| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7c60904d097cde276e4e5632cef1b9f1 4f805026462589345d85e8df2d18eafba6237504 12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7445
Expires: Fri, 25 Nov 2022 05:04:35 GMT
Date: Fri, 25 Nov 2022 03:00:30 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashaf40a2fcf8debb90c3608002da6c907a 3c75d6c0b557a3bd8d5db50155b8d896e852c145 555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4747
Cache-Control: max-age=118188
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:00:30 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:50:18 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash260e9998c20d831b66f1029c8f47aac9 716d630f647c54dc69a7f9c63a6cac294b3df7f7 c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19383
Expires: Fri, 25 Nov 2022 08:23:33 GMT
Date: Fri, 25 Nov 2022 03:00:30 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashd130218d0e2841f39c99610fe1a2ab90 29fbe1e177ee55c7a61ae0a206afff271cf5f945 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 02:19:02 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2488
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZZ+xzGcGRp7G5/Hxg/vOAbYnp7HxNrcJNlOc6LYfCcdepwM4gOxPBqeFQsNw9ahk5NukOvBY5z0=
x-amz-request-id: KNNWHHZBYPEV48D5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 02:40:38 GMT
age: 1192
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 03:00:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 02:11:11 GMT
cache-control: public,max-age=3600
age: 2959
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| deoseasr.org/acc/news/news/news/news/news/1449574335-DEO(SE)-Amritsar-ill%20effects%20of%20fire%20crackers.docx | 67.227.226.240 | 200 OK | 2.3 kB |
URL HTTP/1.1deoseasr.org/acc/news/news/news/news/news/1449574335-DEO(SE)-Amritsar-ill%20effects%20of%20fire%20crackers.docx IP67.227.226.240:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (632) Hash03827211c3b900a5c4f600842008df66 a483cf3d1a4fe0a06c5ff5e2e2b9011830415fab 11c95a85517dede3e723409f8b8bd249fec1ee880a356268c645e246e2509746
GET /acc/news/news/news/news/news/1449574335-DEO(SE)-Amritsar-ill%20effects%20of%20fire%20crackers.docx HTTP/1.1
Host: deoseasr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:00:29 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| deoseasr.org/page/bouncy.php?&bpae=GbhGdCfmvUx7j28dnXNSRMDYENaPtQiHYiq1LRUi73BwWeycE7tPhQ5jlte7L7SBySQNKPszrlsn4Ikw1fd0CHJ2FDzdP2qGqJCpWL4Lelh%2FSFloP1W7xlc6slRAYZFkJHCTETKVBtAoi0uL4U5Z%2FXNlqdww25SyDIY48TAkdiRxCOM1S%2BLqci43lNG9qRyILxiz2G1OlIFAmOdyY66wRdYvl3ehBiic%2BodNvj%2FHlD%2BGecZpGenr%2B5j5dx%2FtPc4tivsHn5t1GAuOhuqgkS%2FBXjsHcXWCCq3CYSEw4Qn47iXEc7iaQaJJXRPhyJvIFDAB%2F5g%2Fgp5plG2Ta2RbNKtJuJCQl5vLIi3Ekdms6sxdRXtLqrFfxfmncXUmfpfKD%2B%2BLoYrZm%2FSXOw71lrEsJNvryvSk4wPx093mlKMLwxjvuUTY3HZOIyvaN9TMlO2ZkLrD0iY9o2u3uKMsgy5pHq5EnScugTpG4RRdpsHbzZ%2Bl8JiCeyIZm5ZijpLJjg%3D%3D&redirectType=js&inIframe=false&inPopUp=false | 67.227.226.240 | 200 OK | 991 B |
URL HTTP/1.1deoseasr.org/page/bouncy.php?&bpae=GbhGdCfmvUx7j28dnXNSRMDYENaPtQiHYiq1LRUi73BwWeycE7tPhQ5jlte7L7SBySQNKPszrlsn4Ikw1fd0CHJ2FDzdP2qGqJCpWL4Lelh%2FSFloP1W7xlc6slRAYZFkJHCTETKVBtAoi0uL4U5Z%2FXNlqdww25SyDIY48TAkdiRxCOM1S%2BLqci43lNG9qRyILxiz2G1OlIFAmOdyY66wRdYvl3ehBiic%2BodNvj%2FHlD%2BGecZpGenr%2B5j5dx%2FtPc4tivsHn5t1GAuOhuqgkS%2FBXjsHcXWCCq3CYSEw4Qn47iXEc7iaQaJJXRPhyJvIFDAB%2F5g%2Fgp5plG2Ta2RbNKtJuJCQl5vLIi3Ekdms6sxdRXtLqrFfxfmncXUmfpfKD%2B%2BLoYrZm%2FSXOw71lrEsJNvryvSk4wPx093mlKMLwxjvuUTY3HZOIyvaN9TMlO2ZkLrD0iY9o2u3uKMsgy5pHq5EnScugTpG4RRdpsHbzZ%2Bl8JiCeyIZm5ZijpLJjg%3D%3D&redirectType=js&inIframe=false&inPopUp=false IP67.227.226.240:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text Hashf678bbd881bfd9cdcfca99f7601ba21a 26d38f1523a2be4ba65f78db2e9f680d9f8b7aff 52d3f3bdace48eaeeb4be84ffdb2e12078d7fe9789bce2c0735c40acba19204e
GET /page/bouncy.php?&bpae=GbhGdCfmvUx7j28dnXNSRMDYENaPtQiHYiq1LRUi73BwWeycE7tPhQ5jlte7L7SBySQNKPszrlsn4Ikw1fd0CHJ2FDzdP2qGqJCpWL4Lelh%2FSFloP1W7xlc6slRAYZFkJHCTETKVBtAoi0uL4U5Z%2FXNlqdww25SyDIY48TAkdiRxCOM1S%2BLqci43lNG9qRyILxiz2G1OlIFAmOdyY66wRdYvl3ehBiic%2BodNvj%2FHlD%2BGecZpGenr%2B5j5dx%2FtPc4tivsHn5t1GAuOhuqgkS%2FBXjsHcXWCCq3CYSEw4Qn47iXEc7iaQaJJXRPhyJvIFDAB%2F5g%2Fgp5plG2Ta2RbNKtJuJCQl5vLIi3Ekdms6sxdRXtLqrFfxfmncXUmfpfKD%2B%2BLoYrZm%2FSXOw71lrEsJNvryvSk4wPx093mlKMLwxjvuUTY3HZOIyvaN9TMlO2ZkLrD0iY9o2u3uKMsgy5pHq5EnScugTpG4RRdpsHbzZ%2Bl8JiCeyIZm5ZijpLJjg%3D%3D&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1
Host: deoseasr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://deoseasr.org/acc/news/news/news/news/news/1449574335-DEO(SE)-Amritsar-ill%20effects%20of%20fire%20crackers.docx
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:00:30 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashfb6949e7abaa473393f7c604691de14f 599681bba3947709baa603bbae2dd7afd04059a4 36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3281
Cache-Control: max-age=111660
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:00:30 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:01:30 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 54.187.102.159 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.187.102.159:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mp/WsMBU6e4r66WJ+4MBQw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HF/b4ZTvY1z6vq5ReQCBVK7NsJ8=
|
|
| ocsp.r2m01.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m01.amazontrust.com/ IP54.230.80.227:0
Hash115b2389db4e7653a0273c37e9396ec7 f33459c5d16a5fd6fad0c232e0ca298b9899815a f22d33f9502df2394ab3e5fe73156c803a11f2a10cb7c469aef79a5a18ffd983
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108330
Date: Fri, 25 Nov 2022 03:00:31 GMT
Etag: "637f2bb2-1d7"
Expires: Sat, 26 Nov 2022 09:06:01 GMT
Last-Modified: Thu, 24 Nov 2022 08:30:42 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: omGDA6eRVlDMIoh0uPzBBczhuEkzpmTsk5ZR350hlNlDuYFUVcrbFQ==
Age: 2119
|
|
| cartining-specute.com/zp-redirect?target=https%3A%2F%2Fymdxv.palatlaldate.com%2Fc%2Fda57dc555e50572d%3Fs1%3D1018%26s2%3D1053729%26s3%3D719fbd40-273d-47b8-882f-683d1074b172%26click_id%3Dw5klcolgb7cf6bnki87tip5c%26j1%3D1%26j2%3D1w5klcolgb7cf6bnki87tip5c&caid=2031d5f5-d449-41b7-ba84-bd523a0078f3&zpid=51ec5030-6c6d-11ed-a78f-121ee3b973d5&cid=w5klcolgb7cf6bnki87tip5c&rt=R |  18.197.36.77 | 302 Found | 0 B |
URL HTTP/2cartining-specute.com/zp-redirect?target=https%3A%2F%2Fymdxv.palatlaldate.com%2Fc%2Fda57dc555e50572d%3Fs1%3D1018%26s2%3D1053729%26s3%3D719fbd40-273d-47b8-882f-683d1074b172%26click_id%3Dw5klcolgb7cf6bnki87tip5c%26j1%3D1%26j2%3D1w5klcolgb7cf6bnki87tip5c&caid=2031d5f5-d449-41b7-ba84-bd523a0078f3&zpid=51ec5030-6c6d-11ed-a78f-121ee3b973d5&cid=w5klcolgb7cf6bnki87tip5c&rt=R IP18.197.36.77:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2Fymdxv.palatlaldate.com%2Fc%2Fda57dc555e50572d%3Fs1%3D1018%26s2%3D1053729%26s3%3D719fbd40-273d-47b8-882f-683d1074b172%26click_id%3Dw5klcolgb7cf6bnki87tip5c%26j1%3D1%26j2%3D1w5klcolgb7cf6bnki87tip5c&caid=2031d5f5-d449-41b7-ba84-bd523a0078f3&zpid=51ec5030-6c6d-11ed-a78f-121ee3b973d5&cid=w5klcolgb7cf6bnki87tip5c&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bricius-ing.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 25 Nov 2022 03:00:31 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://ymdxv.palatlaldate.com/c/da57dc555e50572d?s1=1018&s2=1053729&s3=719fbd40-273d-47b8-882f-683d1074b172&click_id=w5klcolgb7cf6bnki87tip5c&j1=1&j2=1w5klcolgb7cf6bnki87tip5c
pragma: no-cache
set-cookie: cc-v4=SLKHFUPc8otJNmsGbmht3TWuJCVNUi8VwGvIjOyBF6Uqzoii9dmAziLeTDjJmJoRwGV1Wtb%2FVLUOq%2FpX90E1ftXY0698LZISL40GRcx7jQ%2FVBdqIr2UqSfo9ZFbhmOFGW%2BM1lLZQfVfk1k61wKVKXg%3D%3D; Max-Age=31536000; Expires=Sat, 25-Nov-2023 03:00:31 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash03f788a71b4780123340d084e7250bbe 977ba82f17ee1f56e32e2b21163e2287ad916f0e c1c3e44d74ea64f4a17ae529a93b3e8392f88f729286c1253ae6a005b5ffafde
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C1C3E44D74EA64F4A17AE529A93B3E8392F88F729286C1253AE6A005B5FFAFDE"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5222
Expires: Fri, 25 Nov 2022 04:27:33 GMT
Date: Fri, 25 Nov 2022 03:00:31 GMT
Connection: keep-alive
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/css/popup.css?1667216295 |  184.31.15.67 | 200 OK | 638 B |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/css/popup.css?1667216295 IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeassembler source, ASCII text Hash022e4069739fdcff450b70f51d797042 77454d10095021822fe0c7dbcd0087d221cdd517 2c8feafab8ab925a45b46d96f13dd9c36b1d8eec4a04751db4a869701d212a47
GET /landings/276829/1667216295/css/popup.css?1667216295 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Hq9mEYEs0UCL0mJuyShSo5tVHYmNCDI7j+XN4l/AJMncUsJuCCGxyV0YqTCRgVenyNwdFMnpyE0=
x-amz-request-id: ZQ7EF80NETB15FGE
Last-Modified: Tue, 08 Nov 2022 12:16:10 GMT
ETag: "8a876cdb790f9d5309812f3655502d26"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 25 Nov 2022 03:00:31 GMT
Content-Length: 638
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/css/style.css?1667216295 | 184.31.15.67 | 200 OK | 2.5 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/css/style.css?1667216295 IP184.31.15.67:0 ASN#20940 Akamai International B.V.
Hashef969d083cbe554e53d336c34a911876 be5e6268ca789be6844e4b99b3d5fb40a70d19df 1ede3a463c24cc9d05aaa4bd9c09feb5e03ccedeba2e7c5e3a6849afcd6eac31
GET /landings/276829/1667216295/css/style.css?1667216295 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: SYrzzfJbroz47sGLIcvg98cT6lM8efoib4EeKp1knLkJNdeIwg7VAF5Oy5bTrBSCoh3tB/g97Uo=
x-amz-request-id: ZQ7EC8JEHKRFXBE5
Last-Modified: Tue, 08 Nov 2022 12:16:10 GMT
ETag: "2e36346c072d49b1f687daa80aa14d1d"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 25 Nov 2022 03:00:31 GMT
Content-Length: 2524
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/css/timer.css?1667216295 | 184.31.15.67 | 200 OK | 706 B |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/css/timer.css?1667216295 IP184.31.15.67:0 ASN#20940 Akamai International B.V.
Hashd17de96a078697a128af6d9710a97f97 caf9b62ce9227e30063485e62260c4cf11a08b1d 2b8e8317d4a773fcd62f862e5045bd4a0eef242b25fe7ac3ddbd355238842def
GET /landings/276829/1667216295/css/timer.css?1667216295 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: AenbyhKvskQ3hlKAQz4a4nUlo8+rn0Gk9EdxuLOj8RKzKPKmC7C/++6CXlttrEKinY4CCE71j4A=
x-amz-request-id: ZQ70M8MJW8M4SRHS
Last-Modified: Tue, 08 Nov 2022 12:16:10 GMT
ETag: "4e1a14660a47095c0800554d16bc976d"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 25 Nov 2022 03:00:31 GMT
Content-Length: 706
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/css/reviews.css?1667216295 | 184.31.15.67 | 200 OK | 890 B |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/css/reviews.css?1667216295 IP184.31.15.67:0 ASN#20940 Akamai International B.V.
Hash932bfa955b4553f9a1bb37e08689d468 bfb7d99822a7369395f96aef137eb3578a32d7de 0536cf58dee2f190f1860daf412db600cabafe46cab9e6df0e5bc30b0011c8d0
GET /landings/276829/1667216295/css/reviews.css?1667216295 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 6DVirlZs997YhF44H4jN2afRuXESeJlL/yuGyTbk9rCnCSVDGzdiv/YKo25wUWqj26rmL2CkDCE=
x-amz-request-id: ZQ70ECWR6898B2B5
Last-Modified: Tue, 08 Nov 2022 12:16:10 GMT
ETag: "72e601b87db0c713022034df5c7df430"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 25 Nov 2022 03:00:31 GMT
Content-Length: 890
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/js/jquery.validate.min.js?1667216295 | 184.31.15.67 | 200 OK | 7.8 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/js/jquery.validate.min.js?1667216295 IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeUnicode text, UTF-8 text, with very long lines (24228) Hashf808399407c6ac496fe830d5deacb05f 151039ee8631ce8ff989c5cf795c2feba950a499 21e11160c5ba11e65a1c97b0306a9f5dec06c8fd3d4a7d69dd0a80e263577958
GET /landings/276829/1667216295/js/jquery.validate.min.js?1667216295 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: ew3BnYuBj/tQkxqCdbcgRMtazII/m6Zx2oOGemWXZGllLtOaYuLstXxrfPGQoIVidR5uVWDACik=
x-amz-request-id: ZQ7AHE0Y1T9D7DPW
Last-Modified: Tue, 08 Nov 2022 12:16:10 GMT
ETag: "23d73c6bd6cbea8f06d0cc227896a827"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 25 Nov 2022 03:00:31 GMT
Content-Length: 7815
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/js/jquery-2.2.4.min.js?1667216295 | 184.31.15.67 | 200 OK | 30 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/js/jquery-2.2.4.min.js?1667216295 IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeASCII text, with very long lines (32065) Hash2fa28552f1ee4e1382ee43930b53afb8 803670da6a35378bf4eb73acc8e72fe4feb5ca30 ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494
GET /landings/276829/1667216295/js/jquery-2.2.4.min.js?1667216295 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Cq4Zeb+wnhA/XBvrFNfZWdMDpeAZA56GJePFZY+RupSVBZCVlopGGfDTyYsO5W5A/eACyJlc+QQ=
x-amz-request-id: ZQ720WRHSHBQMH47
Last-Modified: Tue, 08 Nov 2022 12:16:10 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 25 Nov 2022 03:00:31 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/js/title_tanslate.js?1667216295 | 184.31.15.67 | 200 OK | 1.3 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/js/title_tanslate.js?1667216295 IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeUnicode text, UTF-8 text, with CRLF line terminators Hash0e212ad4454c941c45c2e57df42c2b4f fe9d7c484c2c0d7a6475692ef984c53a06c95406 e950a9e5e696f39d02028b27a4cd82fab1b6fd07fa34a238d3a3f7f5e90d95c3
GET /landings/276829/1667216295/js/title_tanslate.js?1667216295 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: MObZd1nBcSJcU5Z2v/i4TaxBS0cYWUjyos6MeIQ6+yj7m7dUKZRTd5LMlfAeznoD+KPUNcDvVpc=
x-amz-request-id: 5SCSEM860QW3PS22
Last-Modified: Tue, 08 Nov 2022 12:16:10 GMT
ETag: "5f373fa5bf21c44b9ad23b70ef96e73d"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 25 Nov 2022 03:00:32 GMT
Content-Length: 1298
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/js/translates-review.js?1667216295 | 184.31.15.67 | 200 OK | 14 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/js/translates-review.js?1667216295 IP184.31.15.67:0 ASN#20940 Akamai International B.V.
Hash9c292591c0532df07caa6a0a0c00065b f998699809120f0c21d7333f4850822b4d84d2a5 c46389b9213c4e1ce9789b380a319496fff7b7c04b15ab4235bd438cf99bdcbe
GET /landings/276829/1667216295/js/translates-review.js?1667216295 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: HKrYbMP6rx/hydoluhUcy3lHn7BN46T5LCYNySH+MwUhayZvyeChnG0Qfy38M1wezZZ2vQZLp84=
x-amz-request-id: 5SCRKM9YG6451AQ0
Last-Modified: Tue, 08 Nov 2022 12:16:10 GMT
ETag: "1933dcd305e29148845fdd372197ee4a"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 25 Nov 2022 03:00:32 GMT
Content-Length: 14048
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/js/translates.js?1667216295 | 184.31.15.67 | 200 OK | 29 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/js/translates.js?1667216295 IP184.31.15.67:0 ASN#20940 Akamai International B.V.
Hash5bd51fb068efaa9ec931be840659a801 751b54ed9c0b57d8a390962357ca91223b49a931 e509ead61b32171bc167f5a6a19b7d6b227524c4d63b45d115cabd99f4de6b67
GET /landings/276829/1667216295/js/translates.js?1667216295 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: F5+qpGYgF1a/tW+h2vzDxGY7sjZ/RO8NrEZ3duPckohAg4+Ez9DYZYnuoTLMzj/PBpN50Fln/Co=
x-amz-request-id: 5SCXNKFMGRNGYMKR
Last-Modified: Tue, 08 Nov 2022 12:16:10 GMT
ETag: "6324d6d9c30698e2157f74377a990e7c"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 25 Nov 2022 03:00:32 GMT
Content-Length: 29254
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/js/timer.js?1667216295 | 184.31.15.67 | 200 OK | 903 B |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/js/timer.js?1667216295 IP184.31.15.67:0 ASN#20940 Akamai International B.V.
Hash24af8e8209962d30b5e6bb428d28489c a00033869880cf83bc81fde7874242d838b59e34 52fe1029652b5a0576cdae96e8278900eb7eee3f81a1ae66ea88129aa6f3f924
GET /landings/276829/1667216295/js/timer.js?1667216295 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: yIiFUUfew8LRE+4ThhBdnUywTZT7T5F7DYTO3r7rOZ+omUB7sqbETq3m1byqjoa8Ot94kxEllEA=
x-amz-request-id: 5SCV4P11H2FC8XRH
Last-Modified: Tue, 08 Nov 2022 12:16:10 GMT
ETag: "3350ef7fbc19030e06999dbb12a2c9b0"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 25 Nov 2022 03:00:32 GMT
Content-Length: 903
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/js/translate-popup-timer.js?1667216295 | 184.31.15.67 | 200 OK | 1.1 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/js/translate-popup-timer.js?1667216295 IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeUnicode text, UTF-8 text, with CRLF line terminators Hashb8caed488bbb08c2414fb1c79c9c8d35 8bda431010a9d7666cd6c2c15f9a3b7f81634ed8 d72877ab0432583bfed248050bf32ad260c7b06c4e20a714d07ee65e7948ee0c
GET /landings/276829/1667216295/js/translate-popup-timer.js?1667216295 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: OKRATiA1ZTULjqldTAk1wu+FnWH/fKH86FwoBIdXGYYEZ7Pnka8OIGFG9v64y99MOefpkynAjZY=
x-amz-request-id: 5SCVVEE3WVYP2303
Last-Modified: Tue, 08 Nov 2022 12:16:10 GMT
ETag: "e87a84612ebce6b2a84f41ef7f6d40b0"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 25 Nov 2022 03:00:32 GMT
Content-Length: 1080
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash4af780570d49b327d38dc189095448e9 1dd4193a2afeb237c5e475b603b1cbd137f7f97e f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:00:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash4af780570d49b327d38dc189095448e9 1dd4193a2afeb237c5e475b603b1cbd137f7f97e f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:00:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/images/icon-city.svg | 184.31.15.67 | 200 OK | 839 B |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/images/icon-city.svg IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (735) Hash5f5ead641bc30316f498592eec2016a1 3195aa33596ba190a6584ccb75124dd9d9c13261 f028477ede528af987acd2bea73c8e462ea4cd6cf1137aae5085c85a82d93409
GET /landings/276829/1667216295/images/icon-city.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: w+VlICMJEVnptKt8J3QvZhoMTMhB3e7FxUx+cHZiU/5A71mG5+E427LTktCPsSMp8CTN+97Kw2w=
x-amz-request-id: WQS28ZJMPKMPPK3E
Last-Modified: Tue, 08 Nov 2022 12:16:09 GMT
ETag: "5f5ead641bc30316f498592eec2016a1"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 839
Date: Fri, 25 Nov 2022 03:00:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/images/unlock.svg | 184.31.15.67 | 200 OK | 2.4 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/images/unlock.svg IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (944) Hasha732e1e06affb4575c050fdb0131e5ca da4f4f204a4d22c7424274a91520e0ea993c48c7 e17f481e5fe197e600ffe6cf53a94a4e49a73b6b817ff560cd92c3dd501d603f
GET /landings/276829/1667216295/images/unlock.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: dCiTAlDFOe11RIbClRqXMMdOem3/kDG9rCGdD+7jKjx3ObYZK7zbVewpPO/N1rDNxyj0P64zBwo=
x-amz-request-id: 5SCHSAB6RH8WN6EN
Last-Modified: Tue, 08 Nov 2022 12:16:09 GMT
ETag: "a732e1e06affb4575c050fdb0131e5ca"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 2378
Date: Fri, 25 Nov 2022 03:00:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/images/shield.svg | 184.31.15.67 | 200 OK | 1.5 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/images/shield.svg IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (310) Hash0c7a0dfd64cf020cd8a6dc0c3df1dbdf f705635388aebebae1223d828c38233067f28ab1 856fdb53067254df9495660a355e5ed91936803b567867f1053ce5fb97107888
GET /landings/276829/1667216295/images/shield.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Rh5WkTo4RHnwZSxleqVojV0JsXmLrKC+GZ7zsfWm6CgGKk5lOJeR5QWRgUVSA3IOM+QaBGIdH48=
x-amz-request-id: WQS4NQYJJ106ADA2
Last-Modified: Tue, 08 Nov 2022 12:16:09 GMT
ETag: "0c7a0dfd64cf020cd8a6dc0c3df1dbdf"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1539
Date: Fri, 25 Nov 2022 03:00:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/images/7-eu.jpg | 184.31.15.67 | 200 OK | 2.3 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/images/7-eu.jpg IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data Hash8155d8ecc7dc2d9b29cf99ab85c3d2a8 ba784563c7787760b318af24ea274ad6df2c5b89 7e368b2c331e65b43d9e6977dde473b4ee4ed25f0253e0d086ca676438b97d27
GET /landings/276829/1667216295/images/7-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: DPWQLmAqBw94Q5f7aUtrcKYiwhv2IgTEVsmfbiB87KI5wcuxr6i3k+3TE0FKGufBCsz8wQxNORI=
x-amz-request-id: WPHYF6PEPR01RVN2
Last-Modified: Tue, 08 Nov 2022 12:16:09 GMT
ETag: "8155d8ecc7dc2d9b29cf99ab85c3d2a8"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 2282
Date: Fri, 25 Nov 2022 03:00:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/images/8-eu.jpg | 184.31.15.67 | 200 OK | 2.5 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/images/8-eu.jpg IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data Hash41bbda91cef3f22db1d45d66f7ca0961 e2f8f56674e0180063a4f8287931dc0b273baf8e d0f8fe31f17be4afd352a60628de61eef59ee08ac0ecddac9cfe4e4a504f4f0e
GET /landings/276829/1667216295/images/8-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: p6DM7KfLMnMqvvfHhBubwZh+Tqe1gmef4A6/UXtCecVo1hhJDV3fZYgOXv/dCFjZv5XzajpC7y0=
x-amz-request-id: WPHQAR4KGPD6PBTD
Last-Modified: Tue, 08 Nov 2022 12:16:09 GMT
ETag: "41bbda91cef3f22db1d45d66f7ca0961"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 2458
Date: Fri, 25 Nov 2022 03:00:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/images/1-eu.jpg | 184.31.15.67 | 200 OK | 4.3 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/images/1-eu.jpg IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data Hash6e6d0b84c81d847e24671a711115a781 20dc2d359e437dc10ceefea4d3c7b5189c2e58d0 515974c9245ead07b3332ca22fa1581622118c75955941452140a602646aa553
GET /landings/276829/1667216295/images/1-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: z6ZgAZKtOTwU59RWv1u7iAj0atenUWsfkXCpiZsT4T7I9yn6LpiSRTmZKjJXLn8q6taAAJTEZI0=
x-amz-request-id: WQS27KPRSXRZQV27
Last-Modified: Tue, 08 Nov 2022 12:16:08 GMT
ETag: "6e6d0b84c81d847e24671a711115a781"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 4292
Date: Fri, 25 Nov 2022 03:00:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/images/password.svg | 184.31.15.67 | 200 OK | 1.3 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/images/password.svg IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (330) Hashf42aef7f97d4c9bdb074673081f38ac7 0231df782e371d139c826e091279acd9a07e691c 5fca7f589cd825e1f152e0a1677d6cbd0a3ee3ecde05905d572af87e8b453eac
GET /landings/276829/1667216295/images/password.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: FCQjxeRyW+0MWorR52f+4P5VAMmvI14FG8QevkWXHsmod68e5lXG+U2PpP1fseEsMpwwBqKv2EU=
x-amz-request-id: WQS331ZC6VWZ20ET
Last-Modified: Tue, 08 Nov 2022 12:16:09 GMT
ETag: "f42aef7f97d4c9bdb074673081f38ac7"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1339
Date: Fri, 25 Nov 2022 03:00:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/images/2-eu.jpg | 184.31.15.67 | 200 OK | 2.0 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/images/2-eu.jpg IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data Hash66b6dc51bd19c799dcadf1dbeb628d9c ff7fe6049e944186764bfc5041d624ec11f8d362 d3c1502509ae60909fe60c46cc58c41c1a9fe53ee7aeffb92d37a074ba8550f0
GET /landings/276829/1667216295/images/2-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 7JPE8Fmv2AlNaM4c9haGojrxb0DDIejemPlZgWeWUolsHRA32cpbSoXCOnhOtV3UiTZoBIuQzaE=
x-amz-request-id: WQS689E94GPXMBRM
Last-Modified: Tue, 08 Nov 2022 12:16:08 GMT
ETag: "66b6dc51bd19c799dcadf1dbeb628d9c"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 2009
Date: Fri, 25 Nov 2022 03:00:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/images/3-eu.jpg | 184.31.15.67 | 200 OK | 3.9 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/images/3-eu.jpg IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 80x80, components 3\012- data Hash1dc512dcb0850f22cfa72c789578085c 933e9c5648e782c9f9a1504d2248f0acb4b9950b 7a27ad3bbf259cc02f80f496c19e6033d958362c1b5075c1957bb502f2666d00
GET /landings/276829/1667216295/images/3-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 3NN0uIqbBZkTAj5241uZ318O95JXnNrqvRR7o9J5RXji2drl7HNciJ60qktmUpDemPT+B1o0K9c=
x-amz-request-id: WQSAS837QNVRBWM7
Last-Modified: Tue, 08 Nov 2022 12:16:08 GMT
ETag: "1dc512dcb0850f22cfa72c789578085c"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 3946
Date: Fri, 25 Nov 2022 03:00:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/images/6-eu.jpg | 184.31.15.67 | 200 OK | 3.3 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/images/6-eu.jpg IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data Hash9a6870069cb979e16b239f9ed485fb3c c1dc7f3620c8cc391648c550f91b269b04d3c612 3e280ac6e0be5142f62957076a5c99e792eb61533e23f33b165aea4d522de818
GET /landings/276829/1667216295/images/6-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 8LKI4W7cOhnSmxmZUo/kA1DTcxDttm40p7cfTT4pwTUqHjrepp7Xm2JGhS4bG3MY+9YSvGi5a6Q=
x-amz-request-id: WPHV576T3E51ZXQN
Last-Modified: Tue, 08 Nov 2022 12:16:09 GMT
ETag: "9a6870069cb979e16b239f9ed485fb3c"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 3256
Date: Fri, 25 Nov 2022 03:00:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/images/5-eu.jpg | 184.31.15.67 | 200 OK | 2.9 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/images/5-eu.jpg IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data Hash27109a247208262e6293950ca8f5450d cea89616d15ad45a0f2b04082dff608abd96b800 86755df878f9f09c1b06deb1ac049db77b1931d3b0f650548fac960b3fedaa96
GET /landings/276829/1667216295/images/5-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: ml4WyhbYo+pCAAO+vJHm8NTyYfW1CU1oLF07s0WUJPK3VvVRkZz3zYdOnFPozAWXZyFfpleNmh8=
x-amz-request-id: WQS63088V9Q6VGQS
Last-Modified: Tue, 08 Nov 2022 12:16:08 GMT
ETag: "27109a247208262e6293950ca8f5450d"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 2879
Date: Fri, 25 Nov 2022 03:00:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/images/110010_3.jpg | 184.31.15.67 | 200 OK | 41 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/images/110010_3.jpg IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 682x388, components 3\012- data Hash1cda15cc6238bfbf394087f9e4240c08 d04d25fae912c5c660bfb855b0463e7cfffdc52e 2fccdea801925553b007bf3f67a8a59715589ab98796dbeebe84bb40a8a77ac4
GET /landings/276829/1667216295/images/110010_3.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: wxfXF6GYqzjTUkzLtRWnOhOUmINn7vdmlOzW+tpyYG3rYXc9H4u5VefJWciy4MK87m9eGMi0oWU=
x-amz-request-id: WQS950Y88F86M40P
Last-Modified: Tue, 08 Nov 2022 12:16:09 GMT
ETag: "1cda15cc6238bfbf394087f9e4240c08"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 41178
Date: Fri, 25 Nov 2022 03:00:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/images/blocked-icon.png | 184.31.15.67 | 200 OK | 502 B |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/images/blocked-icon.png IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typePNG image data, 23 x 32, 8-bit/color RGBA, non-interlaced\012- data Hash87487ad255dde0624f59abb85602defc caafad17df41875bed690353ead6cc495a9bf8c2 f7a4b3fb74b9e06f243f23ede51a801a0aa3fa2c0040bc44a49a97444780923d
GET /landings/276829/1667216295/images/blocked-icon.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: r4FzU6pY0wRldLpaNOFVlEePCM35UAR+U/UlazGMs/GFyLTTcl0Z3Hl/FHRDyALhytq7bickics=
x-amz-request-id: WPHTQZAMND403DWF
Last-Modified: Tue, 08 Nov 2022 12:16:08 GMT
ETag: "87487ad255dde0624f59abb85602defc"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 502
Date: Fri, 25 Nov 2022 03:00:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/images/4-eu.jpg | 184.31.15.67 | 200 OK | 2.6 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/images/4-eu.jpg IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data Hashcb3aff7c886e4f72a98172b873b5e62d 33de244dcb4db4abe54b6508ae8d1546eb279aa5 d22825c9a1ff2c18506f0c2c3abaf3bb77f8352ba7bd410d50d35f20adbab08e
GET /landings/276829/1667216295/images/4-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: VPaRwFrMAu/v98nbu1wMcfyMY+yCBMRFJAZHnpagETLOkz7TUv2WmMUC2Gn64WchkDPawbp9zPU=
x-amz-request-id: WQS80047GBM65PQX
Last-Modified: Tue, 08 Nov 2022 12:16:08 GMT
ETag: "cb3aff7c886e4f72a98172b873b5e62d"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 2586
Date: Fri, 25 Nov 2022 03:00:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/images/49.png | 184.31.15.67 | 200 OK | 4.5 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/images/49.png IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typePNG image data, 336 x 336, 8-bit/color RGB, non-interlaced\012- data Hash372e58a66b7d92e1dd903f32fb308d1e 40be5d7067b822dfed07e173acd11cfceaa9e329 82408edfa51c2d831b86658b6637a6950986c342195aa08fd1467ea1d71b9793
GET /landings/276829/1667216295/images/49.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/276829/1667216295/css/style.css?1667216295
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
x-amz-id-2: K/DIwIpyECOJ5ji6E0y30/HOvK8hBHneht4ydCr5QbCrYGSjnuClVcGeqNMiULade+D2fYZ0cUY=
x-amz-request-id: WQS8Z4DZCXKZ9NTE
Last-Modified: Tue, 08 Nov 2022 12:16:08 GMT
ETag: "372e58a66b7d92e1dd903f32fb308d1e"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4510
Date: Fri, 25 Nov 2022 03:00:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashb44543de9922ec7d97f2e0be1865553e caef856450efd75de0cfae9402903b1f4bd6de4c d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:00:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/images/action_icons_20px_2x.png | 184.31.15.67 | 200 OK | 1.7 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/images/action_icons_20px_2x.png IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typePNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data Hashb699975b5fe73b087e711a33ff24ee1e 0e33cc5c32a5e7d18440751e3946076664caaf53 4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e
GET /landings/276829/1667216295/images/action_icons_20px_2x.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/276829/1667216295/css/reviews.css?1667216295
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
x-amz-id-2: IjNF7z8/66ujHm2SgFJDB8UCHOn4in1o0tES0MSE+wdG+qpMekNQqwPt1AJm19f+Zv9qwiFNwhw=
x-amz-request-id: WPHHK6A2W3FY1H43
Last-Modified: Tue, 08 Nov 2022 12:16:09 GMT
ETag: "b699975b5fe73b087e711a33ff24ee1e"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1726
Date: Fri, 25 Nov 2022 03:00:32 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6827d82f488045e02e40d6a2fdbae4b3 4944139a4b08769511ffc6aa913857d88a0db7bc 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3942
Expires: Fri, 25 Nov 2022 04:06:14 GMT
Date: Fri, 25 Nov 2022 03:00:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6827d82f488045e02e40d6a2fdbae4b3 4944139a4b08769511ffc6aa913857d88a0db7bc 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3942
Expires: Fri, 25 Nov 2022 04:06:14 GMT
Date: Fri, 25 Nov 2022 03:00:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6827d82f488045e02e40d6a2fdbae4b3 4944139a4b08769511ffc6aa913857d88a0db7bc 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3942
Expires: Fri, 25 Nov 2022 04:06:14 GMT
Date: Fri, 25 Nov 2022 03:00:32 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6673267df195141739d1018c17101368 b80047da428636adb7027f12718c8d11bd461da4 de30af07eed7326a1326c831e04727649a112c20d0c485a7e973edd96f91bfaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11954
x-amzn-requestid: 0c912d90-72b5-4060-ae22-c2ecbe16b57a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8J-nEFEoAMF2eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2390-503ead086c8021af6eaeaa85;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JZAeoFNsUy2usSV7O41YGIfVow9gaIMXuKnfcaundLduQ5UX2eTKOQ==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 17:17:27 GMT
age: 34985
etag: "b80047da428636adb7027f12718c8d11bd461da4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg | 34.120.237.76 | 200 OK | 6.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1adbf0cd373a4c06caa71eac14e1286c 236199a790f16dcf96dba80b9945836b37e3c2eb 767fd66cf0751dd80b2453588f9363fac7d9637da3dc9098d25fb65699ca8c5e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6590
x-amzn-requestid: 5d8b02c4-673a-4c77-8f24-498d9b8a28ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8zGeAIAMF4HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-661ce3991caf87e8558158c3;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4iFMdgZvXpHdbGKY-3exNXsKVn2FuWGQg70mCqzGLSHk_bSTiXSCxA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:01:38 GMT
age: 17934
etag: "236199a790f16dcf96dba80b9945836b37e3c2eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg | 34.120.237.76 | 200 OK | 4.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash841a4b110022a99ddea6f7bf66df0fa1 126771b86638108050cf57c0d12faa27f80f0edb 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 78964
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg | 34.120.237.76 | 200 OK | 6.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashba7b9c131ab7e5998f25b069ba3860a0 0214fc0deecb1115766802f42cfd256e3c479490 717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:28 GMT
age: 18304
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap | 142.250.74.10 | 200 OK | 8.8 kB |
URL HTTP/2fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap IP142.250.74.10:0
Hash0f27d61a16d23bf08856c121927fd342 7b4dac11885b671b5910b0398ea508f3d777d104 14dc76f1252e123cf20bf5d7cbcfe84ea9cb9863dcd670e8eee17e384bc82b4c
GET /css2?family=Ubuntu:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 03:00:32 GMT
date: Fri, 25 Nov 2022 03:00:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ymdxv.palatlaldate.com/js/pushjs/1.0.0/subscriber.js |  63.32.216.166 | 200 OK | 7.3 kB |
URL HTTP/2ymdxv.palatlaldate.com/js/pushjs/1.0.0/subscriber.js IP63.32.216.166:0
Hashe5bb31e4c9353233ca66071c970d6411 85b70577fb311467faba8137fe867269e7051265 1df82d01e16b85e801a6b3c5da174a34a4164dcb523629ed5978276c2f2c71d7
GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1
Host: ymdxv.palatlaldate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/c/da57dc555e50572d?s1=1018&s2=1053729&s3=719fbd40-273d-47b8-882f-683d1074b172&s5=backuser&click_id=w5klcolgb7cf6bnki87tip5c&iexpp=1&j1=1&j2=1w5klcolgb7cf6bnki87tip5c
Cookie: unique_id=638028fd00071edb; unique_id2=638028fd0008ce68; 638028fd0008ce68_c=1; ref_token=23799_1018; 638028fd0008ce68_sl=[276829]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 03:00:32 GMT
content-type: application/javascript
expires: Fri, 02 Dec 2022 03:00:32 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ymdxv.palatlaldate.com/js/pushjs/1.0.0/utils.js | 63.32.216.166 | 200 OK | 7.5 kB |
URL HTTP/2ymdxv.palatlaldate.com/js/pushjs/1.0.0/utils.js IP63.32.216.166:0
Hashf6d1a13675be32118569feccaa36157d 27b375eea172acedaa00a57a1dbf4b7f9b400a76 9dde212ece8da8a484dd00d501c8e0ef2e0222a2067273fd02937736326be281
GET /js/pushjs/1.0.0/utils.js HTTP/1.1
Host: ymdxv.palatlaldate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/c/da57dc555e50572d?s1=1018&s2=1053729&s3=719fbd40-273d-47b8-882f-683d1074b172&s5=backuser&click_id=w5klcolgb7cf6bnki87tip5c&iexpp=1&j1=1&j2=1w5klcolgb7cf6bnki87tip5c
Cookie: unique_id=638028fd00071edb; unique_id2=638028fd0008ce68; 638028fd0008ce68_c=1; ref_token=23799_1018; 638028fd0008ce68_sl=[276829]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 03:00:32 GMT
content-type: application/javascript
expires: Fri, 02 Dec 2022 03:00:32 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashaee1eaa2ef2d0edbb0bc5703979e6439 8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:00:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashaee1eaa2ef2d0edbb0bc5703979e6439 8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:00:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js | 142.250.74.163 | 200 OK | 10 kB |
URL HTTP/2www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js IP142.250.74.163:0
File typeASCII text, with very long lines (35547) Hashfa9987a23f5a9d865766e952511baa30 f2e620b99ee61a01671ba6a9e22ca75d58a1b52d 655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7
GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:29:53 GMT
expires: Tue, 21 Nov 2023 18:29:53 GMT
cache-control: public, max-age=31536000
age: 289839
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/firebasejs/5.0.2/firebase-app.js | 142.250.74.163 | 200 OK | 8.6 kB |
URL HTTP/2www.gstatic.com/firebasejs/5.0.2/firebase-app.js IP142.250.74.163:0
File typeASCII text, with very long lines (25088) Hash73069e532b7039778d3a7128c997c61a c523bbf1ac7f4e612c8ade75434c42fbca885adc b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:32:45 GMT
expires: Thu, 23 Nov 2023 18:32:45 GMT
cache-control: public, max-age=31536000
age: 116867
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash87de3dd2c7dce12b01a337d1554a222a 30e0bd68bbb78995aa8a0686ac02848fd5a7a699 533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:00:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn-dimi.akamaized.net/landings/276829/1667216295/images/1.mp4 | 184.31.15.67 | 206 Partial Content | 140 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/276829/1667216295/images/1.mp4 IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data Size140 kB (140361 bytes) Hash3eea4d169bc9b65090031b48fa869959 5a27f6127f131daffeedcda83596c3239ebe4a2b 46b08dabcf9e72f158dbf2edc44f2dfb94bd70031673704d07a336ff428e50ed
GET /landings/276829/1667216295/images/1.mp4 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
x-amz-id-2: Grp2UgbcIKeXaS+WOECKLqe4qgoJy3CDJ16IPM1Wzx7IemOFBoopF7o/jPq8If//1xoGWeNt+kE=
x-amz-request-id: WPHGYG32MR4WWBSW
Last-Modified: Tue, 08 Nov 2022 12:16:09 GMT
ETag: "9da1ec568a44f92b56f3d1e3c10da6a4"
Accept-Ranges: bytes
Content-Type: video/mp4
Server: AmazonS3
Date: Fri, 25 Nov 2022 03:00:32 GMT
Content-Range: bytes 0-2971964/2971965
Content-Length: 2971965
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| bricius-ing.com/zcredirect?visitid=51ec5030-6c6d-11ed-a78f-121ee3b973d5&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false | 3.208.247.235 | 200 OK | 0 B |
URL HTTP/2bricius-ing.com/zcredirect?visitid=51ec5030-6c6d-11ed-a78f-121ee3b973d5&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false IP3.208.247.235:0
GET /zcredirect?visitid=51ec5030-6c6d-11ed-a78f-121ee3b973d5&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: bricius-ing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bricius-ing.com/zcvisitor/51ec5030-6c6d-11ed-a78f-121ee3b973d5/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=a2843980-572e-11ed-8dac-0a918cbcbb97
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:00:31 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
server: vKslbLxu
X-Firefox-Spdy: h2
|
|
| ymdxv.palatlaldate.com/c/da57dc555e50572d?s1=1018&s2=1053729&s3=719fbd40-273d-47b8-882f-683d1074b172&click_id=w5klcolgb7cf6bnki87tip5c&j1=1&j2=1w5klcolgb7cf6bnki87tip5c | 63.32.216.166 | 200 OK | 0 B |
URL HTTP/2ymdxv.palatlaldate.com/c/da57dc555e50572d?s1=1018&s2=1053729&s3=719fbd40-273d-47b8-882f-683d1074b172&click_id=w5klcolgb7cf6bnki87tip5c&j1=1&j2=1w5klcolgb7cf6bnki87tip5c IP63.32.216.166:0
GET /c/da57dc555e50572d?s1=1018&s2=1053729&s3=719fbd40-273d-47b8-882f-683d1074b172&click_id=w5klcolgb7cf6bnki87tip5c&j1=1&j2=1w5klcolgb7cf6bnki87tip5c HTTP/1.1
Host: ymdxv.palatlaldate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bricius-ing.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 03:00:31 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=638028fd00071edb; Path=/; Expires=Tue, 24 Jan 2023 03:00:31 GMT; Secure; SameSite=None
unique_id2=638028fd0008ce68; Path=/; Expires=Thu, 23 Feb 2023 03:00:31 GMT; Secure; SameSite=None
638028fd0008ce68_c=1; Path=/; Expires=Thu, 23 Feb 2023 03:00:31 GMT; Secure; SameSite=None
ref_token=23799_1018; Path=/; Expires=Sun, 25 Dec 2022 03:00:31 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Fri, 25 Nov 2022 03:00:31 GMT; Secure; SameSite=None
638028fd0008ce68_sl=[276829]; Path=/; Expires=Fri, 09 Dec 2022 03:00:31 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ymdxv.palatlaldate.com/js/service-worker.js | 63.32.216.166 | 200 OK | 0 B |
URL HTTP/2ymdxv.palatlaldate.com/js/service-worker.js IP63.32.216.166:0
GET /js/service-worker.js HTTP/1.1
Host: ymdxv.palatlaldate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: unique_id=638028fd00071edb; unique_id2=638028fd0008ce68; 638028fd0008ce68_c=1; ref_token=23799_1018; 638028fd0008ce68_sl=[276829]
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 03:00:32 GMT
content-type: application/javascript
expires: Fri, 02 Dec 2022 03:00:32 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bricius-ing.com/zcvisitor/51ec5030-6c6d-11ed-a78f-121ee3b973d5/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=a2843980-572e-11ed-8dac-0a918cbcbb97 | 3.208.247.235 | 200 OK | 0 B |
URL HTTP/2bricius-ing.com/zcvisitor/51ec5030-6c6d-11ed-a78f-121ee3b973d5/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=a2843980-572e-11ed-8dac-0a918cbcbb97 IP3.208.247.235:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /zcvisitor/51ec5030-6c6d-11ed-a78f-121ee3b973d5/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=a2843980-572e-11ed-8dac-0a918cbcbb97 HTTP/1.1
Host: bricius-ing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://deoseasr.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:00:31 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: kmGVFrRI
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Alfa+Slab+One&display=swap | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css2?family=Alfa+Slab+One&display=swap IP142.250.74.10:0
GET /css2?family=Alfa+Slab+One&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 03:00:32 GMT
date: Fri, 25 Nov 2022 03:00:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
0.0.0.0