r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6656
Expires: Tue, 17 Jan 2023 10:28:22 GMT
Date: Tue, 17 Jan 2023 08:37:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 405f8f149ccdf0005ca0d890c96a9cb4
64de3200cef76133dfad901d6709697d6842405e
3a10790c397a419450ac2c90b941fd20bc49af1dbaeb34678836306de8febfce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A10790C397A419450AC2C90B941FD20BC49AF1DBAEB34678836306DE8FEBFCE"
Last-Modified: Mon, 16 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6648
Expires: Tue, 17 Jan 2023 10:28:14 GMT
Date: Tue, 17 Jan 2023 08:37:26 GMT
Connection: keep-alive
www.daddyspeaks.net/
200 OK 9.8 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1350), with CRLF, LF line terminators
Hash 900a00b14b8bbf976fe1c5a767883b85
de26d35f4eac825bb3ce1b066d87d49c623a6c5b
fbb7baa23d019c1ed3a0bad9d8b348fa8f9a4b76ca36bfe0a276662086a57936
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 08:37:26 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.daddyspeaks.net
language=en; expires=Tue, 31-Jan-2023 08:37:26 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"cf5a3edf1d79cf9cb9e9102c157dca69-gzip"
Content-Encoding: gzip
X-Host: blu153.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 9805
Keep-Alive: timeout=10, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 17 Jan 2023 07:42:16 GMT
content-type: application/json
age: 3311
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d6e2abd68203014e8e24d4a9e20e980a
5edbbb1a36083d5077b90b82e7aa10049e90c5d6
88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7199
Expires: Tue, 17 Jan 2023 10:37:26 GMT
Date: Tue, 17 Jan 2023 08:37:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Ou37ODin80F3R6buauvkDNZ724/NJ5KmQS88hoAmaI19dwkMiJWb2Q3KPGrsSJ27KW2EXEBzPcE=
x-amz-request-id: MG9FMXTX2K89BBDB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 17 Jan 2023 07:44:55 GMT
age: 3152
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 08:37:27 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/social-icons.css?buildtime=1619810757
200 OK 1.6 kB URL HTTP/1.1 cdn2.editmysite.com/css/social-icons.css?buildtime=1619810757
IP
File type ASCII text, with very long lines (13080)
Hash c86df58c4d2609590f6f64d23015c895
be0f31c1ce52dc21995a9def3809e981f706d44d
015c58917c55f8ad367ba3396e1d780cf4d49ef67e3b69e37ffa8f8a9a1f5a04
GET /css/social-icons.css?buildtime=1619810757 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1639
Server: nginx
Content-Type: text/css
Last-Modified: Fri, 06 Jan 2023 21:21:49 GMT
ETag: W/"63b890ed-3319"
Expires: Fri, 20 Jan 2023 23:23:29 GMT
Cache-Control: max-age=1209600
X-Host: blu31.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 17 Jan 2023 08:37:27 GMT
Age: 897238
X-Served-By: cache-sjc10077-SJC, cache-bma1632-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 212, 1
X-Timer: S1673944647.235011,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/css/old/fancybox.css?1619810757
200 OK 1.2 kB URL HTTP/1.1 cdn2.editmysite.com/css/old/fancybox.css?1619810757
IP
File type ASCII text, with very long lines (3910)
Hash b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
GET /css/old/fancybox.css?1619810757 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1218
Server: nginx
Content-Type: text/css
Last-Modified: Thu, 12 Jan 2023 01:36:55 GMT
ETag: "63bf6437-f47"
Expires: Thu, 26 Jan 2023 09:42:52 GMT
Cache-Control: max-age=1209600
X-Host: blu49.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 17 Jan 2023 08:37:27 GMT
Age: 428075
X-Served-By: cache-sjc10038-SJC, cache-bma1625-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 20, 1
X-Timer: S1673944647.235923,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/css/sites.css?buildTime=1619810757
200 OK 30 kB URL HTTP/1.1 cdn2.editmysite.com/css/sites.css?buildTime=1619810757
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
GET /css/sites.css?buildTime=1619810757 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 29746
Server: nginx
Content-Type: text/css
Last-Modified: Thu, 12 Jan 2023 01:36:49 GMT
ETag: W/"63bf6431-347ac"
Expires: Thu, 26 Jan 2023 10:41:53 GMT
Cache-Control: max-age=1209600
X-Host: blu72.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 17 Jan 2023 08:37:27 GMT
Age: 424534
X-Served-By: cache-sjc10030-SJC, cache-bma1631-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 3, 1
X-Timer: S1673944647.235575,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1619810757&
200 OK 33 kB URL HTTP/1.1 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1619810757&
IP
File type ASCII text, with very long lines (65024)
Hash 58a9c1c02a5743ff2107715d041d28b7
619d9394e8b3afce9f9cc066b924ddb5d3265265
98b8090e2292b69bb8ad0ef4082f55458b891130ee6b3d9c6fce5075eec64dbf
GET /js/lang/en/stl.js?buildTime=1619810757& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 32800
Server: nginx
Content-Type: application/javascript
Last-Modified: Fri, 16 Dec 2022 19:53:10 GMT
ETag: "639ccca6-2c22a"
Expires: Tue, 03 Jan 2023 11:10:18 GMT
Cache-Control: max-age=1209600
X-Host: blu61.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 17 Jan 2023 08:37:27 GMT
Age: 1200427
X-Served-By: cache-sjc10033-SJC, cache-bma1647-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 16, 1
X-Timer: S1673944647.235774,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,latin-ext
200 OK 521 B URL HTTP/1.1 fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,latin-ext
IP
Hash b52e405858cd07e929b5387c0ed0d1de
8dc157b5ece5222f0f175eee9379a699dee76cd8
e289bd897465ef8c6c74d81d09ee98cf500d744073df727158f6323caf335547
GET /css?family=Montserrat:400,700&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 17 Jan 2023 08:37:27 GMT
Date: Tue, 17 Jan 2023 08:37:27 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Playfair+Display:400,700,400italic,700italic&subset=latin,latin-ext
200 OK 558 B URL HTTP/1.1 fonts.googleapis.com/css?family=Playfair+Display:400,700,400italic,700italic&subset=latin,latin-ext
IP
Hash de2df5765e9a8a64221d1bef18ff7825
6ba2e1fc90d3b8d134761cc55c21c84a8cf0fe3b
43737a44af8b68628ee3ef39ecab4749dfd0ca4808e78fdec75bc7be7d96a387
GET /css?family=Playfair+Display:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 17 Jan 2023 08:37:27 GMT
Date: Tue, 17 Jan 2023 08:37:27 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1619810757
200 OK 159 kB URL HTTP/1.1 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1619810757
IP
File type ASCII text, with very long lines (32007)
Size 159 kB (159020 bytes)
Hash 19fd4a473c58275a9e8110c598292a56
3ff56cbf5a3677387aef743acdf1a8abf822d28d
89b155f71eeef3fb8d9c95ff95288c29a0b5b722d9c0a3dfdeadfea8b8032884
GET /js/site/main-customer-accounts-site.js?buildTime=1619810757 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 159020
Server: nginx
Content-Type: application/javascript
Last-Modified: Fri, 16 Dec 2022 19:54:38 GMT
ETag: "639cccfe-82588"
Expires: Tue, 03 Jan 2023 09:59:59 GMT
Cache-Control: max-age=1209600
X-Host: grn110.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 17 Jan 2023 08:37:27 GMT
Age: 1204641
X-Served-By: cache-sjc10048-SJC, cache-bma1622-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 343, 1
X-Timer: S1673944647.242997,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1b2e51abfd12507b00ebd8b7afda6308
4d3d5fa49e007714dd37da7da25d9d490d05bd0a
85a04d4cf987fcc2d087ab815a8d373e164a2adf2bf478e7a5c1fae3e109ba26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 08:37:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.daddyspeaks.net/files/main_style.css?1619836094
200 OK 7.4 kB URL HTTP/1.1 www.daddyspeaks.net/files/main_style.css?1619836094
IP
File type ASCII text, with very long lines (1061)
Hash e9987df7d9a90089a42e57756446c3d1
747d2770933018941ce82800d6d4695f78be3309
046ce26d1d4f86c073f55c95fab8db00a9f86454e18022c8b74f33b96aa1e179
Analyzer Verdict Alert fortinet Malware
GET /files/main_style.css?1619836094 HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn141.sf2p.intern.weebly.net
Content-Encoding: gzip
www.daddyspeaks.net/files/templateArtifacts.js?1619836094
200 OK 1.6 kB URL HTTP/1.1 www.daddyspeaks.net/files/templateArtifacts.js?1619836094
IP
File type exported SGML document, ASCII text, with very long lines (1630)
Hash e0836e8203c22b8e4086f27e91e86f5a
28235e77f5a895c8cd411aff4a6ef4e6f7d419c2
32dbc4a2eeca39a57d35670f00e2cf59e03c279521e47506c56c5c36d8b664b6
Analyzer Verdict Alert fortinet Malware
GET /files/templateArtifacts.js?1619836094 HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:27 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu49.sf2p.intern.weebly.net
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1b2e51abfd12507b00ebd8b7afda6308
4d3d5fa49e007714dd37da7da25d9d490d05bd0a
85a04d4cf987fcc2d087ab815a8d373e164a2adf2bf478e7a5c1fae3e109ba26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 08:37:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.daddyspeaks.net/files/theme/custom.js?1541681972
200 OK 1.8 kB URL HTTP/1.1 www.daddyspeaks.net/files/theme/custom.js?1541681972
IP
Hash 5c99cad4bd2c2bfd3c9da279d460e175
b36f9c016127a45c20261cba124b838e5bd525d2
b8d14f06ca129cf5f66715461f6fc1b24c15968a0509755982eb09ea3f55fa12
GET /files/theme/custom.js?1541681972 HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 14 Jul 2022 01:42:34 GMT
x-rgw-object-type: Normal
ETag: W/"9ccdca4d609889a0fa198dc60bd77d57"
x-amz-request-id: tx00000000000003df2dc95-006387a066-c699baa-sfo1
X-Storage-Bucket: zf80e
X-Storage-Object: f80e1f9e8c8822ef37b73783482b055a31798dfcd581008272e791e95d33eb32
X-Host: blu49.sf2p.intern.weebly.net
Content-Encoding: gzip
www.daddyspeaks.net/uploads/1/2/0/0/120005704/google-reviews_orig.png
200 OK 11 kB URL HTTP/1.1 www.daddyspeaks.net/uploads/1/2/0/0/120005704/google-reviews_orig.png
IP
File type PNG image data, 296 x 171, 8-bit colormap, non-interlaced\012- data
Hash 26817b125a241428f05dc4a72b966ff7
76d110b1b446efe921c932dd36439e04164927fe
0d1bfa66a825c753e48f37e829fe99049073820dab959077a8384136821748a0
GET /uploads/1/2/0/0/120005704/google-reviews_orig.png HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:27 GMT
Content-Type: image/png
Content-Length: 11435
Connection: keep-alive
Last-Modified: Tue, 15 Oct 2019 22:36:14 GMT
x-rgw-object-type: Normal
ETag: "26817b125a241428f05dc4a72b966ff7"
x-amz-request-id: tx00000000000005f9f0895-0063c48000-c669cc6-sfo1
X-Storage-Bucket: z0d1b
X-Storage-Object: 0d1bfa66a825c753e48f37e829fe99049073820dab959077a8384136821748a0
X-Host: blu61.sf2p.intern.weebly.net
Accept-Ranges: bytes
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 31 kB URL HTTP/1.1 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.daddyspeaks.net
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 30928
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 17 Jan 2023 07:07:17 GMT
Expires: Wed, 17 Jan 2024 07:07:17 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 11 Jul 2022 18:57:39 GMT
Content-Type: font/woff2
Age: 5410
fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
200 OK 36 kB URL HTTP/1.1 fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 35764, version 1.0\012- data
Hash 60f23230f1a8d5c3b7d25b73f5b5ce23
ed08ada85d017893b9bcb8224e99154c6708f5d2
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.daddyspeaks.net
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 35764
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 16 Jan 2023 10:12:36 GMT
Expires: Tue, 16 Jan 2024 10:12:36 GMT
Cache-Control: public, max-age=31536000
Age: 80691
Last-Modified: Mon, 18 Jul 2022 19:06:36 GMT
Content-Type: font/woff2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 17 Jan 2023 08:17:25 GMT
age: 1202
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.daddyspeaks.net/files/theme/plugins.js?1541681972
200 OK 16 kB URL HTTP/1.1 www.daddyspeaks.net/files/theme/plugins.js?1541681972
IP
Hash 43e6b0bb6eb6524188831a282f7656d7
44e73fe367fc1fb8efee7eefac557b7d76ef0f44
9001fcfe93ceab40de4bb3535fc61335318c56d4440b53070cac27a26fef42bb
Analyzer Verdict Alert fortinet Malware
GET /files/theme/plugins.js?1541681972 HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Apr 2022 01:56:38 GMT
x-rgw-object-type: Normal
ETag: W/"2b8d85f1ea01d2c3e8b962eac8d76a5c"
x-amz-request-id: tx000000000000001ae94c4-006284793b-b9fbc20-sfo1
X-Storage-Bucket: zb635
X-Storage-Object: b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5
X-Host: grn72.sf2p.intern.weebly.net
Content-Encoding: gzip
www.daddyspeaks.net/files/theme/fonts/2cd55546-ec00-4af9-aeca-4a3cd186da53.woff2?1619836094
200 OK 17 kB URL HTTP/1.1 www.daddyspeaks.net/files/theme/fonts/2cd55546-ec00-4af9-aeca-4a3cd186da53.woff2?1619836094
IP
File type Web Open Font Format (Version 2), TrueType, length 16560, version 2.6553\012- data
Hash 27958408325380d903e67d87768563b8
d728e699c79072f1c7b9602c771e241b8c04c8a4
83f8b8932766826c1dd3a228b48f4072586ca09f781d64e2950d9f0e235c00a0
GET /files/theme/fonts/2cd55546-ec00-4af9-aeca-4a3cd186da53.woff2?1619836094 HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.daddyspeaks.net/files/main_style.css?1619836094
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:27 GMT
Content-Type: font/woff2
Content-Length: 16561
Connection: keep-alive
Last-Modified: Fri, 30 Aug 2019 08:25:03 GMT
x-rgw-object-type: Normal
ETag: "27958408325380d903e67d87768563b8"
x-amz-request-id: tx000000000000001aff0f0-0062847a75-b9fbc20-sfo1
X-Storage-Bucket: z83f8
X-Storage-Object: 83f8b8932766826c1dd3a228b48f4072586ca09f781d64e2950d9f0e235c00a0
X-Host: blu148.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.daddyspeaks.net/uploads/1/2/0/0/120005704/published/logo-1.png?1619313612
200 OK 12 kB URL HTTP/1.1 www.daddyspeaks.net/uploads/1/2/0/0/120005704/published/logo-1.png?1619313612
IP
File type PNG image data, 268 x 94, 8-bit/color RGBA, non-interlaced\012- data
Hash fa55439d827ccc3361762b0988c33204
5ea7e295411f069328d28de11827360a0755e367
eb2e4bf64ca64911078a1833846e60e5b130e6f084addc844ebdb1f7fd1c6099
Analyzer Verdict Alert fortinet Malware
GET /uploads/1/2/0/0/120005704/published/logo-1.png?1619313612 HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:27 GMT
Content-Type: image/png
Content-Length: 11932
Connection: keep-alive
Last-Modified: Sun, 25 Apr 2021 01:20:12 GMT
x-rgw-object-type: Normal
ETag: "fa55439d827ccc3361762b0988c33204"
x-amz-request-id: tx000000000000060f19f4c-0063c65e47-c695612-sfo1
X-Storage-Bucket: zeb2e
X-Storage-Object: eb2e4bf64ca64911078a1833846e60e5b130e6f084addc844ebdb1f7fd1c6099
X-Host: grn72.sf2p.intern.weebly.net
Accept-Ranges: bytes
cdn2.editmysite.com/js/wsnbn/snowday262.js
200 OK 26 kB URL HTTP/1.1 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 25752
Server: nginx
Content-Type: application/javascript
Last-Modified: Wed, 04 Jan 2023 19:27:59 GMT
ETag: "63b5d33f-124fe"
Expires: Thu, 19 Jan 2023 08:38:42 GMT
Cache-Control: max-age=1209600
X-Host: grn114.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 17 Jan 2023 08:37:27 GMT
Age: 1036725
X-Served-By: cache-sjc10061-SJC, cache-bma1622-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 26, 212
X-Timer: S1673944648.785070,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
www.daddyspeaks.net/uploads/1/2/0/0/120005704/editor/400dpilogocropped.png?1541682541
200 OK 9.6 kB URL HTTP/1.1 www.daddyspeaks.net/uploads/1/2/0/0/120005704/editor/400dpilogocropped.png?1541682541
IP
File type PNG image data, 274 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 55e750cba341899c7eb649c44736c69f
42ffe78ae3d74085bbba467085db734c69bbc231
3a01b0ee07198dd818d6dc0e18324f01de035c4624f7e54e703cf9ee5700b90b
GET /uploads/1/2/0/0/120005704/editor/400dpilogocropped.png?1541682541 HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:27 GMT
Content-Type: image/png
Content-Length: 9646
Connection: keep-alive
Last-Modified: Thu, 08 Nov 2018 13:09:01 GMT
x-rgw-object-type: Normal
ETag: "55e750cba341899c7eb649c44736c69f"
x-amz-request-id: tx000000000000060ba4010-0063c65e47-c669cc6-sfo1
X-Storage-Bucket: z3a01
X-Storage-Object: 3a01b0ee07198dd818d6dc0e18324f01de035c4624f7e54e703cf9ee5700b90b
X-Host: grn72.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6b70b334388cc7c3c2afbf53572e9dca
c4c5b6f3cf3dc8b3cbadcb45fd578ecfcb406eb1
d231560628e5028fb74b132e6de1562cecbc1fc4ab4fc96c8fce638beb8ddbc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 08:37:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash d03545e1fc5a8876441094039811aac5
99fcc840f3516298625c528e9b408132f7fcbb9c
166fa7c7bb716b2cd02a47884ee00df31030dfb4b2a6fdae7b59b19f87739123
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4363
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 08:37:27 GMT
Last-Modified: Tue, 17 Jan 2023 07:24:44 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
www.daddyspeaks.net/files/theme/fonts/2e3f5cb9-101f-46cf-a7b3-dfaa58261e03.woff2?1619836094
200 OK 19 kB URL HTTP/1.1 www.daddyspeaks.net/files/theme/fonts/2e3f5cb9-101f-46cf-a7b3-dfaa58261e03.woff2?1619836094
IP
File type Web Open Font Format (Version 2), TrueType, length 18636, version 2.6553\012- data
Hash b3aa7e2126c418e820b06924717c2ce9
35e12e34fb21fd08390027dbf0a9975c1444e863
cace42567eefa76edc8b069bb9cdf9fda7486243911fa88188efb2efca387a4a
GET /files/theme/fonts/2e3f5cb9-101f-46cf-a7b3-dfaa58261e03.woff2?1619836094 HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.daddyspeaks.net/files/main_style.css?1619836094
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:27 GMT
Content-Type: font/woff2
Content-Length: 18637
Connection: keep-alive
Last-Modified: Fri, 30 Aug 2019 08:25:04 GMT
ETag: "b3aa7e2126c418e820b06924717c2ce9"
x-amz-request-id: tx00000000000000922b75d-005eaa56ff-10e2649-las
X-Storage-Bucket: zcace
X-Storage-Object: cace42567eefa76edc8b069bb9cdf9fda7486243911fa88188efb2efca387a4a
X-Host: grn39.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.daddyspeaks.net/files/theme/fonts/627fbb5a-3bae-4cd9-b617-2f923e29d55e.woff2?1619836094
200 OK 19 kB URL HTTP/1.1 www.daddyspeaks.net/files/theme/fonts/627fbb5a-3bae-4cd9-b617-2f923e29d55e.woff2?1619836094
IP
File type Web Open Font Format (Version 2), TrueType, length 18760, version 2.6553\012- data
Hash 88f6742055e6eecac07f296cbd45214b
621e90fee4799ffa9e7cd33f089bc8d79590ce28
663f4c799beff8f8dfa2ac950ce27ed4fcf8acc11ac5ec04f2bc6574a304730e
GET /files/theme/fonts/627fbb5a-3bae-4cd9-b617-2f923e29d55e.woff2?1619836094 HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.daddyspeaks.net/files/main_style.css?1619836094
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:27 GMT
Content-Type: font/woff2
Content-Length: 18761
Connection: keep-alive
Last-Modified: Fri, 30 Aug 2019 08:25:04 GMT
x-rgw-object-type: Normal
ETag: "88f6742055e6eecac07f296cbd45214b"
x-amz-request-id: tx000000000000001b9c3bc-0062847cb7-b9fbc29-sfo1
X-Storage-Bucket: z663f
X-Storage-Object: 663f4c799beff8f8dfa2ac950ce27ed4fcf8acc11ac5ec04f2bc6574a304730e
X-Host: grn82.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.google.com/recaptcha/api.js?_=1673944647766
200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js?_=1673944647766
IP
File type ASCII text, with very long lines (850), with no line terminators
Hash f5e11cc338b7bd7222c32639ffeaf4b8
5fe68621ab0ae529b7ef6bf9444cda4c2679dc26
74870f2a72eadfd5da82d067cfca29f6a722b3b6535bb471c9061ef5b3b5ad6b
GET /recaptcha/api.js?_=1673944647766 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 17 Jan 2023 08:37:27 GMT
date: Tue, 17 Jan 2023 08:37:27 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.daddyspeaks.net/uploads/1/2/0/0/120005704/editor/rawpixel-648563-unsplash_2.jpg?1541622951
200 OK 28 kB URL HTTP/1.1 www.daddyspeaks.net/uploads/1/2/0/0/120005704/editor/rawpixel-648563-unsplash_2.jpg?1541622951
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 490x277, components 3\012- data
Hash c1f92ad5755be027c863d4e07e51f319
fc96fb7636c761fefe1b659757a0cadedfb0f50c
4c407fc4f0e9dc236eceb36b7a447a05f6c69ba42474876bbb5b3af5f7b3950e
GET /uploads/1/2/0/0/120005704/editor/rawpixel-648563-unsplash_2.jpg?1541622951 HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:27 GMT
Content-Type: image/jpeg
Content-Length: 27850
Connection: keep-alive
Last-Modified: Wed, 07 Nov 2018 20:35:51 GMT
x-rgw-object-type: Normal
ETag: "c1f92ad5755be027c863d4e07e51f319"
x-amz-request-id: tx000000000000060ba400f-0063c65e47-c669cc6-sfo1
X-Storage-Bucket: z4c40
X-Storage-Object: 4c407fc4f0e9dc236eceb36b7a447a05f6c69ba42474876bbb5b3af5f7b3950e
X-Host: blu62.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6a0c99efce2ba7294ef4b88e9810c411
90e325963c1355d4c2ab6500689850a2df4c419f
957f138460650b9cecf197fb62ec2b92fae42eb5d9d431a348f8f518470612c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 08:37:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.daddyspeaks.net/files/theme/fonts/1e9892c0-6927-4412-9874-1b82801ba47a.woff?1619836094
200 OK 21 kB URL HTTP/1.1 www.daddyspeaks.net/files/theme/fonts/1e9892c0-6927-4412-9874-1b82801ba47a.woff?1619836094
IP
File type Web Open Font Format, TrueType, length 20709, version 1.0\012- data
Hash 9df5efadcd24b83511f3c339178210d8
74f67081083ebd94979f50e681df20bfbdc4cd8d
0d887fc553f2b9a6488c8bbdeb38d0e70e2da58d5bb34161d32f683af096fdb8
Analyzer Verdict Alert fortinet Malware
GET /files/theme/fonts/1e9892c0-6927-4412-9874-1b82801ba47a.woff?1619836094 HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.daddyspeaks.net/files/main_style.css?1619836094
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:27 GMT
Content-Type: font/woff
Content-Length: 20710
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:43 GMT
x-rgw-object-type: Normal
ETag: "9df5efadcd24b83511f3c339178210d8"
x-amz-request-id: tx000000000000001bba153-006284838f-b9fbc7f-sfo1
X-Storage-Bucket: z0d88
X-Storage-Object: 0d887fc553f2b9a6488c8bbdeb38d0e70e2da58d5bb34161d32f683af096fdb8
X-Host: grn62.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.daddyspeaks.net/files/theme/fonts/fa19948e-5e38-4909-b31e-41acd170d6f2.woff?1619836094
200 OK 25 kB URL HTTP/1.1 www.daddyspeaks.net/files/theme/fonts/fa19948e-5e38-4909-b31e-41acd170d6f2.woff?1619836094
IP
File type Web Open Font Format, TrueType, length 24663, version 1.0\012- data
Hash 921592aa07f703ed55036aed49590184
c8eb56bca4fcb3a715b408f15ecd71df0f415e39
304fdd345e780b7dbb6c6e6bc39d24e906e40ac2a618bc78ff81abc769f9b4ae
Analyzer Verdict Alert fortinet Malware
GET /files/theme/fonts/fa19948e-5e38-4909-b31e-41acd170d6f2.woff?1619836094 HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.daddyspeaks.net/files/main_style.css?1619836094
Cookie: is_mobile=0; language=en; _snow_ses.1bc0=*; _snow_id.1bc0=44247660-b7f2-45f9-9d39-1b5e7e613660.1673944648.1.1673944648.1673944648.d18a73bf-40ce-46c1-b8da-0c1a3a1ea4b6
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:27 GMT
Content-Type: font/woff
Content-Length: 24664
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:43 GMT
ETag: "921592aa07f703ed55036aed49590184"
x-amz-request-id: tx0000000000000004b4fec-005eaa6b9c-1100fc6-las
X-Storage-Bucket: z304f
X-Storage-Object: 304fdd345e780b7dbb6c6e6bc39d24e906e40ac2a618bc78ff81abc769f9b4ae
X-Host: grn48.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.daddyspeaks.net/files/theme/fonts/f26faddb-86cc-4477-a253-1e1287684336.woff?1619836094
200 OK 25 kB URL HTTP/1.1 www.daddyspeaks.net/files/theme/fonts/f26faddb-86cc-4477-a253-1e1287684336.woff?1619836094
IP
File type Web Open Font Format, TrueType, length 24865, version 1.0\012- data
Hash 0f12c575e08f164252dbddaf87f03c35
46c9ee5775217080e1e40f2b8aae84157ef44d47
e0bc8743cf211c699ebb439c59780abf7b40b543b28bd198f6f355bb109a7424
Analyzer Verdict Alert fortinet Malware
GET /files/theme/fonts/f26faddb-86cc-4477-a253-1e1287684336.woff?1619836094 HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.daddyspeaks.net/files/main_style.css?1619836094
Cookie: is_mobile=0; language=en; _snow_ses.1bc0=*; _snow_id.1bc0=44247660-b7f2-45f9-9d39-1b5e7e613660.1673944648.1.1673944648.1673944648.d18a73bf-40ce-46c1-b8da-0c1a3a1ea4b6
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:27 GMT
Content-Type: font/woff
Content-Length: 24866
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:43 GMT
x-rgw-object-type: Normal
ETag: "0f12c575e08f164252dbddaf87f03c35"
x-amz-request-id: tx000000000000000cb1182-0061a70896-a9f6a62-sfo1
X-Storage-Bucket: ze0bc
X-Storage-Object: e0bc8743cf211c699ebb439c59780abf7b40b543b28bd198f6f355bb109a7424
X-Host: grn77.sf2p.intern.weebly.net
Accept-Ranges: bytes
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Du81IgZjAifgsddb9iLruQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jn59vj3klzSfXlbOFOF7OngtnZw=
www.daddyspeaks.net/files/theme/fonts/46cf1067-688d-4aab-b0f7-bd942af6efd8.ttf?1619836094
200 OK 39 kB URL HTTP/1.1 www.daddyspeaks.net/files/theme/fonts/46cf1067-688d-4aab-b0f7-bd942af6efd8.ttf?1619836094
IP
File type TrueType Font data, 16 tables, 1st "GPOS", 26 names, Macintosh, Copyright \251 2004 - 2007 Linotype GmbH, www.linotype.com. All rights reserved. This font softw\012- data
Hash 98f6dacde86ebbaac7cc62b34a6e54cf
d232a9249b6f39e7d35ce6a555e070987357acc9
65032d5699bf3d4deb4313aa4d1bb8375053ac7e93dfb4bf631ce9261da20c2b
Analyzer Verdict Alert fortinet Malware
GET /files/theme/fonts/46cf1067-688d-4aab-b0f7-bd942af6efd8.ttf?1619836094 HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/files/main_style.css?1619836094
Cookie: is_mobile=0; language=en; _snow_ses.1bc0=*; _snow_id.1bc0=44247660-b7f2-45f9-9d39-1b5e7e613660.1673944648.1.1673944648.1673944648.d18a73bf-40ce-46c1-b8da-0c1a3a1ea4b6
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:28 GMT
Content-Type: font/ttf
Content-Length: 39185
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:44 GMT
x-rgw-object-type: Normal
ETag: "98f6dacde86ebbaac7cc62b34a6e54cf"
x-amz-request-id: tx000000000000001c88022-00628495cd-b9fbc77-sfo1
X-Storage-Bucket: z6503
X-Storage-Object: 65032d5699bf3d4deb4313aa4d1bb8375053ac7e93dfb4bf631ce9261da20c2b
X-Host: grn141.sf2p.intern.weebly.net
Accept-Ranges: bytes
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
200 OK 0 B URL HTTP/1.1 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www.daddyspeaks.net/
Origin: http://www.daddyspeaks.net
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 08:37:28 GMT
Content-Length: 0
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: http://www.daddyspeaks.net
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, SP-Anonymous
Access-Control-Max-Age: 600
www.daddyspeaks.net/files/theme/fonts/6de0ce4d-9278-467b-b96f-c1f5f0a4c375.ttf?1619836094
200 OK 52 kB URL HTTP/1.1 www.daddyspeaks.net/files/theme/fonts/6de0ce4d-9278-467b-b96f-c1f5f0a4c375.ttf?1619836094
IP
File type TrueType Font data, 16 tables, 1st "GPOS", 32 names, Macintosh, Copyright \251 2004 - 2007 Linotype GmbH, www.linotype.com. All rights reserved. This font softw\012- data
Hash 86cbf50e12da0b519ced148acd8ba2b4
f1d8b59433f059a54232b2db2cba4c17e455da1e
7118fcc9995d78a79c6a13eca290b043acd29399680aae376df5e95bc537fbd3
Analyzer Verdict Alert fortinet Malware
GET /files/theme/fonts/6de0ce4d-9278-467b-b96f-c1f5f0a4c375.ttf?1619836094 HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/files/main_style.css?1619836094
Cookie: is_mobile=0; language=en; _snow_ses.1bc0=*; _snow_id.1bc0=44247660-b7f2-45f9-9d39-1b5e7e613660.1673944648.1.1673944648.1673944648.d18a73bf-40ce-46c1-b8da-0c1a3a1ea4b6
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:28 GMT
Content-Type: font/ttf
Content-Length: 52269
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:44 GMT
x-rgw-object-type: Normal
ETag: "86cbf50e12da0b519ced148acd8ba2b4"
x-amz-request-id: tx000000000000001c2a62e-0062848670-b9fbc63-sfo1
X-Storage-Bucket: z7118
X-Storage-Object: 7118fcc9995d78a79c6a13eca290b043acd29399680aae376df5e95bc537fbd3
X-Host: blu146.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.daddyspeaks.net/uploads/1/2/0/0/120005704/editor/neonbrand-426918-unsplash_1.jpg?1541622948
200 OK 26 kB URL HTTP/1.1 www.daddyspeaks.net/uploads/1/2/0/0/120005704/editor/neonbrand-426918-unsplash_1.jpg?1541622948
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 490x277, components 3\012- data
Hash 2d32dd2978a15f2dc2b81882070d4d30
3e970db9073de86ff3c1907edff538d7488eb68a
7af6c3e903d888224d7b3ed9d1455acb07a15371e1f02f45392615d7aa868cb4
Analyzer Verdict Alert fortinet Malware
GET /uploads/1/2/0/0/120005704/editor/neonbrand-426918-unsplash_1.jpg?1541622948 HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:28 GMT
Content-Type: image/jpeg
Content-Length: 26134
Connection: keep-alive
Last-Modified: Wed, 07 Nov 2018 20:35:48 GMT
x-rgw-object-type: Normal
ETag: "2d32dd2978a15f2dc2b81882070d4d30"
x-amz-request-id: tx00000000000006080a92b-0063c65e48-c696eea-sfo1
X-Storage-Bucket: z7af6
X-Storage-Object: 7af6c3e903d888224d7b3ed9d1455acb07a15371e1f02f45392615d7aa868cb4
X-Host: blu149.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.daddyspeaks.net/files/theme/fonts/63a74598-733c-4d0c-bd91-b01bffcd6e69.ttf?1619836094
200 OK 52 kB URL HTTP/1.1 www.daddyspeaks.net/files/theme/fonts/63a74598-733c-4d0c-bd91-b01bffcd6e69.ttf?1619836094
IP
File type TrueType Font data, 16 tables, 1st "GPOS", 30 names, Macintosh, Copyright \251 2004 - 2007 Linotype GmbH, www.linotype.com. All rights reserved. This font softw\012- data
Hash 53427fd099b7a52f111705d7c7558f14
c2da00f48ed2d059802433cad18062cbe1a9f0d1
56e2dd12548082d7acc7cc3762be313b6d43809588e973cf9338f513159904b5
Analyzer Verdict Alert fortinet Malware
GET /files/theme/fonts/63a74598-733c-4d0c-bd91-b01bffcd6e69.ttf?1619836094 HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/files/main_style.css?1619836094
Cookie: is_mobile=0; language=en; _snow_ses.1bc0=*; _snow_id.1bc0=44247660-b7f2-45f9-9d39-1b5e7e613660.1673944648.1.1673944648.1673944648.d18a73bf-40ce-46c1-b8da-0c1a3a1ea4b6
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:28 GMT
Content-Type: font/ttf
Content-Length: 51501
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:43 GMT
x-rgw-object-type: Normal
ETag: "53427fd099b7a52f111705d7c7558f14"
x-amz-request-id: tx000000000000001b96edf-0062847f61-b9fbc64-sfo1
X-Storage-Bucket: z56e2
X-Storage-Object: 56e2dd12548082d7acc7cc3762be313b6d43809588e973cf9338f513159904b5
X-Host: grn62.sf2p.intern.weebly.net
Accept-Ranges: bytes
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
200 OK 2 B URL HTTP/1.1 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
Content-Length: 1773
Origin: http://www.daddyspeaks.net
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 08:37:28 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Server: nginx
Set-Cookie: sp=4d5004ae-3642-4bc7-86f8-50fe626dfb63; Expires=Wed, 17 Jan 2024 08:37:28 GMT; Domain=; Path=/; Secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: http://www.daddyspeaks.net
Access-Control-Allow-Credentials: true
www.daddyspeaks.net/uploads/1/2/0/0/120005704/background-images/292621193.jpg
200 OK 57 kB URL HTTP/1.1 www.daddyspeaks.net/uploads/1/2/0/0/120005704/background-images/292621193.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1000x1500, components 3\012- data
Hash 9234254c0edecd6f2dde125451f9c324
9023dde30f6d07d1b876de43dca4d2a0b75ea24f
9c9c3a7be95ec10f390ff56595791203d971d15f4903621715c04b0f6a425781
GET /uploads/1/2/0/0/120005704/background-images/292621193.jpg HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:27 GMT
Content-Type: image/jpeg
Content-Length: 57361
Connection: keep-alive
Last-Modified: Thu, 08 Nov 2018 12:37:20 GMT
x-rgw-object-type: Normal
ETag: "9234254c0edecd6f2dde125451f9c324"
x-amz-request-id: tx00000000000006080a913-0063c65e47-c696eea-sfo1
X-Storage-Bucket: z9c9c
X-Storage-Object: 9c9c3a7be95ec10f390ff56595791203d971d15f4903621715c04b0f6a425781
X-Host: grn62.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.google-analytics.com/ga.js
200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Tue, 17 Jan 2023 07:32:50 GMT
Expires: Tue, 17 Jan 2023 09:32:50 GMT
Cache-Control: public, max-age=7200
Age: 3878
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8b4c80fca9a7bc1b84369cdb60024668
91427b4fd16fa613fb83f053b271f00396b36e90
07bb6c4b267a5f46a15cca9ad9644ca38af67daa1448ad67f583f58e3c8dfcc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 08:37:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__en.js
200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__en.js
IP
File type ASCII text, with very long lines (534)
Size 163 kB (162972 bytes)
Hash 76ec8636078661afbc2c6fdd811b0b76
035c5fe2d57e0363a7abaedc294ef890a6e2a081
194068b0223ebb32c7e7026851a4c1eb6b70c988b269c7fa10f4dd3362bd650a
GET /recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.daddyspeaks.net
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162972
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 15:07:39 GMT
expires: Tue, 16 Jan 2024 15:07:39 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jan 2023 00:08:35 GMT
content-type: text/javascript
age: 62989
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.daddyspeaks.net/uploads/1/2/0/0/120005704/background-images/551014053.jpg
200 OK 190 kB URL HTTP/1.1 www.daddyspeaks.net/uploads/1/2/0/0/120005704/background-images/551014053.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x800, components 3\012- data
Size 190 kB (189571 bytes)
Hash d5430b97d337c6ced891fd629dc9312a
20baf52aba4fa925a407c6800ec92ea02f153ba4
43c0d21041a602cc3ade7a3f63954bb6c7306ea242e0c25df01466def742a10f
GET /uploads/1/2/0/0/120005704/background-images/551014053.jpg HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:27 GMT
Content-Type: image/jpeg
Content-Length: 189571
Connection: keep-alive
Last-Modified: Wed, 07 Nov 2018 16:27:08 GMT
x-rgw-object-type: Normal
ETag: "d5430b97d337c6ced891fd629dc9312a"
x-amz-request-id: tx000000000000060f19f67-0063c65e47-c695612-sfo1
X-Storage-Bucket: z43c0
X-Storage-Object: 43c0d21041a602cc3ade7a3f63954bb6c7306ea242e0c25df01466def742a10f
X-Host: blu40.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.daddyspeaks.net/favicon.ico
200 OK 17 kB URL HTTP/1.1 www.daddyspeaks.net/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash be1745fbba62eaff989887db5721b769
3f1bbba1acbddd21614c09df017b105514cb0d67
fde3d14236ee6338c05f88db7bf52187364547c89076a561552756f155aa3baa
GET /favicon.ico HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
Cookie: is_mobile=0; language=en; _snow_ses.1bc0=*; _snow_id.1bc0=44247660-b7f2-45f9-9d39-1b5e7e613660.1673944648.1.1673944648.1673944648.d18a73bf-40ce-46c1-b8da-0c1a3a1ea4b6
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:28 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 16958
Connection: keep-alive
Last-Modified: Wed, 13 Mar 2019 09:49:04 GMT
x-rgw-object-type: Normal
ETag: "be1745fbba62eaff989887db5721b769"
x-amz-request-id: tx00000000000005fb71bf3-0063c65e48-c67eadd-sfo1
X-Storage-Bucket: zfde3
X-Storage-Object: fde3d14236ee6338c05f88db7bf52187364547c89076a561552756f155aa3baa
X-Host: blu68.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.daddyspeaks.net/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
200 OK 348 B URL HTTP/1.1 www.daddyspeaks.net/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
Analyzer Verdict Alert fortinet Malware
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: http://www.daddyspeaks.net
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
Cookie: is_mobile=0; language=en; _snow_ses.1bc0=*; _snow_id.1bc0=44247660-b7f2-45f9-9d39-1b5e7e613660.1673944648.1.1673944648.1673944648.d18a73bf-40ce-46c1-b8da-0c1a3a1ea4b6
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 08:37:28 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu141.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=45
Connection: Keep-Alive
Content-Type: application/json
www.daddyspeaks.net/uploads/1/2/0/0/120005704/2_orig.png
200 OK 742 kB URL HTTP/1.1 www.daddyspeaks.net/uploads/1/2/0/0/120005704/2_orig.png
IP
File type PNG image data, 1280 x 720, 8-bit/color RGBA, non-interlaced\012- data
Size 742 kB (741830 bytes)
Hash b53741326db7ca79fbb7de9ce87c7e9f
09aa17b2b01c104e13a317cf26d42d2f5a3b7908
2aa2039cd2fc7fea35112134170ca32534bc74e783288a0c16cafc2f62c5dad2
GET /uploads/1/2/0/0/120005704/2_orig.png HTTP/1.1
Host: www.daddyspeaks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
Cookie: is_mobile=0; language=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 17 Jan 2023 08:37:27 GMT
Content-Type: image/png
Content-Length: 741830
Connection: keep-alive
Last-Modified: Sat, 23 Nov 2019 23:45:49 GMT
x-rgw-object-type: Normal
ETag: "b53741326db7ca79fbb7de9ce87c7e9f"
x-amz-request-id: tx000000000000060ba3ff2-0063c65e47-c669cc6-sfo1
X-Storage-Bucket: z2aa2
X-Storage-Object: 2aa2039cd2fc7fea35112134170ca32534bc74e783288a0c16cafc2f62c5dad2
X-Host: blu61.sf2p.intern.weebly.net
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13044
Expires: Tue, 17 Jan 2023 12:14:53 GMT
Date: Tue, 17 Jan 2023 08:37:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13044
Expires: Tue, 17 Jan 2023 12:14:53 GMT
Date: Tue, 17 Jan 2023 08:37:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13044
Expires: Tue, 17 Jan 2023 12:14:53 GMT
Date: Tue, 17 Jan 2023 08:37:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13038
Expires: Tue, 17 Jan 2023 12:14:47 GMT
Date: Tue, 17 Jan 2023 08:37:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe32b9b2c-d57e-40ba-bdaa-0cad85d59f33.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe32b9b2c-d57e-40ba-bdaa-0cad85d59f33.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e29bab4151d6c143d3cf16e7a34b0390
38f5261653926d95074fa5550af5d77a25ebd74e
84bbdf1850d2d76ebb06c7a84446e4723e62a9d9b8e459ec6b833e5892ef66fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe32b9b2c-d57e-40ba-bdaa-0cad85d59f33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8488
x-amzn-requestid: 5e260260-bd4b-44a5-919a-a6085a057c0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eq1xkHSiIAMF9zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1033d-2e4e00dd43f10f0e0a3e0ac4;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 07:07:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jMMpXVZv5S99cInAAttvwEAoUcEDjzHChJMj1dJdVeQFOQEtX5C-cA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 00:27:28 GMT
age: 29401
etag: "38f5261653926d95074fa5550af5d77a25ebd74e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9297b226-d4aa-49e6-b351-77061f381097.jpeg
200 OK 3.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9297b226-d4aa-49e6-b351-77061f381097.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d877fea13674783b11ec5f6c3e93810
6691f478a758386f8c7a0f714fbfe8d36b1bf257
b64d0343ca935e1618a3cedfa7fa837467917daf09bf667cf7709f52341e8015
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9297b226-d4aa-49e6-b351-77061f381097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3172
x-amzn-requestid: eb8ff1a2-7d00-4a79-a826-ccad6837e0ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tm-HSNIAMFo0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c2f9-55f2241b08e4756f1399447a;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:34:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lewJYOho6ZhbztLXUHN23ulfSnnOfhWX38vJjsR-c9TPc_owyt19yA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 22:03:00 GMT
age: 38069
etag: "6691f478a758386f8c7a0f714fbfe8d36b1bf257"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93fda3d0-f25d-4038-bce9-349d25d63a74.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93fda3d0-f25d-4038-bce9-349d25d63a74.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd54f560a77956e0ffb9645ba786c193
0a67ed30b7b9c66a6ccd2a72cd0de27b0fd38509
359fd1bdac8f7106b2d1dc71136ddca2bb70e95fab441af114e24d04fa69afe7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93fda3d0-f25d-4038-bce9-349d25d63a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7847
x-amzn-requestid: 15cc6d5b-0805-4828-9bdc-5067a2d542d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: evbCYETXoAMFVqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c2d875-5ff79c917007ccbd40957aa3;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 16:29:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4MTdWQGgqXhGjGRJbtMqJPn__CZJyfhtbDU81Ay-SaZE2CGJ55s8Lw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 12:04:57 GMT
age: 73952
etag: "0a67ed30b7b9c66a6ccd2a72cd0de27b0fd38509"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47377411-4225-4a7f-9b29-bac47746e2af.jpeg
200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47377411-4225-4a7f-9b29-bac47746e2af.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 01321bb31aac6393ee3150260d0f91e9
fc182e84ad2b7909716478769b7d13f71bc38321
3c9e95d5cabd35ce0b5b5c3722b1df2b1a3c6e5cb7a98f48bc4957fd4a0abd3a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47377411-4225-4a7f-9b29-bac47746e2af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6527
x-amzn-requestid: 43b20702-cb08-4060-9281-7d6dfaf0e712
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enh-fF40IAMFzgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bfb05c-7bb3633b4c52e447419a72fb;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 07:01:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iSG746JBnvmdq2ooyVhli9dVoyxdPICN9JVzZE3G_SYX5-oXl0dtKg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 20:52:28 GMT
age: 42301
etag: "fc182e84ad2b7909716478769b7d13f71bc38321"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f84f3a0-4f01-4cfe-bde0-a7d64664f3d7.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f84f3a0-4f01-4cfe-bde0-a7d64664f3d7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec0e283376914297c3fb2464ed15a31b
acd84e057b6c618fd3b31915983998c00fe21dc4
3d02b82d8f6a00703de7594f5b34baf0010294c1a7023818344ca341e4ac203c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f84f3a0-4f01-4cfe-bde0-a7d64664f3d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10660
x-amzn-requestid: ac5d6edc-5228-4318-a99f-c08d3265aa87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3HXpH4PoAMF78Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5ec30-044bf7c40e44de637c0c2dba;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 00:30:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FkEloLsB0trkJ9t_rqIbVsZmUi9ytfJ9JdQ-zjs7ZM5smU4xVwvkxA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 00:31:58 GMT
age: 29131
etag: "acd84e057b6c618fd3b31915983998c00fe21dc4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad210f0ba6ce6930724549cbba76e83d
e4badc3fbca9913bc11d968dac5cad1f900ff492
ad5f754d5dbe870feabfe090a46838614e96d72e78b9a2a8010ab339c67130be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9529
x-amzn-requestid: 56f2b9a5-91c6-421a-ad84-165376e23dcf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tm6Fm-oAMFrDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c2f8-67a0c1fe6aad6e6b71e50463;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mzmFGVDfMuZte5CJUmchEQIVAuDUKdGfUpm7PRTUqnsP44IcDmbl8A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:46:15 GMT
age: 39074
etag: "e4badc3fbca9913bc11d968dac5cad1f900ff492"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main.js?buildTime=1619810757
200 OK 0 B URL HTTP/1.1 cdn2.editmysite.com/js/site/main.js?buildTime=1619810757
IP
GET /js/site/main.js?buildTime=1619810757 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.daddyspeaks.net/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 146400
Server: nginx
Content-Type: application/javascript
Last-Modified: Tue, 03 Jan 2023 21:16:25 GMT
ETag: "63b49b29-74804"
Expires: Wed, 18 Jan 2023 11:51:15 GMT
Cache-Control: max-age=1209600
X-Host: blu42.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 17 Jan 2023 08:37:27 GMT
Age: 1111572
X-Served-By: cache-sjc10057-SJC, cache-bma1674-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 6, 1
X-Timer: S1673944647.233885,VS0,VE2
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
199.34.228.59
93.184.220.29
23.33.119.27