www.mixword.ru.com/Ltujq/utxqg877218hadvosnr/0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
200 OK 627 B URL HTTP/1.1 www.mixword.ru.com/Ltujq/utxqg877218hadvosnr/0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (380)
Hash 4e2ce5b208195edd0c5b8815e80bca65
e482716434bd6aad913323f375c267000792cc75
639aae5ca6d02eda13cb9ab6faf1b197ef013b3e125a41750fb5a5d489decb55
Analyzer Verdict Alert fortinet Malware
GET /Ltujq/utxqg877218hadvosnr/0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPq6D0ViVuI%2FCrlssSSuK9A7qfAcYY31P8wRgWG5AhEZySQBDwM7BPZ3FXdcey14V5qWwfn%2BLoON76nqPB0LWmQAaxnUwgFSuotN8UeM7t24BleB2fWW5qmhO0dX03LZc4PLc74%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75669138fab0b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _d32flzw2jpfdd116pSdlTABI4XzYkAC0Wo2j_W-JFL03MrtyQy9YA==
Age: 160141
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1273d41c84b2b39f78a8033130d00282
556757697b70e019ed502585fcc888e2403f3229
ee3c03cc0a659fbc43d34feaa79a8ad6627b9c525d675956cdb434c1590db89e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE3C03CC0A659FBC43D34FEAA79A8AD6627B9C525D675956CDB434C1590DB89E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8829
Expires: Fri, 07 Oct 2022 14:43:28 GMT
Date: Fri, 07 Oct 2022 12:16:19 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14683
Expires: Fri, 07 Oct 2022 16:21:02 GMT
Date: Fri, 07 Oct 2022 12:16:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JdAoQu4SVJ2rngNX3E9azhwgBXicDYfczeINg008z6szT7NDRmOkJOhGZE0G6DjqTR4UXCLFm5U=
x-amz-request-id: ZAY29RZD9E9TG936
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 11:59:10 GMT
age: 1029
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:16:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:16:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mixword.ru.com/jquery-1.11.0.min.js
200 OK 33 kB URL HTTP/1.1 www.mixword.ru.com/jquery-1.11.0.min.js
IP
File type ASCII text, with very long lines (32341)
Hash 95fe3f4dd117c33f6015e1c3d6df1d0d
d5b8856932d1ea63f51824de0bb50670d2e960bc
e6945ac3f1927f242a9fd7a5cf67720f7763888127a7427eb24ffc52019d4b16
Analyzer Verdict Alert fortinet Phishing
GET /jquery-1.11.0.min.js HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/Ltujq/utxqg877218hadvosnr/0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:39 GMT
ETag: W/"62e8238b-1787d"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYX4d5qv7%2F6XZG2LAGAekAJR5cqFJyJts%2FW0BiIGH0p5jBfBg6lPZ9BO4JA9AU7leHOgKojsUzwcnsJpsWnT2TFtogQlmIer8JSLEb8UNlHormzHzbzY88Hb1qEFIx1%2FVTUrPzk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566913b7d5eb51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.googletagmanager.com/gtag/js?id=UA-22484186-3
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-22484186-3
IP
File type ASCII text, with very long lines (2039)
Hash 9423e7448b77cfab7eecb8765d215fb1
f4dc55f3ca19abe5527696cf8733f3811c838663
1180625abec214eccab3e18c1aaa3bc9b0f181fde06cee741fd2b8a571039a13
GET /gtag/js?id=UA-22484186-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mixword.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 07 Oct 2022 12:16:19 GMT
expires: Fri, 07 Oct 2022 12:16:19 GMT
cache-control: private, max-age=900
last-modified: Fri, 07 Oct 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42425
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:16:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mixword.ru.com/offer.php?id=258&sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
200 OK 425 B URL HTTP/1.1 www.mixword.ru.com/offer.php?id=258&sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (408)
Hash 346d13ac76e679dad2cf4d1a29856eaa
45a2dd3fc1168e478682596e844643c1f3897b0c
2b897caa360073a7dacfc599183f2d02d025eeae78d553fbc079262fd1be6758
GET /offer.php?id=258&sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/Ltujq/utxqg877218hadvosnr/0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14z4DOjXfr%2FVVxnZaeNXNmhZpVCRSrAw5r9E0B%2BvuW2KYfbSi4tU3llHkqGBrZP4hLYrwgJFKduF1ABlxSdItP2zwqqc9HWtXd6IboQuRPk6ffjcqh2Dyh20%2Bov%2BZuLCcYldQ8I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566913ccecab51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
200 OK 18 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9798), with CRLF line terminators
Hash 55206bef97dc761ea0b421cb591fa003
a0c5e12e19c3cd91b3848e4a4672f5a706b0a13a
50715e7b961e5d640f81d58b2135f8accdb9d83c4baebaaca0667932937a24c5
GET /clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOcuqkyDp0bDRaO7nxjX7LCSU0KcFbdT%2FvJtKXQuQ3EtktqEmUfcDUeMQCCwTbw7iLGcpKi%2BAmRELD6yzRFjlwfxBAF2gQv3c%2B5Kddd%2B3FmYPc5UL8m2VU5JznathOmOsDVc1IQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566913e0826b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:16:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/sdk.js
200 OK 1.8 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/sdk.js
IP
File type ASCII text, with very long lines (2088)
Hash f95d923af5491c973f9ee3229457f5d6
aa3fde5e1ba3549e24389093db178f4ebb969950
99f0ab57bdf2935847ed474bea197cb665b3be4031a7e03a60a934231c9c9bc0
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/Diabetes11219_files/sdk.js HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: W/"62e823f4-c98"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GardVfXEtQ4sWFwb9%2Bhyy4CuIPC9Rfwl1SMoxyAAGvvZw%2BC1qFzdu7iWxIDRdZRQBKD20IhI5pjLufq%2FxIHJbnqxoztGuy4CKupt%2BEMBddGfhZyCthCPWuDFwDDvfnKrPQCQe9s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566913e8fa30b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Fri, 07 Oct 2022 11:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 07 Oct 2022 12:06:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bBKIlzzes_l_9VupxYqRRVTq8jyWCdGbAJFPIaiusrVnmdN0hzDh0g==
Age: 2799
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/iframe_api
200 OK 859 B URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/iframe_api
IP
File type ASCII text, with very long lines (858)
Hash 1462e0b961f0c6846e587cff8397795c
c05d0d282978a3bd4e3cb645d91eac0e0ee01375
37c687b8f028567b6e7a898f961cfddc284b29dc35b9d588202121439b609660
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/Diabetes11219_files/iframe_api HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: application/octet-stream
Content-Length: 859
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: "62e823f4-35b"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRgKjQ2CW1SydojVgwZt4nwGWuPBTBd6FcaADNdagf%2B4Yb3k3aIBnl%2F8OM34hfbErRFEK9hj4zBqEDtf0ftsD0fFr2kf3qynuPN9YGhFi47yL5K5XmpYhmQmwGot8uUKCDJLbLc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566913e7ae4b52d-OSL
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/vendor.js
200 OK 5.3 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/vendor.js
IP
Hash d23d1af46c658ef360e240943c56f86e
17572b59849e1ad49d6036236926d2a097827381
3fa8f8737fa841388389f1107e746c2796c01f5167aeb03564f6bb2f36b746a2
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/Diabetes11219_files/vendor.js HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: W/"62e823f4-476a"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKsjfaB7d2dG98ZoTunWElOiRIv2IfzMwrKA1Nbx4W9K1njeAZ08Yu6IQ5SIrXZHRPq%2FsKP%2FWbeyLmC8bYJW6wwtbOuFRah9NQzHCNrE8HGHlsV49Sez0Bi64KiI5ujlQT4L5Ok%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566913e8fa50af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/www-widgetapi.js
200 OK 8.7 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/www-widgetapi.js
IP
File type ASCII text, with very long lines (658)
Hash d23b3a512baad0da613f93721e93a759
b17d27a6542c4d1bdc02e6b06df84973a89249c9
3bc6592025ef32e2dec2bd3881307e62be30cbdf7fbdeda433117af618e8ab49
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/Diabetes11219_files/www-widgetapi.js HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: W/"62e823f4-5a63"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIfK8cT7JO0HwejUZJ2LIqsnM%2BFiWEWuligv%2BlRxxg%2FugEgHdw4cpU%2FJlYLmtBnkZHetjx6Ok6HCiMa30QKqzYXkEGbimS8TxuLLa4XR1Y4kLVWUa4DN%2Fz5XV236jO%2BISbjJiUM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566913e79eab523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/keen-tracking-1.js
200 OK 9.0 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/keen-tracking-1.js
IP
File type ASCII text, with very long lines (20564)
Hash d3750a430204e5c0a898589fb8150ca9
8cc4043ea51f7d1d55c300cd544f06d38c953d6e
2750c02ea048eacd6724666deb3cb45fae572ef5bf96cb41708b53b6001df1c8
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/Diabetes11219_files/keen-tracking-1.js HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: W/"62e823f4-6be3"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4%2BALHBjtCiTwl2PNg7kgCm4WBCPrc8CtUlZE0hZTVRy%2BFsNrydCnCfVyFbpVZTXYFgjCJMp8g07LsXrlQJx%2FpABDF%2BImEKQHLYS6K4pfkN9ACZ5mRS%2B4YK1QEIwCV9X4v01q9w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566913ed904b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:16:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 87465c15992fe10c24c62a185f8c171d
fa938b624d06d1e2927c8eda6a44b2a32d930f59
239ef7fe5df8c396d96a928c20d66c842a5ec3e9ff71a3cd7c0068906fc3e537
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:16:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.ytimg.com/yts/jsbin/www-widgetapi-vflhiN9BI/www-widgetapi.js
200 OK 8.7 kB URL HTTP/2 s.ytimg.com/yts/jsbin/www-widgetapi-vflhiN9BI/www-widgetapi.js
IP
File type ASCII text, with very long lines (658)
Hash a74ce18c79d6b5adea995e6460fc97c3
fec93285503f9f9b2cf646c46b5d5917ba31aa24
a6ee0238d52d65430c5e16622d0bd230ddf7e8aded89d9638f5f9f69201976d9
GET /yts/jsbin/www-widgetapi-vflhiN9BI/www-widgetapi.js HTTP/1.1
Host: s.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mixword.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: https://www.youtube.com
content-length: 8680
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 00:35:14 GMT
expires: Thu, 13 Oct 2022 00:35:14 GMT
cache-control: public, max-age=691200
last-modified: Wed, 06 Nov 2019 17:46:15 GMT
content-type: text/javascript
age: 214866
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/sdk_002.js
200 OK 60 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/sdk_002.js
IP
File type ASCII text, with very long lines (12772)
Hash e4c9855e69c1f37ba8257b0207b3f0af
2513eee0ef84246d6e699a3fef3b32857b0ad814
c52089ced54f884ac42a19b317caf222697ec0b544d65bde1596b88871f0148e
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/Diabetes11219_files/sdk_002.js HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: W/"62e823f4-31660"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wN1NBUag80FckXJs5Xw6J6TPiEatUrDCw95xIbM7XDBZkode73xsc4HrQW4VFaNPn%2BIiMcC8JqtLcTk74hHB4QA7TlhiIIhcqnj%2BJqo3kX1nXCmNzccBoe38m9RyjfPwf912Y%2FU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566913e7ddf0afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 87465c15992fe10c24c62a185f8c171d
fa938b624d06d1e2927c8eda6a44b2a32d930f59
239ef7fe5df8c396d96a928c20d66c842a5ec3e9ff71a3cd7c0068906fc3e537
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:16:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/v4-shims.css
200 OK 4.1 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/v4-shims.css
IP
File type ASCII text, with very long lines (26440)
Hash 9124aacb6d47c682bff28bcf85151f51
c82527e2773381ab21c75edd1ab83f53f4fca71a
8fc27e1f9aedce781eb633d39a7ca420417877ee59e460ca3f1a4c3d2f42388e
GET /clicks/chapter2/Diabetes11219_files/v4-shims.css HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: W/"62e823f4-6801"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7NgoFHnZlq3DyHWkosHXiXFbts1tw3DE7OmDZHqzaPav7jAP3r%2BxK5%2FAS2AJBkGzfvfGDRwXIFplv4Qstrycn%2FHM9DxhVnuFZDNreBgYDrGN3ysk69C3hp64VpuPloi4Bzx8es%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566913fb8c10af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/obtp.js
200 OK 2.6 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/obtp.js
IP
File type ASCII text, with very long lines (6009), with no line terminators
Hash 45b566f2bc7e6b0a50ec38c3577c5443
444f6fd466a91499cb197d42718a248272a19640
980a8543ec1073b2075cfdf97db657576504471e396e1b586cb55edc9b7145fb
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/Diabetes11219_files/obtp.js HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: W/"62e823f4-1779"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEgu%2B3VYDIbxEKVRQJGglWCBSOL82s7SxaRlawGW3HRm%2BF7%2BDGmvq6wirOLFkVngJOgPOi%2FpUGWOyVyp1v%2Banr0WMaR2f%2BzJFsJaX5KDr2xEKbuoo5BiOUaepdMSrqM3Ciuy0s4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566913ffa95b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/all.css
200 OK 12 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/all.css
IP
File type ASCII text, with very long lines (55782)
Hash 6dccf0e6709e86e89108110cf0ec1aac
fc83bcb574e534fc40488ba41ee98803de7b1e17
ae5e043e2f434780d48eaf3a76201a6658de2c277083cc2a82b5ca87a5a8703d
GET /clicks/chapter2/Diabetes11219_files/all.css HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: W/"62e823f4-da9f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNjf5Nz86M%2FEdLaCrwmmEufYRfMT%2FTFNVNBagD6K5QcM8ygiEChq1Y%2FacugpQTUxfAlXDbGW0TvI2Zofws2jvDJHhaIQgsndGza69n2NI9wX0uf1aoD2Ff3k2PSDZyXFUcu2Vds%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566913f9c26b52d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/css.css
200 OK 2.5 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/css.css
IP
Hash f4872e883b0d7b07958980a74e6b8611
f4d37c12549e8816d007b56ea0c242ec579a1b09
143ba788896a092f80fcb299eb44d66cf8baedda36c8f22da35039b1bc20576b
GET /clicks/chapter2/Diabetes11219_files/css.css HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: W/"62e823f4-a9c4"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bra2fVXZlj4V%2FqiuEX6o%2BNrUNZv9AtP7BwmZ0Ka%2FPvYNI3QVT75j5SqEZpZY8%2FZQwHO0IostjiiAPbPuwwMg%2BLDhefFVE87ad%2BvPAyofJ8Hg%2B5N7YOuXYoSgdBDEzxK3eamxslQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566913fdb7eb523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/application.js
200 OK 1.8 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/application.js
IP
File type ASCII text, with very long lines (4947), with no line terminators
Hash d857daf537a32024ad1d1024ddf9a393
cfc98d3d7d42ec7aa5392a8fe1b052c20b104d2d
1561a1b607dfc9d6c0711a785503d17398531565d7d3308558b4915701d2b152
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/Diabetes11219_files/application.js HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: W/"62e823f4-1353"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btrLOzYv95FAk5QktE6cPVFs2XMl%2BRjCE%2FXCyjO1q9EECoIJdNdXG04gYt7t0vnJxgMqUJZYXuWEsRMBLXRgGutI1HPUJwV%2FRBn1FE37H28%2BjG6tDx54oT5FKWUmjjScYPPM%2BO4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75669140d9de0af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/seg.html
200 OK 188 B URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/seg.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8ac018a3040989a581b13e9a0b765436
781a73631a5b53c805a98eb8ae1320d6521480c8
5a8fb7e23af552ecf8dcd371aff26d8ca3e9e09fb0cfd5c0eead886ba2df6dcf
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/Diabetes11219_files/seg.html HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCimYp6a%2BpzDTL3uX5xPcO3phTz7csuCk3L8WMkLj8S%2FZbXxZsZvWueWMpVNUkVEWevvNnwIekuJ6lV5xkF78oa3csjsh8O07S7mLpojXtYqagqvulbyHNinbHwwx0AAyzOOcZI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 756691412dcdb52d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/tfa.js
200 OK 20 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/tfa.js
IP
File type ASCII text, with very long lines (43117)
Hash 24c34ca5d75827d5941a78e975730b99
0ecbc4647b1620a43a9d7cc46aeb69e26227b2cf
100def36a0c4d9755ba8703e2e61cfa6294a94125611bb5d0e6e9fe62a8c29ff
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/Diabetes11219_files/tfa.js HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: W/"62e823f4-e57e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Xa2o8KG6vFJNYG1XoZu3d5sPDuU%2Fc5LVks9T5dn%2F0pVW1LoHLBr1iclfxe7xdfUK3xuMULZzTX5nv%2BzX12%2FmHrCWePS%2BKFsKnAVHvFNK4IpwQAQ%2B%2Fn2PaAWqybYNAOcmKx1iBo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75669140986a0afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/lander.css
200 OK 71 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/lander.css
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (53339)
Hash 7d8b29ae3e0a9a86e0609d04e2398be3
eb773d51be3addef9dd3d47adec370727a9c3082
e658da7d336e40aca0fe6ce1134b95ca30b3fed5cbb826ec265b240f4eaf6b87
GET /clicks/chapter2/Diabetes11219_files/lander.css HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: W/"62e823f4-67fce"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P01gS2r6pu7dwQBWVgVW0NEK69ZVQoej7VyO6GEw5KhH2Hoisg7aSEG%2F5KxHyXSfd5LcOhcw28zAGsi3khBIonLtIIiGwrrCF9DSflDer2s8zav59VbYT8VQ%2F6X663aHTLACJMg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566913f98ac0b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/atc.js
200 OK 7.7 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/atc.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (31410), with no line terminators
Hash c038e1369a8b18c2e7ddf66a58401001
54f4f1a6e4a5467312ad3bd7ae851342e5096cd5
48ccdba162f1b757042f12b22ee80b7570c2a18089cb6fd67f6fcfb4929fb31b
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/Diabetes11219_files/atc.js HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: W/"62e823f4-7ab5"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XnyUdPn5c6KNUitcl%2FMCd%2BksHXZeXwdP8bj7FmfaLM4wZO17AohLGem%2BsqyMWh%2Fj1tCtn6I3JRGpLeTKIshHa4VqQsu%2BJxwI9eAmYa7zjUFOtRSV4qr%2FZOR%2BRt3aCMLwxDJyRY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75669140fb7ab51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/css_002.css
200 OK 669 B URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/css_002.css
IP
Hash bcbc16102adcb3260353b5aa0be1242e
ce0380774ae83165e2e1dd37190b6cd34e897b9c
06c733eb0a0a75b70e674afa1f10a64ac685740ab4aca9b3c317287a0d7f035c
GET /clicks/chapter2/Diabetes11219_files/css_002.css HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: W/"62e823f4-1122"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yU%2F6DZFEh4mKxiD7WXhSROCTS6Hg%2FkYI94%2BKdkSqFLkOWbi%2FEYRCD%2Bi8NXJ2ZBJORYseIoYVhqxw5QtI5f7kINGtQnHBdpm7W%2Fo9sXPHfIkTcIuZEdO%2BtlgZETXyEIVj12upZH0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756691412d1fb523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UJ36nA/GFGAvjmVeCy+t5w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8zzz3pzcBIWzvS70aRZ0GutaokM=
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/mailcheck.js
200 OK 1.1 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/mailcheck.js
IP
File type C source, ASCII text, with very long lines (525)
Hash bc0cbd3b16c6fb2dca0064ab68211bad
3dc0d0f4f417e70323ed235694a1aa7ecb9daa7b
7f98bd22205d7b125dc631333282ef636579399885b64b0b04f692962699be8e
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/Diabetes11219_files/mailcheck.js HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: W/"62e823f4-a8d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzoQDTnD383ZXxi246JSD2R2FVqP%2FPIPUpF5FXII4YScYHBYD84ZDXsuIakmmDmEiOTBzOsdNvb%2FkstyHooYzDPRuNU%2FvBFAOQFTUxz6%2F9Qr0XWRWyupSEguKyTixELT%2BycAEgk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75669141fea6b52d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/badge.webp
200 OK 2.5 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/badge.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash f82a9c7090589cc6459447d33e489602
c578ebd5ba6ae6e69765959b6181746e3b26facf
594cbe275582133e66951234ae7082d41299ff157d86418acfa953aec96dba8a
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/Diabetes11219_files/badge.webp HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: image/webp
Content-Length: 2492
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: "62e823f4-9bc"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xchs7vzNTp7B1HtXE9qhuEmBzJDCZHegSpMJoXfYwpbmIsYI2o9i%2BTCVCfvddLlT3ee7D0Qa3GHVj6cB195KWz%2Fp%2BiLDv8utWpEup6ghezcx8lb2BACFFBqJQKjVv%2FyVtfpqA4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756691423e74b523-OSL
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/pushcrew.js
200 OK 365 B URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/pushcrew.js
IP
File type ASCII text, with very long lines (637), with no line terminators
Hash 9d27c4d6e0a1672866be04daae4d44c8
02b3477598197fca8d39281889143e55ab0154ce
5762b7c5ab22bd6a13d7235720808d3b21896e17cfb990a94b9e749c6e376770
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/Diabetes11219_files/pushcrew.js HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: W/"62e823f4-27d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPqiXJKs2ElcSH5SD8KN7SiQoXBNMtFrwdffnZKgSAezv1BJ2snfKjuGVkydSJqKL2W5w33uXVxjZQH%2BU%2FqERHYi7%2F8e8irtuQcA5WES2%2FCRrfqZpyqjGIDTZtAHwxNvXz4jasw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566914219aa0afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:16:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:16:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:16:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:16:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mixword.ru.com/clicks/chapter2/webfonts/fa-solid-900.woff2
404 Not Found 153 B URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/webfonts/fa-solid-900.woff2
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 706a98254456810d3e849c3957af9d01
e461d072a6ba8f0082d6f187eba7f053343529c6
8351c0267c2cd7866ff04c04261f06cd75af9a7130aac848ca43fd047404e229
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/all.css
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 12:16:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DeqeesG5j67Eu90m4xip0amtvNmD5nxf9EloMM%2FnnVelO%2Fe1AzV2UIkmEZygyoBCBpkkL9pSPEZpPUUlRne0emfOb%2Fz4a94eCqYksXYjF47Sj1g5o4BvpVn2yWBSqxJ4ax5%2F3i8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75669142cf5eb52d-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:16:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 16 kB IP
File type Web Open Font Format (Version 2), TrueType, length 15988, version 1.0\012- data
Hash d54dcd9a6bb8a523ffa27a4a37012710
bc3c39f938214627097b2581cf218a36d600d6b4
a7d5500e6e1d3c7c9fc3f8281d1eb49a78f13788fd65c9da98b0a8476cef9b84
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5717
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:16:20 GMT
Last-Modified: Fri, 07 Oct 2022 10:41:03 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/oswald/v29/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v29/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 16328, version 1.0\012- data
Hash 2c3930fa023e6b0bc0a6fa4f6b4f29e2
3ffc33b56252101d510500fdcc6fd97362d79b38
e8f3f536c66c8ed9428d30dfef5711a0072a4e45d61d316b601038990a7af07e
GET /s/oswald/v29/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.mixword.ru.com
Connection: keep-alive
Referer: http://www.mixword.ru.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 16:58:46 GMT
expires: Thu, 05 Oct 2023 16:58:46 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Oct 2019 23:03:54 GMT
content-type: font/woff2
age: 155855
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/Diabetes-eggs-389-285.jpg
200 OK 15 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/Diabetes-eggs-389-285.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 385x289, components 3\012- data
Hash 5bc0b69d6239318de2dcef03aafbe6b3
b1f2c5366ab3623efee91ccba280d0342604d70a
42b0ae9ae41e102b1f5c4b91c46a86396e792886e77ecb0343d83711581bc32e
GET /clicks/chapter2/Diabetes11219_files/Diabetes-eggs-389-285.jpg HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:21 GMT
Content-Type: image/jpeg
Content-Length: 15335
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: "62e823f4-3be7"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lqvhw4MxlWuK3800%2F9LJDRicZT68ZTXVh7wAJbkbpec1DVmG0VWGjKfdx%2FOKx1Sw%2FKtiFMrDzEp4eDu7hKrjrUo3%2ByDS3IRNqqA%2FQNZOnKwjD6JjNMf0Yw7sFQc6JItx7CM6Vbk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756691423b4a0b51-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15056, version 1.0\012- data
Hash 0edb76284a7a0f8db4665b560ee2b48f
02496387a5f7bf7b79df52c7b76ece4ebc7a0710
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
GET /s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.mixword.ru.com
Connection: keep-alive
Referer: http://www.mixword.ru.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 01:47:47 GMT
expires: Sun, 01 Oct 2023 01:47:47 GMT
cache-control: public, max-age=31536000
age: 556114
last-modified: Tue, 23 Jul 2019 19:30:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0b.woff2
200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0b.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 14380, version 1.0\012- data
Hash 33543c5cc5d88f5695dd08c87d280dfd
600db9374e47e4f73a59ccc0a99bcc42f4a3e02a
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
GET /s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0b.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.mixword.ru.com
Connection: keep-alive
Referer: http://www.mixword.ru.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14380
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 22:39:30 GMT
expires: Tue, 03 Oct 2023 22:39:30 GMT
cache-control: public, max-age=31536000
age: 308211
last-modified: Tue, 23 Jul 2019 19:30:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data
Hash 3d5107abaf7bf4df5478bd04625c0929
b04d394caabf6ea3e500b74781dc2bfd54f3c18d
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.mixword.ru.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 19:07:15 GMT
expires: Tue, 03 Oct 2023 19:07:15 GMT
cache-control: public, max-age=31536000
age: 320946
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/halki-screenshot-normal-blood-sugar-was-w-play-button-and-cl.jpg
200 OK 32 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/halki-screenshot-normal-blood-sugar-was-w-play-button-and-cl.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 837x658, components 3\012- data
Hash d47d180a443c123a47620802293e12ae
d8ae320336d588a498bf7b23b65db9cb94819413
37d08429e2db7531b37436848ccd0dda602e8fc48ba249b01a04159dc659b736
GET /clicks/chapter2/Diabetes11219_files/halki-screenshot-normal-blood-sugar-was-w-play-button-and-cl.jpg HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:21 GMT
Content-Type: image/jpeg
Content-Length: 31488
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: "62e823f4-7b00"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqM6dWWL12H4z%2BNjxERoFuJgdkdNzXRK9ti%2BtzBHhBG%2BKcKZ3xQzOoJ5MIA0b5O5SJOR8CzQ%2FFwaShSry4dY1pQ2r1p6eKSk8TBv3xTfuoYfYkM9l7U7u1tDXC%2Ft07FpwvF%2BTuU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756691423d62b51d-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:16:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mixword.ru.com/clicks/chapter2/webfonts/fa-solid-900.woff
404 Not Found 153 B URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/webfonts/fa-solid-900.woff
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 706a98254456810d3e849c3957af9d01
e461d072a6ba8f0082d6f187eba7f053343529c6
8351c0267c2cd7866ff04c04261f06cd75af9a7130aac848ca43fd047404e229
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/webfonts/fa-solid-900.woff HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/all.css
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 12:16:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mH0UD1IxPBzlJYZoeKi%2BQl%2FljQrsc6%2Bb93bKU2HJQcdQp3CX0tadrAdfKNGsnDHMT9tKTzBj7nUghOl31d1g33VRBGHbjWS88Yp476XuyXMplnsh54INjt%2FRaXIqvxOMGzwj4R4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756691436fe6b52d-OSL
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/closemodal.webp
200 OK 672 B URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/closemodal.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 19754ed4d508cf576c80cf36e0db8c50
f459beac714e5be68aa75349fa806a5642af456a
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/Diabetes11219_files/closemodal.webp HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:21 GMT
Content-Type: image/webp
Content-Length: 672
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: "62e823f4-2a0"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VF7c%2FeltnUEkDTQJHJumsgvjM8MrgcPWuDJUAyTPpaoDFswdXSJlXdCg56itowp0TE%2BXlmAL4QEkswi52SRa9wDmEsQGmx%2BeqI9MRWUaBNHcf1hVlsPDoA2VQlvErdtPg00wwhY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756691431aa70afa-OSL
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/eric-whitfield-200-200.jpg
200 OK 5.9 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/eric-whitfield-200-200.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 118e3fb670828c94499316c67a057219
805cf6e12c3ba97341e03490696e8a5e82285f72
8cf3d99c00b31dd1925b27212feb6e6d293dbe2e339b9fb5a541fa48c20fc0e9
GET /clicks/chapter2/Diabetes11219_files/eric-whitfield-200-200.jpg HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:21 GMT
Content-Type: image/jpeg
Content-Length: 5866
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: "62e823f4-16ea"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBngA1QVZsTHzrmE5oGgMSaBoS8z%2FFVbF2FjTL12ZiqiSrBt8GOjIGY7ug4uyX5U9QGwVt%2BjfueJyVvR%2BLZpL6GlvUyipk0fPFgjyh2Vpb%2BdD91OxTf0jh0pnykrnKZWMAjVMAg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756691430f50b523-OSL
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/webfonts/fa-solid-900.ttf
404 Not Found 116 B URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/webfonts/fa-solid-900.ttf
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d6e62b966693d7822072903ae8310d00
2de307cf4db56a090d7633f2da9ce6d224f6ffb7
36bd7d3c61ddaa2cfd74438dfcc2552f527a5299abc17957073a05d4b1d5cecf
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/webfonts/fa-solid-900.ttf HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/all.css
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 12:16:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvrSOmv2GZ9T01sB4umUW0cLCKHS%2FAoCBeq1Nsm%2FlU8Z%2BkwkgmSxg8HqvnTKJ3Sfosz6iQLN%2FlLG4Z3OizYIO9qHU%2FBf1%2BPmozdq5gXC7fYs9VdfjLjCybFdi3cv%2Bxj99esx5zw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756691441ceb0b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/lander.js
200 OK 286 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/lander.js
IP
File type ASCII text, with very long lines (32761)
Size 286 kB (286491 bytes)
Hash 9c694523f4182323c70574a6a0e79272
dcebefeb714e00c0c25f7158a4c95d9e3d7407d6
cb4ae91632a9edf2b2a0e77b4f514b10efde3b1baf7bb73df0ff384f8021b10f
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/Diabetes11219_files/lander.js HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
ETag: W/"62e823f4-f13c0"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOwZTu8MoqlBESaZ0xChoelxwDsCVwUxNY6Dn9u1KGuH0ehwuy3mb9Chsu%2FZD3bhvY0W7zGjSZseE8dvchNmGGW5aFV5StHw4NZ6pFQ2NDV07UxovCMCamKfSvQQcMJuLfaXUPo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75669141eafc0af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.patriot-advance-report.com/vendor.js
200 OK 5.8 kB URL HTTP/1.1 www.patriot-advance-report.com/vendor.js
IP
Hash dc99f914aadfc23d5a2b9f5d8d360134
baa0fc4e1bee534c23b2af0aa3e696c383b796ee
16a67c374fde0119e49efd90a826b7e1ae35eaa3539983d615f298ad5a756cb6
GET /vendor.js HTTP/1.1
Host: www.patriot-advance-report.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 756691482b570b41-OSL
Access-Control-Allow-Origin: *
Cache-Control: max-age=900, public
Content-Encoding: gzip
ETag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
Vary: Accept-Encoding
CF-Cache-Status: REVALIDATED
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Status: 200 OK
X-Content-Digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
X-Frame-Options: ALLOWALL
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: fresh
X-Request-Id: 30a0b609800be606a720a55682cfa095
X-Runtime: 0.023190
Set-Cookie: __cf_bm=thW7r8WlLnFosF3ABIj2Ks58tDSBtP0J.J3Q4dj0V7M-1665144981-0-AbTWOSGk42XX6xbVU0gsM+doQowaU1tiRDTjGWeF0eb7Fe0iPUd0DWjqIiAsuKWMbHpQWOxxppFbrgw8mh2m1OP1c0v50XUkYpgwsal467VX; path=/; expires=Fri, 07-Oct-22 12:46:21 GMT; domain=.www.patriot-advance-report.com; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60
app.clickfunnels.com/userevents/?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=23e06b7e-2c68-423d-91d5-9b4e8b05a931&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
301 Moved Permanently 1.8 kB URL HTTP/1.1 app.clickfunnels.com/userevents/?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=23e06b7e-2c68-423d-91d5-9b4e8b05a931&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1774)
Hash 5961ac7b5b6b4128386069a208c75f65
fd3a5a180202146d4e108d950a4918786ad981fd
b56eda7396119f14d16c8dba5be7fb33202c634910a4431bd3381fca830c3b9f
GET /userevents/?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=23e06b7e-2c68-423d-91d5-9b4e8b05a931&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.mixword.ru.com
Connection: keep-alive
Referer: http://www.mixword.ru.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 07 Oct 2022 12:16:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://app.clickfunnels.com/userevents?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3AUniquePageviewsCreatedSummary&nonce=23e06b7e-2c68-423d-91d5-9b4e8b05a931&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
CF-Ray: 756691482c29b52d-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Status: 301 Moved Permanently
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: 12d6a4bb6f06de3c4c0fb1974bd1c46f
X-Runtime: 0.011544
Set-Cookie: __cf_bm=GiwNmJlZ56D3bnVLK4MpKOk4Q57fyjLQF_q_bDP5YKE-1665144981-0-AYnPV/9DhKGg6PCOVngiRZY6J5KeSguOwKyYj6BEs+XovuVG22oj0TWEPWH1uexIfBWSxi7ii+OX4gxCwd5ob5AfI+fQH67HpQFvW5XiPzky; path=/; expires=Fri, 07-Oct-22 12:46:21 GMT; domain=.clickfunnels.com; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60
www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/xd_arbiter.html
200 OK 12 kB URL HTTP/1.1 www.mixword.ru.com/clicks/chapter2/Diabetes11219_files/xd_arbiter.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5403), with CRLF line terminators
Hash 28d03100daf4c6fc819318d2f967e93b
1c64d474d0c29a0332f1e3eb1fa095fde6e694ae
de16eaa7fb3fc8e7ff51df3510d3c02f89241a615dee30039d272966a8873532
Analyzer Verdict Alert fortinet Phishing
GET /clicks/chapter2/Diabetes11219_files/xd_arbiter.html HTTP/1.1
Host: www.mixword.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:24 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hemvzgnMG84zi6a%2F5sNYkfAwYn%2B5IsfmXEAFkIUw10Pp%2FZQXAry7XrGzRW5m5yMNqIOcC%2BF7xgv5t%2B0PfZjvYf5%2B7Xvtu2md9aa0zKru46noo3MshZBtOnaMonhPrfTvnDmHgr0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75669147e8e70af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
app.clickfunnels.com/userevents/?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=0f005987-3000-417d-9dbb-71e70de833ed&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
301 Moved Permanently 1.8 kB URL HTTP/1.1 app.clickfunnels.com/userevents/?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=0f005987-3000-417d-9dbb-71e70de833ed&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1768)
Hash 51f693bea3fab994d6dd2769b4859ee8
2942e2f2ac2203943c3936b6340e7942b3b3c292
d6f4f2bb64ba985f1e42ea8a33d9c82a8c4740b7b594c0aa15ebc3a0f1f50148
GET /userevents/?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=0f005987-3000-417d-9dbb-71e70de833ed&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.mixword.ru.com
Connection: keep-alive
Referer: http://www.mixword.ru.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 07 Oct 2022 12:16:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://app.clickfunnels.com/userevents?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3APageviewsCreatedSummary&nonce=0f005987-3000-417d-9dbb-71e70de833ed&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
CF-Ray: 7566914829f0b4ee-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Status: 301 Moved Permanently
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: b786c48a497eb3399bb171cadeab02bf
X-Runtime: 0.010810
Set-Cookie: __cf_bm=O.PVKIRBXcBVz101hw8O23c4u.IuCIOqBQd5bMURRoU-1665144981-0-AdQn5WHJi4E7VFShPVOYSk7ncK3X1oGNRvDQB5sixRgCKcw57rpDwbJ/2vHFNgI6+ylE8nQy35shRY/uJFoweLe65trb1rUpvVlQEHyboc/e; path=/; expires=Fri, 07-Oct-22 12:46:21 GMT; domain=.clickfunnels.com; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60
app.clickfunnels.com/userevents/?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=4bf46aee-5862-4471-9f9e-b52b52a90647&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
301 Moved Permanently 1.8 kB URL HTTP/1.1 app.clickfunnels.com/userevents/?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=4bf46aee-5862-4471-9f9e-b52b52a90647&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1773)
Hash 2a6e4fc3c620f4fb853b906dfc359679
4c60be3307008c6b090f17ca212709cfa97d3cde
0ab5da720b6636828f2aec2f4b89543c06785ecd10d222aba742b00d2ffe91d6
GET /userevents/?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=4bf46aee-5862-4471-9f9e-b52b52a90647&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.mixword.ru.com
Connection: keep-alive
Referer: http://www.mixword.ru.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 07 Oct 2022 12:16:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://app.clickfunnels.com/userevents?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3AUniqueVisitorsCreatedSummary&nonce=4bf46aee-5862-4471-9f9e-b52b52a90647&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
CF-Ray: 756691482815b4f1-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Status: 301 Moved Permanently
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: 911e3b8d51b2de9b24a32b3721690bc0
X-Runtime: 0.008303
Set-Cookie: __cf_bm=QJMGje7SJOUQat7DxwKJzbasNJ5opNKNAqa2pXHTSNs-1665144981-0-Aao5g672Va7cg+LndB3xuX3KYY4g2JtzST8rlkQZEEXRQ0w9lg3RVUxpmKf1+42gloW5ggMAa9y8Fmfb6+FSt1zPeSCU2zy64w0IN6YN+VHH; path=/; expires=Fri, 07-Oct-22 12:46:21 GMT; domain=.clickfunnels.com; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14344
Expires: Fri, 07 Oct 2022 16:15:26 GMT
Date: Fri, 07 Oct 2022 12:16:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14344
Expires: Fri, 07 Oct 2022 16:15:26 GMT
Date: Fri, 07 Oct 2022 12:16:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14344
Expires: Fri, 07 Oct 2022 16:15:26 GMT
Date: Fri, 07 Oct 2022 12:16:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14344
Expires: Fri, 07 Oct 2022 16:15:26 GMT
Date: Fri, 07 Oct 2022 12:16:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14344
Expires: Fri, 07 Oct 2022 16:15:26 GMT
Date: Fri, 07 Oct 2022 12:16:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ecd6748-5460-43cc-84b5-f33deb7cf126.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ecd6748-5460-43cc-84b5-f33deb7cf126.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6fb155a5d0fa0cebfa4cd03606f1f48c
c44cac382e2f2eb2b6ce35da6dfb37747d436d60
ca79a1bcc80f4e6fece82a0efb71a6c9af2b0b3d67b8f8c010a7f02ded6d2cfa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ecd6748-5460-43cc-84b5-f33deb7cf126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6900
x-amzn-requestid: 6d8885f4-d244-4ec7-9c2b-68d86983a30d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZQmngFsHoAMFxqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63368496-0926524f3c50d16160c2665e;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 05:54:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tkthNH6rXeqKef_h28M-jt9y0nekibDG6Fv9aPemZhrE9cpWarS_Xw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 10:49:02 GMT
age: 5240
etag: "c44cac382e2f2eb2b6ce35da6dfb37747d436d60"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
200 OK 3.2 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP
File type ASCII text, with very long lines (8072), with no line terminators
Hash 9b19340ef7db3cbb26aa923adb8dbe6e
082e699bca6e80ca6c72a43f2894f4a32e785e26
c042b8b199b2c08fa66f90753998544860e3f64c3a1f47754a66970b3b8c5b2a
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Fri, 07 Oct 2022 12:36:22 GMT
Date: Fri, 07 Oct 2022 12:16:22 GMT
Content-Length: 3249
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd58f1191-b279-4341-98b0-b5853ac04100.jpeg
200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd58f1191-b279-4341-98b0-b5853ac04100.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 90f323a3b73cab85abdce9b6631e8d93
36e42d12a193c90fbc03a7d13a1711f24bf6f2a2
259aecd4212d5c91c4eeb930d99e28ce420af50d987e93d99974f6db1127ff28
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd58f1191-b279-4341-98b0-b5853ac04100.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8351
x-amzn-requestid: 8e8e58e6-a6d5-41ef-8246-bb276b882852
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmihYGo2oAMFXYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4ad5-06b81112046a7b2b3b898a3d;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: ij3kvy3mw4m1fxe_qzZi8-zbw8raIqJB21wPBd6rqmmFLDWar9C3KQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:06:09 GMT
age: 51013
etag: "36e42d12a193c90fbc03a7d13a1711f24bf6f2a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed3fa86bbe319c9a2f81ff625e677cb0
e3d5210207f6ff922bc28e328285059c19a523a4
5919694bd942a4f25d5b7ffc3f8aee1af6cdb8461d4ba3dba9a2e72cf19164c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7261
x-amzn-requestid: e1bdf299-b29e-4f58-9c8a-33f5dacdb081
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmirBELYoAMFfgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b13-1969b32c6f4f7e5749e7caa0;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: V3fTgH8URZ1iWMxWPy49--20mtdJvMK6XTG_aPKk68pvwCxPl8lULw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
age: 52324
etag: "e3d5210207f6ff922bc28e328285059c19a523a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg
200 OK 2.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17df62c3e2ed48ba9c788f5e1b3b702f
854c326016059d67fae42cc34905d0feb58cb6fc
d0bee7a7e629f6594a79bad563bb91c71a17768c2f347fd4a366f7f0daf94fda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2478
x-amzn-requestid: ed2a2dca-5367-42c1-b982-07a39762063e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmigWFvGIAMF9CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4ace-6fabb7845e4d04613897a866;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: GFxAiO1AQfV1-pVy0NBmc9VoQoxBuBeOWsbPkVpOuT06D8Tw_YuZfA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:09 GMT
etag: "854c326016059d67fae42cc34905d0feb58cb6fc"
content-type: image/jpeg
age: 50893
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16339989f5c6c229a3dcc0ed1e52032f
a1ea26d6e4eb4a72cc8c87100b40035dab69d285
16703f888ee6f974bb89e1c4c16a75186b31b64130abcd1a3bcd3741159d912c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13437
x-amzn-requestid: ec801fbc-c339-46ce-ac5f-18d064e5ef21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_HdeoAMFyOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-02b52b770e6e76cf52b26e47;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Iesqk_XbGiZE-n3mTa1_1WtlXiyEqz-4qfyt3_609O1eujdLcFu3zA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:01:58 GMT
etag: "a1ea26d6e4eb4a72cc8c87100b40035dab69d285"
content-type: image/jpeg
age: 51264
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53b7ffdc3799e0ac7a225145242579ef
c47f0525fe5354ee13fe63c0ec31f0f826a58005
4bb518afc9b3e7bfb976d343e46b306155834adbe71fa35b0d6f509959f78aca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10987
x-amzn-requestid: c2ab1012-1afd-4d74-8114-97977b43da24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZgCHwGdGoAMFvyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633cb097-3237927a0c1e081d22c902f7;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 22:15:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: iClOZEPMiFmpeprT8McJ2HI0dCmyxkhEdfYr0qP0YK3U_Pcd9N0Fhg==
via: 1.1 3dde68f1f52282c9e1ee336d97233b0a.cloudfront.net (CloudFront), 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 11:08:01 GMT
age: 4101
etag: "c47f0525fe5354ee13fe63c0ec31f0f826a58005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d26b395fwzu5fz.cloudfront.net/keen-tracking-1.0.3.min.js
200 OK 9.0 kB URL HTTP/1.1 d26b395fwzu5fz.cloudfront.net/keen-tracking-1.0.3.min.js
IP
File type ASCII text, with very long lines (20564)
Hash a6acb97120359c326c8f7775a5514f5d
db0ba6a113b2bf753933f2b5d3451e55d7184c2d
bc1391ed0a7a70a24988c0464202bcf2f8f1a5f4d1465c8d5552471b13b90fba
GET /keen-tracking-1.0.3.min.js HTTP/1.1
Host: d26b395fwzu5fz.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mixword.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 8994
Connection: keep-alive
Date: Wed, 15 Jun 2022 12:20:28 GMT
Last-Modified: Thu, 31 Mar 2016 04:24:33 GMT
ETag: "a6acb97120359c326c8f7775a5514f5d"
Cache-Control: max-age=31536000000, public
Content-Encoding: gzip
Expires: Fri, 31 Mar 2017 04:24:29 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UrdHUncJDIoQINx3Dc7qdf82wCccPmtbjgWA-yHaj0rDfXeNVebqtQ==
Age: 9849355
www.youtube.com/iframe_api
301 Moved Permanently 0 B URL HTTP/1.1 www.youtube.com/iframe_api
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Fri, 07 Oct 2022 12:16:22 GMT
Location: https://www.youtube.com/iframe_api
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d2saw6je89goi1.cloudfront.net/uploads/digital_asset/file/444586/star_grey_scale_32_32.png
200 OK 1.7 kB URL HTTP/2 d2saw6je89goi1.cloudfront.net/uploads/digital_asset/file/444586/star_grey_scale_32_32.png
IP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash cf71488cbd2f5609f38a9e9edc6b0b0e
16106f8e4bdb45f35dc1660534feec7b7deb3719
b81919b20872b937af198c21eb58fbb09f4430be5da29066573388dd22f2f942
GET /uploads/digital_asset/file/444586/star_grey_scale_32_32.png HTTP/1.1
Host: d2saw6je89goi1.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mixword.ru.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1722
date: Thu, 08 Sep 2022 07:38:49 GMT
last-modified: Thu, 01 Nov 2018 17:20:56 GMT
etag: "cf71488cbd2f5609f38a9e9edc6b0b0e"
cache-control: max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XGNt3o2zNOlWUQdN-uAELI_-fxcjIzzFfTUck_-c-0GB5zZrn0_ahA==
age: 2522254
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash ecc594c8ad8a58175abca6f74592cad0
bc3eb5409877f214ca5d45c39d39754fd80997ae
4376e30946f541ed958cbbff449d18b6acb24608aa48fa078440cb99291dc7d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5839
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:16:22 GMT
Last-Modified: Fri, 07 Oct 2022 10:39:03 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js?hash=3e6544316392327c9d40ebea101ee775
200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=3e6544316392327c9d40ebea101ee775
IP
File type ASCII text, with very long lines (18530)
Hash dfb8c912de8625e1f6ac77cfa5008bc0
d36b436e83275c73cc44b29d8c99eaa37a42e2e9
2dbce7a31b194aa8220cef1a950116e8696a3371b5be7c66f3be6b9bda3356f4
GET /en_US/sdk.js?hash=3e6544316392327c9d40ebea101ee775 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.mixword.ru.com
Connection: keep-alive
Referer: http://www.mixword.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 185e0a4c3d677a08ef30f0dba188c57b
etag: "b969ecdffe1ded6b53853733f2f0245b"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 06 Oct 2023 12:20:20 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 37jJEt6GJeH2rHfPpQCLwA==
x-fb-debug: yN+gK2GG4pI4oljP4wfPcBHefKKSOKhryXHarvYJxojcxe29BOZaEL9LvwdLBrsAENg5SHGCiufRiB6b9vxtHw==
content-length: 88415
x-fb-trip-id: 1904183273
date: Fri, 07 Oct 2022 12:16:22 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
trc.taboola.com/1176801/trc/3/json?tim=1665144980852&data=%7B%22id%22%3A813%2C%22ii%22%3A%22%2Fshocking-diabetes-link32556356%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1665144980818%2C%22cv%22%3A%2220191014-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.patriot-advance-report.com%2Fshocking-diabetes-link32556356%22%2C%22e%22%3A%22N%2FA%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22mpv%22%3Atrue%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-jackutgleadgencom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%7D&pubit=i
200 OK 1.4 kB URL HTTP/1.1 trc.taboola.com/1176801/trc/3/json?tim=1665144980852&data=%7B%22id%22%3A813%2C%22ii%22%3A%22%2Fshocking-diabetes-link32556356%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1665144980818%2C%22cv%22%3A%2220191014-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.patriot-advance-report.com%2Fshocking-diabetes-link32556356%22%2C%22e%22%3A%22N%2FA%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22mpv%22%3Atrue%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-jackutgleadgencom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%7D&pubit=i
IP
File type ASCII text, with very long lines (2388), with no line terminators
Hash 27ba2fad073c6e7f18f5cf8fef320173
30025bf598e765175eb3a60d85888d2b1ab7722f
5c0d15365ab3ce5b08d7f0c156eb3198686edc440ef1413cdc1a678de086e6b8
GET /1176801/trc/3/json?tim=1665144980852&data=%7B%22id%22%3A813%2C%22ii%22%3A%22%2Fshocking-diabetes-link32556356%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1665144980818%2C%22cv%22%3A%2220191014-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.patriot-advance-report.com%2Fshocking-diabetes-link32556356%22%2C%22e%22%3A%22N%2FA%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22mpv%22%3Atrue%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-jackutgleadgencom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/
HTTP/1.1 200 OK
Connection: keep-alive
Server: nginx
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 07 Oct 2022 12:16:22 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1657-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1665144982.193979,VS0,VE126
Vary: Accept-Encoding
X-vcl-time-ms: 126
transfer-encoding: chunked
trc.taboola.com/1176801/log/3/unip?en=page_view&tim=1665144980851&vi=1665144980818&ri=62399f3a1eec14c5e9005fec233c4615&sd=v2_32ba5638cf94b99917021ac906ae8d5e_20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16_1665144982_1665144982_CAQQ4elHGNKKgJO7MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ui=20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16&ref=N%2FA&cv=20191014-1-RELEASE
204 No Content 0 B URL HTTP/1.1 trc.taboola.com/1176801/log/3/unip?en=page_view&tim=1665144980851&vi=1665144980818&ri=62399f3a1eec14c5e9005fec233c4615&sd=v2_32ba5638cf94b99917021ac906ae8d5e_20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16_1665144982_1665144982_CAQQ4elHGNKKgJO7MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ui=20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16&ref=N%2FA&cv=20191014-1-RELEASE
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1176801/log/3/unip?en=page_view&tim=1665144980851&vi=1665144980818&ri=62399f3a1eec14c5e9005fec233c4615&sd=v2_32ba5638cf94b99917021ac906ae8d5e_20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16_1665144982_1665144982_CAQQ4elHGNKKgJO7MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ui=20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16&ref=N%2FA&cv=20191014-1-RELEASE HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.mixword.ru.com
Connection: keep-alive
Referer: http://www.mixword.ru.com/
HTTP/1.1 204 No Content
Connection: keep-alive
Server: nginx
Content-Type: image/gif
P3P: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
Access-Control-Allow-Origin: http://www.mixword.ru.com
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Accept-Ranges: bytes
Date: Fri, 07 Oct 2022 12:16:22 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1657-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1665144982.342469,VS0,VE79
X-vcl-time-ms: 79
trc.taboola.com/1176801/log/3/unip?en=page_view&tim=1665144980884&vi=1665144980818&ri=62399f3a1eec14c5e9005fec233c4615&sd=v2_32ba5638cf94b99917021ac906ae8d5e_20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16_1665144982_1665144982_CAQQ4elHGNKKgJO7MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ui=20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16&ref=N%2FA&cv=20191014-1-RELEASE
204 No Content 0 B URL HTTP/1.1 trc.taboola.com/1176801/log/3/unip?en=page_view&tim=1665144980884&vi=1665144980818&ri=62399f3a1eec14c5e9005fec233c4615&sd=v2_32ba5638cf94b99917021ac906ae8d5e_20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16_1665144982_1665144982_CAQQ4elHGNKKgJO7MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ui=20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16&ref=N%2FA&cv=20191014-1-RELEASE
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1176801/log/3/unip?en=page_view&tim=1665144980884&vi=1665144980818&ri=62399f3a1eec14c5e9005fec233c4615&sd=v2_32ba5638cf94b99917021ac906ae8d5e_20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16_1665144982_1665144982_CAQQ4elHGNKKgJO7MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ui=20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16&ref=N%2FA&cv=20191014-1-RELEASE HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.mixword.ru.com
Connection: keep-alive
Referer: http://www.mixword.ru.com/
HTTP/1.1 204 No Content
Connection: keep-alive
Server: nginx
Content-Type: image/gif
P3P: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
Access-Control-Allow-Origin: http://www.mixword.ru.com
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Accept-Ranges: bytes
Date: Fri, 07 Oct 2022 12:16:22 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1621-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1665144982.352458,VS0,VE82
X-vcl-time-ms: 82
trc.taboola.com/1176801/log/3/unip?en=pre_d_eng_tb&tos=1508&scd=60&ssd=1&est=1665144980821&ver=27&isls=true&src=i&invt=1500&tim=1665144982331&vi=1665144980818&ri=62399f3a1eec14c5e9005fec233c4615&sd=v2_32ba5638cf94b99917021ac906ae8d5e_20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16_1665144982_1665144982_CAQQ4elHGNKKgJO7MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ui=20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16&ref=N%2FA&cv=20191014-1-RELEASE
204 No Content 0 B URL HTTP/1.1 trc.taboola.com/1176801/log/3/unip?en=pre_d_eng_tb&tos=1508&scd=60&ssd=1&est=1665144980821&ver=27&isls=true&src=i&invt=1500&tim=1665144982331&vi=1665144980818&ri=62399f3a1eec14c5e9005fec233c4615&sd=v2_32ba5638cf94b99917021ac906ae8d5e_20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16_1665144982_1665144982_CAQQ4elHGNKKgJO7MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ui=20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16&ref=N%2FA&cv=20191014-1-RELEASE
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1176801/log/3/unip?en=pre_d_eng_tb&tos=1508&scd=60&ssd=1&est=1665144980821&ver=27&isls=true&src=i&invt=1500&tim=1665144982331&vi=1665144980818&ri=62399f3a1eec14c5e9005fec233c4615&sd=v2_32ba5638cf94b99917021ac906ae8d5e_20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16_1665144982_1665144982_CAQQ4elHGNKKgJO7MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ui=20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16&ref=N%2FA&cv=20191014-1-RELEASE HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.mixword.ru.com
Connection: keep-alive
Referer: http://www.mixword.ru.com/
HTTP/1.1 204 No Content
Connection: keep-alive
Server: nginx
Content-Type: image/gif
P3P: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
Access-Control-Allow-Origin: http://www.mixword.ru.com
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Accept-Ranges: bytes
Date: Fri, 07 Oct 2022 12:16:22 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1665-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1665144982.367702,VS0,VE79
X-vcl-time-ms: 79
tr.outbrain.com/cachedClickId?marketerId=00449fdf64a264fbca3858bc00ee13bd04,00449fdf64a264fbca3858bc00ee13bd04
200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00449fdf64a264fbca3858bc00ee13bd04,00449fdf64a264fbca3858bc00ee13bd04
IP
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00449fdf64a264fbca3858bc00ee13bd04,00449fdf64a264fbca3858bc00ee13bd04 HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:22 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: 4ff9d74d0d5f84ebcf73a04c72d10f62
content-encoding: gzip
tr.outbrain.com/unifiedPixel?marketerId=00449fdf64a264fbca3858bc00ee13bd04&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ&optOut=false&bust=05208360916951147&referrer=
200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00449fdf64a264fbca3858bc00ee13bd04&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ&optOut=false&bust=05208360916951147&referrer=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00449fdf64a264fbca3858bc00ee13bd04&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ&optOut=false&bust=05208360916951147&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mixword.ru.com/
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:22 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: c9f5407d3683cfcc885fc50b53634317
content-encoding: gzip
www.patriot-advance-report.com/images/background.png?_unique=0.6552352185274319&_uniqueVisitorID=null&_type=WINDOW&_location=ttp%3A//www.mixword.ru.com/clicks/chapter2/Diabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ&_title=(3)%20Revolutionary%20Information%20On%20Diabetes%20Takes%20Country%20By%20Storm!&_key=v8rf9zpo&_page_key=hhepmxjtcl8m9xx3&_fid=6317671&_fspos=24&_fvrs=410&_funnel_stat=0&_location=http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ&_referrer=
200 OK 115 B URL HTTP/1.1 www.patriot-advance-report.com/images/background.png?_unique=0.6552352185274319&_uniqueVisitorID=null&_type=WINDOW&_location=ttp%3A//www.mixword.ru.com/clicks/chapter2/Diabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ&_title=(3)%20Revolutionary%20Information%20On%20Diabetes%20Takes%20Country%20By%20Storm!&_key=v8rf9zpo&_page_key=hhepmxjtcl8m9xx3&_fid=6317671&_fspos=24&_fvrs=410&_funnel_stat=0&_location=http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ&_referrer=
IP
File type ASCII text, with no line terminators
Hash aeb9e1af53b59881938968511b9171f6
74ca3cb6947994974a4bf72c9aac4614f27363f9
1552cc03b495579eda5c30134e17441e521af924f5c672d5955e541f6e444524
GET /images/background.png?_unique=0.6552352185274319&_uniqueVisitorID=null&_type=WINDOW&_location=ttp%3A//www.mixword.ru.com/clicks/chapter2/Diabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ&_title=(3)%20Revolutionary%20Information%20On%20Diabetes%20Takes%20Country%20By%20Storm!&_key=v8rf9zpo&_page_key=hhepmxjtcl8m9xx3&_fid=6317671&_fspos=24&_fvrs=410&_funnel_stat=0&_location=http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ&_referrer= HTTP/1.1
Host: www.patriot-advance-report.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.mixword.ru.com
Connection: keep-alive
Referer: http://www.mixword.ru.com/
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:22 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7566914d0caf1c0e-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Request-Method: *
Status: 200 OK
X-Frame-Options: ALLOWALL
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: 8716eb0e6549260528cb6c0788d6a442
X-Runtime: 0.026132
Set-Cookie: __cf_bm=aMm8m4DN.07hJsBp_TD1ZcLRjyP0CASkVKZjXcV.NGw-1665144982-0-Aaj3eUi2YKbJ/XQP/U2naEgwkrCOWSQ/qJamWS7PxNrcoGUeC4P2fidazzB66ARl+GQ+4pcymMX1Ug8itiEh7N8ffpHIWTLVqS2t4qTyYOOZ; path=/; expires=Fri, 07-Oct-22 12:46:22 GMT; domain=.www.patriot-advance-report.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
alt-svc: h2=":443"; ma=60
www.patriot-advance-report.com/images/background.png?_unique=0.44975074496802925&_uniqueVisitorID=null&_type=WINDOW&_location=ttp%3A//www.mixword.ru.com/clicks/chapter2/Diabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ&_title=(3)%20Revolutionary%20Information%20On%20Diabetes%20Takes%20Country%20By%20Storm!&_key=v8rf9zpo&_page_key=hhepmxjtcl8m9xx3&_fid=6317671&_fspos=24&_fvrs=410&_funnel_stat=0&_location=http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ&_referrer=
200 OK 115 B URL HTTP/1.1 www.patriot-advance-report.com/images/background.png?_unique=0.44975074496802925&_uniqueVisitorID=null&_type=WINDOW&_location=ttp%3A//www.mixword.ru.com/clicks/chapter2/Diabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ&_title=(3)%20Revolutionary%20Information%20On%20Diabetes%20Takes%20Country%20By%20Storm!&_key=v8rf9zpo&_page_key=hhepmxjtcl8m9xx3&_fid=6317671&_fspos=24&_fvrs=410&_funnel_stat=0&_location=http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ&_referrer=
IP
File type ASCII text, with no line terminators
Hash aeb9e1af53b59881938968511b9171f6
74ca3cb6947994974a4bf72c9aac4614f27363f9
1552cc03b495579eda5c30134e17441e521af924f5c672d5955e541f6e444524
GET /images/background.png?_unique=0.44975074496802925&_uniqueVisitorID=null&_type=WINDOW&_location=ttp%3A//www.mixword.ru.com/clicks/chapter2/Diabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ&_title=(3)%20Revolutionary%20Information%20On%20Diabetes%20Takes%20Country%20By%20Storm!&_key=v8rf9zpo&_page_key=hhepmxjtcl8m9xx3&_fid=6317671&_fspos=24&_fvrs=410&_funnel_stat=0&_location=http://www.mixword.ru.com/clicks/chapter2/Diabetes11219.php?sid=996045&h=0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM/AEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ&_referrer= HTTP/1.1
Host: www.patriot-advance-report.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.mixword.ru.com
Connection: keep-alive
Referer: http://www.mixword.ru.com/
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:16:22 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7566914dbffdb512-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Request-Method: *
Status: 200 OK
X-Frame-Options: ALLOWALL
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: 9441ad0ffd7127f687ab5782f984a854
X-Runtime: 0.021039
Set-Cookie: __cf_bm=nwkyvFQ8n.FZ4TFR7bLb7kIGxNQJLttH4o2al5Q3Ofw-1665144982-0-AWZa9Teh5FjyZ6lvMhQY99mIE+hok7eH8kZe1s/CLdGQDIHTag61LbMKjNE6GAd5O4VtWenQ+jTtRKXrXqh1RovDQUN3qkifo5Xf5Sx33CJz; path=/; expires=Fri, 07-Oct-22 12:46:22 GMT; domain=.www.patriot-advance-report.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
alt-svc: h2=":443"; ma=60
trc.taboola.com/1176801/log/3/unip?en=pre_d_eng_tb&tos=4512&scd=60&ssd=1&est=1665144980821&ver=27&isls=true&src=i&invt=3000&tim=1665144985334&vi=1665144980818&ri=62399f3a1eec14c5e9005fec233c4615&sd=v2_32ba5638cf94b99917021ac906ae8d5e_20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16_1665144982_1665144982_CAQQ4elHGNKKgJO7MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ui=20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16&ref=N%2FA&cv=20191014-1-RELEASE
204 No Content 0 B URL HTTP/1.1 trc.taboola.com/1176801/log/3/unip?en=pre_d_eng_tb&tos=4512&scd=60&ssd=1&est=1665144980821&ver=27&isls=true&src=i&invt=3000&tim=1665144985334&vi=1665144980818&ri=62399f3a1eec14c5e9005fec233c4615&sd=v2_32ba5638cf94b99917021ac906ae8d5e_20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16_1665144982_1665144982_CAQQ4elHGNKKgJO7MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ui=20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16&ref=N%2FA&cv=20191014-1-RELEASE
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1176801/log/3/unip?en=pre_d_eng_tb&tos=4512&scd=60&ssd=1&est=1665144980821&ver=27&isls=true&src=i&invt=3000&tim=1665144985334&vi=1665144980818&ri=62399f3a1eec14c5e9005fec233c4615&sd=v2_32ba5638cf94b99917021ac906ae8d5e_20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16_1665144982_1665144982_CAQQ4elHGNKKgJO7MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ui=20a4738b-2595-42b0-9364-04922154a8e8-tucta399e16&ref=N%2FA&cv=20191014-1-RELEASE HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.mixword.ru.com
Connection: keep-alive
Referer: http://www.mixword.ru.com/
HTTP/1.1 204 No Content
Connection: keep-alive
Server: nginx
Content-Type: image/gif
P3P: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
Access-Control-Allow-Origin: http://www.mixword.ru.com
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Accept-Ranges: bytes
Date: Fri, 07 Oct 2022 12:16:25 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1657-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1665144985.361271,VS0,VE81
X-vcl-time-ms: 81
fonts.googleapis.com/css?family=Open+Sans:400,400i,600
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,400i,600
IP
GET /css?family=Open+Sans:400,400i,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mixword.ru.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 07 Oct 2022 12:16:20 GMT
date: Fri, 07 Oct 2022 12:16:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3AUniquePageviewsCreatedSummary&nonce=23e06b7e-2c68-423d-91d5-9b4e8b05a931&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3AUniquePageviewsCreatedSummary&nonce=23e06b7e-2c68-423d-91d5-9b4e8b05a931&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
IP
GET /userevents?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3AUniquePageviewsCreatedSummary&nonce=23e06b7e-2c68-423d-91d5-9b4e8b05a931&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: http://www.mixword.ru.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Fri, 07 Oct 2022 12:16:22 GMT
content-type: text/html
cf-ray: 7566914949d2b4f3-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 6053d4b15eee3c79a7422a68ddcbe9d8
x-runtime: 0.030224
set-cookie: __cf_bm=vzqFe.Enia8jGfw.EIMe6d5X0_JELIG2LCfHSNTnsaE-1665144982-0-AaSLVgsTI0EB4WquJbQcvqszph/DTkekvvRJX70jI3smyJjD/a0xFmWZSzLFTb5Mf+tm+auvJKOp2SF3OlInFXBXOCxpkdbfqFycb2X8gEvj; path=/; expires=Fri, 07-Oct-22 12:46:22 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3AUniqueVisitorsCreatedSummary&nonce=4bf46aee-5862-4471-9f9e-b52b52a90647&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3AUniqueVisitorsCreatedSummary&nonce=4bf46aee-5862-4471-9f9e-b52b52a90647&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
IP
GET /userevents?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3AUniqueVisitorsCreatedSummary&nonce=4bf46aee-5862-4471-9f9e-b52b52a90647&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: http://www.mixword.ru.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Fri, 07 Oct 2022 12:16:22 GMT
content-type: text/html
cf-ray: 7566914949deb4f3-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: c9b3b2e393c972dda2b7761a4c75abfc
x-runtime: 0.037118
set-cookie: __cf_bm=jNpH__NS51IfiBM117zIJNThbirkrx6YM3XWMeK6NCc-1665144982-0-AZsUbfU/SQAWoFGo8HTGOS8PFhQq1VGhWiWSPBAy+ksC9vDWM2xSGj3L/h/ZQMbrpRYS3ENmwz30mU6IB04ejUwqfsDm3OLh0YT2KOBwr+ey; path=/; expires=Fri, 07-Oct-22 12:46:22 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3APageviewsCreatedSummary&nonce=0f005987-3000-417d-9dbb-71e70de833ed&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3APageviewsCreatedSummary&nonce=0f005987-3000-417d-9dbb-71e70de833ed&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ
IP
GET /userevents?funnel_id=bHNjUHVuazFmVUtxTjkxbUVkK0lydz09LS1VR0dYYjBCMUtrK0xIaDk1anVHY3NRPT0%3D--028fa9cafea6ebb66a5e47b9d24dd8a456b17cc5&page_id=bm03aFMwWW9NUmVkWHhxU00xSSt1dz09LS1vYmQvdDVaSnFBZkVmUytRMG83RWpnPT0%3D--597f20ec9a5d53157239dbbdc117369b44b443b6&funnel_step_id=a3lneFpzVzFBYXl4bjg0Z2FPdC9wQT09LS01RFFkUWR5UysvQ2VwcW9Td3JNQ2tRPT0%3D--be0c83c68c73505000a3ae4024facb7366bdcb7a&user_id=dlV0NnMwYnJsY2ZDZGlNMzhzcGxrUT09LS0zTFdxVGplVGx1RTVaNit5Yll1VjVBPT0%3D--266ed1a2283f444aafda7ee74bf591c0115d4457&account_id=MXlYbk0rM25PZm5nbzQ5cnJTVSs5UT09LS1wd2dlVWNpd3lLS3pkelpSSlpIK1R3PT0%3D--17fea72c1d2af15414119cfda18ad2fe9e190d9f&page_code=MzI1NTYzNTY%3D&mode_id=1&time_zone=America%2FLos_Angeles&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3APageviewsCreatedSummary&nonce=0f005987-3000-417d-9dbb-71e70de833ed&url=http%3A%2F%2Fwww.mixword.ru.com%2Fclicks%2Fchapter2%2FDiabetes11219.php%3Fsid%3D996045%26h%3D0xc46_iiOLWq0rvBU3VFg5W2iSsKBsvzSWIeI4QOclM%2FAEDagrHitx699bwkOEVaZILXPb64X9B_WAIBOgtB1gmVL6GXu980j-rhNTyKXS89uBgspmYcV7kjgu50T-ssq4H_oL9gr5plZEK0a_VL76w3SFbC4-7NLxhKsLse-RuzRuu4bPcJWh5V6MSRtSKRAmshr5-M8A3ERYd1snzmxGrkQOEecIOA72D564e_MZ5HTmlT-pDDeTMJKAqF2JYIaILGjEdsEVQovxnkRHbwIAQ HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: http://www.mixword.ru.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Fri, 07 Oct 2022 12:16:22 GMT
content-type: text/html
cf-ray: 7566914949dab4f3-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 42e97d5b9a8fcf998409277d784e166d
x-runtime: 0.044587
set-cookie: __cf_bm=UJ_fw3L2qMCRmXQRjBe6M6mVbA3e.vUPdIBscFLLymA-1665144982-0-AZvdU6bK9c+nE57o8krN7npOn2qTlIF7Pa+qaoEFkkaDuHGSvD6+eGAP/tQzYqYEjr2V9CyYfnFgNNr232w9YJMM9MFT2UuRN7r2ORYv3WX8; path=/; expires=Fri, 07-Oct-22 12:46:22 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
172.67.178.61
23.36.77.32
31.13.72.12
93.184.220.29
104.16.13.194