Overview

URL sweetladi3s.com/?utm_source=vDI08auqk0c8&utm_content=2avkhthu18
IP172.67.223.20
ASNCLOUDFLARENET
Location United States
Report completed2022-10-02 16:46:55 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-02 2 sweetladi3s.com/lstatic/f.js Phishing
2022-10-02 2 sweetladi3s.com/lstatic/fc5f1194ac2fb332f9bea30f3ce74b3d/images/icon-i.svg Phishing
2022-10-02 2 sweetladi3s.com/lstatic/fc5f1194ac2fb332f9bea30f3ce74b3d/images/icon-t.svg Phishing
2022-10-02 2 sweetladi3s.com/lstatic/fc5f1194ac2fb332f9bea30f3ce74b3d/images/icon-f.svg Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (15)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-10-02 05:26:46 UTC 69.16.175.10
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-10-02 05:20:15 UTC 104.18.21.226
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-02 09:28:40 UTC 142.250.74.10
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-02 08:03:17 UTC 18.165.201.103
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-02 04:45:21 UTC 34.117.237.239
mnemonic passive DNS ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-10-02 05:01:45 UTC 142.250.74.3
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-02 10:21:36 UTC 93.184.220.29
mnemonic passive DNS example.org (1) 2333 2012-08-07 17:20:46 UTC 2022-10-02 11:32:11 UTC 93.184.216.34
mnemonic passive DNS sweetladi3s.com (13) 0 2020-03-13 09:22:14 UTC 2022-10-02 06:38:30 UTC 104.21.70.113 Unknown ranking
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-10-02 05:15:58 UTC 151.101.85.229
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-10-02 05:30:03 UTC 34.120.237.76
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-10-02 06:23:42 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-02 10:20:02 UTC 52.43.58.150
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-10-02 05:33:45 UTC 23.36.76.226
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-02 05:00:42 UTC 108.156.28.39


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.223.20

Date UQ / IDS / BL URL IP
2022-10-11 13:53:02 +0000
0 - 0 - 2 support-maps.live/ 172.67.223.20
2022-10-02 16:46:55 +0000
0 - 0 - 4 sweetladi3s.com/?utm_source=vDI08auqk0c8&utm_ (...) 172.67.223.20
2022-09-24 21:20:24 +0000
0 - 0 - 2 the.you-prize.monster/UK-new/newtemplatefree- (...) 172.67.223.20
2022-09-24 20:55:30 +0000
0 - 0 - 2 the.you-prize.monster/UK-new/newtemplatefree- (...) 172.67.223.20
2022-09-15 06:55:41 +0000
0 - 0 - 2 for.you-prize.monster/ASIA-Server/TW/taiwanmo (...) 172.67.223.20

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-06 00:12:42 +0000
0 - 0 - 2 gloriaforce.com/ii/malware.zip 104.21.36.160
2022-12-06 00:12:41 +0000
0 - 0 - 2 gloriaforce.com/ii/malware.zip 104.21.36.160
2022-12-06 00:11:08 +0000
0 - 0 - 0 ipfs.fleek.co/ipfs/Qme9GNkeRLWZtvdKd3XNXd91wt (...) 104.17.96.13
2022-12-06 00:10:56 +0000
0 - 0 - 13 sh.st/st/763e742bd53ac1a0be8e274f2c9f3c20/htt (...) 172.67.68.250
2022-12-06 00:08:54 +0000
0 - 0 - 1 century.valleyonly.cfd/imgcdn.php?pic=aHR0cHM (...) 172.67.164.231

Last 1 reports on domain: sweetladi3s.com

Date UQ / IDS / BL URL IP
2022-10-02 16:46:55 +0000
0 - 0 - 4 sweetladi3s.com/?utm_source=vDI08auqk0c8&utm_ (...) 172.67.223.20

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-04 08:48:22 +0000
0 - 0 - 4 plonvencons.tk/ 188.114.96.1
2022-11-30 13:42:12 +0000
0 - 0 - 4 tueswivforboro.tk/xGQVdz?llcfqhnapqlvf&data=0 (...) 188.114.97.1
2022-11-22 06:59:28 +0000
0 - 0 - 4 www.shorturl.at/rtvSV?hgVhfthdygjuhkIilBkhuGy (...) 172.67.171.25
2022-11-11 07:41:22 +0000
0 - 0 - 1 towertraffic.top/www/delivery/cl.php?ct=1&ban (...) 172.67.203.241
2022-11-10 20:27:59 +0000
0 - 0 - 2 servak2021.ru/campaigns/ce3021t3ey85a/track-u (...) 194.113.235.62


JavaScript

Executed Scripts (6)


Executed Evals (19)

#1 JavaScript::Eval (size: 25, repeated: 1) - SHA256: c0fee6b934b08df7fd5858201cc0c4127a85dc7d0c8fd8eb83d58cfcc1cac18a

                                        new Uint8Array([1]).at(0)
                                    

#2 JavaScript::Eval (size: 67, repeated: 1) - SHA256: 361a831d09ef76b907d6a416524915baec50c238905852e548fe0f2221a4620a

                                        typeof document.getElementById('__fhMyDialog').close === 'function'
                                    

#3 JavaScript::Eval (size: 28, repeated: 1) - SHA256: a4f48a08d01416c2784a28ba62c656e9e732761d75534f41f69892d61280fc6a

                                        Boolean(crypto.randomUUID())
                                    

#4 JavaScript::Eval (size: 42, repeated: 1) - SHA256: 420ef951a9f49fcb514fde5a2d4bd07a98cf609fba23fcdc2fc660cb2cb10524

                                        CSSCounterStyleRule.negative === undefined
                                    

#5 JavaScript::Eval (size: 158, repeated: 1) - SHA256: 5fd2b7ac06f14aa445293ae600a6650f7a44e5f0b1e100e2b864221aee71fd26

                                        let abortController = new AbortController();
let signal2 = abortController.signal;
abortController.abort('test2');
typeof signal2.throwIfAborted == 'function'
                                    

#6 JavaScript::Eval (size: 37, repeated: 1) - SHA256: 2d6f98223aee606d4b6ff2b57a1c847225406aa1380becd205bb685b3adf5871

                                        'aspect-ratio' in document.body.style
                                    

#7 JavaScript::Eval (size: 90, repeated: 1) - SHA256: 6c62e1035d91781258fef8d30617f55b5692ba56617087082c68069ddd95b168

                                        window.getComputedStyle(document.getElementById('__fhTestBlock2')).flexBasis === 'content'
                                    

#8 JavaScript::Eval (size: 44, repeated: 1) - SHA256: ef0cec074a1308361ef6b1a50fb53163d7dea6f35bfa7eaaa33d6f5cd853b4ba

                                        XRAnchorSet.prototype.hasOwnProperty('size')
                                    

#9 JavaScript::Eval (size: 37, repeated: 1) - SHA256: 92a69774ed25091a7d27f3692984ca2cf78cea3e730543b9d3a867ca3701fc5d

                                        'accent-color' in document.body.style
                                    

#10 JavaScript::Eval (size: 92, repeated: 1) - SHA256: acb4db590b2797dcc50197ea1bad6bdfa76883bff09fd8ea23f0f21ae1fa0b60

                                        window.getComputedStyle(document.getElementById('__fhTestBlock')).color === 'rgb(255, 0, 0)'
                                    

#11 JavaScript::Eval (size: 38, repeated: 1) - SHA256: fe43b3c21a3b344dc633abee619610ebdbb8f1467c8a3ed3874c7c81f2ef5a86

                                        typeof self.reportError === 'function'
                                    

#12 JavaScript::Eval (size: 33, repeated: 1) - SHA256: f543f9b1beb8bb051d13da0f873ab6801661e63d8b16b88b1af69ff098fb07c6

                                        'tab-size' in document.body.style
                                    

#13 JavaScript::Eval (size: 142, repeated: 1) - SHA256: 7c22b44f3ca365ec28b11ce4432231eea6de7569658bded3ac6c7b8644c51fd2

                                        let canvas2 = document.getElementById('__fhMyCanvas2');
let gl2 = canvas2.getContext('webgl');
gl2.getExtension('WEBGL_draw_buffers') !== null
                                    

#14 JavaScript::Eval (size: 36, repeated: 1) - SHA256: 01c41e932bc9a6e9718861f97ad6fdb35bd4f2b699d11c479abb9788c1d52958

                                        Boolean(document.hasStorageAccess())
                                    

#15 JavaScript::Eval (size: 57, repeated: 1) - SHA256: 93afe750f893331c7709e79b3b40b7122d4119cde3263346bdd3ad822216c2d7

                                        navigator.locks !== null && navigator.locks !== undefined
                                    

#16 JavaScript::Eval (size: 51, repeated: 1) - SHA256: 3906813149363f1ecb7fe2c95126d12999e7ddd966cfb00a50e446ea4423818a

                                        ShadowRoot.prototype.hasOwnProperty('onslotchange')
                                    

#17 JavaScript::Eval (size: 73, repeated: 1) - SHA256: 4339a0c1f2bef4619c2d2f4f3c90d08e012bcf418288c88da1ac89faccf36ec9

                                        typeof document.getElementById('__fhDateInput').showPicker === 'function'
                                    

#18 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 2daeb3ad53fdaffdb2055a20bab28c77ea1cc1111862db83ac5e074d63a3e381

                                        Boolean(structuredClone)
                                    

#19 JavaScript::Eval (size: 34, repeated: 1) - SHA256: 1793bf3a5d4ab2080846499c0d7bf8b754b9a0f515ae7685f09ab7b6f0e743a2

                                        Boolean(FileSystemDirectoryHandle)
                                    

Executed Writes (0)



HTTP Transactions (40)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4818
Expires: Sun, 02 Oct 2022 18:07:01 GMT
Date: Sun, 02 Oct 2022 16:46:43 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.165.201.103
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 16:03:11 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 65cbd6c4094454b31bc32d6426b92cf2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: kLlqWkKG9HRYbcAd-_Z0TAK6KbbWwDUJK1dg0uKBso0fpxJRlwkTtg==
Age: 2612


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         108.156.28.39
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 0014cc5ed6f7d7422fe78da5a10aa120.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: nj2URP643QeqRBVD9Pa7nzQPTeRB5s-V4A5W3Y4zboLysoR2k5c4lg==
age: 47607
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /?utm_source=vDI08auqk0c8&utm_content=2avkhthu18 HTTP/1.1 
Host: sweetladi3s.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.70.113
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Sun, 02 Oct 2022 16:46:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=0, private, must-revalidate
Cross-Origin-Window-Policy: deny
Set-Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApSallsYkpNUGJwbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOTHp2VVdSUHVneUtsVldkUVBSa3FjZ0VrSUFSbQAAAAJobGQAA25pbG0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAAAoyYXZraHRodTE4bQAAAAd0cmFja2VybQAAAAdub3RyYWNrbQAAAAN1bnFtAAAADFZBaG9xRXlsZUVGag.GaLIxMvF5kkcMAufyVIZk21KajrZldroMYdIsl_LM9g; path=/; expires=Mon, 02 Oct 2023 16:46:43 GMT; max-age=31536000
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3VMEu7tR9wENQcIBsF8TKh2ghiqlPHr9Dl%2F9ZJfP4VMDMYzZaHthc0QgOK1f%2BpXV4qIZ%2FGUNHXrtDxgpJFwlDjj0yKtfS2rfNEOTBabSeu3FKy6B5EmTQvhMO828CB3SjAo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 753eea71ac241c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13823)
Size:   5337
Md5:    32803e10fa17a04622c8cada9a58f1ae
Sha1:   52a76392215d37ebe29a428c55512ff0e937bc25
Sha256: e865b6b28e1ef8e5100d18cbda1b547cf381ddf0600738f01d4387499765059c
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 02 Oct 2022 16:46:43 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /npm/lazyload@2.0.0-rc.2/lazyload.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sweetladi3s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 2.0.0-rc.2
x-jsd-version-type: version
etag: W/"162a-+bHVRc9Mhd3adT/5YJ7eVp2Ssx8"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 02 Oct 2022 16:46:43 GMT
age: 14393541
x-served-by: cache-fra19132-FRA, cache-bma1657-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1652
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1652
Md5:    48e05ee1c6d3db1baea8f343aee0b56b
Sha1:   93e71cfe052a033e4c867f2503ca425030071df1
Sha256: 27d48ead6bf6af6882b21b01fdae090512499cf21f169d6a9675756b94e5f73e
                                        
                                            GET /jquery-3.3.1.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://sweetladi3s.com
Connection: keep-alive
Referer: http://sweetladi3s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sun, 02 Oct 2022 16:46:43 GMT
content-encoding: gzip
content-length: 30288
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664729203.dop022.sk1.t,1664729203.cds243.sk1.hn,1664729203.cds072.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30288
Md5:    d549b312f7a7d228b4ec229a6547dfdc
Sha1:   0766794582ad530ec0f8c2595f741086afffa312
Sha256: f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 16:46:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 16:46:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "4BAB8B22C44D1511D4D63B611EC92360E6634467"
Expires: Mon, 03 Oct 2022 03:00:00 GMT
Last-Modified: Sun, 02 Oct 2022 15:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3270
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 753eea750a77fab8-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    6ad4932c224640504facfcf7f7483f65
Sha1:   0e2f35737efe7f497f262555dff8d039d6896bc3
Sha256: e4aff05242a709684f1b16b6072c1d2d318ae9529bc403e8d1a2d0f325892561
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 16:46:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /lstatic/f.js HTTP/1.1 
Host: sweetladi3s.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sweetladi3s.com/?utm_source=vDI08auqk0c8&utm_content=2avkhthu18
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApSallsYkpNUGJwbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOTHp2VVdSUHVneUtsVldkUVBSa3FjZ0VrSUFSbQAAAAJobGQAA25pbG0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAAAoyYXZraHRodTE4bQAAAAd0cmFja2VybQAAAAdub3RyYWNrbQAAAAN1bnFtAAAADFZBaG9xRXlsZUVGag.GaLIxMvF5kkcMAufyVIZk21KajrZldroMYdIsl_LM9g

                                         
                                         104.21.70.113
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Sun, 02 Oct 2022 16:46:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Wed, 06 Apr 2022 12:56:50 GMT
ETag: W/"624d8e12-681"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Content-Encoding: gzip
Cache-Control: max-age=1800
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BDLK35OaknrUl0fyc%2BsM1VQCHhBIrW8f9fleiRs3BZX6nflkZcDI0fSXBWWpckYuYdpmh1UmPzCcCaByS7DatM6A%2B1QLCgM%2F3UBtIhrcRO5wOmwTGG8R95Jb8zZ2OfRLMw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 753eea746fd1b523-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (1665), with no line terminators
Size:   861
Md5:    ebe94193dc4d80c293881d1c6d510c03
Sha1:   db82b819bffedc33e9fcaeea80996068d487e9c1
Sha256: fb525a1915ade44a0e8ff718fbf7d8e936e7b3979697995438447f6765c6e44b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /p.js?a=1069737&cr=57006&lid=17943&mh=UXlVenNFRVp3VU5MenZVV1JQdWd5S2xWV2RRUFJrcWNnRWtJQVItMzU4NzU%3D&mmid=2504&p=0&rf=uu&rn=zc4ZntqUys4WmdiVEhG&t=notrack HTTP/1.1 
Host: sweetladi3s.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sweetladi3s.com/?utm_source=vDI08auqk0c8&utm_content=2avkhthu18
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApSallsYkpNUGJwbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOTHp2VVdSUHVneUtsVldkUVBSa3FjZ0VrSUFSbQAAAAJobGQAA25pbG0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAAAoyYXZraHRodTE4bQAAAAd0cmFja2VybQAAAAdub3RyYWNrbQAAAAN1bnFtAAAADFZBaG9xRXlsZUVGag.GaLIxMvF5kkcMAufyVIZk21KajrZldroMYdIsl_LM9g

                                         
                                         104.21.70.113
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Sun, 02 Oct 2022 16:46:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0, private, must-revalidate
Cross-Origin-Window-Policy: deny
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 1; mode=block
CF-Cache-Status: BYPASS
Set-Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApSallsYkpNUGJwbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOTHp2VVdSUHVneUtsVldkUVBSa3FjZ0VrSUFSbQAAAAJobGEBbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJtAAAACjJhdmtodGh1MThtAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAAMVkFob3FFeWxlRUZq.kBAeEZxNqD7L5LRwoYHQAxz_Y9828bTgCsaoBA9wRFc; path=/; expires=Mon, 02 Oct 2023 16:46:44 GMT; max-age=31536000
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUUWS1HvoqRY4NR59lzK%2BgtvaFyPH8Cu0h%2BXBO7V1F%2F%2B1wGwNLOV1y1VifBJzP5G9qMEuqSfVC%2BvLKVeV6BTfdoB%2FNtnlSHYtPA7z%2BV4T%2FZtAuQTuj6tp6h0Zb642X37EZw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 753eea745f4a1c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text
Size:   260
Md5:    d6c91f9e01fa50abd9cae3081c67f1c1
Sha1:   fc4fcb492961e9dda8c4fbdded70211f1d5a4420
Sha256: 2f1505f95fa11a47a956acfe99d866e89a95d3c994fd96b35ab1b2687954fdda
                                        
                                            GET /lstatic/fc5f1194ac2fb332f9bea30f3ce74b3d/images/icon-i.svg HTTP/1.1 
Host: sweetladi3s.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sweetladi3s.com/?utm_source=vDI08auqk0c8&utm_content=2avkhthu18
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApSallsYkpNUGJwbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOTHp2VVdSUHVneUtsVldkUVBSa3FjZ0VrSUFSbQAAAAJobGQAA25pbG0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAAAoyYXZraHRodTE4bQAAAAd0cmFja2VybQAAAAdub3RyYWNrbQAAAAN1bnFtAAAADFZBaG9xRXlsZUVGag.GaLIxMvF5kkcMAufyVIZk21KajrZldroMYdIsl_LM9g

                                         
                                         104.21.70.113
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Sun, 02 Oct 2022 16:46:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 18 Nov 2021 15:35:31 GMT
ETag: W/"619672c3-33c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: max-age=1800
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9t9oJylNzD0Xv%2B4Mep0iuL4sJ4Un9h8YLDpDAEOyvJzt2FiXDiZ%2B1UBiUzfxEDiiDR4g2US2WWAw16QKS54%2Fed5Ff6SegAMuElFQrLKwi%2BE96jA%2FnKoSOq%2BsWZ87OR6Wg5w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 753eea750998fac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (828), with no line terminators
Size:   459
Md5:    5a802c859b512731ae95c2fb0918bd42
Sha1:   129c91db84efb8b416e2133b707e862fe01deee4
Sha256: e2d0a2e6ee3627eb3328ae436433e730bbada1ba08e79ccead098fae8971d807

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /lstatic/fc5f1194ac2fb332f9bea30f3ce74b3d/images/icon-t.svg HTTP/1.1 
Host: sweetladi3s.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sweetladi3s.com/?utm_source=vDI08auqk0c8&utm_content=2avkhthu18
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApSallsYkpNUGJwbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOTHp2VVdSUHVneUtsVldkUVBSa3FjZ0VrSUFSbQAAAAJobGQAA25pbG0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAAAoyYXZraHRodTE4bQAAAAd0cmFja2VybQAAAAdub3RyYWNrbQAAAAN1bnFtAAAADFZBaG9xRXlsZUVGag.GaLIxMvF5kkcMAufyVIZk21KajrZldroMYdIsl_LM9g

                                         
                                         104.21.70.113
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Sun, 02 Oct 2022 16:46:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 18 Nov 2021 15:35:31 GMT
ETag: W/"619672c3-311"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: max-age=1800
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gd9fL79MO0C1EFcqzree%2FLTaLmrwU91KeQQR3Q%2FwOA1AkEsiFQpfDLRzptgxgQUWaUearxl6ic6gFgV7VilEGUxBV8ujKSGMvfha6YO%2Bx3a62lGLmck5eJLGwPpOmicN6G0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 753eea7508e2b51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (785), with no line terminators
Size:   456
Md5:    7fe03b15c8513b927e36a7568b8f2692
Sha1:   ea1f496dcf36f31cf80c4b4ce489c696449db3b8
Sha256: 07f5baef4ff08430c13f96181b5d1bc86d771acdb21cd001c666ff6f004d55bf

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /lstatic/fc5f1194ac2fb332f9bea30f3ce74b3d/images/icon-f.svg HTTP/1.1 
Host: sweetladi3s.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sweetladi3s.com/?utm_source=vDI08auqk0c8&utm_content=2avkhthu18
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApSallsYkpNUGJwbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOTHp2VVdSUHVneUtsVldkUVBSa3FjZ0VrSUFSbQAAAAJobGQAA25pbG0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAAAoyYXZraHRodTE4bQAAAAd0cmFja2VybQAAAAdub3RyYWNrbQAAAAN1bnFtAAAADFZBaG9xRXlsZUVGag.GaLIxMvF5kkcMAufyVIZk21KajrZldroMYdIsl_LM9g

                                         
                                         104.21.70.113
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Sun, 02 Oct 2022 16:46:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 18 Nov 2021 15:35:31 GMT
ETag: W/"619672c3-164"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: max-age=1800
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FSzBpREx5FDIubUCuF7JHMVRiLl22AydJztcYG%2FP862zOlZ0Xs5Cj8SU93iqWpVUOe7rNoZSokksRcInp7zMU2AIU2sRXyhsg%2FaO0NjY1nX5URV3EW3orb4tWn88R7AQMs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 753eea750cb6b4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (356), with no line terminators
Size:   263
Md5:    60f8ce0bdc85558f1f331a328626bc1d
Sha1:   53623399d45debffbaf87a589ce7be7e5c9d921d
Sha256: 24087b492bcc4c3bfff5312668fb8739f4c55f7fd3e7248240a5d37c36ccffd2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 16:46:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sweetladi3s.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 06:06:20 GMT
expires: Fri, 29 Sep 2023 06:06:20 GMT
cache-control: public, max-age=31536000
age: 297624
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Size:   12708
Md5:    b4a68b1e743ee317eaaf0bbadd131571
Sha1:   f24f7823d4e3830c7cfa5bcb33733d2897c00f13
Sha256: ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 16:46:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /featrepl?a=1069737&cr=57006&lid=17943&mh=UXlVenNFRVp3VU5MenZVV1JQdWd5S2xWV2RRUFJrcWNnRWtJQVItMzU4NzU%3D&mmid=2504&p=0&rf=uu&rn=zc4ZntqUys4WmdiVEhG&t=notrack HTTP/1.1 
Host: sweetladi3s.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 44
Origin: http://sweetladi3s.com
Connection: keep-alive
Referer: http://sweetladi3s.com/?a=1069737&cr=57006&lid=17943&mh=UXlVenNFRVp3VU5MenZVV1JQdWd5S2xWV2RRUFJrcWNnRWtJQVItMzU4NzU%3D&mmid=2504&p=0&rf=uu&rn=zc4ZntqUys4WmdiVEhG&t=notrack
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApSallsYkpNUGJwbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOTHp2VVdSUHVneUtsVldkUVBSa3FjZ0VrSUFSbQAAAAJobGEBbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJtAAAACjJhdmtodGh1MThtAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAAMVkFob3FFeWxlRUZq.kBAeEZxNqD7L5LRwoYHQAxz_Y9828bTgCsaoBA9wRFc

                                         
                                         104.21.70.113
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Date: Sun, 02 Oct 2022 16:46:44 GMT
Content-Length: 2
Connection: keep-alive
Set-Cookie: __fjs=1010101011100101110
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVgJafEFYLNYt%2FoMtJq5PTCJ6whNRjABrnrzebpcYDrhzPJp5cvZbOAxkEHzLSSJomZ1GYn79w81K718%2FqAXzHBaUDpYLFqbfhCupbe6BzJyqpqg4ATAiP1puu7rKWy79CE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 753eea764a70fac0-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            GET /lstatic/fc5f1194ac2fb332f9bea30f3ce74b3d/images/d2.jpg HTTP/1.1 
Host: sweetladi3s.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sweetladi3s.com/?utm_source=vDI08auqk0c8&utm_content=2avkhthu18
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApSallsYkpNUGJwbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOTHp2VVdSUHVneUtsVldkUVBSa3FjZ0VrSUFSbQAAAAJobGQAA25pbG0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAAAoyYXZraHRodTE4bQAAAAd0cmFja2VybQAAAAdub3RyYWNrbQAAAAN1bnFtAAAADFZBaG9xRXlsZUVGag.GaLIxMvF5kkcMAufyVIZk21KajrZldroMYdIsl_LM9g

                                         
                                         104.21.70.113
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 02 Oct 2022 16:46:44 GMT
Content-Length: 80725
Connection: keep-alive
Last-Modified: Thu, 18 Nov 2021 15:35:31 GMT
ETag: "619672c3-13b55"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: max-age=1800
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VkJcWFuzv1TvXHq%2BHzS%2FYwL2XYvuxfxipV%2B0A4BI1yyJNsrL3Qp6dvUsDYdqAUFmoUbssfHwfpgdSxo%2F1P17rkRWSiTW34kBJ9HD6tpwCUz5E8iyJn6jHZtLAJ6dZKKBGk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 753eea757970b523-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1180x752, components 3\012- data
Size:   80725
Md5:    be84e4692b74105074b1612ce08e0148
Sha1:   0f0e44abbd9719774de944bbdba9137ce8bd9c18
Sha256: a8ecef657e257442da1415953842d3c8d39e0f4455169b38c67143da3aa39cdb
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.165.201.103
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 16:32:56 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 16:54:57 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 543bd78e28d38334d97d31a1d7aded16.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: b4KNmJj3wnDE5ORlDrG6iVjiUCBvpl3TntMQri_Ox1RHcz0cEl9FZg==
Age: 831


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /lstatic/fc5f1194ac2fb332f9bea30f3ce74b3d/images/d1.jpg HTTP/1.1 
Host: sweetladi3s.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sweetladi3s.com/?utm_source=vDI08auqk0c8&utm_content=2avkhthu18
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApSallsYkpNUGJwbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOTHp2VVdSUHVneUtsVldkUVBSa3FjZ0VrSUFSbQAAAAJobGQAA25pbG0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAAAoyYXZraHRodTE4bQAAAAd0cmFja2VybQAAAAdub3RyYWNrbQAAAAN1bnFtAAAADFZBaG9xRXlsZUVGag.GaLIxMvF5kkcMAufyVIZk21KajrZldroMYdIsl_LM9g

                                         
                                         104.21.70.113
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 02 Oct 2022 16:46:44 GMT
Content-Length: 121902
Connection: keep-alive
Last-Modified: Thu, 18 Nov 2021 15:35:31 GMT
ETag: "619672c3-1dc2e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: max-age=1800
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hz1lhEPLarLV26ewABaWWXtRnMGG9oo8srXJbRafz3k2BRfHCp8rubApBRJUQSZxEWjId%2BZv2l9QOQWFlE%2FjlbKwSgFYu4ggT5yzY%2B6nTLg9mwtFgqqteZLjmVXvAnuXEUM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 753eea754f0fb4f3-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1180x754, components 3\012- data
Size:   121902
Md5:    fb62310eebdcbb311d249c3f3bb1b003
Sha1:   1ec3d76be48b103254408bdb797a4f03872d32d3
Sha256: 4a5a917dfdea931bf75879db89c9e746f2d35489d65341a26f03ff142ec61d30
                                        
                                            GET /lstatic/fc5f1194ac2fb332f9bea30f3ce74b3d/images/d4.jpg HTTP/1.1 
Host: sweetladi3s.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sweetladi3s.com/?a=1069737&cr=57006&lid=17943&mh=UXlVenNFRVp3VU5MenZVV1JQdWd5S2xWV2RRUFJrcWNnRWtJQVItMzU4NzU%3D&mmid=2504&p=0&rf=uu&rn=zc4ZntqUys4WmdiVEhG&t=notrack
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApSallsYkpNUGJwbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOTHp2VVdSUHVneUtsVldkUVBSa3FjZ0VrSUFSbQAAAAJobGEBbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJtAAAACjJhdmtodGh1MThtAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAAMVkFob3FFeWxlRUZq.kBAeEZxNqD7L5LRwoYHQAxz_Y9828bTgCsaoBA9wRFc

                                         
                                         104.21.70.113
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 02 Oct 2022 16:46:44 GMT
Content-Length: 91690
Connection: keep-alive
Last-Modified: Thu, 18 Nov 2021 15:35:31 GMT
ETag: "619672c3-1662a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: max-age=1800
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5jqxfuSfbPliXkNOp5e%2FPfrSRh2wToYZemxfWdbV3gj7X%2B%2BPyGN9xMAqyi35WBcM%2BTU5OywZjeDa%2Bn%2F2z7kbIGX9pqwiM6eimdJp5pH0M4DQ3u%2FPirJmY4MIo7kJRK7x40%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 753eea767edfb4f1-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1180x761, components 3\012- data
Size:   91690
Md5:    970493a1c14a0ddc6c597412685b44c8
Sha1:   ea61cd9a5e529e1a5844a517f0b497be2420780b
Sha256: 204a132faacdf1caeeaa1f64e332f2356caa246faf66e10c9eedc347a5168f5e
                                        
                                            GET /lstatic/fc5f1194ac2fb332f9bea30f3ce74b3d/images/d5.jpg HTTP/1.1 
Host: sweetladi3s.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sweetladi3s.com/?a=1069737&cr=57006&lid=17943&mh=UXlVenNFRVp3VU5MenZVV1JQdWd5S2xWV2RRUFJrcWNnRWtJQVItMzU4NzU%3D&mmid=2504&p=0&rf=uu&rn=zc4ZntqUys4WmdiVEhG&t=notrack
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApSallsYkpNUGJwbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOTHp2VVdSUHVneUtsVldkUVBSa3FjZ0VrSUFSbQAAAAJobGEBbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJtAAAACjJhdmtodGh1MThtAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAAMVkFob3FFeWxlRUZq.kBAeEZxNqD7L5LRwoYHQAxz_Y9828bTgCsaoBA9wRFc

                                         
                                         104.21.70.113
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 02 Oct 2022 16:46:44 GMT
Content-Length: 75243
Connection: keep-alive
Last-Modified: Thu, 18 Nov 2021 15:35:31 GMT
ETag: "619672c3-125eb"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: max-age=1800
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lBWk5h3zHEyGt2zk2jzY%2FXVodTtxq0X6iVvykosAN7s%2FkwooRyVJ0F0zaWvZZiIaKNK4r9NzVnQHWqsv9%2FaomLE7jJ%2FyGRgVgQUZHJebJiyoJqOa709EVjluDwG0vOwG0c%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 753eea7679f91c12-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1180x754, components 3\012- data
Size:   75243
Md5:    536d1b9ee053a11e8aade935d06240a1
Sha1:   7f458866d235cef394188ab0a67c8c67351e86b5
Sha256: 8793dbae6fb8dd01403d69bd094c7b0ce3211efb92bd697fc9b17ab62ed370fc
                                        
                                            GET /lstatic/fc5f1194ac2fb332f9bea30f3ce74b3d/images/d3.jpg HTTP/1.1 
Host: sweetladi3s.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sweetladi3s.com/?a=1069737&cr=57006&lid=17943&mh=UXlVenNFRVp3VU5MenZVV1JQdWd5S2xWV2RRUFJrcWNnRWtJQVItMzU4NzU%3D&mmid=2504&p=0&rf=uu&rn=zc4ZntqUys4WmdiVEhG&t=notrack
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApSallsYkpNUGJwbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOTHp2VVdSUHVneUtsVldkUVBSa3FjZ0VrSUFSbQAAAAJobGEBbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJtAAAACjJhdmtodGh1MThtAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAAMVkFob3FFeWxlRUZq.kBAeEZxNqD7L5LRwoYHQAxz_Y9828bTgCsaoBA9wRFc

                                         
                                         104.21.70.113
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 02 Oct 2022 16:46:44 GMT
Content-Length: 98821
Connection: keep-alive
Last-Modified: Thu, 18 Nov 2021 15:35:31 GMT
ETag: "619672c3-18205"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: max-age=1800
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qHsVdH0AUtSlX5TuBIzvtzq13OW9U1Oo0BvoVQJF1ISCkdcwagd8Dlcplpl31OV%2FFhikVw%2FTUYrWSv3D3L5dGzad%2FgwwZ7HzqfZo%2BfcqDXTgnjx5kpVWubRTB0hLuWD8Os%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 753eea767ad6b51b-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1180x773, components 3\012- data
Size:   98821
Md5:    1367b767199e1d39b6cbfb78c87775f2
Sha1:   4f587113ac684f329caf79acbd68d53e07c4d9eb
Sha256: cb015a5ba1d13c34ce283a37fd37ac9822c838fa1790f6f7a172e284244845b3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5442
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 16:46:44 GMT
Last-Modified: Sun, 02 Oct 2022 15:16:02 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /media.ext HTTP/1.1 
Host: example.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://sweetladi3s.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.184.216.34
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
accept-ranges: bytes
age: 448071
cache-control: max-age=604800
date: Sun, 02 Oct 2022 16:46:44 GMT
expires: Sun, 09 Oct 2022 16:46:44 GMT
last-modified: Tue, 27 Sep 2022 12:18:53 GMT
server: ECS (nyb/1D25)
vary: Accept-Encoding
x-cache: 404-HIT
content-length: 1256
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1256
Md5:    84238dfc8092e5d9c0dac8ef93371a07
Sha1:   4a3ce8ee11e091dd7923f4d8c6e5b5e41ec7c047
Sha256: ea8fac7c65fb589b0d53560f5251f74f9e9b243478dcb6b3ea79b5e36449c8d9
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UkbjyMASo0FEtJibE2sgQA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.43.58.150
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: e0c4btLiN7FioRvMfpAlX5e9PZQ=

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: sweetladi3s.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sweetladi3s.com/?utm_source=vDI08auqk0c8&utm_content=2avkhthu18
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApSallsYkpNUGJwbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOTHp2VVdSUHVneUtsVldkUVBSa3FjZ0VrSUFSbQAAAAJobGEBbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJtAAAACjJhdmtodGh1MThtAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAAMVkFob3FFeWxlRUZq.kBAeEZxNqD7L5LRwoYHQAxz_Y9828bTgCsaoBA9wRFc; __fjs=1010101011100101110

                                         
                                         104.21.70.113
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Sun, 02 Oct 2022 16:46:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=1800
CF-Cache-Status: EXPIRED
Last-Modified: Sun, 02 Oct 2022 13:35:55 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJY%2BT0W3ApZRGXZWQmhXdjyuiJ9aBltPG%2FockSW9WF1DyskTycJyLXxRjAdDtvoxfkX%2Fez3NKVDIFHO9pWDJQYLjCmzScWQfp6NP%2Fd7uyPMtJT5D11cGNZMXJgJpy892lPY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 753eea790ce5b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel\012- data
Size:   18585
Md5:    f89a9d32e60067080ee0058d81de9159
Sha1:   f332f8f159f270dd39b6491d11d8ec2a839c5858
Sha256: e90918169490e6fee2982731bac8dd98b97c0cb4e0487939c517d0487b13c4ac
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3960
Expires: Sun, 02 Oct 2022 17:52:45 GMT
Date: Sun, 02 Oct 2022 16:46:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3960
Expires: Sun, 02 Oct 2022 17:52:45 GMT
Date: Sun, 02 Oct 2022 16:46:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3960
Expires: Sun, 02 Oct 2022 17:52:45 GMT
Date: Sun, 02 Oct 2022 16:46:45 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 43545
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8602
x-amzn-requestid: 89329169-bc7a-46b1-85fc-20383a85cae8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf9GxzoAMFg0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-27952f8357fa25c956b1cd72;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YDfn3Xd8m6jaBrj_M9hs4dePku_eEhJbYv3NJSHjCdAWifhBkiKUhw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 22:21:15 GMT
age: 66331
etag: "5d3389a965cfa45dab2202d89b40264368674e8a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8602
Md5:    94d82ad8d70761f6ee1384b4183335f3
Sha1:   5d3389a965cfa45dab2202d89b40264368674e8a
Sha256: ad495dc0ede3bfcbaebfd3bf2eb55fc5596cd7643a539e030ccce0b8a3bcf8dd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:33 GMT
age: 68293
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6871
Md5:    9dddb9d84a16a3004821d89836b83dc3
Sha1:   087521979efd5936416fd7f030779fa5725f0a8f
Sha256: a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:34 GMT
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
age: 68292
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9340
Md5:    6047192460abf4afd600948abb5e6ee1
Sha1:   6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
Sha256: d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:37 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
age: 68289
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4987
Md5:    463bdcfbec5426e18ecef83b1c373b71
Sha1:   2e533332ee5c49143e58dad32ee3717a39179532
Sha256: 2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:36 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
age: 68290
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11083
Md5:    edded48f558f739287a040151349ef67
Sha1:   d63b6ba630736d32c364b0e6a369274b2389b7ff
Sha256: 33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91d14136-4e81-4e18-80ca-f688f18110b7.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9073
x-amzn-requestid: 6337e85e-904c-4346-b11d-1cf213eba1a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8EyIIAMF_Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-05c231ba25850508201eda0d;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2WCasBR9fFvqGZ61uURK1W4vhzCBO81FTvpSCs6eKH8HBClVUFybpQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:26 GMT
etag: "377251ce16059a304e1ada7e7bdade2eee86bfdb"
age: 68306
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9073
Md5:    91c43e8f8caa27091b10fc006c309e96
Sha1:   377251ce16059a304e1ada7e7bdade2eee86bfdb
Sha256: 81d98f635686a13e149a86149db28f794097b35fc0b7af82beb0199edfc82a38
                                        
                                            GET /css?family=Montserrat&subset=latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sweetladi3s.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 16:46:43 GMT
date: Sun, 02 Oct 2022 16:46:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---