daysoword.tk/
302 Found 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: daysoword.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 03 Dec 2022 04:44:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://oly4youbaby.info/?s1=fhy1&s6=HVyut3
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3PGUVB7hfPoLqeYYcwkXmNT8mgQyZY1n6QwEY7tFdbLONXp%2FrSPbGW6VqnNuDQFtFutczvpvKp9FWjFDwckD%2FMlrNjpNO5qSMLznftXVCmwGt1p02rfycBtzFTyjSI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7739a65afaba0b69-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3837
Expires: Sat, 03 Dec 2022 05:48:52 GMT
Date: Sat, 03 Dec 2022 04:44:55 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3190
Cache-Control: max-age=110370
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:44:55 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 11:24:25 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 04:18:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1602
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2739
Expires: Sat, 03 Dec 2022 05:30:34 GMT
Date: Sat, 03 Dec 2022 04:44:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YEhVgwVi86mLj/2Aj147VXKqLQmDAH0yqvkEKsxA/NBjR13Nx7TA2igZZSZiZz535bky/sasTtqpseEClI0mHQ==
x-amz-request-id: RHY7WWE3TB2E9AG7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 03:46:25 GMT
age: 3510
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 04:44:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
oly4youbaby.info/?s1=fhy1&s6=HVyut3
200 OK 1.5 kB URL HTTP/1.1 oly4youbaby.info/?s1=fhy1&s6=HVyut3
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (347)
Hash 51e577b9e362117f5b7e8eef646f6406
64462d944c308d8978eb4a88ddcef03bcc326879
4f055ee673a086bdd3e00ed69beed598caa544cc45d378e5de14fc0e2d9e9b4f
GET /?s1=fhy1&s6=HVyut3 HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlptMng0UWs2aXFTdHYrOTMzcEJBMlE9PSIsInZhbHVlIjoiYTBpOUVFcnRVMmtwcDlhRURNOFc0TGpjMDFUVHJyWGhISGp6Nm1vS1QwTHF1WWxmUGJzdlJobmkydUlQdHJveCIsIm1hYyI6IjhiMjEwMWQ2NjYyYWNlMWU2NGZkMGFjNjMzOGJhZDA0NDdlMWI1MGEzMzcxYmIzNTdmYmZlYmM4MDIwZWQ2NzUifQ%3D%3D; laravel_session=eyJpdiI6ImV6UTVYUVptTTVKVXhxaFkyRUJMV0E9PSIsInZhbHVlIjoiQm1WOElpWFJwN0o5S3ZMUC9YOE84NW11ekZvbkU4cUFEODgzUHdUVlNnRkJkbEt0c3M4N2JFTFdQSzkrSlQ4MCIsIm1hYyI6IjYyYzEzYzE3NDEwOGMyMDk1ODU3NWU3NzA3MjBkZmZkYjExMDUwM2NhYzk1YTU3NGZmMjBiMmZkMTRmM2Q5YTMifQ%3D%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 04:44:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6InFqUG5qUk8yQ3AyU2xkN0N3L1p2clE9PSIsInZhbHVlIjoia1gxeWhEdHNFL3U2Zi95czh4c0RzQUpGLzMvZVd0eTdvaTRONDJlNXFhTnludjh2L2ZzMjNFVTVtUURIMWdQVSIsIm1hYyI6ImNkMjIwY2JjNGU0ZTJjZjQzMmIzNjUzMTI1OWU3MTQ0ZGMxMTFkNDZkMGEwZmVhMTVhNmIyMGI1NDQyOWY3MDMifQ%3D%3D; expires=Sat, 03-Dec-2022 06:44:55 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6InZKblZPVTJiWUJrWEptWUJTdFdZc3c9PSIsInZhbHVlIjoiS1JXQkE3Q2paUlk1aGN4WUVzMjMyMnBUamxJWWZNRUZoT2prRHpVTkYrRW02TlBlaVQ3RENEV2RUdithV3ExdiIsIm1hYyI6Ijc4MDdkYmQ1NzljZGU1MjFkODQxZGY3ODZkMWU5YzM4MTlmZmQ5ZDU4MDI2M2Q1YmU4YzliNzM2NmExYjJmZWIifQ%3D%3D; expires=Sat, 03-Dec-2022 06:44:55 GMT; Max-Age=7200; path=/; httponly; samesite=lax
SRVNAME=w1; path=/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjEmDlvXudv849WzqWpB4hNPWwrvCxbTJIBCV52YaVeK7znXjyA%2BkAoq9PbZV0ONOSGNPrgBXnJtQOKETeflwiC2KNCdyLKPMPOXJtMA8PCOHjUPrrV6NBmy6jmLicRefqpy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7739a65c8dfbb51b-OSL
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 04:08:58 GMT
cache-control: public,max-age=3600
age: 2157
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 9a74fa467b80f2cc9b740189a73b49f5
6f059916a2bdc34a3406f618cd5715407a29d490
c66c5b01eb349f848495ca1ac0f1ef19ef062713bfab8f701cfb77398c4eed06
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C66C5B01EB349F848495CA1AC0F1EF19EF062713BFAB8F701CFB77398C4EED06"
Last-Modified: Fri, 02 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9089
Expires: Sat, 03 Dec 2022 07:16:24 GMT
Date: Sat, 03 Dec 2022 04:44:55 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:44:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:44:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3170
Cache-Control: max-age=105289
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:44:55 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 09:59:44 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
oly4youbaby.info/landings/7/fonts/vendor.css
200 OK 3.3 kB URL HTTP/1.1 oly4youbaby.info/landings/7/fonts/vendor.css
IP
File type ASCII text, with very long lines (8987), with no line terminators
Hash 60f404187732cedbf361e016febbf707
d0fb711e74e766d9ad19c40fb41e0f392c7cfb67
018d96fc5774b38abaab8a45edfce69698e45170fd2bf3f5ee599ae845eb9476
GET /landings/7/fonts/vendor.css HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InFqUG5qUk8yQ3AyU2xkN0N3L1p2clE9PSIsInZhbHVlIjoia1gxeWhEdHNFL3U2Zi95czh4c0RzQUpGLzMvZVd0eTdvaTRONDJlNXFhTnludjh2L2ZzMjNFVTVtUURIMWdQVSIsIm1hYyI6ImNkMjIwY2JjNGU0ZTJjZjQzMmIzNjUzMTI1OWU3MTQ0ZGMxMTFkNDZkMGEwZmVhMTVhNmIyMGI1NDQyOWY3MDMifQ%3D%3D; laravel_session=eyJpdiI6InZKblZPVTJiWUJrWEptWUJTdFdZc3c9PSIsInZhbHVlIjoiS1JXQkE3Q2paUlk1aGN4WUVzMjMyMnBUamxJWWZNRUZoT2prRHpVTkYrRW02TlBlaVQ3RENEV2RUdithV3ExdiIsIm1hYyI6Ijc4MDdkYmQ1NzljZGU1MjFkODQxZGY3ODZkMWU5YzM4MTlmZmQ5ZDU4MDI2M2Q1YmU4YzliNzM2NmExYjJmZWIifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 04:44:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:16 GMT
etag: W/"637cb37c-231b"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRnf7SMBtlvCdIz2tjfGdeQbAMlVoOIZs%2BM68laRqabpAnWB8RaLsHyPaPKbYbES5%2Bvzn4DeDTK6b3AODvGITWQPHGsWjpVEAOUMqjgtd6NX4Hs%2FK4fVMazTChn6Lmrqvk4a"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7739a65f7f21b51b-OSL
Content-Encoding: gzip
oly4youbaby.info/landings/7/js/vendor.js
200 OK 34 kB URL HTTP/1.1 oly4youbaby.info/landings/7/js/vendor.js
IP
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash af98a1e4da8494475c6544ad9719ab1a
c3788c1494fd23794755e6d99c3596328894f630
c0896a4e2376ff6dfe79b3de960e8d67b72b490ae51a57d610617c4457962a21
GET /landings/7/js/vendor.js HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InFqUG5qUk8yQ3AyU2xkN0N3L1p2clE9PSIsInZhbHVlIjoia1gxeWhEdHNFL3U2Zi95czh4c0RzQUpGLzMvZVd0eTdvaTRONDJlNXFhTnludjh2L2ZzMjNFVTVtUURIMWdQVSIsIm1hYyI6ImNkMjIwY2JjNGU0ZTJjZjQzMmIzNjUzMTI1OWU3MTQ0ZGMxMTFkNDZkMGEwZmVhMTVhNmIyMGI1NDQyOWY3MDMifQ%3D%3D; laravel_session=eyJpdiI6InZKblZPVTJiWUJrWEptWUJTdFdZc3c9PSIsInZhbHVlIjoiS1JXQkE3Q2paUlk1aGN4WUVzMjMyMnBUamxJWWZNRUZoT2prRHpVTkYrRW02TlBlaVQ3RENEV2RUdithV3ExdiIsIm1hYyI6Ijc4MDdkYmQ1NzljZGU1MjFkODQxZGY3ODZkMWU5YzM4MTlmZmQ5ZDU4MDI2M2Q1YmU4YzliNzM2NmExYjJmZWIifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 04:44:55 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:16 GMT
etag: W/"637cb37c-18627"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=io4QNteYtoAMkUJ4JXD62QiK6fgY4XkomrnfoLHq729hJhFILpe9ZGRVZQEH5ZCd6mPbpmrNN4uUQwfEo9QYrhtEHo8WB%2Bc2B61vTzqyM8L0MBWKKephguN2p38AwERtKohv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7739a65f9dc8b4f9-OSL
Content-Encoding: gzip
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 9a74fa467b80f2cc9b740189a73b49f5
6f059916a2bdc34a3406f618cd5715407a29d490
c66c5b01eb349f848495ca1ac0f1ef19ef062713bfab8f701cfb77398c4eed06
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C66C5B01EB349F848495CA1AC0F1EF19EF062713BFAB8F701CFB77398C4EED06"
Last-Modified: Fri, 02 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9089
Expires: Sat, 03 Dec 2022 07:16:24 GMT
Date: Sat, 03 Dec 2022 04:44:55 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:44:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://oly4youbaby.info
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 381135
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:44:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SWnMw4l4qGWIO7R0b2Wvcg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kaGIPWK2hgN1WHOuV6MqVQik25U=
oly4youbaby.info/landings/7/img/image-2.jpg
200 OK 2.6 kB URL HTTP/1.1 oly4youbaby.info/landings/7/img/image-2.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 101x109, components 3\012- data
Hash ad996819b50eb274e4f22ab2212d115e
4eade4c77df984d51f4e9b1f8fd0899a4dbc0a7c
8b5de54443162e0602a63f03542b4c70d33ba4c8b9a9c58140fa4a1505ddcc98
GET /landings/7/img/image-2.jpg HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InFqUG5qUk8yQ3AyU2xkN0N3L1p2clE9PSIsInZhbHVlIjoia1gxeWhEdHNFL3U2Zi95czh4c0RzQUpGLzMvZVd0eTdvaTRONDJlNXFhTnludjh2L2ZzMjNFVTVtUURIMWdQVSIsIm1hYyI6ImNkMjIwY2JjNGU0ZTJjZjQzMmIzNjUzMTI1OWU3MTQ0ZGMxMTFkNDZkMGEwZmVhMTVhNmIyMGI1NDQyOWY3MDMifQ%3D%3D; laravel_session=eyJpdiI6InZKblZPVTJiWUJrWEptWUJTdFdZc3c9PSIsInZhbHVlIjoiS1JXQkE3Q2paUlk1aGN4WUVzMjMyMnBUamxJWWZNRUZoT2prRHpVTkYrRW02TlBlaVQ3RENEV2RUdithV3ExdiIsIm1hYyI6Ijc4MDdkYmQ1NzljZGU1MjFkODQxZGY3ODZkMWU5YzM4MTlmZmQ5ZDU4MDI2M2Q1YmU4YzliNzM2NmExYjJmZWIifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 04:44:56 GMT
Content-Type: image/jpeg
Content-Length: 2632
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:16 GMT
etag: "637cb37c-a48"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dr9J7j8tgRk05ruktLMu2BWCjPQlWKetY5AlptGNixfxZgbtVO%2B%2FWkfFrgPc0Mnr4oj7KPEgHE%2Fzcs2XZs2GmriYnBZRISXIAzFjrOhHjaRpdwZhNFJMsMuMXHljthhabbfk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7739a6618e69b4f9-OSL
oly4youbaby.info/landings/7/img/image-7.jpg
200 OK 39 kB URL HTTP/1.1 oly4youbaby.info/landings/7/img/image-7.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x789, components 3\012- data
Hash 203bcbcb0a826e7c03784176bb53eacf
1853f57210429c5e86e6273047fc7d29519c4b84
9c2eb382653ac1be64f5457afad8dfd289470c761e34271de9507afb05b4e284
GET /landings/7/img/image-7.jpg HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InFqUG5qUk8yQ3AyU2xkN0N3L1p2clE9PSIsInZhbHVlIjoia1gxeWhEdHNFL3U2Zi95czh4c0RzQUpGLzMvZVd0eTdvaTRONDJlNXFhTnludjh2L2ZzMjNFVTVtUURIMWdQVSIsIm1hYyI6ImNkMjIwY2JjNGU0ZTJjZjQzMmIzNjUzMTI1OWU3MTQ0ZGMxMTFkNDZkMGEwZmVhMTVhNmIyMGI1NDQyOWY3MDMifQ%3D%3D; laravel_session=eyJpdiI6InZKblZPVTJiWUJrWEptWUJTdFdZc3c9PSIsInZhbHVlIjoiS1JXQkE3Q2paUlk1aGN4WUVzMjMyMnBUamxJWWZNRUZoT2prRHpVTkYrRW02TlBlaVQ3RENEV2RUdithV3ExdiIsIm1hYyI6Ijc4MDdkYmQ1NzljZGU1MjFkODQxZGY3ODZkMWU5YzM4MTlmZmQ5ZDU4MDI2M2Q1YmU4YzliNzM2NmExYjJmZWIifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 04:44:56 GMT
Content-Type: image/jpeg
Content-Length: 39127
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:16 GMT
etag: "637cb37c-98d7"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMlUYSUQDDiNJT47D4hBZoLrhkHpiOjr7zO4SwhauoOvZYEw9rdN%2B6OhKyGl09hKf7OPRda84afmbXnFwK4C2XMZWWqeFRmfnKq6TDmBz4zVTQFLa2hwo9EST%2FEisIOdpzRz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7739a6618d8cb4eb-OSL
oly4youbaby.info/landings/7/img/image-6.jpg
200 OK 53 kB URL HTTP/1.1 oly4youbaby.info/landings/7/img/image-6.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x1058, components 3\012- data
Hash dd2a4179b4135acbebd62cbd444ba777
f082e987d3b9c3fdb2571b0a30c5b865b0ad14a8
de072e964b7834d78f71b63e4905f7c6a98c431ef9b8eadc7ba8a41da96a0a5d
GET /landings/7/img/image-6.jpg HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InFqUG5qUk8yQ3AyU2xkN0N3L1p2clE9PSIsInZhbHVlIjoia1gxeWhEdHNFL3U2Zi95czh4c0RzQUpGLzMvZVd0eTdvaTRONDJlNXFhTnludjh2L2ZzMjNFVTVtUURIMWdQVSIsIm1hYyI6ImNkMjIwY2JjNGU0ZTJjZjQzMmIzNjUzMTI1OWU3MTQ0ZGMxMTFkNDZkMGEwZmVhMTVhNmIyMGI1NDQyOWY3MDMifQ%3D%3D; laravel_session=eyJpdiI6InZKblZPVTJiWUJrWEptWUJTdFdZc3c9PSIsInZhbHVlIjoiS1JXQkE3Q2paUlk1aGN4WUVzMjMyMnBUamxJWWZNRUZoT2prRHpVTkYrRW02TlBlaVQ3RENEV2RUdithV3ExdiIsIm1hYyI6Ijc4MDdkYmQ1NzljZGU1MjFkODQxZGY3ODZkMWU5YzM4MTlmZmQ5ZDU4MDI2M2Q1YmU4YzliNzM2NmExYjJmZWIifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 04:44:56 GMT
Content-Type: image/jpeg
Content-Length: 52661
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:16 GMT
etag: "637cb37c-cdb5"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAVwTb0nuFxTwlW5qFkDKDNBeViw7SyqUjOFNEfHrZT8lsdQfiFgh0MYNKuO1gzvLAvv9p%2FY6lu2DDDwcwnIjddLekKRV4%2B485mowFbrzBl3yu0nSmLk7qbP79eFn3JJKRvS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7739a6632e34b4eb-OSL
oly4youbaby.info/landings/7/img/str.png
200 OK 355 B URL HTTP/1.1 oly4youbaby.info/landings/7/img/str.png
IP
File type PNG image data, 44 x 20, 8-bit colormap, non-interlaced\012- data
Hash 365b1ce513784609142afd8797860835
fbe90a0e119b79eaf904418ea0b60927acf55be3
cba38b68a7aadac0804c7abe5dba2d87f64d32b7058ccaec27773c9421a6e67d
GET /landings/7/img/str.png HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oly4youbaby.info/landings/7/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6InFqUG5qUk8yQ3AyU2xkN0N3L1p2clE9PSIsInZhbHVlIjoia1gxeWhEdHNFL3U2Zi95czh4c0RzQUpGLzMvZVd0eTdvaTRONDJlNXFhTnludjh2L2ZzMjNFVTVtUURIMWdQVSIsIm1hYyI6ImNkMjIwY2JjNGU0ZTJjZjQzMmIzNjUzMTI1OWU3MTQ0ZGMxMTFkNDZkMGEwZmVhMTVhNmIyMGI1NDQyOWY3MDMifQ%3D%3D; laravel_session=eyJpdiI6InZKblZPVTJiWUJrWEptWUJTdFdZc3c9PSIsInZhbHVlIjoiS1JXQkE3Q2paUlk1aGN4WUVzMjMyMnBUamxJWWZNRUZoT2prRHpVTkYrRW02TlBlaVQ3RENEV2RUdithV3ExdiIsIm1hYyI6Ijc4MDdkYmQ1NzljZGU1MjFkODQxZGY3ODZkMWU5YzM4MTlmZmQ5ZDU4MDI2M2Q1YmU4YzliNzM2NmExYjJmZWIifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 04:44:56 GMT
Content-Type: image/png
Content-Length: 355
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:16 GMT
etag: "637cb37c-163"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFS%2BN9fdffqLB00xD%2FjsG%2FxeGWCiTvlT%2F0i8b9T63KheaczO1de6tYlCB5gLFId8wbk1cBZQi%2BygaQWuQVipdoX4W4VjvyGto57NsIEQrzh4SSHCH8M3JBVObhiI5WDA8n1a"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7739a662aaf1b506-OSL
oly4youbaby.info/landings/7/img/image-1.jpg
200 OK 2.5 kB URL HTTP/1.1 oly4youbaby.info/landings/7/img/image-1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 101x109, components 3\012- data
Hash 3c53d2373f9258bc8fc454a1ba3fdecb
9a11565a9705e32a10601e3f2a273bf0051a3164
75e9134043b2597fe44e73613e60fe97df898873c20ad4731eda186941d735ff
GET /landings/7/img/image-1.jpg HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InFqUG5qUk8yQ3AyU2xkN0N3L1p2clE9PSIsInZhbHVlIjoia1gxeWhEdHNFL3U2Zi95czh4c0RzQUpGLzMvZVd0eTdvaTRONDJlNXFhTnludjh2L2ZzMjNFVTVtUURIMWdQVSIsIm1hYyI6ImNkMjIwY2JjNGU0ZTJjZjQzMmIzNjUzMTI1OWU3MTQ0ZGMxMTFkNDZkMGEwZmVhMTVhNmIyMGI1NDQyOWY3MDMifQ%3D%3D; laravel_session=eyJpdiI6InZKblZPVTJiWUJrWEptWUJTdFdZc3c9PSIsInZhbHVlIjoiS1JXQkE3Q2paUlk1aGN4WUVzMjMyMnBUamxJWWZNRUZoT2prRHpVTkYrRW02TlBlaVQ3RENEV2RUdithV3ExdiIsIm1hYyI6Ijc4MDdkYmQ1NzljZGU1MjFkODQxZGY3ODZkMWU5YzM4MTlmZmQ5ZDU4MDI2M2Q1YmU4YzliNzM2NmExYjJmZWIifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 04:44:56 GMT
Content-Type: image/jpeg
Content-Length: 2486
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:16 GMT
etag: "637cb37c-9b6"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7tfkkYZ%2FogpNP%2FGhBTqsuEKi5Y5H%2FcV97kkb48c7bEuf7LvyuXmGYqIWmE2JzsGKFOflYdz0v1rsf7FLheeVOrhJ9XBHmIh37fnWconZOXTqgVMRigH6f5jve9ItGySFQGRN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7739a662bc0db527-OSL
oly4youbaby.info/landings/7/img/bubble.png
200 OK 1.4 kB URL HTTP/1.1 oly4youbaby.info/landings/7/img/bubble.png
IP
File type PNG image data, 200 x 97, 8-bit colormap, non-interlaced\012- data
Hash d5850c0313922788b06ffe65f7ee291a
5c6d9b45272d5f73d62c92cd61679efc6bb6f302
920b0657c1c6089f08bbcd280dbabfab3a904344b223618bebf7f9fa9118f61c
GET /landings/7/img/bubble.png HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oly4youbaby.info/landings/7/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6InFqUG5qUk8yQ3AyU2xkN0N3L1p2clE9PSIsInZhbHVlIjoia1gxeWhEdHNFL3U2Zi95czh4c0RzQUpGLzMvZVd0eTdvaTRONDJlNXFhTnludjh2L2ZzMjNFVTVtUURIMWdQVSIsIm1hYyI6ImNkMjIwY2JjNGU0ZTJjZjQzMmIzNjUzMTI1OWU3MTQ0ZGMxMTFkNDZkMGEwZmVhMTVhNmIyMGI1NDQyOWY3MDMifQ%3D%3D; laravel_session=eyJpdiI6InZKblZPVTJiWUJrWEptWUJTdFdZc3c9PSIsInZhbHVlIjoiS1JXQkE3Q2paUlk1aGN4WUVzMjMyMnBUamxJWWZNRUZoT2prRHpVTkYrRW02TlBlaVQ3RENEV2RUdithV3ExdiIsIm1hYyI6Ijc4MDdkYmQ1NzljZGU1MjFkODQxZGY3ODZkMWU5YzM4MTlmZmQ5ZDU4MDI2M2Q1YmU4YzliNzM2NmExYjJmZWIifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 04:44:56 GMT
Content-Type: image/png
Content-Length: 1405
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:16 GMT
etag: "637cb37c-57d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBsj37u33eJ%2FX%2B0Vg%2F7BvOpOP%2BS9ubuIiWf%2B1cIXrr%2BuFDTOvWMHMcAB9rK%2BQcTM1G4IPaz8ZsVCIRKqW96VjXHoMspBepB8fSobKqGS%2BFiAwiQlpJ0AW7JW%2FLTvU15aQAe%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7739a662ad710afe-OSL
oly4youbaby.info/landings/7/img/image-3.jpg
200 OK 64 kB URL HTTP/1.1 oly4youbaby.info/landings/7/img/image-3.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x1280, components 3\012- data
Hash aac8fdd1bf68cd777a905eefcc137f0a
9391bd2b34e173d9153591f4ea6a0b9e652d73e1
d3ce623db82ce363f55176815d68d1496c2797dea9df66cf9ff31af67a6f82bc
GET /landings/7/img/image-3.jpg HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InFqUG5qUk8yQ3AyU2xkN0N3L1p2clE9PSIsInZhbHVlIjoia1gxeWhEdHNFL3U2Zi95czh4c0RzQUpGLzMvZVd0eTdvaTRONDJlNXFhTnludjh2L2ZzMjNFVTVtUURIMWdQVSIsIm1hYyI6ImNkMjIwY2JjNGU0ZTJjZjQzMmIzNjUzMTI1OWU3MTQ0ZGMxMTFkNDZkMGEwZmVhMTVhNmIyMGI1NDQyOWY3MDMifQ%3D%3D; laravel_session=eyJpdiI6InZKblZPVTJiWUJrWEptWUJTdFdZc3c9PSIsInZhbHVlIjoiS1JXQkE3Q2paUlk1aGN4WUVzMjMyMnBUamxJWWZNRUZoT2prRHpVTkYrRW02TlBlaVQ3RENEV2RUdithV3ExdiIsIm1hYyI6Ijc4MDdkYmQ1NzljZGU1MjFkODQxZGY3ODZkMWU5YzM4MTlmZmQ5ZDU4MDI2M2Q1YmU4YzliNzM2NmExYjJmZWIifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 04:44:56 GMT
Content-Type: image/jpeg
Content-Length: 63861
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:16 GMT
etag: "637cb37c-f975"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6%2FViY%2BBIXGEXjSKgoy43bHgSRruD3HU3JgCSoQgdjs%2FaOT%2FgpV1ULswueQkFlIMbIMoFfKf6H%2BIXkTCbxVCa5ytVxH9uBBQr9nKfej%2BkLtUOjSrOoQXCf%2BMxUvfHSFpbWFa"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7739a662bf43b4ee-OSL
oly4youbaby.info/favicon.ico
200 OK 0 B URL HTTP/1.1 oly4youbaby.info/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InFqUG5qUk8yQ3AyU2xkN0N3L1p2clE9PSIsInZhbHVlIjoia1gxeWhEdHNFL3U2Zi95czh4c0RzQUpGLzMvZVd0eTdvaTRONDJlNXFhTnludjh2L2ZzMjNFVTVtUURIMWdQVSIsIm1hYyI6ImNkMjIwY2JjNGU0ZTJjZjQzMmIzNjUzMTI1OWU3MTQ0ZGMxMTFkNDZkMGEwZmVhMTVhNmIyMGI1NDQyOWY3MDMifQ%3D%3D; laravel_session=eyJpdiI6InZKblZPVTJiWUJrWEptWUJTdFdZc3c9PSIsInZhbHVlIjoiS1JXQkE3Q2paUlk1aGN4WUVzMjMyMnBUamxJWWZNRUZoT2prRHpVTkYrRW02TlBlaVQ3RENEV2RUdithV3ExdiIsIm1hYyI6Ijc4MDdkYmQ1NzljZGU1MjFkODQxZGY3ODZkMWU5YzM4MTlmZmQ5ZDU4MDI2M2Q1YmU4YzliNzM2NmExYjJmZWIifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 04:44:56 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:33 GMT
etag: "637cb38d-0"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 994
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRSx9NS9WpUEhP9PGJXfSykP4LGW0lbvBlWlTgC2Vpx6C1orgX926cMsal4420i4hv9cNsVNkZ%2B14u8xEFk8rj0k7O%2BO5GlM3yc3tPGmJXGQUb2ySLxk33Ix12mP19k4i7t7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7739a664f828b4ee-OSL
oly4youbaby.info/landings/7/img/image-4.jpg
200 OK 74 kB URL HTTP/1.1 oly4youbaby.info/landings/7/img/image-4.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x888, components 3\012- data
Hash cce4238700967a5a59ebaea4154e18c0
01b5a7c65ddb9b67f2ba91ea1b63ed1c969a4ad3
897bb36a0a298258769de1a2dd5dc2a5ea4d12339e17bcdfa4837c803c7099f8
GET /landings/7/img/image-4.jpg HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InFqUG5qUk8yQ3AyU2xkN0N3L1p2clE9PSIsInZhbHVlIjoia1gxeWhEdHNFL3U2Zi95czh4c0RzQUpGLzMvZVd0eTdvaTRONDJlNXFhTnludjh2L2ZzMjNFVTVtUURIMWdQVSIsIm1hYyI6ImNkMjIwY2JjNGU0ZTJjZjQzMmIzNjUzMTI1OWU3MTQ0ZGMxMTFkNDZkMGEwZmVhMTVhNmIyMGI1NDQyOWY3MDMifQ%3D%3D; laravel_session=eyJpdiI6InZKblZPVTJiWUJrWEptWUJTdFdZc3c9PSIsInZhbHVlIjoiS1JXQkE3Q2paUlk1aGN4WUVzMjMyMnBUamxJWWZNRUZoT2prRHpVTkYrRW02TlBlaVQ3RENEV2RUdithV3ExdiIsIm1hYyI6Ijc4MDdkYmQ1NzljZGU1MjFkODQxZGY3ODZkMWU5YzM4MTlmZmQ5ZDU4MDI2M2Q1YmU4YzliNzM2NmExYjJmZWIifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 04:44:56 GMT
Content-Type: image/jpeg
Content-Length: 74419
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:16 GMT
etag: "637cb37c-122b3"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vI4sJRNjL3ryh2In21uSN6OARVSN0bOeXkquZxHh%2BrT9hm5dfvJPLa5HTwkf2K3ptzaZoIOjc4Tg4EwKUrpfSLh7IWLQ93sBdb7vInleSiysDhZ66alABUNf7vIpNAKVyZ%2BL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7739a6631f41b4f9-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16434
Expires: Sat, 03 Dec 2022 09:18:51 GMT
Date: Sat, 03 Dec 2022 04:44:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16434
Expires: Sat, 03 Dec 2022 09:18:51 GMT
Date: Sat, 03 Dec 2022 04:44:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16434
Expires: Sat, 03 Dec 2022 09:18:51 GMT
Date: Sat, 03 Dec 2022 04:44:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e765102-d7b9-4765-a166-db04ae6113bc.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e765102-d7b9-4765-a166-db04ae6113bc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcdb77a21f91a4a280ac9a8efbc48bbd
74c974eaf1cbdf6c5ae11793e42caf4c4e4cb25d
5ee7c45f21b38c653d03a24b10a190a9e9266226d221b006e787cd3719088d7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e765102-d7b9-4765-a166-db04ae6113bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11233
x-amzn-requestid: 89afb72e-6967-47d0-a0ad-48cad8cd08e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIpgOEi0oAMFstg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638022ce-1e8087e734e71d611df75830;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 02:05:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d9wLy3xAxK6RiYf25v_GFT1gdezT8IzMxaFyGRuGm2nxOBh6uEOg3w==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:01:29 GMT
age: 24208
etag: "74c974eaf1cbdf6c5ae11793e42caf4c4e4cb25d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 23:43:28 GMT
age: 18089
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F741da48c-a860-42fc-8f5c-4572522c2f56.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F741da48c-a860-42fc-8f5c-4572522c2f56.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 585e7e56aed6b2f2f5e658f46bb791c4
34b768eb68f6cb850ff984fd687096e089649523
5412ba902e667571b0bbb3879ba6b9ad39501abce59381e84e6aa09779e7198b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F741da48c-a860-42fc-8f5c-4572522c2f56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6416
x-amzn-requestid: f5456dd6-8459-4a19-a9b5-b7b567fceb01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cik2pG5aoAMFrVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a81c3-0923232b35133f471332062b;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 22:52:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fO2Nzz-s_o-67i4JhGgbUZdA5G1B8c9RrnJKm56RN7Ae_MK65KeRtQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 23:08:03 GMT
age: 20214
etag: "34b768eb68f6cb850ff984fd687096e089649523"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73a2ea57-9c46-4205-a91a-a39e992ffe29.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73a2ea57-9c46-4205-a91a-a39e992ffe29.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a483cb4f5948987ff2fa6be8d8f3c4ab
3b36c020f5fc38693ac159e5747518a3234ba8cc
a1c33278142371a168ca50aff0c5dc887461a9c83251e397d45c957c7cf788e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73a2ea57-9c46-4205-a91a-a39e992ffe29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6042
x-amzn-requestid: f28e5f64-3737-455c-accc-86a37dfef4b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTPeXHUKoAMF99A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63845f8e-20a6aba25e200ff41c6dab91;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 07:13:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bLltF1-sTeAt9wHZVQTsbPQRRw8yteYRgK9XPUmhO3jMLcywS_bYDQ==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:29:46 GMT
age: 80111
etag: "3b36c020f5fc38693ac159e5747518a3234ba8cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9b77186d0d93f7ccfe729edd9d184af3
458aa485b9abef3b72427d308a172d1c24eceabd
8bed5a8e56e8c43fcbdc807245c2b651d014a06368574e57a25b718399a4a701
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6966
x-amzn-requestid: 2b40c185-e050-4bfd-9b08-bb70e6f89824
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfAb7Ev3oAMFnrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389144c-65301ace20da6f580ed77e82;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 20:53:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xBRZ6xulfveO7b5ZY8ApNbQJ1Sz8LbzEAb3YqxOEaZGYem-ZRaar_Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 08:01:16 GMT
age: 74621
etag: "458aa485b9abef3b72427d308a172d1c24eceabd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V_7_ohQr9ENIjOvdvy65ZpJqg2OI9gzRdiuxCTJzl4qwXe2Nmu_tAQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
age: 24930
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap
IP
GET /css?family=Open+Sans:400,600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 04:44:55 GMT
date: Sat, 03 Dec 2022 04:44:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
svntrk.com/assets/fhy1_638ad4476f581.js
200 OK 0 B URL HTTP/2 svntrk.com/assets/fhy1_638ad4476f581.js
IP
GET /assets/fhy1_638ad4476f581.js HTTP/1.1
Host: svntrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 04:44:55 GMT
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: BYPASS
set-cookie: svnimp=638ad447d3cce; path=/; secure; httponly; samesite=none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7R2BvJe33qVMdBh3PTNWzJZMSkXH8MxlWlvyJK2%2F0W5U0A817Ln%2FGzLfFgIOABZy0iLqEGBIywV8DzryyiSohlqzUY6yVbXzvUimryE4vNLPEBASMvVxUmBjuTn7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7739a66039910b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
104.21.93.243
142.250.74.131
93.184.220.29
23.36.76.226
104.21.61.81