Overview

URLleonlionsfootball.com/
IP 69.16.231.56 (United States)
ASN#32244 LIQUIDWEB
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-01 14:09:59 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (16)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
cdn-dimi.akamaized.net (37) 0 No data No data 95.101.11.11 Domain (akamaized.net) ranked at: 280
ocsp.pki.goog (5) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
ymdxv.palatlaldate.com (4) 0 No data No data 63.32.216.166 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
fonts.gstatic.com (2) 0 2014-09-09 00:40:21 UTC 2022-12-01 04:14:51 UTC 142.250.74.35 Domain (gstatic.com) ranked at: 540
r3.o.lencr.org (8) 344 No data No data 23.36.77.32
ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
gaut-hil.com (3) 342928 2020-07-09 20:17:47 UTC 2022-12-01 03:45:22 UTC 3.208.247.235
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-12-01 04:19:36 UTC 142.250.74.106
cartining-specute.com (1) 0 2021-01-31 23:37:43 UTC 2022-12-01 03:54:24 UTC 18.197.36.77 Unknown ranking
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-01 04:09:38 UTC 34.102.187.140
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-01 04:11:13 UTC 34.117.237.239
leonlionsfootball.com (2) 0 2015-11-16 14:02:11 UTC 2022-09-24 19:19:51 UTC 69.16.231.56 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.189.35.180

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-01 2 leonlionsfootball.com/ Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 69.16.231.56
Date UQ / IDS / BL URL IP
2023-01-29 05:56:07 +0000 0 - 0 - 13 reservation.travelaffiliatepro.com/hotel/deta (...) 69.16.231.56
2023-01-21 09:33:19 +0000 0 - 0 - 2 canonsupervideo4k.ws/87rhku3 69.16.231.56
2023-01-18 19:38:46 +0000 0 - 0 - 1 www.betterenglish.org.ph/ 69.16.231.56
2023-01-09 21:38:38 +0000 0 - 0 - 1 b24ccabc6643d5332e1f34d742a123037b2c42a7b.ph/ 69.16.231.56
2023-01-09 02:18:27 +0000 0 - 0 - 1 prepostseo.blog/ 69.16.231.56


Last 5 reports on ASN: LIQUIDWEB
Date UQ / IDS / BL URL IP
2023-01-29 12:27:49 +0000 0 - 0 - 23 bulletproofemailsolution.com/nkdsks/Drive%20( (...) 72.52.158.8
2023-01-29 12:16:41 +0000 0 - 0 - 35 mem.com.mx/wp-includes/css/cs/login.php 72.52.253.68
2023-01-29 12:16:35 +0000 0 - 0 - 23 bulletproofemailsolution.com/nkdsks/Drive/sec (...) 72.52.158.8
2023-01-29 12:16:28 +0000 0 - 0 - 4 arcoirisa.com/llp/MicrosftADOBE.zip 50.28.56.221
2023-01-29 11:55:32 +0000 0 - 0 - 2 hvacfortpierce.com/ 69.167.167.26


Last 1 reports on domain: leonlionsfootball.com
Date UQ / IDS / BL URL IP
2022-12-01 14:09:59 +0000 0 - 0 - 1 leonlionsfootball.com/ 69.16.231.56


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-05 08:49:43 +0000 0 - 0 - 4 recordformacion.es/ 104.21.74.156
2022-12-05 02:30:12 +0000 0 - 0 - 1 edecdc2096f.na.wy5532.com/ 185.107.56.197
2022-12-04 22:57:41 +0000 0 - 0 - 4 gdfvmhq.connatual.tk/e22d0 104.21.92.235
2022-12-04 12:16:36 +0000 0 - 0 - 4 mxvob.impreslvedates.com/c/da57dc555e50572d 52.19.101.114
2022-12-04 08:47:56 +0000 0 - 0 - 10 enspro.pl/ 104.21.61.249

JavaScript

Executed Scripts (24)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (77)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7200
Expires: Thu, 01 Dec 2022 16:09:48 GMT
Date: Thu, 01 Dec 2022 14:09:48 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2866
Cache-Control: 'max-age=158059'
Date: Thu, 01 Dec 2022 14:09:48 GMT
Etag: "63888270-1d7"
Last-Modified: Thu, 01 Dec 2022 13:22:02 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12641
Expires: Thu, 01 Dec 2022 17:40:29 GMT
Date: Thu, 01 Dec 2022 14:09:48 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 13:19:46 GMT
cache-control: public,max-age=3600
age: 3002
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: AssD/dcvR/wQbyCL1ZBUiG41H8W59QrHB53p/YDw1k3EuvZysFNTGMMFyoQQsY4IhyRJagyf4yo=
x-amz-request-id: C8H7MEG9TK2PYANV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 13:46:17 GMT
age: 1411
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 01 Dec 2022 14:09:48 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: leonlionsfootball.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         69.16.231.56
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 01 Dec 2022 14:09:47 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (640)
Size:   2296
Md5:    453441a574d175684814a12a54bf2476
Sha1:   808ac794964d7913da812a1a122c84a001b29d22
Sha256: 5b617ba12ba0c362dcc0e15bc4c21c0c3535219052462f51c094faa301514e3d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 13:11:15 GMT
cache-control: public,max-age=3600
age: 3513
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2866
Cache-Control: max-age=157487
Date: Thu, 01 Dec 2022 14:09:48 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:54:35 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /page/bouncy.php?&bpae=Gbh%2BtLsGvUx79rvvPZxGflQiPTb9giAXeeAy9hm91gu2UKPjP5dDOs3shr7Mtv0XZKGpXnvole7QvmKmOIup0VtEh2jjoGWu0fOlwMG2x8b7LhcyHr45lbvw9wdR%2FeRmsHkG9teVWE2bcy07ga%2FT%2FEIyUf8cT8b%2FzttC%2F4HXeCoOtxSUMXVleqTBazzBhvL8q5ytBRZuJy4vcOSvHEjtsdaa2rGGYOlrm1YcS%2Fy4sqLp9rPtR7DDv8HwPRxONoM1OuMSSe4mYQB5i4uAyubbx4d5f1Us1tQEsA%2BvlIin1vDLhdF72a%2FldXv5ojU7Y8dT%2FFrA7pZ3wUueomTyA2Vi6qhNbVp0Gk6RNIef%2BcCqQ3J5%2BMupBRprFV5orh2iEEiTqXqus%2FI1p%2BHXWDtAKcDT0bODuWgaI7jFYk6f0QeYt8mcaybRLMBxA0cYkPkIQ6O45iS1kFf1jwbhn77jpcF3xgzeU7ivXBfxbYvIRcxbYqPKnwY4uYh4IeGSnNXmercxT81noa8%3D&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1 
Host: leonlionsfootball.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://leonlionsfootball.com/
Upgrade-Insecure-Requests: 1

search
                                         69.16.231.56
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 01 Dec 2022 14:09:48 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   982
Md5:    0b0933375ff58a6fc230b446f404aef3
Sha1:   5657d7eeb32c72bae8bbae327ade1fb9c2e4213e
Sha256: 45f947c2ea4760e37b7cae3033d2a5ab3add779ccf5a0d344f5da66fc05a1952
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m8xGUdNDyBeg++fMAnLQyg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.189.35.180
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: L8lzfOW6EFbSyDL7Q7MLs+66D5g=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167446
Date: Thu, 01 Dec 2022 14:09:49 GMT
Etag: "63888c4a-1d7"
Expires: Sat, 03 Dec 2022 12:40:35 GMT
Last-Modified: Thu, 01 Dec 2022 11:13:14 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gUjD0Fu3d4xPQILM2McJmnCWsWaYylwT-rzJC_fIHvbhKWrGVleamg==
Age: 5241

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: gaut-hil.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaut-hil.com/zcredirect?visitid=d0787af3-7181-11ed-8d54-12eeb99889a5&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         3.208.247.235
HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
                                        
date: Thu, 01 Dec 2022 14:09:49 GMT
content-length: 653
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
content-language: en
server: fHdyHtgw
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size:   653
Md5:    ba2732b1b2fa2626ffaa15f62f9e7d66
Sha1:   203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
                                        
                                            GET /zp-redirect?target=https%3A%2F%2Fymdxv.palatlaldate.com%2Fc%2Fda57dc555e50572d%3Fs1%3D1018%26s2%3D1053729%26s3%3D719fbd40-273d-47b8-882f-683d1074b172%26click_id%3Dwhfukj7kg1fn66skibo8fg3s%26j1%3D1%26j2%3D1whfukj7kg1fn66skibo8fg3s&caid=d6a6c066-2963-462e-a498-13fa5ffafd75&zpid=d0787af3-7181-11ed-8d54-12eeb99889a5&cid=whfukj7kg1fn66skibo8fg3s&rt=R HTTP/1.1 
Host: cartining-specute.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaut-hil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         18.197.36.77
HTTP/2 302 Found
                                        
server: nginx
date: Thu, 01 Dec 2022 14:09:50 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://ymdxv.palatlaldate.com/c/da57dc555e50572d?s1=1018&s2=1053729&s3=719fbd40-273d-47b8-882f-683d1074b172&click_id=whfukj7kg1fn66skibo8fg3s&j1=1&j2=1whfukj7kg1fn66skibo8fg3s
pragma: no-cache
set-cookie: cc-v4=M1c4hdwpVAjzM7p88CFKN6bZekuaoCqxyc5H3FTNCSM6ZvrnbBLk7qbILTwASigXm0gYEiIR9ucWjGmVw7D4JZbhaSM%2F084kvmX98APtWgvd3JrRmnkUJlkro6PmXc18zu2qvv2xng4ccYO7Eiw8ew%3D%3D; Max-Age=31536000; Expires=Fri, 01-Dec-2023 14:09:49 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E09D64B19D9FB1587825C0FA08A34C0A018FBBDDFBA849401E71420F869CAEE"
Last-Modified: Wed, 30 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18756
Expires: Thu, 01 Dec 2022 19:22:26 GMT
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive

                                        
                                            GET /landings/276666/1669379309/css/style.css?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: 61rgDawWXepJkP5m0MXEmO1GqFzKux/rCQQ/UPOL36Oqww1ApIqBHbGHGk6ukFjZSuLGwQHjS+I=
x-amz-request-id: PV5RM983X205991X
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "dc3b12df3464b9db5c0357f195ec3efd"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 14:09:50 GMT
Content-Length: 2688
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   2688
Md5:    eb4bfd5944da82807cb317fd8320789d
Sha1:   04dada62a704144982ec4fe8340c400228f366d9
Sha256: df909a279e69ac102198705aaa41bf58969150546bab7ad211ce13d7408e3c9e
                                        
                                            GET /landings/276666/1669379309/css/reviews.css?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: uRfsFla5UzTL7DPf5CxjSCS4utc5ZqY14JXJtYxQ/cRAz+vDH2G2TXvWOPioHuX9iyi6XpG68vg=
x-amz-request-id: PV5YKQ5YPSPHQDZ0
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "8d406331d9e001b5484749e32a72e5cf"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 14:09:50 GMT
Content-Length: 1041
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   1041
Md5:    b15da040f87f67ff6d9215e38cd80e80
Sha1:   78effe80456e82a0b5fa5d9fc2ed1bd31ae70d93
Sha256: 507a1774094b79ee6d64b97243fca1e567a54327786c016a7eb5ca755340ea71
                                        
                                            GET /landings/276666/1669379309/css/popup.css?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: FDRgTELC85iBnzPObdO5kyZHo4q9q4cD+u+z/oObyLMiJuo3btiyI6SQpE9ZeeNXXDMQ0nDAWSs=
x-amz-request-id: PV5GCTCWWSKM74PN
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "7b875d022914f8540722b4a8a849afc1"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 14:09:50 GMT
Content-Length: 592
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   592
Md5:    19c3d57c07d70876216fef8502dcf39e
Sha1:   ea20b89b045c862c0055d5e893622859402b1385
Sha256: 4c7d6de63342324cb48e933c4c6603ea6e252bddc9b5f88ce4eee7d9c733c80e
                                        
                                            GET /landings/276666/1669379309/css/timer.css?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: NQ6GKIMI/7wnH8BTlNMQEtySm86sQBvf2Lp9X/BkGOAvbd4uj7Y7mhdWxmJwMvYPmd/lAbqYJxc=
x-amz-request-id: PV5Q1R6MW2MQMBE9
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "9ec38af926ee0d5ce953930a92f3955b"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 14:09:50 GMT
Content-Length: 706
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   706
Md5:    4c41cb67e8ba22c9dd2bb8077689991a
Sha1:   711413f121b71479e1578549b444fd3c37e0b938
Sha256: 7a8ad02cdec0e7e5e49112001431dcba243f148c35e4f1a722733ed400c02a06
                                        
                                            GET /landings/276666/1669379309/js/title_tanslate.js?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: 26fUjg+ZbABeEpqYM+eGFmScMlcEshLBNjYQIo/RKRG7yqYlhZnhu18EIc9846trL13jv4zOiDQ=
x-amz-request-id: PV5R1MW2WZQQ7KWZ
Last-Modified: Fri, 25 Nov 2022 12:28:34 GMT
ETag: "5f373fa5bf21c44b9ad23b70ef96e73d"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 14:09:50 GMT
Content-Length: 1298
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   1298
Md5:    0e212ad4454c941c45c2e57df42c2b4f
Sha1:   fe9d7c484c2c0d7a6475692ef984c53a06c95406
Sha256: e950a9e5e696f39d02028b27a4cd82fab1b6fd07fa34a238d3a3f7f5e90d95c3
                                        
                                            GET /landings/276666/1669379309/js/jquery.validate.min.js?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: rF9tt71cAmmciYh5K3OlqgWcyw2wGlmsAhYVNq+RdR1thEOHPZWyRCevEyIEl/U4NwC/X1JmThm9n/GQY5Aopg==
x-amz-request-id: PV5YX44FC7MWKVD6
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "23d73c6bd6cbea8f06d0cc227896a827"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 14:09:50 GMT
Content-Length: 7815
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (24228)
Size:   7815
Md5:    f808399407c6ac496fe830d5deacb05f
Sha1:   151039ee8631ce8ff989c5cf795c2feba950a499
Sha256: 21e11160c5ba11e65a1c97b0306a9f5dec06c8fd3d4a7d69dd0a80e263577958
                                        
                                            GET /landings/276666/1669379309/js/timer.js?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: UZVDFcTDVCvL21pZWrTzBauOW5+CHZVtc7EHQD/TN3AKWxTtoER3xemMa4uTK1H4cwvOyAjHj5w=
x-amz-request-id: PV5QC9E08JNXNJ3K
Last-Modified: Fri, 25 Nov 2022 12:28:34 GMT
ETag: "3350ef7fbc19030e06999dbb12a2c9b0"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 14:09:50 GMT
Content-Length: 903
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   903
Md5:    24af8e8209962d30b5e6bb428d28489c
Sha1:   a00033869880cf83bc81fde7874242d838b59e34
Sha256: 52fe1029652b5a0576cdae96e8278900eb7eee3f81a1ae66ea88129aa6f3f924
                                        
                                            GET /landings/276666/1669379309/js/translates-review.js?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: XBNbTbh/lqNpQkwmz1vxfmNQcEXLTEqNAQOXLMvKdEl+gfl40wWMK5fLT+qWBZzBo+xagbxgg4E=
x-amz-request-id: PV5YQDJY7B10HMVE
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "9061bd0c6ff627d3a43a9e6c125350a7"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 14:09:50 GMT
Content-Length: 14059
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   14059
Md5:    7e68f840e901ef970f740ce8219ceced
Sha1:   b6acb9f49a8fc69974bb3af8b94df3812f60850c
Sha256: 51370edca224a86fc7ed3ea85308c34f1527b62420f659594eaf90f46a8c6a9e
                                        
                                            GET /landings/276666/1669379309/js/translate-popup-timer.js?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: HCPlbFdkAVUQHDMVt8wdoX1M/v8vmt124OP2WzijG9uNVYEa7fh8Mc/WhwpRgrpp5QhqSwy/vYA=
x-amz-request-id: PV5HVVBGCMQZFMX5
Last-Modified: Fri, 25 Nov 2022 12:28:34 GMT
ETag: "e87a84612ebce6b2a84f41ef7f6d40b0"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 14:09:50 GMT
Content-Length: 1080
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   1080
Md5:    b8caed488bbb08c2414fb1c79c9c8d35
Sha1:   8bda431010a9d7666cd6c2c15f9a3b7f81634ed8
Sha256: d72877ab0432583bfed248050bf32ad260c7b06c4e20a714d07ee65e7948ee0c
                                        
                                            GET /landings/276666/1669379309/js/translates.js?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: ce7xuead7/dHoTNJnXRjSTFCXCJPns1l+aBJU11nUFJKKjVawZfu/BbkzZmMCyLR4QJdQcG6qzQ=
x-amz-request-id: PV5HAG25NYFY96C0
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "b9627d60572ae478211faf00a5dbb72e"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 14:09:50 GMT
Content-Length: 29792
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   29792
Md5:    8942f742642e48afd843395edc850387
Sha1:   5bb7401d364efee9e973b49c14e20a89b0067feb
Sha256: c7813b66c17adb4e7c356ef0fe6a215bd8f99ba562f5b0f6f37508debd5a1c80
                                        
                                            GET /landings/276666/1669379309/js/jquery-2.2.4.min.js?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: JOgtstjdFrkjpRdyj6ya7zoZy7yYG54gpavtvCi8qmpljdqd6/EIod626enqg8pnY9MYSILhNcY=
x-amz-request-id: PV5JX5C8J9VE3DMH
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 14:09:50 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   29855
Md5:    2fa28552f1ee4e1382ee43930b53afb8
Sha1:   803670da6a35378bf4eb73acc8e72fe4feb5ca30
Sha256: ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494
                                        
                                            GET /landings/276666/1669379309/images/6-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: 9fVXcMv3K5aAx9Wb4VsPhrnbKzZj/8tOLtUx6zYRACpxCqmHlPg729UiELGQcPPYhCMmO2T268M=
x-amz-request-id: C72JK4WT52V4NF26
Last-Modified: Fri, 25 Nov 2022 12:28:31 GMT
ETag: "f424c0e5631daf23b07f1ecdcaf8f69c"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 14265
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   14265
Md5:    f424c0e5631daf23b07f1ecdcaf8f69c
Sha1:   30a7543a419fa3ffac589f53aee088af4ed767c5
Sha256: 4b82ecdaeda6d935e3dcf4ab5684d2393018ba6b604d63e9a52d6af976f069e8
                                        
                                            GET /landings/276666/1669379309/images/5-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: R2N3s3OMPZVx3ou6ljsqGMJnsh/yqWvTxnSYmPKRslgs+UGds/VN5TQsR+UNZpYSs2eVgiCEk+Q=
x-amz-request-id: C72HB4XJX31GA6WW
Last-Modified: Fri, 25 Nov 2022 12:28:31 GMT
ETag: "08c6cea7e489f3caf50bfa02fcffc8d5"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 15153
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   15153
Md5:    08c6cea7e489f3caf50bfa02fcffc8d5
Sha1:   0cfe3d1447e01aaea5fc2fada138c1fa21a93c86
Sha256: 0d825e2c84a926c72864a619b1d587c3716a9043321fba9913db5d3c8e3e444a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2208
Expires: Thu, 01 Dec 2022 14:46:38 GMT
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2208
Expires: Thu, 01 Dec 2022 14:46:38 GMT
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2208
Expires: Thu, 01 Dec 2022 14:46:38 GMT
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2208
Expires: Thu, 01 Dec 2022 14:46:38 GMT
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:57 GMT
age: 58613
etag: "53650399f9a986ba54addd668b4557109d12003b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9674
Md5:    5508d05a290b663fd89ead9b58f2efd8
Sha1:   53650399f9a986ba54addd668b4557109d12003b
Sha256: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2208
Expires: Thu, 01 Dec 2022 14:46:38 GMT
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4762
x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7TVG58oAMFQTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 05:45:16 GMT
age: 30274
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4762
Md5:    d2dd5a4bcfd47db8f38544bf39ce3031
Sha1:   fa2217bae05b7beca2e12597eaad835298276b82
Sha256: 3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kZfRQsF_Fo2UtTqK0ByOPeQK-IzTQO9JtTmxIMlapmsd93SJk_4VYw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:47:30 GMT
age: 58940
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12898
Md5:    820cf89fcab8380adff42982c9fb11ed
Sha1:   84241ddddbbfd7de30118307fb1a62800d0a4cb3
Sha256: 0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9459
x-amzn-requestid: 9e243a73-18ff-4abf-9b9c-442719960125
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpppFXjoAMFehg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bca3-47620f39181264772d2fb52d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:13:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _v5hatZyEWVRB4Tebygbb-QfE02oaFxE8CRfQsUY7I_ektxE3YeIpw==
via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 17:08:01 GMT
age: 75709
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9459
Md5:    e1e6b6ba4f82221b41c3d9129008c76d
Sha1:   2f9532d698b4c28df23e18bbb66399ec776d5b9f
Sha256: 218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8740
x-amzn-requestid: c6c3e3dc-c9a2-4fda-a83b-cdd6ae81166b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uyE9CoAMF6Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc4-2c8940405044071a082ee678;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qykE_oaoqqPTgqGnfUo74mH29IOS97b5sZb_3VmB9yW7KUiJ1a7dnA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 18:58:06 GMT
age: 69104
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8740
Md5:    26d6dffbf400da4803a2e76e2a8ef2f8
Sha1:   2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
Sha256: 04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16038
x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80EHboAMFtmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:00 GMT
age: 58670
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16038
Md5:    ffd12f9c423ffc627d9e3b3145944fe4
Sha1:   5cf9a7a784952e1bb0cbe499104f1774b1269d08
Sha256: a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 14:09:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /landings/276666/1669379309/images/password.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: VHld9CR1wrdg0X/TXxOyjI/XvKVrBfli9A96SpfWa90oW8zZzDeXMoolFP19SvNYcKgZ41/Yu/s=
x-amz-request-id: 4NM6Q372MK8D9KS4
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "f42aef7f97d4c9bdb074673081f38ac7"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1339
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (330)
Size:   1339
Md5:    f42aef7f97d4c9bdb074673081f38ac7
Sha1:   0231df782e371d139c826e091279acd9a07e691c
Sha256: 5fca7f589cd825e1f152e0a1677d6cbd0a3ee3ecde05905d572af87e8b453eac
                                        
                                            GET /landings/276666/1669379309/images/8-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: fLDWvnwzh4BhifhyBo4sxR+/1pM4OZJJa2uNgkCtoI0hpnhf1gc5MSOXlXX32gpiA7qna4cBoko=
x-amz-request-id: C72P8ZHW389P1B7A
Last-Modified: Fri, 25 Nov 2022 12:28:31 GMT
ETag: "ef40a69fcb961a0677eaf2e29b93aa3a"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 13479
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   13479
Md5:    ef40a69fcb961a0677eaf2e29b93aa3a
Sha1:   eb5624143cf58053ab45715cf155f92fc875aefc
Sha256: 4e54bd6e80377744a79017ba800639924466266601a06ca194aaeea290e086fa
                                        
                                            GET /landings/276666/1669379309/images/blocked-icon.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: JLDr3D+oQGVVPoWaVsuvnBN4gij+/wrj/l9RH4iVHNi1w4vM+F4nd2RHRQJQGNLftOGpKWs3MfY=
x-amz-request-id: C72TRQ2JC7C2HP04
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "87487ad255dde0624f59abb85602defc"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 502
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 23 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   502
Md5:    87487ad255dde0624f59abb85602defc
Sha1:   caafad17df41875bed690353ead6cc495a9bf8c2
Sha256: f7a4b3fb74b9e06f243f23ede51a801a0aa3fa2c0040bc44a49a97444780923d
                                        
                                            GET /landings/276666/1669379309/images/unlock.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: I1Z7hqfm0uth5mrGJKzcZZTJLx2C83yhySfL+Lgp2Z4yf85E8k/M/FQyOcgRVm1kGpBQxWtNVMc=
x-amz-request-id: 4NM9EY704J70XRJN
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "a732e1e06affb4575c050fdb0131e5ca"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 2378
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (944)
Size:   2378
Md5:    a732e1e06affb4575c050fdb0131e5ca
Sha1:   da4f4f204a4d22c7424274a91520e0ea993c48c7
Sha256: e17f481e5fe197e600ffe6cf53a94a4e49a73b6b817ff560cd92c3dd501d603f
                                        
                                            GET /landings/276666/1669379309/images/icon-city.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: +MS2kTDwz3+kM2B3PPYZiqQv1QDin5Wzofq4MyUMbxBwbebOKkvJ86DsZ7Ad4x+eyRXcMCQPZhA=
x-amz-request-id: 4NM01X65GH85MB3Y
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "5f5ead641bc30316f498592eec2016a1"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 839
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (735)
Size:   839
Md5:    5f5ead641bc30316f498592eec2016a1
Sha1:   3195aa33596ba190a6584ccb75124dd9d9c13261
Sha256: f028477ede528af987acd2bea73c8e462ea4cd6cf1137aae5085c85a82d93409
                                        
                                            GET /landings/276666/1669379309/images/shield.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: /1I6dVdX8quP7l92Qzr1WXP19WzUZmoRgmGEr3waskDQRSsUnBAeIf3smpGFP8QIQ0ROyzO7/6g=
x-amz-request-id: 4NM8F0A1ZFP54BRK
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "0c7a0dfd64cf020cd8a6dc0c3df1dbdf"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1539
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (310)
Size:   1539
Md5:    0c7a0dfd64cf020cd8a6dc0c3df1dbdf
Sha1:   f705635388aebebae1223d828c38233067f28ab1
Sha256: 856fdb53067254df9495660a355e5ed91936803b567867f1053ce5fb97107888
                                        
                                            GET /landings/276666/1669379309/images/icon-flag.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: 0YQs+UogXMZdUVG7wzqVr+UFVy6YFMVC0DQr/41BHz0SQc0bDv4J7agXNk4+xLiHodnc9fAwofc=
x-amz-request-id: C72MTJFS7FD5KS10
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "5da118a4447db10c8aceb6cb0e69e89c"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 658
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (554)
Size:   658
Md5:    5da118a4447db10c8aceb6cb0e69e89c
Sha1:   343954956bcd542cdae0ee819584ee05f2b69d4c
Sha256: ab6ed8c891db0448668e8711a25e42cd27f6e4375fc3e780f041dd24f1544229
                                        
                                            GET /landings/276666/1669379309/images/icon-direct.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: 9OYwp8m1SKsIUa12RVrNWaePAFMq8Nq1cmtd9lP5yLBHTK1PI+PQJKUv3pVdQ+pSYyAJ2llPfEo=
x-amz-request-id: C72SXBWTF2RKNDNH
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "9adf524396b45e89252717b159cfb95d"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1141
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1037)
Size:   1141
Md5:    9adf524396b45e89252717b159cfb95d
Sha1:   39a3a6bc588085fc604976c6bb4cfe42dfc8dc50
Sha256: e0705f46c1c0c8fd1c1d82f60925008491aa7a2b2ed0351fac96c76d5f2bf13d
                                        
                                            GET /landings/276666/1669379309/images/icon-message.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: 8t0qGwfvEd12U/TitNeR8Wx/oaCbFzDvvMIGT5ABGrQa1UTLuguIIbT/UJKIm67Hg2m9bGCBQ/w=
x-amz-request-id: C72XQ2DTNJ3HSERG
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "8f91b2bbb14c2fac1a9be78688501512"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 883
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (779)
Size:   883
Md5:    8f91b2bbb14c2fac1a9be78688501512
Sha1:   631540540c371fe7074b5736dce68f10d76700f0
Sha256: 5b52df3b82f51d9330bf1b66b9683545368475ed5f25362c64feb438fb14bd4f
                                        
                                            GET /landings/276666/1669379309/images/1-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: 5mvga0mUVu9+QbpKFtO27iBYaAqzjBSFTNQruJ3BXUHxdmlacp3y8NH2HKOQrUyTy17lC+C3xvM=
x-amz-request-id: C72Y3M6CDXRYNHWH
Last-Modified: Fri, 25 Nov 2022 12:28:31 GMT
ETag: "0b2eb782c549d40b2bcb97934ab6f821"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 15567
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   15567
Md5:    0b2eb782c549d40b2bcb97934ab6f821
Sha1:   fb97adbc62515352937ab61093322449676dd0df
Sha256: 55e214ad65a4e7402c23c8a9f8f8d94ed849cdaf9925bc730d3f4ce27dba16d2
                                        
                                            GET /landings/276666/1669379309/images/icon-like2.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: uxoNzDcVOQE/ow6DCMCwBR0U3ouykKCSQJMXApaAc4hXBmyW2EDUVBseWadWlkSHWCKJF0T1UyQ=
x-amz-request-id: C72W2A7F83A8A7QZ
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "a1d69d8f51567ce108bdd71df17be930"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 473
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (369)
Size:   473
Md5:    a1d69d8f51567ce108bdd71df17be930
Sha1:   ee47468e7ce8b6736092f038625b904a7735f0ee
Sha256: 9d56addf8e2312e9df672eb51ee9f4cf8081613ff05e3ff99cb0ec23bcde7d7f
                                        
                                            GET /landings/276666/1669379309/images/logo_inst3.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: w9BAp63IloBovOpFCCxArwKsl57TSq0MDL49Zp5l0jR0SgF8LSQhbCTrhSh1V/gpCo1tFge3pQU=
x-amz-request-id: 4NMFVFB3PF059YNP
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "0025657d9d2274a15aed06a9eadd2ab2"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 7042
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (6173)
Size:   7042
Md5:    0025657d9d2274a15aed06a9eadd2ab2
Sha1:   2838a36bfaa63abfe8b9f4bca8f8fe1a7ab7405d
Sha256: d7b396cbae8aa719a1a277fa8fcf7df40f61b50e59b5937fcb347c679c6e990c
                                        
                                            GET /landings/276666/1669379309/images/110010_4.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: 8f/7euMSPP5CPChxQdS+6Ybr59TFkj0mtLRnjFZkEQZIx20M0DLnkYVtLX5TIg0997tcJX7E598=
x-amz-request-id: 4NM7XWX88JQM88RF
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "daf4cb58fb756b1ed20036941b7a6b72"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 55243
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 682x388, components 3\012- data
Size:   55243
Md5:    daf4cb58fb756b1ed20036941b7a6b72
Sha1:   f59a45cb83366de64071b3a35dfcb54aabbdcd9a
Sha256: 42b2fe5d347c3c56725d0addd7129d13ce335df871730534ecee42d2df3a637b
                                        
                                            GET /landings/276666/1669379309/images/4-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: ZhqatN7Zc/pwXLgw8brwvIZX5tXefBsi+SN8q+uBt1sP7JaZXVVC7fFQM3HgudY9SzCy/v4Z1nc=
x-amz-request-id: C72X5ZJFMZQRBACE
Last-Modified: Fri, 25 Nov 2022 12:28:31 GMT
ETag: "4031404ec6ab92ac12eea40f1a074794"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 16220
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   16220
Md5:    4031404ec6ab92ac12eea40f1a074794
Sha1:   21787edc4ce197faebbe7f14996dc00374a63c06
Sha256: 34eae0af9c07a88aa5002540d93c2b02a557199f5c73a15909aba6eb1f0bdd03
                                        
                                            GET /landings/276666/1669379309/images/3-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: Kt6RmcJDRA8F4XE0CR/9/g2Hcn/m7kSnQlEa8/raKqZB1Hwrp8JPW3SlYc1Dlzv3rITYVxGmvKM=
x-amz-request-id: C72XTCQGV7FGF022
Last-Modified: Fri, 25 Nov 2022 12:28:31 GMT
ETag: "d8f5f0299333c22c41ab084120961d49"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 15013
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   15013
Md5:    d8f5f0299333c22c41ab084120961d49
Sha1:   6c2d6cb9323765201658e9ba588d6e0d43d5df67
Sha256: a7bc234fdfee5b1fbd7558be17adc06905c4667dc6e93ad6b0783642a6b314fe
                                        
                                            GET /landings/276666/1669379309/images/2-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: V5roKOwYbmu8mrnr2UKPE7ewBl9sFGlNo3LwL3L04Lv+A62xbZDjsSr+JPz6YawpFcpoUn8YcUk=
x-amz-request-id: C72TCCXQCD1BW2BF
Last-Modified: Fri, 25 Nov 2022 12:28:31 GMT
ETag: "8406e97c1968881d481cd55c66743204"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 14098
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   14098
Md5:    8406e97c1968881d481cd55c66743204
Sha1:   73f0e213341a617f9405726ca05af91c0b3f32fd
Sha256: c30bd722ab48311f023fc896cedf6032b03961b4395962dfa919284c5d2c9d33
                                        
                                            GET /landings/276666/1669379309/images/49.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/276666/1669379309/css/style.css?1669379309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: rZMxEd9hEgHmvtiSz8dcdbXynjZhuiHcO2H0ukuMBUGzxqu6J0WbCt6OME3KOXlvnOECExQkbcc=
x-amz-request-id: C72TQZY3XC74ZWS9
Last-Modified: Fri, 25 Nov 2022 12:28:31 GMT
ETag: "372e58a66b7d92e1dd903f32fb308d1e"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 4510
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 336 x 336, 8-bit/color RGB, non-interlaced\012- data
Size:   4510
Md5:    372e58a66b7d92e1dd903f32fb308d1e
Sha1:   40be5d7067b822dfed07e173acd11cfceaa9e329
Sha256: 82408edfa51c2d831b86658b6637a6950986c342195aa08fd1467ea1d71b9793
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 14:09:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /landings/276666/1669379309/images/icon-home.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/276666/1669379309/css/style.css?1669379309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: GKC9yry3mWvVtuxi5v4sV1+xo3W7bMUMXlx/hWS4JCbjKEVUoNfYCeG18JL5rRPAhkyM+/ibBto=
x-amz-request-id: 4NMD5R54XMXSMTAV
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "02866968d59a649b76df83c300d2d8f6"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 889
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (785)
Size:   889
Md5:    02866968d59a649b76df83c300d2d8f6
Sha1:   8293027c754094ab05cb7d6daa7f7cdb1be5c98e
Sha256: ce26e303b33d69ca20eb3079b4c37ed364eacb8c633260c56315d6db74414b74
                                        
                                            GET /landings/276666/1669379309/images/icon-plus.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/276666/1669379309/css/style.css?1669379309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: HreFubIueIhomt1V/Rzy7sDTXaVFutyZ+wLViZwUo4piLZro8SsY4tiubKCwVfma3Hrsj9D7Fwo=
x-amz-request-id: 2D3MZDVV0F2QCDMT
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "f89e15ef5cf4b32ca987f73bd4a2ef9d"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1117
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (513)
Size:   1117
Md5:    f89e15ef5cf4b32ca987f73bd4a2ef9d
Sha1:   0f55d36995906b78bd98f23c7fdc67778212b7fc
Sha256: 7b023c50adbfe6554e1bf1986a12de8ba9e47c5d14a3e57318d117004ea6a641
                                        
                                            GET /css2?family=Inter:wght@400;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 14:09:50 GMT
date: Thu, 01 Dec 2022 14:09:50 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    f13bec173646a64f4b2e2c872a18c80d
Sha1:   9ae60345a088def754253efdec1aface07ebe603
Sha256: a17ab55610451815120a42ed4694f2e8be42b395e15e94277f234bf020a9a11f
                                        
                                            GET /landings/276666/1669379309/images/icon-like.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/276666/1669379309/css/style.css?1669379309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: PASNLFLRkoQMFf2YEcdY/GO/06D3RuKEFzS31QN5H15AVSGUHMFLSIcSmN7043Qu/k7iZbDWORA=
x-amz-request-id: C72QWK1J21EPX1GW
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "2457f6954df5056e25151bcdd05a2718"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 914
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (810)
Size:   914
Md5:    2457f6954df5056e25151bcdd05a2718
Sha1:   41ab46311796f9ade12cae960687a422ee8ff0a0
Sha256: c1a26e7a024fd0e566423b10e91c63854979ce89f3fe2625043dc52dfe20891b
                                        
                                            GET /landings/276666/1669379309/images/icon-user.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/276666/1669379309/css/style.css?1669379309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: QGahi98KF+/POSSRzDnFvfcFCJSO130vTrvLgvi9awdpxJal+Kl5xo+Y3GBFQP11fh8JyutMU4g=
x-amz-request-id: C72YM5Z7Y54XBT2Z
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "00aa56c530f0df6ddbb8805f25376920"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 844
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (437)
Size:   844
Md5:    00aa56c530f0df6ddbb8805f25376920
Sha1:   2331bb67d5538e5fb2c010ef41541ce8dc8acfc1
Sha256: ed65348e7b16bbe9b436282214590814692d0fb779fc2155c82ca0d94fe5a94e
                                        
                                            POST /ortb HTTP/1.1 
Host: ymdxv.palatlaldate.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 290
Origin: https://ymdxv.palatlaldate.com
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/c/da57dc555e50572d?s1=1018&s2=1053729&s3=719fbd40-273d-47b8-882f-683d1074b172&s5=backuser&click_id=whfukj7kg1fn66skibo8fg3s&iexpp=1&j1=1&j2=1whfukj7kg1fn66skibo8fg3s
Cookie: unique_id=6388aa96000a1cb1; unique_id2=6388aa96000bec47; 6388aa96000bec47_c=1; ref_token=156428_1018; impression=; 6388aa96000bec47_sl=[276666]
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Thu, 01 Dec 2022 14:09:50 GMT
content-length: 13
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   13
Md5:    1031bf08481e45e42ceb3fd978c3d379
Sha1:   3d6d43df4c45f09f5d68593646fd83352323a5ea
Sha256: c99e0e70ba976626855bf7f83fc0e333b57833bcaf3dcfba16215a6e4fa3e208
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 14:09:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ymdxv.palatlaldate.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17076
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 05:27:30 GMT
expires: Fri, 01 Dec 2023 05:27:30 GMT
cache-control: public, max-age=31536000
age: 31340
last-modified: Mon, 11 Jul 2022 21:07:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17076, version 1.0\012- data
Size:   17076
Md5:    e248902a9f045310063e7a14a46fd9ae
Sha1:   aec66565f555ee0ca4d39e584a1b484db127fa3b
Sha256: 262a1054100218e2efaa4b2e214e4fb8e920c5a30a53300b80145511df3de895
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 14:09:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /landings/276666/1669379309/images/4.mp4 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
                                        
x-amz-id-2: 6mhXYTM8nvK5WTnF6LDWez/sARUE5tIpZ9N2ycVjo6+UjVZJ7reVZwP6qpilQRICNVZfNxCxaKc=
x-amz-request-id: B957B22WMJDJQ28M
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "7be5f3025f66769e720214f2fd221905"
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 01 Dec 2022 14:09:50 GMT
Content-Range: bytes 0-1264919/1264920
Content-Length: 1264920
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size:   426456
Md5:    a23c857067ac2c662e334ed7b0b9f5b3
Sha1:   1762928131bba7150e9d4ec38ff8c50650ea7f12
Sha256: 1ed4952de5b5d2385521db6198976a75f87a324ef83169d2871c78c35cfce283
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 14:09:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ymdxv.palatlaldate.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 01:47:01 GMT
expires: Mon, 27 Nov 2023 01:47:01 GMT
cache-control: public, max-age=31536000
age: 390170
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Size:   37924
Md5:    e08be6d5d433944f7ad52902e4d24db5
Sha1:   e2600c1d60d12d397b3ee44411a021231d71e974
Sha256: 450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
                                        
                                            GET /landings/276666/1669379309/images/7-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: Qacn6P9GkdzAXJx1SfoQxcmyVI4XIOw3bR+PJNvtWGuL4HpQPtSxkI8Okc4O/ik0O4oYGMyJKtA=
x-amz-request-id: C72TCPX4PEVZ30Y9
Last-Modified: Fri, 25 Nov 2022 12:28:31 GMT
ETag: "12ec30bbdbaf0895e9b0757dfa2db143"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 15653
Date: Thu, 01 Dec 2022 14:09:50 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   3859
Md5:    9d8ad8550eef1350a9063493b4cd295c
Sha1:   b7f799773a9149544cc576f2c336018ad23bab5c
Sha256: fe34e066238b95aab12fe7058de40b6b51275e78361e3f2c625d1dde45c39b7f
                                        
                                            GET /landings/276666/1669379309/images/favicon.png?t=20221201140950 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.11
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: UVGBHSlbmpSbqaqmaowqkl4CIULZ9l+6YJJoc/gqIJBhItISlHdMvEQFZ9BUTF4ZyzgLMj3mbTA=
x-amz-request-id: DDXMF6Q16D2TSS82
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "40a54c3ecf143b64096b063ff793fdbb"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 4093
Date: Thu, 01 Dec 2022 14:09:51 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   4093
Md5:    40a54c3ecf143b64096b063ff793fdbb
Sha1:   017eafffc5e55226a2aec0dd3c03f1b6130a6bab
Sha256: 39b439471019cb16f819e05166d23492593310fd55cce8471062d8f2dc5de423
                                        
                                            GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1 
Host: ymdxv.palatlaldate.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/c/da57dc555e50572d?s1=1018&s2=1053729&s3=719fbd40-273d-47b8-882f-683d1074b172&s5=backuser&click_id=whfukj7kg1fn66skibo8fg3s&iexpp=1&j1=1&j2=1whfukj7kg1fn66skibo8fg3s
Cookie: unique_id=6388aa96000a1cb1; unique_id2=6388aa96000bec47; 6388aa96000bec47_c=1; ref_token=156428_1018; impression=; 6388aa96000bec47_sl=[276666]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 01 Dec 2022 14:09:50 GMT
expires: Thu, 08 Dec 2022 14:09:50 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /zcvisitor/d0787af3-7181-11ed-8d54-12eeb99889a5/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=bee44b60-0a99-11ed-b951-12beee04f19b HTTP/1.1 
Host: gaut-hil.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://leonlionsfootball.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         3.208.247.235
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
date: Thu, 01 Dec 2022 14:09:49 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: kmdOulZa
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /zcredirect?visitid=d0787af3-7181-11ed-8d54-12eeb99889a5&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 
Host: gaut-hil.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaut-hil.com/zcvisitor/d0787af3-7181-11ed-8d54-12eeb99889a5/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=bee44b60-0a99-11ed-b951-12beee04f19b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         3.208.247.235
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
date: Thu, 01 Dec 2022 14:09:49 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
server: oqPMtiqB
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c/da57dc555e50572d?s1=1018&s2=1053729&s3=719fbd40-273d-47b8-882f-683d1074b172&click_id=whfukj7kg1fn66skibo8fg3s&j1=1&j2=1whfukj7kg1fn66skibo8fg3s HTTP/1.1 
Host: ymdxv.palatlaldate.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gaut-hil.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Thu, 01 Dec 2022 14:09:50 GMT
set-cookie: unique_id=6388aa96000a1cb1; Path=/; Expires=Mon, 30 Jan 2023 14:09:50 GMT; Secure; SameSite=None unique_id2=6388aa96000bec47; Path=/; Expires=Wed, 01 Mar 2023 14:09:50 GMT; Secure; SameSite=None 6388aa96000bec47_c=1; Path=/; Expires=Wed, 01 Mar 2023 14:09:50 GMT; Secure; SameSite=None ref_token=156428_1018; Path=/; Expires=Sat, 31 Dec 2022 14:09:50 GMT; Secure; SameSite=None impression=; Path=/; Expires=Thu, 01 Dec 2022 14:09:50 GMT; Secure; SameSite=None 6388aa96000bec47_sl=[276666]; Path=/; Expires=Thu, 15 Dec 2022 14:09:50 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/service-worker.js HTTP/1.1 
Host: ymdxv.palatlaldate.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: unique_id=6388aa96000a1cb1; unique_id2=6388aa96000bec47; 6388aa96000bec47_c=1; ref_token=156428_1018; impression=; 6388aa96000bec47_sl=[276666]
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 01 Dec 2022 14:09:51 GMT
expires: Thu, 08 Dec 2022 14:09:51 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---