74fc21f0f871bdc7700a0a48459774ac;opts=dl%2Cjst-gtag-ga;visible=true;_=0.3132472857371347
95.163.52.67302 Found 0 B URL HTTP/2 top-fwz1.mail.ru/counter?js=13;id=3063232;u=https%3A//maxclinic.ru/;st=1675152650174;title=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=c897f242dc5ec226;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1675152651595%3A1675152651597%3A1%3A74fc21f0f871bdc7700a0a48459774ac;opts=dl%2Cjst-gtag-ga;visible=true;_=0.3132472857371347
IP 95.163.52.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /counter?js=13;id=3063232;u=https%3A//maxclinic.ru/;st=1675152650174;title=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=c897f242dc5ec226;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1675152651595%3A1675152651597%3A1%3A74fc21f0f871bdc7700a0a48459774ac;opts=dl%2Cjst-gtag-ga;visible=true;_=0.3132472857371347 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 31 Jan 2023 08:10:35 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?js=13;id=3063232;u=https%3A//maxclinic.ru/;st=1675152650174;title=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=c897f242dc5ec226;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1675152651595%3A1675152651597%3A1%3A74fc21f0f871bdc7700a0a48459774ac;opts=dl%2Cjst-gtag-ga;visible=true;_=0.3132472857371347
set-cookie: FTID=1RMYgQ0tkIIF:1675152635:3063232:::; path=/; expires=Thu, 01-Feb-24 08:10:35 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:10:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
top-fwz1.mail.ru/js/code.js
95.163.52.67200 OK 14 kB URL HTTP/2 top-fwz1.mail.ru/js/code.js
IP 95.163.52.67:0
Hash 8e66ba642317663a9d81f117b9ee7106
3cb5bb1bbca852a3373c49738bdbe10c6aa3827e
a4d46dc411c57bc8fe3eb9eaf8e1f2af06a5aa3c53c8eeb472f9fcc98f7ae393
GET /js/code.js HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:10:34 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2023 13:29:54 GMT
set-cookie: FTID=1RMYgQ0tkIIF:1675152634:0:::; path=/; expires=Thu, 01-Feb-24 08:10:34 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
etag: W/"63beb9d2-85cc"
expires: Tue, 31 Jan 2023 09:10:34 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: max-age=3600, private
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:10:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
top-fwz1.mail.ru/counter2?id=3063232;t=384;l=1
95.163.52.67200 OK 1.5 kB URL HTTP/2 top-fwz1.mail.ru/counter2?id=3063232;t=384;l=1
IP 95.163.52.67:0
File type GIF image data, version 89a, 88 x 18\012- data
Hash 81c4231b60120b4dcf82b64c503424f8
c89dacdb1ad470152c592e5d3bd5f1401a43afb2
def020e77e93dac0c50e2532d362a881c3ee9f6b7d77fe527bd9a93b6593901b
GET /counter2?id=3063232;t=384;l=1 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maxclinic.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:10:36 GMT
content-type: image/gif
content-length: 1516
set-cookie: FTID=1RMYgQ0tkIIF:1675152636:3063232:::; path=/; expires=Thu, 01-Feb-24 08:10:36 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
www.youtube.com/embed/Aho7COW2pdA?feature=oembed
142.250.74.142200 OK 28 kB URL HTTP/2 www.youtube.com/embed/Aho7COW2pdA?feature=oembed
IP 142.250.74.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58594)
Hash 8e5d5113c7c4a134d2cc0c30ddd19711
6f621d7841ad41666537b19dbd47c63842f34c90
0ac891b065f545270d50a5bff5048cd915a5b1c42038228c64d39a24ba3dd961
GET /embed/Aho7COW2pdA?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 31 Jan 2023 08:10:34 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=lU8vQS5GcYQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=sx4D2Mz83Hg; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 08:10:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TkRjeU5UYzNPVEkyT0RBNU1UQTBOUT09EPqZ454GGPqZ454G; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 08:10:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+150; expires=Thu, 30-Jan-2025 08:10:34 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 07:57:52 GMT
expires: Tue, 31 Jan 2023 08:12:52 GMT
cache-control: public, max-age=900
age: 764
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.66302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Tue, 31 Jan 2023 08:10:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/uploads/masterslider/custom.css?ver=3.7
91.189.114.8200 OK 2.1 kB URL HTTP/2 maxclinic.ru/wp-content/uploads/masterslider/custom.css?ver=3.7
IP 91.189.114.8:0
Hash 1d94a84719cd1330db9774888a442e2b
0d290f802ec77db34e5ad68766e4ec2ed6c88ade
c56ab36577f57d599af8919454b159c0c0db6e5245b843cfcda0fe2734b60c36
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/masterslider/custom.css?ver=3.7 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: text/css
last-modified: Mon, 18 Apr 2022 01:38:09 GMT
vary: Accept-Encoding
etag: W/"625cc101-3675"
content-encoding: gzip
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 31 Jan 2023 08:10:37 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 2bdcb768afffb6d76df441509a1fec6e
6eed2937165f2cd33b037b84b79e29b56b8fadce
d8e32d368be1f2e54e85b7c79c1f047e33f0b6db81db894eae6c387248fe125a
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 31 Jan 2023 08:10:37 GMT
server: ESF
cache-control: private
content-length: 30940
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/embed/3lEWcLVs_7Q?feature=oembed
142.250.74.142200 OK 28 kB URL HTTP/2 www.youtube.com/embed/3lEWcLVs_7Q?feature=oembed
IP 142.250.74.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58588)
Hash a3757947126f5b5e927941dccc33a64a
5367020626d612b023a8fa44b7b5826bff28c0b3
b7a81479584faab7ad3fb4e1fe8856c0be946384a50210b10c3a828656710e74
GET /embed/3lEWcLVs_7Q?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 31 Jan 2023 08:10:34 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=hnPUzA_l6oU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TkRjeU5UYzNPVFExTmpFMk9UTXhOUT09EPqZ454GGPqZ454G; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 08:10:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=s0VUXUsEkRg; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 08:10:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+703; expires=Thu, 30-Jan-2025 08:10:34 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/82498771/1?wmode=7&page-url=https%3A%2F%2Fmaxclinic.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A3278%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A700229974650%3Ahid%3A363918658%3Az%3A0%3Ai%3A20230131081051%3Aet%3A1675152652%3Ac%3A1%3Arn%3A877643920%3Arqn%3A1%3Au%3A1675152652188658610%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C714%2C0%2C2247%2C0%2C%2C1039%2C21%2C%2C%2C%2C4031%3Aco%3A0%3Ans%3A1675152646174%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675152652%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.250.119200 OK 442 B URL HTTP/2 mc.yandex.ru/watch/82498771/1?wmode=7&page-url=https%3A%2F%2Fmaxclinic.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A3278%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A700229974650%3Ahid%3A363918658%3Az%3A0%3Ai%3A20230131081051%3Aet%3A1675152652%3Ac%3A1%3Arn%3A877643920%3Arqn%3A1%3Au%3A1675152652188658610%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C714%2C0%2C2247%2C0%2C%2C1039%2C21%2C%2C%2C%2C4031%3Aco%3A0%3Ans%3A1675152646174%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675152652%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (442), with no line terminators
Hash 45cd42fa7ab52d4eaa262e1318cbfce7
c6b1c4fd4a0ed4a4de3517d897a505d2127eae6c
a2dcb53e1ef95d4afa38b48ac1f2a86ea87cfa92cad378c5b887b3772cfdb299
GET /watch/82498771/1?wmode=7&page-url=https%3A%2F%2Fmaxclinic.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A3278%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A700229974650%3Ahid%3A363918658%3Az%3A0%3Ai%3A20230131081051%3Aet%3A1675152652%3Ac%3A1%3Arn%3A877643920%3Arqn%3A1%3Au%3A1675152652188658610%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C714%2C0%2C2247%2C0%2C%2C1039%2C21%2C%2C%2C%2C4031%3Aco%3A0%3Ans%3A1675152646174%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675152652%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://maxclinic.ru
Referer: https://maxclinic.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 442
date: Tue, 31 Jan 2023 08:10:37 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://maxclinic.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31-Jan-2023 08:10:37 GMT
last-modified: Tue, 31-Jan-2023 08:10:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/50737834?wmode=7&page-url=https%3A%2F%2Fmaxclinic.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A3278%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1673277595578%3Ahid%3A363918658%3Az%3A0%3Ai%3A20230131081051%3Aet%3A1675152652%3Ac%3A1%3Arn%3A196414623%3Arqn%3A1%3Au%3A1675152652188658610%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C714%2C0%2C2247%2C0%2C%2C1039%2C21%2C%2C%2C%2C4031%3Aco%3A0%3Ans%3A1675152646174%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675152652%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.250.119302 Found 407 B URL HTTP/2 mc.yandex.ru/watch/50737834?wmode=7&page-url=https%3A%2F%2Fmaxclinic.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A3278%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1673277595578%3Ahid%3A363918658%3Az%3A0%3Ai%3A20230131081051%3Aet%3A1675152652%3Ac%3A1%3Arn%3A196414623%3Arqn%3A1%3Au%3A1675152652188658610%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C714%2C0%2C2247%2C0%2C%2C1039%2C21%2C%2C%2C%2C4031%3Aco%3A0%3Ans%3A1675152646174%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675152652%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash f4a151f659a828202e087c86cb77f84f
fb2aad05119a126593dd6484897333fe035af847
23d717a2a4484a9391c7f51cdd9200012cc3ff08c8638c0bd3076f5beaed899b
GET /watch/50737834?wmode=7&page-url=https%3A%2F%2Fmaxclinic.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A3278%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1673277595578%3Ahid%3A363918658%3Az%3A0%3Ai%3A20230131081051%3Aet%3A1675152652%3Ac%3A1%3Arn%3A196414623%3Arqn%3A1%3Au%3A1675152652188658610%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C714%2C0%2C2247%2C0%2C%2C1039%2C21%2C%2C%2C%2C4031%3Aco%3A0%3Ans%3A1675152646174%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675152652%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://maxclinic.ru
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/50737834/1?wmode=7&page-url=https%3A%2F%2Fmaxclinic.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A3278%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1673277595578%3Ahid%3A363918658%3Az%3A0%3Ai%3A20230131081051%3Aet%3A1675152652%3Ac%3A1%3Arn%3A196414623%3Arqn%3A1%3Au%3A1675152652188658610%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C714%2C0%2C2247%2C0%2C%2C1039%2C21%2C%2C%2C%2C4031%3Aco%3A0%3Ans%3A1675152646174%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675152652%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Tue, 31 Jan 2023 08:10:36 GMT
access-control-allow-origin: https://maxclinic.ru
set-cookie: yabs-sid=1516589661675152636; Path=/; SameSite=None; Secure
i=EeszWsalMiGtOpetopRytGIGKtpm+10wpjHMaVhUvdZa3pbyllJGG3hrDDPYUSa+s4DNwjWUTTTXtfX9oeDbrO9qFzI=; Expires=Fri, 28-Jan-2033 08:10:33 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4977289081675152636; Expires=Wed, 31-Jan-2024 08:10:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4977289081675152636; Expires=Wed, 31-Jan-2024 08:10:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706688636.yc.1675152636#1706688636.yrts.1675152636#1706688636.yrtsi.1675152636; Expires=Wed, 31-Jan-2024 08:10:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31-Jan-2023 08:10:36 GMT
last-modified: Tue, 31-Jan-2023 08:10:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter2?js=13;id=3063232;u=https%3A//maxclinic.ru/;st=1675152650174;title=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=c897f242dc5ec226;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1675152651595%3A1675152651597%3A1%3A74fc21f0f871bdc7700a0a48459774ac;opts=dl%2Cjst-gtag-ga;visible=true;_=0.3132472857371347
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/counter2?js=13;id=3063232;u=https%3A//maxclinic.ru/;st=1675152650174;title=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=c897f242dc5ec226;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1675152651595%3A1675152651597%3A1%3A74fc21f0f871bdc7700a0a48459774ac;opts=dl%2Cjst-gtag-ga;visible=true;_=0.3132472857371347
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /counter2?js=13;id=3063232;u=https%3A//maxclinic.ru/;st=1675152650174;title=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=c897f242dc5ec226;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1675152651595%3A1675152651597%3A1%3A74fc21f0f871bdc7700a0a48459774ac;opts=dl%2Cjst-gtag-ga;visible=true;_=0.3132472857371347 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maxclinic.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:10:37 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIF:1675152637:3063232:::; path=/; expires=Thu, 01-Feb-24 08:10:37 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 750f718797fc50f8465259f62a6da6ba
e9b7abb1a4dff4896c9fb48e7c7b1407885790de
8e3c0c96771c92bcee1d63055e2aa46aa5e0e3125da993844a9297340166873d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:10:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c3a242e6132fe39e40953523bb8d3175
c9914952910c863f533f0c7bf6451b77b12d10b7
423bd4744c6b389c23fccdfab4dc8731bf553232a6bf14782c946183e8119a04
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:10:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/watch/87367626?wmode=7&page-url=https%3A%2F%2Fmaxclinic.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A3278%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A3%3Adp%3A0%3Als%3A1278409302199%3Ahid%3A363918658%3Az%3A0%3Ai%3A20230131081051%3Aet%3A1675152652%3Ac%3A1%3Arn%3A223890004%3Arqn%3A1%3Au%3A1675152652188658610%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C714%2C0%2C2247%2C0%2C%2C1039%2C21%2C%2C%2C%2C4031%3Aco%3A0%3Ans%3A1675152646174%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675152652%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ecs(0)fip(1)ti(2)
87.250.250.119302 Found 31 kB URL HTTP/2 mc.yandex.ru/watch/87367626?wmode=7&page-url=https%3A%2F%2Fmaxclinic.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A3278%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A3%3Adp%3A0%3Als%3A1278409302199%3Ahid%3A363918658%3Az%3A0%3Ai%3A20230131081051%3Aet%3A1675152652%3Ac%3A1%3Arn%3A223890004%3Arqn%3A1%3Au%3A1675152652188658610%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C714%2C0%2C2247%2C0%2C%2C1039%2C21%2C%2C%2C%2C4031%3Aco%3A0%3Ans%3A1675152646174%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675152652%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ecs(0)fip(1)ti(2)
IP 87.250.250.119:0
File type gzip compressed data, max compression\012- data
Hash e54230a62aecd9b26d8190e2669f7467
cf5efe7ba255b0fdd63e966ec124cf4501f2e866
70d731904fdd520cb66266331c87a4a0d9e460abec0ee91abb5fa6976ed30836
GET /watch/87367626?wmode=7&page-url=https%3A%2F%2Fmaxclinic.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A3278%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A3%3Adp%3A0%3Als%3A1278409302199%3Ahid%3A363918658%3Az%3A0%3Ai%3A20230131081051%3Aet%3A1675152652%3Ac%3A1%3Arn%3A223890004%3Arqn%3A1%3Au%3A1675152652188658610%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C714%2C0%2C2247%2C0%2C%2C1039%2C21%2C%2C%2C%2C4031%3Aco%3A0%3Ans%3A1675152646174%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675152652%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ecs(0)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://maxclinic.ru
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/87367626/1?wmode=7&page-url=https%3A%2F%2Fmaxclinic.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A3278%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A3%3Adp%3A0%3Als%3A1278409302199%3Ahid%3A363918658%3Az%3A0%3Ai%3A20230131081051%3Aet%3A1675152652%3Ac%3A1%3Arn%3A223890004%3Arqn%3A1%3Au%3A1675152652188658610%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C714%2C0%2C2247%2C0%2C%2C1039%2C21%2C%2C%2C%2C4031%3Aco%3A0%3Ans%3A1675152646174%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675152652%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29fip%281%29ti%282%29
date: Tue, 31 Jan 2023 08:10:36 GMT
access-control-allow-origin: https://maxclinic.ru
set-cookie: yabs-sid=535875611675152636; Path=/; SameSite=None; Secure
i=0lwNuljFtVwnhLO3ZjJpfVDKfe6G44K3cX6sTug7aSApDW8rFaHx/HSyntqqK3IIgHeIrHfWCIGCe25iJS4jYzZSIn4=; Expires=Fri, 28-Jan-2033 08:10:32 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=2380762301675152636; Expires=Wed, 31-Jan-2024 08:10:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2380762301675152636; Expires=Wed, 31-Jan-2024 08:10:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706688636.yc.1675152636#1706688636.yrts.1675152636#1706688636.yrtsi.1675152636; Expires=Wed, 31-Jan-2024 08:10:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31-Jan-2023 08:10:36 GMT
last-modified: Tue, 31-Jan-2023 08:10:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/Aho7COW2pdA/sddefault.webp
142.250.74.86200 OK 15 kB URL HTTP/2 i.ytimg.com/vi_webp/Aho7COW2pdA/sddefault.webp
IP 142.250.74.86:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8b5b7afc9eb69dc0882f03217d5675db
2b8958f061602dfa5026b77b54c911209e784467
fc72210fd7f551f48d3d4be538d3eb8955fd834e518974ceb0c5bdbd9935e8c1
GET /vi_webp/Aho7COW2pdA/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 14870
date: Tue, 31 Jan 2023 08:10:37 GMT
expires: Tue, 31 Jan 2023 10:10:37 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c3a242e6132fe39e40953523bb8d3175
c9914952910c863f533f0c7bf6451b77b12d10b7
423bd4744c6b389c23fccdfab4dc8731bf553232a6bf14782c946183e8119a04
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:10:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/wiAI1ozyW9c/hqdefault.webp
142.250.74.86200 OK 23 kB URL HTTP/2 i.ytimg.com/vi_webp/wiAI1ozyW9c/hqdefault.webp
IP 142.250.74.86:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 480x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c803ec0148c9e8646ad1579946d09a4a
d5fb6c8fc1ab02e5a533b46fc5c6403516fda323
559847c0394bb4da9fab5a2ba1d9e3b82415d2b09b451829eb28017c5ecd9873
GET /vi_webp/wiAI1ozyW9c/hqdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 23218
date: Tue, 31 Jan 2023 08:10:37 GMT
expires: Tue, 31 Jan 2023 10:10:37 GMT
cache-control: public, max-age=7200
etag: "1477447800"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/43608179?wmode=7&page-url=https%3A%2F%2Fmaxclinic.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A3278%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A4%3Adp%3A0%3Als%3A1374724390951%3Ahid%3A363918658%3Az%3A0%3Ai%3A20230131081052%3Aet%3A1675152653%3Ac%3A1%3Arn%3A895830017%3Arqn%3A1%3Au%3A1675152652188658610%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C714%2C0%2C2247%2C0%2C%2C1039%2C21%2C%2C%2C%2C4031%3Aco%3A0%3Ans%3A1675152646174%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675152653%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ecs(0)fip(1)ti(2)
87.250.250.119302 Found 120 B URL HTTP/2 mc.yandex.ru/watch/43608179?wmode=7&page-url=https%3A%2F%2Fmaxclinic.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A3278%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A4%3Adp%3A0%3Als%3A1374724390951%3Ahid%3A363918658%3Az%3A0%3Ai%3A20230131081052%3Aet%3A1675152653%3Ac%3A1%3Arn%3A895830017%3Arqn%3A1%3Au%3A1675152652188658610%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C714%2C0%2C2247%2C0%2C%2C1039%2C21%2C%2C%2C%2C4031%3Aco%3A0%3Ans%3A1675152646174%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675152653%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ecs(0)fip(1)ti(2)
IP 87.250.250.119:0
File type gzip compressed data, max compression\012- data
Hash f4584e218752c1e8e64528fa949efa1b
25a46cad7901efe4aaeef1a7d977b2de09163bfc
eefc5abc87655c0f03f972cdde1ad2290fed0bc2213e0511ce5695119f07a740
GET /watch/43608179?wmode=7&page-url=https%3A%2F%2Fmaxclinic.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A3278%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A4%3Adp%3A0%3Als%3A1374724390951%3Ahid%3A363918658%3Az%3A0%3Ai%3A20230131081052%3Aet%3A1675152653%3Ac%3A1%3Arn%3A895830017%3Arqn%3A1%3Au%3A1675152652188658610%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C714%2C0%2C2247%2C0%2C%2C1039%2C21%2C%2C%2C%2C4031%3Aco%3A0%3Ans%3A1675152646174%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675152653%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ecs(0)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://maxclinic.ru
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/43608179/1?wmode=7&page-url=https%3A%2F%2Fmaxclinic.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A3278%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A4%3Adp%3A0%3Als%3A1374724390951%3Ahid%3A363918658%3Az%3A0%3Ai%3A20230131081052%3Aet%3A1675152653%3Ac%3A1%3Arn%3A895830017%3Arqn%3A1%3Au%3A1675152652188658610%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C714%2C0%2C2247%2C0%2C%2C1039%2C21%2C%2C%2C%2C4031%3Aco%3A0%3Ans%3A1675152646174%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675152653%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29fip%281%29ti%282%29
date: Tue, 31 Jan 2023 08:10:36 GMT
access-control-allow-origin: https://maxclinic.ru
set-cookie: yabs-sid=383858441675152636; Path=/; SameSite=None; Secure
i=PhvVUk+m0wXOO2nUsRIyvOEY6VSGbycLInWltg29Jy/9WbVCYR5kPw7yzQqom91i3++f7l2t3t+SiabFZBCQaDSQFF0=; Expires=Fri, 28-Jan-2033 08:10:29 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1629113971675152636; Expires=Wed, 31-Jan-2024 08:10:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1629113971675152636; Expires=Wed, 31-Jan-2024 08:10:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706688636.yc.1675152636#1706688636.yrts.1675152636#1706688636.yrtsi.1675152636; Expires=Wed, 31-Jan-2024 08:10:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31-Jan-2023 08:10:36 GMT
last-modified: Tue, 31-Jan-2023 08:10:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/43608179/1?wmode=7&page-url=https%3A%2F%2Fmaxclinic.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A3278%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A4%3Adp%3A0%3Als%3A1374724390951%3Ahid%3A363918658%3Az%3A0%3Ai%3A20230131081052%3Aet%3A1675152653%3Ac%3A1%3Arn%3A895830017%3Arqn%3A1%3Au%3A1675152652188658610%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C714%2C0%2C2247%2C0%2C%2C1039%2C21%2C%2C%2C%2C4031%3Aco%3A0%3Ans%3A1675152646174%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675152653%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29fip%281%29ti%282%29
87.250.250.119200 OK 426 B URL HTTP/2 mc.yandex.ru/watch/43608179/1?wmode=7&page-url=https%3A%2F%2Fmaxclinic.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A3278%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A4%3Adp%3A0%3Als%3A1374724390951%3Ahid%3A363918658%3Az%3A0%3Ai%3A20230131081052%3Aet%3A1675152653%3Ac%3A1%3Arn%3A895830017%3Arqn%3A1%3Au%3A1675152652188658610%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C714%2C0%2C2247%2C0%2C%2C1039%2C21%2C%2C%2C%2C4031%3Aco%3A0%3Ans%3A1675152646174%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675152653%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29fip%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (426), with no line terminators
Hash 47d6f2f2cfa6e81f65e65f7f4c54365b
b574518d1c4a9c9441aaf198bfd74b508885db88
2bd78e4022ecdb403f7660991f013ed44712509c0c81f23ee7cb248ccc13c736
GET /watch/43608179/1?wmode=7&page-url=https%3A%2F%2Fmaxclinic.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A3278%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A4%3Adp%3A0%3Als%3A1374724390951%3Ahid%3A363918658%3Az%3A0%3Ai%3A20230131081052%3Aet%3A1675152653%3Ac%3A1%3Arn%3A895830017%3Arqn%3A1%3Au%3A1675152652188658610%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C714%2C0%2C2247%2C0%2C%2C1039%2C21%2C%2C%2C%2C4031%3Aco%3A0%3Ans%3A1675152646174%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675152653%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://maxclinic.ru
Referer: https://maxclinic.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 426
date: Tue, 31 Jan 2023 08:10:37 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://maxclinic.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31-Jan-2023 08:10:37 GMT
last-modified: Tue, 31-Jan-2023 08:10:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 37128ef290a58eabb7d5a266f8ad847a
9ac4026412ef35a2e49d8c64716b27f2fb2035ff
216bd4fdf2e3a334ee68466f75a19bc1bc13bba95a50ebe8defc4147e7b9dfea
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 31 Jan 2023 08:10:37 GMT
server: ESF
cache-control: private
content-length: 30936
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AL5GRJVbzc3e9txfItWUKjz-_M2ciiM7o-AID-iIUA=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.2 kB URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJVbzc3e9txfItWUKjz-_M2ciiM7o-AID-iIUA=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash b4ff3e3247895d901747302ef3b99f15
e306256a80be2f3088289c28e3c5df4a4763b17d
9124f09c08362406c456c790c54bded97aeb3bd1eda1e7620acdb5ce9317a70e
GET /ytc/AL5GRJVbzc3e9txfItWUKjz-_M2ciiM7o-AID-iIUA=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 01 Feb 2023 08:10:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 08:10:37 GMT
server: fife
content-length: 1205
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AL5GRJVu8qrXiiXFOPsLfeI2SyXu-o9bIk5e2NbbBg=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 987 B URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJVu8qrXiiXFOPsLfeI2SyXu-o9bIk5e2NbbBg=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 3a1de8801f92232b1796aa75cbf6d17c
1a7669f3ec6cb62a277f5704ff124dfbd3a64074
67969c31d91fb97e9ff1747f102c8ca57aef166128669d6809ddaf83a58fc6b5
GET /ytc/AL5GRJVu8qrXiiXFOPsLfeI2SyXu-o9bIk5e2NbbBg=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 01 Feb 2023 08:10:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 08:10:37 GMT
server: fife
content-length: 987
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AL5GRJWWDaTi--dshTjY_wth8VnMVRgI25Ca6xXS6w=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.2 kB URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJWWDaTi--dshTjY_wth8VnMVRgI25Ca6xXS6w=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 5d425114772717ea305cdb585ecf951d
3d628f6724889d2d909022125e3768be24bbdb6c
f707047f17d13d94b1f8fec2c3d89288b0056862cfa03904673f13fa5b84bc38
GET /ytc/AL5GRJWWDaTi--dshTjY_wth8VnMVRgI25Ca6xXS6w=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 01 Feb 2023 08:10:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 08:10:37 GMT
server: fife
content-length: 1206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 750f718797fc50f8465259f62a6da6ba
e9b7abb1a4dff4896c9fb48e7c7b1407885790de
8e3c0c96771c92bcee1d63055e2aa46aa5e0e3125da993844a9297340166873d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:10:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 39435d3b6b3c020ed966372b690a392d
24826a338336f86752acfe4c3c54a3c2d665b983
5585f6c0fee2e3bd6b1ffea33029699fad38cfd9aa88d8611717929d6564d968
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 31 Jan 2023 08:10:37 GMT
server: ESF
cache-control: private
content-length: 30966
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash a3b0febba82770ec4db0e7e4b109a09c
1e5e93b256b069eefc8d333506f1332033df6015
1520ab21215470402e4cfd86b741796a52b539f10adefc828667b588232d66c0
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 31 Jan 2023 08:10:38 GMT
server: ESF
cache-control: private
content-length: 31048
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash fa6886abdab3e1f812596a789c43fe04
0ae919a4057c5bddd1044b9fc763c5570eb942d1
86b76026bdd546554430d43b2dd08f945c8b934dc489fdeafc3f6ee6d712a76a
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 31 Jan 2023 08:10:38 GMT
server: ESF
cache-control: private
content-length: 30827
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash ac5d3dbe5f307295cebdbbff0e2d6502
435ee96be4953fd66811296af594d82348064263
f44b884137a4f113e844740dcac30a733d88cc3cc5b214d4412b2df81dc3933c
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 31 Jan 2023 08:10:38 GMT
server: ESF
cache-control: private
content-length: 30926
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 0d35605d4578ea00708f083e9abc1380
bba7478719c53c411d7453d47a03ff85666e8bc6
60a06e7bf20bf41c2d09fa74f36ffe5f7a8a29cba8f9bb1118d398471ab42f93
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 31 Jan 2023 08:10:38 GMT
server: ESF
cache-control: private
content-length: 30911
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 988cae93d6b61fa6317dbee4e67c6223
9b642d528c4a4e3d81642db9c14b86e6957f73e6
2ee7b8723460e6af0925c5642ffb8eff2697fa09f51dc2f386e9243a964cf2ad
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 31 Jan 2023 08:10:38 GMT
server: ESF
cache-control: private
content-length: 30972
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
top-fwz1.mail.ru/tracker?js=13;id=3063232;u=https%3A//maxclinic.ru/;st=1675152650174;title=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=c897f242dc5ec226;ver=60.3.0;tz=0%2FUTC;nt=0/0/1675152646174/////2246/2246/2246/2246/2246/2246/2248/2962/3010/2971/4000/4030/4052/8777/8777/;ni=;lvid=1675152651595%3A1675152654999%3A2%3A74fc21f0f871bdc7700a0a48459774ac;opts=dl%2Cjst-gtag-ga-ym;visible=true;_=0.34801795011309233;e=RT/load;et=1675152654997
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/tracker?js=13;id=3063232;u=https%3A//maxclinic.ru/;st=1675152650174;title=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=c897f242dc5ec226;ver=60.3.0;tz=0%2FUTC;nt=0/0/1675152646174/////2246/2246/2246/2246/2246/2246/2248/2962/3010/2971/4000/4030/4052/8777/8777/;ni=;lvid=1675152651595%3A1675152654999%3A2%3A74fc21f0f871bdc7700a0a48459774ac;opts=dl%2Cjst-gtag-ga-ym;visible=true;_=0.34801795011309233;e=RT/load;et=1675152654997
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /tracker?js=13;id=3063232;u=https%3A//maxclinic.ru/;st=1675152650174;title=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=c897f242dc5ec226;ver=60.3.0;tz=0%2FUTC;nt=0/0/1675152646174/////2246/2246/2246/2246/2246/2246/2248/2962/3010/2971/4000/4030/4052/8777/8777/;ni=;lvid=1675152651595%3A1675152654999%3A2%3A74fc21f0f871bdc7700a0a48459774ac;opts=dl%2Cjst-gtag-ga-ym;visible=true;_=0.34801795011309233;e=RT/load;et=1675152654997 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:10:39 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIF:1675152639:3063232:::; path=/; expires=Thu, 01-Feb-24 08:10:39 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-219192435-1&cid=1913561427.1675152652&jid=1731290973&_u=YGDAgUABAAAAAGAAI~&z=1072924878
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-219192435-1&cid=1913561427.1675152652&jid=1731290973&_u=YGDAgUABAAAAAGAAI~&z=1072924878
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-219192435-1&cid=1913561427.1675152652&jid=1731290973&_u=YGDAgUABAAAAAGAAI~&z=1072924878 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 08:10:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 08:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 31 Jan 2023 08:10:39 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bf5849475b3cc9360d51c27c6d7de8a9
807d1c538925375e7828300445acec391fb4b210
8b4c36e2f7663a9f80b112d2dfc011fe93f1d3073357edbc6119b78d34854719
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 863
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 31 Jan 2023 08:10:39 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 562b1488511ce4d538fc952353f5268f
a49359a0f3708e7bda3b9376d5a93f5cada786d9
abd926c71bcd4fed2e47a88df144c41cc91d97a181de9b6b0e4eb1f7e8bd2328
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1279
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 31 Jan 2023 08:10:39 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffea501ff-acf4-4b37-aa0a-baf417cf3694.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffea501ff-acf4-4b37-aa0a-baf417cf3694.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60fc180ec5b99ac357db8775775c3c11
c9856a488e82bc330881377528bf2e53274ef5f3
a31fd6fc84f79b0f5fb79cccf490ddf61eb58bdaf57ca27f57a911332e550d11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffea501ff-acf4-4b37-aa0a-baf417cf3694.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5394
x-amzn-requestid: 16d876fb-0afd-4b5d-b19e-1029506fd6f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIgq2E4CIAMFiFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce178-1f08dc2105b6e182677004e7;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:10:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 36E3JCGqpkeMmb_fzM0DTb24ElUMGDdikE1IdqQABDlbT28XRs7B-w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 11:52:37 GMT
age: 73082
etag: "c9856a488e82bc330881377528bf2e53274ef5f3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7c91b006103ddd0f2cd80f8880d254e2
0328ad375a04cae1437ff540f1d722705f2f3ad3
7d73f9e90c4dabbd2a2226aab5cf3c84453893d9bd1cbd5e375323f7d2342944
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1182
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 31 Jan 2023 08:10:39 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c57286de49f728166b0b389ba2f0515f
fa390949189a6b79742dbf1f5781581930b42142
58918c3a0145e011583d85f0f2c95fbe41447139b5882ca85171b5fe5c897071
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1190
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 31 Jan 2023 08:10:39 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2d0fb3478293741c0cd4fece912d813e
676f594c6b81e6991c81f2e1cec4578a1d229ecf
ab412e4486aad12987f1892f5110f660198f5b0f42b71ed123b718c0d24c72aa
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 882
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 31 Jan 2023 08:10:39 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0aa36a7ef42c1df44cd8ae2524a8012d
32334fc7f3d0da73df70002efdbbba8614bd5bc8
9a83feecf003436dd4e9b93ca3adf7bd7babb81c8b8941c02f36b8857ac98e0e
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1156
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 31 Jan 2023 08:10:40 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6df86dc171d131a84df94b164ac771d5
1107798ed3204f02d2e7bf6322ff0d986c97ac92
6a348da4932b98e17854ba40f04b0a991dba1f454451c301f8b05e58f7a7fe41
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 978
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 31 Jan 2023 08:10:40 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f716c219e93080641f993925a87ce4c3
84d494ad0179daa47c4ba96580fc958f49a31a20
f252dd85f66b1f4bc3d1f3caa0fbe6d6d25318b06835f035e16eea9db0148b0c
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1207
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 31 Jan 2023 08:10:40 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a08d673c31004d61116965d8b4bfc323
6bdbedd42b16d945218cdcab5b709955889a7407
f5b929a41edaa918b99f7628f497011914c24eb2980e3f1e71aad207c5c363fa
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1223
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 31 Jan 2023 08:10:40 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 31 Jan 2023 08:10:40 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Tue, 31 Jan 2023 09:10:40 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
top-fwz1.mail.ru/tracker?js=13;id=3063232;u=https%3A//maxclinic.ru/;st=1675152650174;title=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=c897f242dc5ec226;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1675152651595%3A1675152656436%3A3%3A74fc21f0f871bdc7700a0a48459774ac;opts=dl%2Cjst-gtag-ga-ym;visible=true;_=0.7694810165149438;e=RT/unload;et=1675152656435;pvt=6261;vtauto=4849
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/tracker?js=13;id=3063232;u=https%3A//maxclinic.ru/;st=1675152650174;title=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=c897f242dc5ec226;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1675152651595%3A1675152656436%3A3%3A74fc21f0f871bdc7700a0a48459774ac;opts=dl%2Cjst-gtag-ga-ym;visible=true;_=0.7694810165149438;e=RT/unload;et=1675152656435;pvt=6261;vtauto=4849
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /tracker?js=13;id=3063232;u=https%3A//maxclinic.ru/;st=1675152650174;title=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%9C%D0%B0%D0%BA%D1%81%20%D0%9A%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=c897f242dc5ec226;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1675152651595%3A1675152656436%3A3%3A74fc21f0f871bdc7700a0a48459774ac;opts=dl%2Cjst-gtag-ga-ym;visible=true;_=0.7694810165149438;e=RT/unload;et=1675152656435;pvt=6261;vtauto=4849 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:10:40 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIF:1675152640:3063232:::; path=/; expires=Thu, 01-Feb-24 08:10:40 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboufGeSoAMF-1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tAR5c5rQD0h5YZ6TU8pZKhUFUf5d0-l794EaYnwwkts3QXPhdYm6vA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:03:25 GMT
age: 40035
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.20
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.20
IP 91.189.114.8:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.20 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: text/css
last-modified: Mon, 18 Apr 2022 01:39:38 GMT
vary: Accept-Encoding
etag: W/"625cc15a-e245"
content-encoding: gzip
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
IP 91.189.114.8:0
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 23:19:48 GMT
vary: Accept-Encoding
etag: W/"63c48a14-2945"
content-encoding: gzip
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
IP 91.189.114.8:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 23:19:48 GMT
vary: Accept-Encoding
etag: W/"63c48a14-316c"
content-encoding: gzip
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/plugins/js_composer_theme/assets/css/js_composer.min.css?ver=4.12.2
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-content/plugins/js_composer_theme/assets/css/js_composer.min.css?ver=4.12.2
IP 91.189.114.8:0
GET /wp-content/plugins/js_composer_theme/assets/css/js_composer.min.css?ver=4.12.2 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2016 00:25:38 GMT
vary: Accept-Encoding
etag: W/"58193282-6f602"
content-encoding: gzip
X-Firefox-Spdy: h2
maxclinic.ru/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2
IP 91.189.114.8:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 23:18:40 GMT
vary: Accept-Encoding
etag: W/"63c489d0-8f7b"
content-encoding: gzip
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/plugins/comfortable-reading/js/jquery.comfortable.reading.js?ver=1.1
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-content/plugins/comfortable-reading/js/jquery.comfortable.reading.js?ver=1.1
IP 91.189.114.8:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/comfortable-reading/js/jquery.comfortable.reading.js?ver=1.1 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: application/javascript
last-modified: Tue, 17 Mar 2020 06:14:01 GMT
vary: Accept-Encoding
etag: W/"5e706aa9-17f8"
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Abril+Fatface%3Aregular&ver=6.1.1
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Abril+Fatface%3Aregular&ver=6.1.1
IP 142.250.74.74:0
GET /css?family=Abril+Fatface%3Aregular&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 08:10:33 GMT
date: Tue, 31 Jan 2023 08:10:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/embed/IMBZr66Efj4?feature=oembed
142.250.74.142200 OK 0 B URL HTTP/2 www.youtube.com/embed/IMBZr66Efj4?feature=oembed
IP 142.250.74.142:0
GET /embed/IMBZr66Efj4?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 31 Jan 2023 08:10:34 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=_v-HpH_l9cs; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TkRjeU5UYzRNREkxTlRJek9UVTFPQT09EPqZ454GGPqZ454G; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 08:10:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=apBozUDjPZQ; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 08:10:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+793; expires=Thu, 30-Jan-2025 08:10:34 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/embed/zoy-GO6KFyk?feature=oembed
142.250.74.142200 OK 0 B URL HTTP/2 www.youtube.com/embed/zoy-GO6KFyk?feature=oembed
IP 142.250.74.142:0
GET /embed/zoy-GO6KFyk?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 31 Jan 2023 08:10:34 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=dQCUnSeZ7DI; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TkRjeU5UYzRNRGM0T1RJM05EUTJOdz09EPqZ454GGPqZ454G; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 08:10:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=BiJuAsapnew; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 08:10:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+476; expires=Thu, 30-Jan-2025 08:10:34 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.6.1
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.6.1
IP 91.189.114.8:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.6.1 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: text/css
last-modified: Mon, 18 Apr 2022 01:37:55 GMT
vary: Accept-Encoding
etag: W/"625cc0f3-13540"
content-encoding: gzip
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/themes/jupiter/assets/js/core-scripts.js?ver=1.0
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-content/themes/jupiter/assets/js/core-scripts.js?ver=1.0
IP 91.189.114.8:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jupiter/assets/js/core-scripts.js?ver=1.0 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2016 00:26:09 GMT
vary: Accept-Encoding
etag: W/"581932a1-621cc"
content-encoding: gzip
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/themes/jupiter-child/style.css?ver=6.1.1
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-content/themes/jupiter-child/style.css?ver=6.1.1
IP 91.189.114.8:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jupiter-child/style.css?ver=6.1.1 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: text/css
last-modified: Thu, 03 Nov 2016 09:54:55 GMT
vary: Accept-Encoding
etag: W/"581b096f-13cb"
content-encoding: gzip
X-Firefox-Spdy: h2
www.youtube.com/embed/kNXYZC6izcM?feature=oembed
142.250.74.142200 OK 0 B URL HTTP/2 www.youtube.com/embed/kNXYZC6izcM?feature=oembed
IP 142.250.74.142:0
GET /embed/kNXYZC6izcM?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 31 Jan 2023 08:10:34 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=IAbkiIohoNE; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TkRjeU5UYzRNRGMzTWpVNU5EWTROQT09EPqZ454GGPqZ454G; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 08:10:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=SugYZwSb2Kg; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 08:10:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+753; expires=Thu, 30-Jan-2025 08:10:34 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/uploads/mk_assets/components-production.min.js?ver=1674872712
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-content/uploads/mk_assets/components-production.min.js?ver=1674872712
IP 91.189.114.8:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/mk_assets/components-production.min.js?ver=1674872712 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: application/javascript
last-modified: Sat, 28 Jan 2023 02:25:11 GMT
vary: Accept-Encoding
etag: W/"63d48787-1e26"
content-encoding: gzip
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
142.250.74.3200 OK 0 B URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP 142.250.74.3:0
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://maxclinic.ru
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 17:09:34 GMT
expires: Tue, 30 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
age: 54060
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/themes/jupiter/assets/stylesheet/min/core-styles.css?ver=1.0
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-content/themes/jupiter/assets/stylesheet/min/core-styles.css?ver=1.0
IP 91.189.114.8:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jupiter/assets/stylesheet/min/core-styles.css?ver=1.0 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2016 00:26:09 GMT
vary: Accept-Encoding
etag: W/"581932a1-3d1ec"
content-encoding: gzip
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
IP 91.189.114.8:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: text/css
last-modified: Sun, 15 Jan 2023 23:19:48 GMT
vary: Accept-Encoding
etag: W/"63c48a14-af3"
content-encoding: gzip
X-Firefox-Spdy: h2
maxclinic.ru/wp-includes/js/comment-reply.min.js?ver=6.1.1
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP 91.189.114.8:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 05:24:59 GMT
vary: Accept-Encoding
etag: W/"6315882b-ba5"
content-encoding: gzip
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/themes/jupiter/assets/js/plugins/wp-enqueue/smoothscroll.js?ver=1.0
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-content/themes/jupiter/assets/js/plugins/wp-enqueue/smoothscroll.js?ver=1.0
IP 91.189.114.8:0
GET /wp-content/themes/jupiter/assets/js/plugins/wp-enqueue/smoothscroll.js?ver=1.0 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2016 00:26:09 GMT
vary: Accept-Encoding
etag: W/"581932a1-51e9"
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%2C100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.1.1
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%2C100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.1.1
IP 142.250.74.74:0
GET /css?family=Open+Sans%3A100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%2C100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 08:10:33 GMT
date: Tue, 31 Jan 2023 08:10:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.20
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.20
IP 91.189.114.8:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.20 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: application/javascript
last-modified: Mon, 18 Apr 2022 01:39:38 GMT
vary: Accept-Encoding
etag: W/"625cc15a-5ec80"
content-encoding: gzip
X-Firefox-Spdy: h2
maxclinic.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 91.189.114.8:0
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: application/javascript
last-modified: Mon, 20 Sep 2021 00:13:51 GMT
vary: Accept-Encoding
etag: W/"6147d23f-2bd8"
content-encoding: gzip
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/plugins/team-members/inc/css/tmm_style.css?ver=6.1.1
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-content/plugins/team-members/inc/css/tmm_style.css?ver=6.1.1
IP 91.189.114.8:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/team-members/inc/css/tmm_style.css?ver=6.1.1 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: text/css
last-modified: Sun, 15 Jan 2023 23:20:02 GMT
vary: Accept-Encoding
etag: W/"63c48a22-17a9"
content-encoding: gzip
X-Firefox-Spdy: h2
maxclinic.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 91.189.114.8:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: application/javascript
last-modified: Sun, 15 Jan 2023 23:18:40 GMT
vary: Accept-Encoding
etag: W/"63c489d0-15e54"
content-encoding: gzip
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/plugins/comfortable-reading/js/jquery.cookie.js?ver=1.1
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-content/plugins/comfortable-reading/js/jquery.cookie.js?ver=1.1
IP 91.189.114.8:0
GET /wp-content/plugins/comfortable-reading/js/jquery.cookie.js?ver=1.1 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: application/javascript
last-modified: Tue, 17 Mar 2020 06:14:01 GMT
vary: Accept-Encoding
etag: W/"5e706aa9-8b8"
content-encoding: gzip
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
IP 91.189.114.8:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: application/javascript
last-modified: Mon, 18 Apr 2022 01:39:38 GMT
vary: Accept-Encoding
etag: W/"625cc15a-1f69c"
content-encoding: gzip
X-Firefox-Spdy: h2
maxclinic.ru/wp-content/plugins/js_composer_theme/assets/js/dist/js_composer_front.min.js?ver=4.12.2
91.189.114.8200 OK 0 B URL HTTP/2 maxclinic.ru/wp-content/plugins/js_composer_theme/assets/js/dist/js_composer_front.min.js?ver=4.12.2
IP 91.189.114.8:0
GET /wp-content/plugins/js_composer_theme/assets/js/dist/js_composer_front.min.js?ver=4.12.2 HTTP/1.1
Host: maxclinic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 31 Jan 2023 08:10:33 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2016 00:25:38 GMT
vary: Accept-Encoding
etag: W/"58193282-4a97"
content-encoding: gzip
X-Firefox-Spdy: h2
www.youtube.com/embed/wiAI1ozyW9c?feature=oembed
142.250.74.142200 OK 0 B URL HTTP/2 www.youtube.com/embed/wiAI1ozyW9c?feature=oembed
IP 142.250.74.142:0
GET /embed/wiAI1ozyW9c?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 31 Jan 2023 08:10:34 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=E8sbkL-JTwk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TkRjeU5UYzNPVGMwT0RJNU1ETTNOdz09EPqZ454GGPqZ454G; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 08:10:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=-yC4eR1O96Y; Domain=.youtube.com; Expires=Sun, 30-Jul-2023 08:10:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+830; expires=Thu, 30-Jan-2025 08:10:34 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400&display=swap
IP 142.250.74.74:0
GET /css?family=Roboto:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxclinic.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 08:10:33 GMT
date: Tue, 31 Jan 2023 08:10:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2