Overview

URLv90.y8top.net/tmp082020/cf/soft/2015/4/ba/3/bloody-roar-1.exe
IP 64.225.91.73 (United States)
ASN#14061 DIGITALOCEAN-ASN
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-22 11:46:37 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (22)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-21 05:38:14 UTC 34.117.237.239
domaincntrol.com (1) 274993 2018-01-06 22:46:59 UTC 2022-11-21 19:29:41 UTC 172.67.68.176
ww2.y8top.net (4) 0 No data No data 64.190.63.136 Unknown ranking
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
img.sedoparking.com (1) 54200 2013-04-22 22:23:29 UTC 2020-05-01 04:52:11 UTC 205.234.175.175
r3.o.lencr.org (8) 344 No data No data 23.36.77.32
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-21 05:36:45 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
cdnjs.cloudflare.com (1) 235 2015-04-17 20:46:33 UTC 2022-11-21 18:30:53 UTC 104.17.24.14
xml.sedodna.com (1) 278378 No data No data 173.239.53.32
cartining-specute.com (1) 0 2021-01-31 23:37:43 UTC 2022-11-21 22:40:06 UTC 18.197.36.77 Unknown ranking
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-11-21 14:07:59 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
www.gstatic.com (2) 0 2016-07-26 09:37:06 UTC 2022-11-21 15:31:46 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.163.62.5
dipaka-ead.com (3) 0 2022-10-31 13:23:43 UTC 2022-11-21 14:14:29 UTC 3.208.247.235 Unknown ranking
cdn-dimi.akamaized.net (39) 0 No data No data 184.31.15.107 Domain (akamaized.net) ranked at: 280
e1.o.lencr.org (1) 6159 No data No data 23.36.77.32
ocsp.pki.goog (7) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-21 14:07:59 UTC 142.250.74.10
ymdxv.palatlaldate.com (4) 0 No data No data 63.32.216.166 Unknown ranking
v90.y8top.net (2) 0 No data No data 64.225.91.73 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-22 2 v90.y8top.net/tmp082020/cf/soft/2015/4/ba/3/bloody-roar-1.exe Malware
2022-11-22 2 ww2.y8top.net/ Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 64.225.91.73
Date UQ / IDS / BL URL IP
2023-02-07 12:44:04 +0000 0 - 4 - 0 tubplus.biz/login.php 64.225.91.73
2023-02-07 11:52:07 +0000 0 - 0 - 2 krav214.xyz/ 64.225.91.73
2023-02-07 11:29:42 +0000 0 - 1 - 1 fs2.softwaredownloadupdates.com/o1/909490-Php (...) 64.225.91.73
2023-02-07 11:19:06 +0000 0 - 2 - 6 golf365pa.com/ 64.225.91.73
2023-02-07 08:49:18 +0000 0 - 0 - 3 ideaenhance.com/VPN/files/DevInstallerBeta.exe 64.225.91.73


Last 5 reports on ASN: DIGITALOCEAN-ASN
Date UQ / IDS / BL URL IP
2023-02-07 22:24:14 +0000 0 - 0 - 2 rotondigroup.com/login/office 164.90.236.99
2023-02-07 22:09:26 +0000 0 - 1 - 0 www.audio-converter.net/audio_cd_ripper.exe 138.197.194.59
2023-02-07 21:45:49 +0000 0 - 1 - 0 zagent529.zspeed-cdn.com/static/v2/Windows-11 (...) 178.128.232.161
2023-02-07 21:33:11 +0000 0 - 1 - 0 www.reasoft.com/downloads/ReaGalleryPro.exe 104.131.57.251
2023-02-07 21:27:51 +0000 0 - 2 - 0 janetfouts.com/how-to-participate-in-a-tweet-chat/ 138.68.237.66


Last 1 reports on domain: y8top.net
Date UQ / IDS / BL URL IP
2022-11-22 11:46:37 +0000 0 - 0 - 2 v90.y8top.net/tmp082020/cf/soft/2015/4/ba/3/b (...) 64.225.91.73


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-11-28 17:48:40 +0000 0 - 0 - 3 qgvwam.excelientdates.net/?utm_source=da57dc5 (...) 63.32.216.166
2022-11-28 14:37:04 +0000 0 - 0 - 1 to-get-laid.com/tds/rsl?tdsId=s7889mak_r&tds_ (...) 52.57.39.237
2022-11-28 13:48:52 +0000 0 - 0 - 3 nvlkjd.excelientdates.net/?utm_source=da57dc5 (...) 63.32.216.166
2022-11-28 09:14:49 +0000 0 - 0 - 3 tennis-elite.de/blog/142/50542163.htm 172.67.183.118
2022-11-27 22:25:34 +0000 0 - 0 - 4 nrgzgb.impreslvedate.com/c/da57dc555e50572d 52.19.101.114

JavaScript

Executed Scripts (24)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (90)


Request Response
                                        
                                            GET /tmp082020/cf/soft/2015/4/ba/3/bloody-roar-1.exe HTTP/1.1 
Host: v90.y8top.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         64.225.91.73
HTTP/1.1 200 OK
content-type: text/html
                                        
server: nginx/1.18.0 (Ubuntu)
date: Tue, 22 Nov 2022 11:46:26 GMT
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   329
Md5:    ecbcb8bae64098de3e587487b474f8b8
Sha1:   e275409fb40ea27c3826af493f70faf147d0f995
Sha256: 2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2986
Expires: Tue, 22 Nov 2022 12:36:12 GMT
Date: Tue, 22 Nov 2022 11:46:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5453
Cache-Control: max-age=87344
Date: Tue, 22 Nov 2022 11:46:26 GMT
Etag: "637b5375-1d7"
Expires: Wed, 23 Nov 2022 12:02:10 GMT
Last-Modified: Mon, 21 Nov 2022 10:31:17 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A62ECEDCB0953814F982237818A3D902FDCA501F82B675629D28B5D476E0FBFA"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17441
Expires: Tue, 22 Nov 2022 16:37:07 GMT
Date: Tue, 22 Nov 2022 11:46:26 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 22 Nov 2022 11:09:18 GMT
cache-control: public,max-age=3600
age: 2228
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    567df7db606cf5d0871aa5bc9311b6da
Sha1:   4263faac7cbab2fcaf6661911dcad5091c06be17
Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: t6lGbpFVUE9hg8W4deEpvam2aS6vPEAXU9jivZbHvJVJsgAg3SWgrFofE8hgg5bq02hvWUzYCAk=
x-amz-request-id: P7BJRAZAZCY1Z321
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 22 Nov 2022 11:39:32 GMT
age: 414
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 22 Nov 2022 11:46:26 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://v90.y8top.net
Connection: keep-alive
Referer: http://v90.y8top.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 22 Nov 2022 11:46:26 GMT
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 14561290
expires: Sun, 12 Nov 2023 11:46:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PuiFFCUK2iUQurpLIaaHgePHrhwum3uXuBMPSXmkVoXM%2BuFGbuABRq%2B1jlIYwbcRNcP8a39Rx7c2enc2vb1vlGioqxw0sJyC0vOiZhYWdioayH6n%2B3WbHgzJF89XX3odavvoKfa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76e16cb39c4b0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   27958
Md5:    4b5f47439b640180cc3450f7de05d0d8
Sha1:   5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
Sha256: 1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "346E4039529BC0B931453CB50CB831B8115C1A48F519C685B2E9E9E56B5E92CA"
Last-Modified: Sun, 20 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4090
Expires: Tue, 22 Nov 2022 12:54:36 GMT
Date: Tue, 22 Nov 2022 11:46:26 GMT
Connection: keep-alive

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: v90.y8top.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://v90.y8top.net/tmp082020/cf/soft/2015/4/ba/3/bloody-roar-1.exe

search
                                         64.225.91.73
HTTP/1.1 200 OK
content-type: text/html
                                        
server: nginx/1.18.0 (Ubuntu)
date: Tue, 22 Nov 2022 11:46:26 GMT
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   329
Md5:    ecbcb8bae64098de3e587487b474f8b8
Sha1:   e275409fb40ea27c3826af493f70faf147d0f995
Sha256: 2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 22 Nov 2022 11:11:10 GMT
cache-control: public,max-age=3600
age: 2116
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4909
Cache-Control: max-age=168137
Date: Tue, 22 Nov 2022 11:46:27 GMT
Etag: "637c912f-1d7"
Expires: Thu, 24 Nov 2022 10:28:44 GMT
Last-Modified: Tue, 22 Nov 2022 09:06:55 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /?orighost=http://v90.y8top.net/tmp082020/cf/soft/2015/4/ba/3/bloody-roar-1.exe HTTP/1.1 
Host: domaincntrol.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://v90.y8top.net
Connection: keep-alive
Referer: http://v90.y8top.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.67.68.176
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
date: Tue, 22 Nov 2022 11:46:27 GMT
content-length: 22
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sg%2Bf1Fb6KZKjToLSkVxjxP8L6Vo2uyPcIEBMU8L8v5gWln4UNoEhSQlAE9FE0Qm4r8aQSaLNluMOvqv7jtXMvhuEPmQ%2BV8HW9gUOMn3dKxaMoAcMv47iFO3L2rsdF0LyPyw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e16cb4daaeb523-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   22
Md5:    70a7a135f5b2f2da6d8c35c6fe6e6fb0
Sha1:   91a51ff69156bb3434b42e049a2dc1c9b7c4bc80
Sha256: 36222492637421d990f3dda78775da2b80bb4a480868b2cd80ef8a8867921636
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: os3seB3yC0BA3+Xl0l7i6Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.163.62.5
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1ZTUdLcG6d69BU66wlY89YGCJs0=

                                        
                                            GET / HTTP/1.1 
Host: ww2.y8top.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://v90.y8top.net/
Upgrade-Insecure-Requests: 1

search
                                         64.190.63.136
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 22 Nov 2022 11:46:28 GMT
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_J7IvCcetMAgUaOEf7p9tjOVuDgBDugQJNS53vyCLtNbxmNd5sf/oQ5vCRP/q6uDgehtTXD/aK2Wle/lQMSCkNQ==
last-modified: Tue, 22 Nov 2022 11:46:27 GMT
x-cache-miss-from: parking-5489797ddc-ldpgp
server: NginX
content-encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (676)
Size:   1331
Md5:    193e4ecb59d8ceb5fa55d53d05119c85
Sha1:   497a2bff95d0fcf31b7439d47b46f9b3180e4098
Sha256: d196e6643a2709d946fea9d7bfd1f30492df8ae5822174dab73e3021619d69d4

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18527
Expires: Tue, 22 Nov 2022 16:55:15 GMT
Date: Tue, 22 Nov 2022 11:46:28 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18527
Expires: Tue, 22 Nov 2022 16:55:15 GMT
Date: Tue, 22 Nov 2022 11:46:28 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18527
Expires: Tue, 22 Nov 2022 16:55:15 GMT
Date: Tue, 22 Nov 2022 11:46:28 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18527
Expires: Tue, 22 Nov 2022 16:55:15 GMT
Date: Tue, 22 Nov 2022 11:46:28 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18527
Expires: Tue, 22 Nov 2022 16:55:15 GMT
Date: Tue, 22 Nov 2022 11:46:28 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9FO1gkdftjvJFDvAlxwLD63BP-liwnS2MImVhVdjg83wi4xJdM73Kg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:48:43 GMT
age: 50265
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8089
Md5:    c8f6118fc03f31862ff68fef8a2b9a7f
Sha1:   318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
Sha256: cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8685
x-amzn-requestid: 66455cc7-83d7-4570-99f9-5fa838da947f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrAHwKoAMFUHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee46-354d65e9609bc05647556a5a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -9tZPsMl7i5hr0N1rwJdQBLiOImuEO12RDL0pcPNjf6t-LkRbPaN2A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:02:46 GMT
etag: "b8c928f93a8d82b48491448d811a95ad99dc6aef"
age: 49422
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8685
Md5:    2ed6b76d15fc8d6295acdb6fb47461d3
Sha1:   b8c928f93a8d82b48491448d811a95ad99dc6aef
Sha256: de326836a9de677438b9ae724198e94348b0900c62817ff10de3677ce93fdae0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10556
x-amzn-requestid: d2426c6d-5e78-496c-8649-0496a872b380
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-Iq0GPVoAMF9bg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee45-1ee6dc09394731cc4dbfc38a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eHLf2DFK-3yN5dEG22XItPxRzmODRdThIYJI2oZqDJpgTGQGSQnGzQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:46:07 GMT
age: 50421
etag: "bc4a2dc43898e3fb78ba7301d8b09b280991d221"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10556
Md5:    0ab62c5a7c3296600de924eb0b283bc1
Sha1:   bc4a2dc43898e3fb78ba7301d8b09b280991d221
Sha256: f2a4c0829a4fb9a585113ed358832d16470ec391035a302a8f3c4666172f02bd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4639
x-amzn-requestid: 8a93fa29-158b-4402-aac4-85ad29a74ae1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6oELooAMFWFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-5a85509b26d9aeef7ae59b4c;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z_LKFsiB_s81UenxBOVg9_qX_7vBHUZix7XF8YguDCytRn5opLkLRA==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:01:10 GMT
age: 49518
etag: "12e2654db1f384bb04f5c5042848b25dda86b710"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4639
Md5:    dafd9e17dc0023e71ae513c6025e4b80
Sha1:   12e2654db1f384bb04f5c5042848b25dda86b710
Sha256: e9c885a102dc811648cec4ac292db63564e81a48d7a3611cb31fba73b37286dd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb52ad6b-bc3e-4cc6-8c74-7f367173fbdc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4269
x-amzn-requestid: 9e70b9ad-7fb2-4f2d-bc87-d703abeb4888
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I62ERzIAMFcvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeab-6de953ea2d2aee071fea324b;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:31 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9mu3P-liZS9j6mn71xiWE2JRWpZHSans7w-zGZVERGs24wxCkfR5Ww==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:02:57 GMT
etag: "39d9b60a2b11b95c0ae37f35deb9a594d8e61d08"
age: 49411
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4269
Md5:    b52c578c918c74f35f3c0a3f0c5dd2be
Sha1:   39d9b60a2b11b95c0ae37f35deb9a594d8e61d08
Sha256: 48a67feefffe59d04660c0e7de58234f184bded9cbb121da8157387ebd24f8f5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6031
x-amzn-requestid: f59b04c5-4955-4847-9a7f-d9d53b47ca52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3cV0GC-oAMF5hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637940f1-0425b3cf6a4650b60936feba;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 20:47:45 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: StZ9dxgY8W0WwUUqsxyeISFnbm_WGGcm_AMuo9dzfhF9Yp7wM0TMMg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 ea699166e6ec77aa410ff505b0a8ce18.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 08:17:57 GMT
age: 12511
etag: "56414a905340e1b1478a0a40a52b25365a724524"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6031
Md5:    4f3fad7453f45dfa617243c8beac64e1
Sha1:   56414a905340e1b1478a0a40a52b25365a724524
Sha256: 7befcfbedac5652eb04bc675b67f7b642631d4e918f7aaee17b0b594e26854d0
                                        
                                            GET /images/js_preloader.gif HTTP/1.1 
Host: img.sedoparking.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.y8top.net/

search
                                         205.234.175.175
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 22 Nov 2022 11:46:28 GMT
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Tue, 29 Nov 2022 11:46:28 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: 3dff18e627517ada79a9006620493fed
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 16\012- data
Size:   4254
Md5:    90c93102a88c2ab94bff1575b7a6e86e
Sha1:   56d71bf13de464534643db9d127629a0a3bf677a
Sha256: 5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
                                        
                                            GET /search/tsc.php?200=NDYzNDQ0ODMx&21=OTEuOTAuNDIuMTU0&681=MTY2OTExNzU4ODg3MjMwZWUzMTVhZjlhODVhMDI2ODFmYWNjMDVkZGEy&crc=13b58d5b35efe6f3289677c39e4f326e7c3aaa8f&cv=1 HTTP/1.1 
Host: ww2.y8top.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.y8top.net/

search
                                         64.190.63.136
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 22 Nov 2022 11:46:28 GMT
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-5489797ddc-ldpgp
server: NginX

                                        
                                            GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dcyz0UB9ZXTo_0&v=ZDBiMjc0MWM4ZGY0NjEwZmQ4MWMyYTg5YmI4MDA0ZTcJMQl3dzIueTh0b3AubmV0NjM3Y2I2OTM5YjY1NjUuNTYyMzU5NjgJd3cyLnk4dG9wLm5ldDYzN2NiNjkzOWI2N2Q0LjIyNTA3Mjk5CTE2NjkxMTc1ODgJYWRfNjNfMA==&l=OAkzODQwOGZiYjg3NzU1NTk2NWYwYzg1OTk5MDcyZjRkMAkwCTM1CTAJZGIzNmNiOTZiNGM1NzEwMTdhMDg5ZDVhMTNhYjBiOTcJNDYzNDQ0ODMxCXk4dG9wCTAJNjMJNgkyCTE2NjkxMTc1ODgJMC4wMDA1NTgJTgkwCTEJODMwCTEyMDUJNDUxMjI4Mzc2CTkxLjkwLjQyLjE1NAkw HTTP/1.1 
Host: ww2.y8top.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.y8top.net/
Upgrade-Insecure-Requests: 1

search
                                         64.190.63.136
HTTP/1.1 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Tue, 22 Nov 2022 11:46:28 GMT
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Tue, 22 Nov 2022 11:46:28 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dcyz0UB9ZXTo_0&v=ZDBiMjc0MWM4ZGY0NjEwZmQ4MWMyYTg5YmI4MDA0ZTcJMQl3dzIueTh0b3AubmV0NjM3Y2I2OTM5YjY1NjUuNTYyMzU5NjgJd3cyLnk4dG9wLm5ldDYzN2NiNjkzOWI2N2Q0LjIyNTA3Mjk5CTE2NjkxMTc1ODgJYWRfNjNfMA==&l=OAkzODQwOGZiYjg3NzU1NTk2NWYwYzg1OTk5MDcyZjRkMAkwCTM1CTAJZGIzNmNiOTZiNGM1NzEwMTdhMDg5ZDVhMTNhYjBiOTcJNDYzNDQ0ODMxCXk4dG9wCTAJNjMJNgkyCTE2NjkxMTc1ODgJMC4wMDA1NTgJTgkwCTEJODMwCTEyMDUJNDUxMjI4Mzc2CTkxLjkwLjQyLjE1NAkw
x-cache-miss-from: parking-5489797ddc-m2cmf
server: NginX

                                        
                                            GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dcyz0UB9ZXTo_0&v=ZDBiMjc0MWM4ZGY0NjEwZmQ4MWMyYTg5YmI4MDA0ZTcJMQl3dzIueTh0b3AubmV0NjM3Y2I2OTM5YjY1NjUuNTYyMzU5NjgJd3cyLnk4dG9wLm5ldDYzN2NiNjkzOWI2N2Q0LjIyNTA3Mjk5CTE2NjkxMTc1ODgJYWRfNjNfMA==&l=OAkzODQwOGZiYjg3NzU1NTk2NWYwYzg1OTk5MDcyZjRkMAkwCTM1CTAJZGIzNmNiOTZiNGM1NzEwMTdhMDg5ZDVhMTNhYjBiOTcJNDYzNDQ0ODMxCXk4dG9wCTAJNjMJNgkyCTE2NjkxMTc1ODgJMC4wMDA1NTgJTgkwCTEJODMwCTEyMDUJNDUxMjI4Mzc2CTkxLjkwLjQyLjE1NAkw HTTP/1.1 
Host: ww2.y8top.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.y8top.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         64.190.63.136
HTTP/1.1 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Tue, 22 Nov 2022 11:46:28 GMT
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Tue, 22 Nov 2022 11:46:28 GMT
location: http://xml.sedodna.com/click?i=cyz0UB9ZXTo_0
x-cache-miss-from: parking-5489797ddc-m2cmf
server: NginX


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   311
Md5:    8cfe6b6ca63e115994f02eb8f03fcc8d
Sha1:   32d00f1be6032de44fd069b98f9b81d1199f99e1
Sha256: 212fe3e0e29d0ea7727995b25fa448174cf18c90f9be66799301f529bdd2b45b
                                        
                                            GET /click?i=cyz0UB9ZXTo_0 HTTP/1.1 
Host: xml.sedodna.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.y8top.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         173.239.53.32
HTTP/1.1 302 Found
                                        
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://dipaka-ead.com/zcvisitor/4c97d327-6a5b-11ed-835e-0a94fbe45287/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=7be63530-572e-11ed-8dac-0a918cbcbb97
Pragma: no-cache

                                        
                                            GET /zcvisitor/4c97d327-6a5b-11ed-835e-0a94fbe45287/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=7be63530-572e-11ed-8dac-0a918cbcbb97 HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.y8top.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         3.208.247.235
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Tue, 22 Nov 2022 11:46:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: RNDvMGVb


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1110
Md5:    a24ff8df6a779fbb9d556c4e47ae7651
Sha1:   acd7c32c925a1509eb4389b51097570ee4ccd176
Sha256: 05127e1ad925c3f2a62ca28961e1296779804e78fcf87605debca1daecca3e0a
                                        
                                            GET /zcredirect?visitid=4c97d327-6a5b-11ed-835e-0a94fbe45287&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcvisitor/4c97d327-6a5b-11ed-835e-0a94fbe45287/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=7be63530-572e-11ed-8dac-0a918cbcbb97
Upgrade-Insecure-Requests: 1

search
                                         3.208.247.235
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Tue, 22 Nov 2022 11:46:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: PnlbHfgB


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (425)
Size:   936
Md5:    1c402380a0e3d837402e6233df02fa1f
Sha1:   b9166685d00974cc5d1548b6e7e78dd8ac0e886e
Sha256: 31227d155f8f3d947acb9f52486db6b85159e7c04f2c00f9a4cab6a4e32eaa2a
                                        
                                            GET /zp-redirect?target=https%3A%2F%2Fymdxv.palatlaldate.com%2Fc%2Fda57dc555e50572d%3Fs1%3D1018%26s2%3D1053729%26s3%3D719fbd40-273d-47b8-882f-683d1074b172%26click_id%3Dwn5s4vg936heeblk2m28kn84%26j1%3D1%26j2%3D1wn5s4vg936heeblk2m28kn84&caid=2031d5f5-d449-41b7-ba84-bd523a0078f3&zpid=4c97d327-6a5b-11ed-835e-0a94fbe45287&cid=wn5s4vg936heeblk2m28kn84&rt=R HTTP/1.1 
Host: cartining-specute.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dipaka-ead.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         18.197.36.77
HTTP/2 302 Found
                                        
server: nginx
date: Tue, 22 Nov 2022 11:46:29 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://ymdxv.palatlaldate.com/c/da57dc555e50572d?s1=1018&s2=1053729&s3=719fbd40-273d-47b8-882f-683d1074b172&click_id=wn5s4vg936heeblk2m28kn84&j1=1&j2=1wn5s4vg936heeblk2m28kn84
pragma: no-cache
set-cookie: cc-v4=y36qdpC50Sq0IKfbr01idA5ADsC%2F889bQzRtpOemEnZJ6lWLvKAUUSFlE%2BaofAofoq8IvuSMzJMgGs%2FNCRLcKJw2nv%2BwLB44sbtrAd8FQYVs56Uh%2BmzJGhhYbSCpkvaUvUePvluoLpz2jq2KVh3kYg%3D%3D; Max-Age=31536000; Expires=Wed, 22-Nov-2023 11:46:29 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcredirect?visitid=4c97d327-6a5b-11ed-835e-0a94fbe45287&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

search
                                         3.208.247.235
HTTP/1.1 404
Content-Type: text/html;charset=utf-8
                                        
Date: Tue, 22 Nov 2022 11:46:29 GMT
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: KEHfoJEi


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size:   653
Md5:    ba2732b1b2fa2626ffaa15f62f9e7d66
Sha1:   203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "751EE9759F4B7D5CF0355C97787092A3785EBC045CD883FD5F355FD5BEF5CCC6"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13468
Expires: Tue, 22 Nov 2022 15:30:58 GMT
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive

                                        
                                            GET /landings/277113/1668713596/css/popup.css?1668713596 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: 13fWGqCsmU8jmca1StoFNEyUNmCBhZ575kagqebvoWdRfpkG5+cPcszfGPPRvDv4Fy5hEOQs+To=
x-amz-request-id: 9YYEVN5ACQ354XMK
Last-Modified: Fri, 18 Nov 2022 14:51:44 GMT
ETag: "2e00ee9876f735c923694355afe61cd4"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 22 Nov 2022 11:46:30 GMT
Content-Length: 593
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   593
Md5:    9f82e6efd86daeb6f83add3e364356b6
Sha1:   0486a2cfb24ef9c92048934ad4033a04c18e7368
Sha256: 9ecb28f3218d360ef0eff18d3f79b74ab22a71207c38bcdcf97dfc688abcbc4d
                                        
                                            GET /landings/277113/1668713596/css/reviews.css?1668713596 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: /NLdVFBd17+NlT5kjcwUc4K87MF2uVspJLPx++MfRziKIHe4fcztpaNFkgHOotxNQkaCedmNtDg=
x-amz-request-id: 9YYAVGHWE4A8KCGJ
Last-Modified: Fri, 18 Nov 2022 14:51:44 GMT
ETag: "dbd69e46a842894b0b687f89ba8a3f8f"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 22 Nov 2022 11:46:30 GMT
Content-Length: 1145
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   1145
Md5:    0431bf5b930f2b6b80af8bfac3467afc
Sha1:   4f68a39e1937b9f57be200a6bb128aa0f236fdf8
Sha256: 79c5f928ffaaceee77e3e34a241dffd5100136d753fcb0140fc1134e1f39c5f9
                                        
                                            GET /landings/277113/1668713596/css/style.css?1668713596 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: JFqOenIIVAD/J14KBYfx3qPUSM4xutqnYEYH1rweg6fNyTOqAYeSgtDurz69TyiJqigW/PAP6xU=
x-amz-request-id: 9YY5F8TKKZW6AZ7J
Last-Modified: Fri, 18 Nov 2022 14:51:44 GMT
ETag: "19663951b45e36064ad91086e01f0052"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 22 Nov 2022 11:46:30 GMT
Content-Length: 2823
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   2823
Md5:    b6b27f595aa06cb5b65977756aaeb110
Sha1:   3b4b7e6d7b4c108d383770ce7d7f2fc0a882b9fb
Sha256: 310aebd5b707d254a7a0bdd03794949b2b41cb92da81a56208e65e76a459fc34
                                        
                                            GET /landings/277113/1668713596/css/timer.css?1668713596 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: lh6aGmXHShS5wD+YH+eGcLgEbxNNBsSFE3F50BAr084UklBVCNECGqR1E21GFCkQxKHGlZNVB2g=
x-amz-request-id: CJT5HZVZYKZGCA0W
Last-Modified: Fri, 18 Nov 2022 14:51:44 GMT
ETag: "9ec38af926ee0d5ce953930a92f3955b"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 22 Nov 2022 11:46:30 GMT
Content-Length: 706
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   706
Md5:    4c41cb67e8ba22c9dd2bb8077689991a
Sha1:   711413f121b71479e1578549b444fd3c37e0b938
Sha256: 7a8ad02cdec0e7e5e49112001431dcba243f148c35e4f1a722733ed400c02a06
                                        
                                            GET /landings/277113/1668713596/js/jquery.validate.min.js?1668713596 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: raV8IKMUvIEpEj6m3nqT6BbHNn8MhITI7Bk/kuUx7tFHbiZ3uUD49dniodi+V/H3fomoni8XHr8=
x-amz-request-id: CJT1AM9CPQ4DEKG0
Last-Modified: Fri, 18 Nov 2022 14:51:44 GMT
ETag: "23d73c6bd6cbea8f06d0cc227896a827"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 22 Nov 2022 11:46:30 GMT
Content-Length: 7815
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (24228)
Size:   7815
Md5:    f808399407c6ac496fe830d5deacb05f
Sha1:   151039ee8631ce8ff989c5cf795c2feba950a499
Sha256: 21e11160c5ba11e65a1c97b0306a9f5dec06c8fd3d4a7d69dd0a80e263577958
                                        
                                            GET /landings/277113/1668713596/js/jquery-2.2.4.min.js?1668713596 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: VwgV76jvNOhPPo/5++accKMPgMXnNGIApW0Ab8jIXWEcchnIBuqCOB3Mzr9eVZAxrzzNOjyK6Cw=
x-amz-request-id: CJT37CVX2VADEJ5D
Last-Modified: Fri, 18 Nov 2022 14:51:45 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 22 Nov 2022 11:46:30 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   29855
Md5:    2fa28552f1ee4e1382ee43930b53afb8
Sha1:   803670da6a35378bf4eb73acc8e72fe4feb5ca30
Sha256: ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494
                                        
                                            GET /landings/277113/1668713596/js/title_tanslate.js?1668713596 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: MJvlhWJOxkaQrb97UWkkumIGe1cJmMbcPLr2GGU6DNd1wqlY+R6eJybpZ2AMU+I0qWTvuRxcpOw=
x-amz-request-id: CJT9H2QQ1E9S61H2
Last-Modified: Fri, 18 Nov 2022 14:51:45 GMT
ETag: "5f373fa5bf21c44b9ad23b70ef96e73d"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 22 Nov 2022 11:46:30 GMT
Content-Length: 1298
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   1298
Md5:    0e212ad4454c941c45c2e57df42c2b4f
Sha1:   fe9d7c484c2c0d7a6475692ef984c53a06c95406
Sha256: e950a9e5e696f39d02028b27a4cd82fab1b6fd07fa34a238d3a3f7f5e90d95c3
                                        
                                            GET /landings/277113/1668713596/js/translates-review.js?1668713596 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: SLlUR+NtIbIwo8m0ETyJrL8/Oo8eZgbAQ6CHeXHeqTl85qOs1sS3M/OfmJpQixyvm1x13/1yOEE=
x-amz-request-id: CJTD5EWQMBM52MY7
Last-Modified: Fri, 18 Nov 2022 14:51:45 GMT
ETag: "9061bd0c6ff627d3a43a9e6c125350a7"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 22 Nov 2022 11:46:30 GMT
Content-Length: 14059
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   14059
Md5:    7e68f840e901ef970f740ce8219ceced
Sha1:   b6acb9f49a8fc69974bb3af8b94df3812f60850c
Sha256: 51370edca224a86fc7ed3ea85308c34f1527b62420f659594eaf90f46a8c6a9e
                                        
                                            GET /landings/277113/1668713596/js/timer.js?1668713596 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: yGuslB/epjqtLLGPWvKsvHID1YLaUDr8YtEThF5cTsCYTcqJmMZRqJaWDWxJYs4/hdO1NKBQHLc=
x-amz-request-id: CJTAZC25FKW629KJ
Last-Modified: Fri, 18 Nov 2022 14:51:45 GMT
ETag: "3350ef7fbc19030e06999dbb12a2c9b0"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 22 Nov 2022 11:46:30 GMT
Content-Length: 903
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   903
Md5:    24af8e8209962d30b5e6bb428d28489c
Sha1:   a00033869880cf83bc81fde7874242d838b59e34
Sha256: 52fe1029652b5a0576cdae96e8278900eb7eee3f81a1ae66ea88129aa6f3f924
                                        
                                            GET /landings/277113/1668713596/js/translates.js?1668713596 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: 1WCTqT3YH77l0olA0w5JtmBFHswRfvElt7Zf4SQyOxsKqfuAJAsg2R93nPsAF/UbgSofkRgWU+4=
x-amz-request-id: CJT7FWV1QVZ1CTTJ
Last-Modified: Fri, 18 Nov 2022 14:51:45 GMT
ETag: "b9627d60572ae478211faf00a5dbb72e"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 22 Nov 2022 11:46:30 GMT
Content-Length: 29792
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   29792
Md5:    8942f742642e48afd843395edc850387
Sha1:   5bb7401d364efee9e973b49c14e20a89b0067feb
Sha256: c7813b66c17adb4e7c356ef0fe6a215bd8f99ba562f5b0f6f37508debd5a1c80
                                        
                                            GET /landings/277113/1668713596/js/translate-popup-timer.js?1668713596 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: 4TPCAB/0jr2dgbV4Da8pAY2VpfO9D+OMZeFKBEqY45A52hnxwGgM4RvIaWSWQ9XOXbKLje6bBu8=
x-amz-request-id: CJT7017Q6FCGZP5J
Last-Modified: Fri, 18 Nov 2022 14:51:45 GMT
ETag: "e87a84612ebce6b2a84f41ef7f6d40b0"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 22 Nov 2022 11:46:30 GMT
Content-Length: 1080
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   1080
Md5:    b8caed488bbb08c2414fb1c79c9c8d35
Sha1:   8bda431010a9d7666cd6c2c15f9a3b7f81634ed8
Sha256: d72877ab0432583bfed248050bf32ad260c7b06c4e20a714d07ee65e7948ee0c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 22 Nov 2022 11:46:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /landings/277113/1668713596/images/blocked-icon.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: nXjumNCdKTDmievV86QCUozlOSK2bzfpsd8Km8si/vSQ4lXna5vVMJSDfZnEYpOv0ppe4RKtqZQ=
x-amz-request-id: 0WKT81W3XRG46X4E
Last-Modified: Fri, 18 Nov 2022 14:51:43 GMT
ETag: "87487ad255dde0624f59abb85602defc"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 502
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 23 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   502
Md5:    87487ad255dde0624f59abb85602defc
Sha1:   caafad17df41875bed690353ead6cc495a9bf8c2
Sha256: f7a4b3fb74b9e06f243f23ede51a801a0aa3fa2c0040bc44a49a97444780923d
                                        
                                            GET /landings/277113/1668713596/images/3-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: bEmLCFS8PYB0YVPGQkoA4xtZ0CmaWp/Mwapbjdu7heZO8qELN1afVmcC743iFaZPy/A/rU6jk+0=
x-amz-request-id: 60GZPRFDW004SVGB
Last-Modified: Fri, 18 Nov 2022 14:51:42 GMT
ETag: "d8f5f0299333c22c41ab084120961d49"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 15013
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   15013
Md5:    d8f5f0299333c22c41ab084120961d49
Sha1:   6c2d6cb9323765201658e9ba588d6e0d43d5df67
Sha256: a7bc234fdfee5b1fbd7558be17adc06905c4667dc6e93ad6b0783642a6b314fe
                                        
                                            GET /landings/277113/1668713596/images/logo_inst3.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: FHQM1WgIjsOOP8vB7xeB81bMc5pwGi1LT8sosnz9ZfDPRNkQeqNuEvUfKAxwiSthtZDMeW83M0g=
x-amz-request-id: VF8CPVR7W2MZFF1G
Last-Modified: Fri, 18 Nov 2022 14:51:44 GMT
ETag: "0025657d9d2274a15aed06a9eadd2ab2"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 7042
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (6173)
Size:   7042
Md5:    0025657d9d2274a15aed06a9eadd2ab2
Sha1:   2838a36bfaa63abfe8b9f4bca8f8fe1a7ab7405d
Sha256: d7b396cbae8aa719a1a277fa8fcf7df40f61b50e59b5937fcb347c679c6e990c
                                        
                                            GET /landings/277113/1668713596/images/110010_4.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: Wtyp0HFKYdUwwQkZJNiL6ntgg95E/0YX8EEFVtw8PWhO3+S0Z3qY6aMhqjk+B/F14pTlfjKqMgU=
x-amz-request-id: VF83NZ23DTQRQJHM
Last-Modified: Fri, 18 Nov 2022 14:51:44 GMT
ETag: "daf4cb58fb756b1ed20036941b7a6b72"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 55243
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 682x388, components 3\012- data
Size:   55243
Md5:    daf4cb58fb756b1ed20036941b7a6b72
Sha1:   f59a45cb83366de64071b3a35dfcb54aabbdcd9a
Sha256: 42b2fe5d347c3c56725d0addd7129d13ce335df871730534ecee42d2df3a637b
                                        
                                            GET /landings/277113/1668713596/images/unlock.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: EgdL9LMKYna5W4TBLuBagl36dUPOPz9xZmMmTVuTcFKe/oZSbO76hDUeSZ2P9tUW1eot7by9Zcw=
x-amz-request-id: VF8D5A154MEZTKE7
Last-Modified: Fri, 18 Nov 2022 14:51:44 GMT
ETag: "a732e1e06affb4575c050fdb0131e5ca"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 2378
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (944)
Size:   2378
Md5:    a732e1e06affb4575c050fdb0131e5ca
Sha1:   da4f4f204a4d22c7424274a91520e0ea993c48c7
Sha256: e17f481e5fe197e600ffe6cf53a94a4e49a73b6b817ff560cd92c3dd501d603f
                                        
                                            GET /landings/277113/1668713596/images/password.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: 9ZxRaVsI67ShI7uqDkTEfiI1XjdnaVK9Hhb0/fF7BlSVDitdw6QWa9P1/gUCa6d3ItzfxOgT8io=
x-amz-request-id: H0EWH3KVVWKW213V
Last-Modified: Fri, 18 Nov 2022 14:51:44 GMT
ETag: "f42aef7f97d4c9bdb074673081f38ac7"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1339
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (330)
Size:   1339
Md5:    f42aef7f97d4c9bdb074673081f38ac7
Sha1:   0231df782e371d139c826e091279acd9a07e691c
Sha256: 5fca7f589cd825e1f152e0a1677d6cbd0a3ee3ecde05905d572af87e8b453eac
                                        
                                            GET /landings/277113/1668713596/images/icon-city.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: OTo0bxX8ADPkWCeCQOXpasr7gYoJuPd/4005wYZKF1KbnQWY6e+dsf/aPYbFf6fh+a2jvzw/ImA=
x-amz-request-id: VF8B025PCPWVZFCW
Last-Modified: Fri, 18 Nov 2022 14:51:44 GMT
ETag: "cd4eb61df231131a053d0a4e680d22fa"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 839
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (735)
Size:   839
Md5:    cd4eb61df231131a053d0a4e680d22fa
Sha1:   ca5b873e0f24fb900b2740048506b7ab322a44fa
Sha256: d71e36a5403717ee163d4dfe676d92b5cf91a20b5112e0c8441fb891673ca6d5
                                        
                                            GET /landings/277113/1668713596/images/shield.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: PkMMRiNaoNwSrz9oeJanrJxuZuamdJ1irSrovGEDCZ19CX+MKNiDgeo24zcNoS8J1JQZdW72LK4=
x-amz-request-id: H0EMY6GG0Q2EJ746
Last-Modified: Fri, 18 Nov 2022 14:51:44 GMT
ETag: "0c7a0dfd64cf020cd8a6dc0c3df1dbdf"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1539
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (310)
Size:   1539
Md5:    0c7a0dfd64cf020cd8a6dc0c3df1dbdf
Sha1:   f705635388aebebae1223d828c38233067f28ab1
Sha256: 856fdb53067254df9495660a355e5ed91936803b567867f1053ce5fb97107888
                                        
                                            GET /landings/277113/1668713596/images/icon-message.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: p0fP9+s1GyUfrbOcxn2pDTSa0R4wSv7xKU9/pfBfoHaBPwNDgTULlefk/nlrn8uor619GUrdduk=
x-amz-request-id: 60GG5SNPC1XRCPJ1
Last-Modified: Fri, 18 Nov 2022 14:51:43 GMT
ETag: "8f91b2bbb14c2fac1a9be78688501512"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 883
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (779)
Size:   883
Md5:    8f91b2bbb14c2fac1a9be78688501512
Sha1:   631540540c371fe7074b5736dce68f10d76700f0
Sha256: 5b52df3b82f51d9330bf1b66b9683545368475ed5f25362c64feb438fb14bd4f
                                        
                                            GET /landings/277113/1668713596/images/5-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: 0OxD9NDazT71SzJ7fV5eL0Kxco19IPvOFHD2HL1CyKasoat4i/gF3raqlTFl9TjpaNOS6IGiGXI=
x-amz-request-id: 0WKPNPXZFQYQNBGS
Last-Modified: Fri, 18 Nov 2022 14:51:42 GMT
ETag: "08c6cea7e489f3caf50bfa02fcffc8d5"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 15153
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   15153
Md5:    08c6cea7e489f3caf50bfa02fcffc8d5
Sha1:   0cfe3d1447e01aaea5fc2fada138c1fa21a93c86
Sha256: 0d825e2c84a926c72864a619b1d587c3716a9043321fba9913db5d3c8e3e444a
                                        
                                            GET /landings/277113/1668713596/images/1-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: rVKJx4LF7k1UeMEM7FDRqob71UkVD0L8vCyBLNNSQAXqyDro5YT+B9vAyuLZdrqJjVK58kAWmAo=
x-amz-request-id: 60GX3P3XNDY2D8SK
Last-Modified: Fri, 18 Nov 2022 14:51:42 GMT
ETag: "0b2eb782c549d40b2bcb97934ab6f821"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 15567
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   15567
Md5:    0b2eb782c549d40b2bcb97934ab6f821
Sha1:   fb97adbc62515352937ab61093322449676dd0df
Sha256: 55e214ad65a4e7402c23c8a9f8f8d94ed849cdaf9925bc730d3f4ce27dba16d2
                                        
                                            GET /landings/277113/1668713596/images/icon-flag.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: 7FzMy6jGcxnOhd1EDD3F27Kwz3cFg3vAq2D16uPWbGgXAL1eqC+8gPLuV5r1EX1ZjO/juyu5psY=
x-amz-request-id: H0ENKFPFWZEP0DE5
Last-Modified: Fri, 18 Nov 2022 14:51:43 GMT
ETag: "5da118a4447db10c8aceb6cb0e69e89c"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 658
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (554)
Size:   658
Md5:    5da118a4447db10c8aceb6cb0e69e89c
Sha1:   343954956bcd542cdae0ee819584ee05f2b69d4c
Sha256: ab6ed8c891db0448668e8711a25e42cd27f6e4375fc3e780f041dd24f1544229
                                        
                                            GET /landings/277113/1668713596/images/icon-direct.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: 9wFFhthAhZeADqUQD3ARLZ6wC/RvYDRaZW6jpm8CW1vAoQQNmxkyha8Lts3bOop6oyM6Uo/w9As=
x-amz-request-id: H0EQP7G1WYFW438Q
Last-Modified: Fri, 18 Nov 2022 14:51:43 GMT
ETag: "9adf524396b45e89252717b159cfb95d"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1141
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1037)
Size:   1141
Md5:    9adf524396b45e89252717b159cfb95d
Sha1:   39a3a6bc588085fc604976c6bb4cfe42dfc8dc50
Sha256: e0705f46c1c0c8fd1c1d82f60925008491aa7a2b2ed0351fac96c76d5f2bf13d
                                        
                                            GET /landings/277113/1668713596/images/4-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: Z+pz+uqcVouChtkYZt+xukdaX4RPs5CuVh7L0rhXlp9ahQzYnZY7DsAfEc6N6ju847VAprXme+I=
x-amz-request-id: 60GZSPGTP26S7W7C
Last-Modified: Fri, 18 Nov 2022 14:51:42 GMT
ETag: "4031404ec6ab92ac12eea40f1a074794"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 16220
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   16220
Md5:    4031404ec6ab92ac12eea40f1a074794
Sha1:   21787edc4ce197faebbe7f14996dc00374a63c06
Sha256: 34eae0af9c07a88aa5002540d93c2b02a557199f5c73a15909aba6eb1f0bdd03
                                        
                                            GET /landings/277113/1668713596/images/icon-like2.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: U42NPLNCBKirOmrvRm+G+YfJfICUgKEmye+kIKSMW5T0m9RdxJcbdUrob8/q0AosLdB0ZTTg640=
x-amz-request-id: H0EY13SRC43R97Q2
Last-Modified: Fri, 18 Nov 2022 14:51:43 GMT
ETag: "a1d69d8f51567ce108bdd71df17be930"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 473
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (369)
Size:   473
Md5:    a1d69d8f51567ce108bdd71df17be930
Sha1:   ee47468e7ce8b6736092f038625b904a7735f0ee
Sha256: 9d56addf8e2312e9df672eb51ee9f4cf8081613ff05e3ff99cb0ec23bcde7d7f
                                        
                                            GET /landings/277113/1668713596/images/2-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: rexv9UySKPhhAqRJADREP99h8B1NqkxgBaVkXILjAU+n9ypAaUTUs2I4dJ3RAA65OxYlLXhJFHg=
x-amz-request-id: 60GVFT97VXBHXM44
Last-Modified: Fri, 18 Nov 2022 14:51:42 GMT
ETag: "8406e97c1968881d481cd55c66743204"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 14098
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   14098
Md5:    8406e97c1968881d481cd55c66743204
Sha1:   73f0e213341a617f9405726ca05af91c0b3f32fd
Sha256: c30bd722ab48311f023fc896cedf6032b03961b4395962dfa919284c5d2c9d33
                                        
                                            GET /landings/277113/1668713596/images/8-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: 8AIHhiTrzhFftXaSuhyCr5lxI1Lv+O8eB/Ig0lPZUasNkyHR671AsI/DkdphmXjwAWL//DcCqlw=
x-amz-request-id: 0WKQNKCRWD4SGDCV
Last-Modified: Fri, 18 Nov 2022 14:51:42 GMT
ETag: "ef40a69fcb961a0677eaf2e29b93aa3a"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 13479
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   13479
Md5:    ef40a69fcb961a0677eaf2e29b93aa3a
Sha1:   eb5624143cf58053ab45715cf155f92fc875aefc
Sha256: 4e54bd6e80377744a79017ba800639924466266601a06ca194aaeea290e086fa
                                        
                                            GET /landings/277113/1668713596/images/7-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: 2s36KfOz9R4LOctK3+o+zge32NuMDK4W0d0SjJ7/FpeaXseTUZaiHK3kb6rFBY4xtgDyJ5L/uxc=
x-amz-request-id: 0WKZBQP0QDA5NGQA
Last-Modified: Fri, 18 Nov 2022 14:51:42 GMT
ETag: "12ec30bbdbaf0895e9b0757dfa2db143"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 15653
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   15653
Md5:    12ec30bbdbaf0895e9b0757dfa2db143
Sha1:   3af93753793232dacc7b8d2383ded325965d7d65
Sha256: 89b5109517f86d9ed451390ef0d377979d75511a5d83e8ea5397cb33f5826dff
                                        
                                            GET /landings/277113/1668713596/images/6-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: bdQfVgZ0g53mP45lzhNlA3d5pOnMHEZJgYzLSSKOpmVz3Qns+aNz0QQAY3gAQvO0tY+e3cpabQ8=
x-amz-request-id: 0WKP65G7Y01Y7AW2
Last-Modified: Fri, 18 Nov 2022 14:51:42 GMT
ETag: "f424c0e5631daf23b07f1ecdcaf8f69c"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 14265
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   14265
Md5:    f424c0e5631daf23b07f1ecdcaf8f69c
Sha1:   30a7543a419fa3ffac589f53aee088af4ed767c5
Sha256: 4b82ecdaeda6d935e3dcf4ab5684d2393018ba6b604d63e9a52d6af976f069e8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 22 Nov 2022 11:46:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /landings/277113/1668713596/images/icon-home.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/277113/1668713596/css/style.css?1668713596
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: GvNMnnECh0blgmyQLn9RLy4039YRXqQjX/P2008LVU9rQIunID4cNUQ0wF/fNK2O6dwWELbLAN8=
x-amz-request-id: 32AMDGW4XHGHRK34
Last-Modified: Fri, 18 Nov 2022 14:51:43 GMT
ETag: "02866968d59a649b76df83c300d2d8f6"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 889
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (785)
Size:   889
Md5:    02866968d59a649b76df83c300d2d8f6
Sha1:   8293027c754094ab05cb7d6daa7f7cdb1be5c98e
Sha256: ce26e303b33d69ca20eb3079b4c37ed364eacb8c633260c56315d6db74414b74
                                        
                                            GET /landings/277113/1668713596/images/icon-search.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/277113/1668713596/css/style.css?1668713596
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: ng8anm9Rzx1UHSzgGMsSm0VaGLbnVCRHfoVFyFh87XNdDizrgoTDeqntlOicrJdVoimPzRfS0pM=
x-amz-request-id: 32AR4HZE6MF0SBZT
Last-Modified: Fri, 18 Nov 2022 14:51:43 GMT
ETag: "aa6ea58a389a3ebe541d5f9d622dedd7"
Accept-Ranges: bytes
Content-Length: 1189
Server: AmazonS3
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1085)
Size:   1189
Md5:    aa6ea58a389a3ebe541d5f9d622dedd7
Sha1:   9fb684b6f6cd982396bd8c8e745997c3a01dd6be
Sha256: 4aa4713ccd74ad24299b1558cb49061c90076e841b3b1177fb3b056a8448b4c5
                                        
                                            GET /landings/277113/1668713596/images/icon-plus.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/277113/1668713596/css/style.css?1668713596
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: z+p4IA3QHgcIj8b34Nnaou4z6ylHhZIobhNH/RTiFynKW5CvGHMNtRRmlIbz5cJdBmIl/AaDbJM=
x-amz-request-id: 32ASNSR93RRZET5K
Last-Modified: Fri, 18 Nov 2022 14:51:43 GMT
ETag: "f89e15ef5cf4b32ca987f73bd4a2ef9d"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1117
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (513)
Size:   1117
Md5:    f89e15ef5cf4b32ca987f73bd4a2ef9d
Sha1:   0f55d36995906b78bd98f23c7fdc67778212b7fc
Sha256: 7b023c50adbfe6554e1bf1986a12de8ba9e47c5d14a3e57318d117004ea6a641
                                        
                                            GET /landings/277113/1668713596/images/icon-like.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/277113/1668713596/css/style.css?1668713596
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: baqVdk81CWmKj8TQgq9beKikK7aFoWp8LNvrqHklhml9tPrDEIWHB6+OtaG6PEEdadFiae/igSw=
x-amz-request-id: 8WK731D8KG0AJVGJ
Last-Modified: Fri, 18 Nov 2022 14:51:43 GMT
ETag: "2457f6954df5056e25151bcdd05a2718"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 914
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (810)
Size:   914
Md5:    2457f6954df5056e25151bcdd05a2718
Sha1:   41ab46311796f9ade12cae960687a422ee8ff0a0
Sha256: c1a26e7a024fd0e566423b10e91c63854979ce89f3fe2625043dc52dfe20891b
                                        
                                            GET /landings/277113/1668713596/images/icon-user.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/277113/1668713596/css/style.css?1668713596
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: +eK/qKzAdsqHbtlUUEiu0AiKGN6pYmeZtciThwtSe8WtSIwpZF3t9rxMNnWF8Z27Pklr5H6Cddc=
x-amz-request-id: 32AV2F6S7S3NZPTP
Last-Modified: Fri, 18 Nov 2022 14:51:43 GMT
ETag: "00aa56c530f0df6ddbb8805f25376920"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 844
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (437)
Size:   844
Md5:    00aa56c530f0df6ddbb8805f25376920
Sha1:   2331bb67d5538e5fb2c010ef41541ce8dc8acfc1
Sha256: ed65348e7b16bbe9b436282214590814692d0fb779fc2155c82ca0d94fe5a94e
                                        
                                            GET /landings/277113/1668713596/images/shutterstock_1549109471_web_b.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/277113/1668713596/css/reviews.css?1668713596
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: OefkuUZqNQg4pCOrKBC+w7JYUvfVntzTStlEY3dlWUMw1ZSRk49GKC4nT6MyGxuECvFeOaDxO0w=
x-amz-request-id: 32APCA5BHEYHBNJT
Last-Modified: Fri, 18 Nov 2022 14:51:44 GMT
ETag: "9f4ed965bedfba73789bc5fd69d51ef5"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 86759
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 1920 x 1080, 4-bit colormap, non-interlaced\012- data
Size:   86759
Md5:    9f4ed965bedfba73789bc5fd69d51ef5
Sha1:   ad03f824892d08a7bf20f2314cfe815a425681e1
Sha256: a9805559cf56d84ce03f90c590433b357a68dd44a6ae9254920092c64d480ad6
                                        
                                            GET /landings/277113/1668713596/images/shutterstock_751200268_web_2.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/277113/1668713596/css/style.css?1668713596
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: i9PM+Qu/lGgnZoPIbF1p9z1A09xbJMX+YBqYDBkvlGnv8Ppq8ezi4AAVtLlK0BeyEfVz/BFT7f4=
x-amz-request-id: 32AS4G7HN4MK9A0B
Last-Modified: Fri, 18 Nov 2022 14:51:44 GMT
ETag: "0666da291b2e75b6dfcc14444d83ab13"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 94922
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 1920 x 1080, 4-bit colormap, non-interlaced\012- data
Size:   94922
Md5:    0666da291b2e75b6dfcc14444d83ab13
Sha1:   563a6c7c74f65f7fb4505cfc7c5f41b459e26cbe
Sha256: 2d5acbd7c7a2e91720c41c64b389b99377d415574911488db2540a5d7770ce09
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 22 Nov 2022 11:46:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 22 Nov 2022 11:46:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 22 Nov 2022 11:46:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css2?family=Inter:wght@400;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 22 Nov 2022 11:46:30 GMT
date: Tue, 22 Nov 2022 11:46:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   38512
Md5:    f6f3a02dffed39aaef74ad5c12f30e62
Sha1:   ff8d81dadf49b29afd0c07ec336e4938878762f0
Sha256: 735a8b67360774cbcaab59db28c8463df1495110ec46722d636215de62e3e05b
                                        
                                            GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ymdxv.palatlaldate.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17076
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 16:54:22 GMT
expires: Fri, 17 Nov 2023 16:54:22 GMT
cache-control: public, max-age=31536000
age: 413528
last-modified: Mon, 11 Jul 2022 21:07:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17076, version 1.0\012- data
Size:   17076
Md5:    e248902a9f045310063e7a14a46fd9ae
Sha1:   aec66565f555ee0ca4d39e584a1b484db127fa3b
Sha256: 262a1054100218e2efaa4b2e214e4fb8e920c5a30a53300b80145511df3de895
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 22 Nov 2022 11:46:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /landings/277113/1668713596/images/favicon.png?t=20221122114630 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: 0HLO6ClvqgirI7cKbE2fbj6D8+fVkV2JWdyv4ua6WCY4D5sOANAh3HNCxRGlY6nohLeCmaB6EAs=
x-amz-request-id: V38RQKVH76Z57G20
Last-Modified: Fri, 18 Nov 2022 14:51:44 GMT
ETag: "40a54c3ecf143b64096b063ff793fdbb"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 4093
Date: Tue, 22 Nov 2022 11:46:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   4093
Md5:    40a54c3ecf143b64096b063ff793fdbb
Sha1:   017eafffc5e55226a2aec0dd3c03f1b6130a6bab
Sha256: 39b439471019cb16f819e05166d23492593310fd55cce8471062d8f2dc5de423
                                        
                                            GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:29:53 GMT
expires: Tue, 21 Nov 2023 18:29:53 GMT
cache-control: public, max-age=31536000
age: 62197
last-modified: Thu, 10 May 2018 20:35:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35547)
Size:   10017
Md5:    fa9987a23f5a9d865766e952511baa30
Sha1:   f2e620b99ee61a01671ba6a9e22ca75d58a1b52d
Sha256: 655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7
                                        
                                            GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 18:32:45 GMT
expires: Thu, 16 Nov 2023 18:32:45 GMT
cache-control: public, max-age=31536000
age: 494025
last-modified: Thu, 10 May 2018 20:35:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25088)
Size:   8604
Md5:    73069e532b7039778d3a7128c997c61a
Sha1:   c523bbf1ac7f4e612c8ade75434c42fbca885adc
Sha256: b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 22 Nov 2022 11:46:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/pushjs/1.0.0/utils.js HTTP/1.1 
Host: ymdxv.palatlaldate.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/c/da57dc555e50572d?s1=1018&s2=1053729&s3=719fbd40-273d-47b8-882f-683d1074b172&s5=backuser&click_id=wn5s4vg936heeblk2m28kn84&iexpp=1&j1=1&j2=1wn5s4vg936heeblk2m28kn84
Cookie: unique_id=637cb696000bf327; unique_id2=637bef8a00013229; 637bef8a00013229_c=1; ref_token=1018; 637bef8a00013229_sl=[277113]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 22 Nov 2022 11:46:30 GMT
expires: Tue, 29 Nov 2022 11:46:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /landings/277113/1668713596/images/4.mp4 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.107
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
                                        
x-amz-id-2: FY8MQy6GUFOMkcvm+vHP4ihAKfuf/3PZ5Q8qgZKJYdmzAENlDjD9MA8WnJjr/sESY1XYhjnhdQU=
x-amz-request-id: H0EK31XCFMPQ6JFC
Last-Modified: Fri, 18 Nov 2022 14:51:43 GMT
ETag: "7be5f3025f66769e720214f2fd221905"
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 22 Nov 2022 11:46:30 GMT
Content-Range: bytes 0-1264919/1264920
Content-Length: 1264920
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
                                        
                                            GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1 
Host: ymdxv.palatlaldate.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ymdxv.palatlaldate.com/c/da57dc555e50572d?s1=1018&s2=1053729&s3=719fbd40-273d-47b8-882f-683d1074b172&s5=backuser&click_id=wn5s4vg936heeblk2m28kn84&iexpp=1&j1=1&j2=1wn5s4vg936heeblk2m28kn84
Cookie: unique_id=637cb696000bf327; unique_id2=637bef8a00013229; 637bef8a00013229_c=1; ref_token=1018; 637bef8a00013229_sl=[277113]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 22 Nov 2022 11:46:30 GMT
expires: Tue, 29 Nov 2022 11:46:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/service-worker.js HTTP/1.1 
Host: ymdxv.palatlaldate.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: unique_id=637cb696000bf327; unique_id2=637bef8a00013229; 637bef8a00013229_c=1; ref_token=1018; 637bef8a00013229_sl=[277113]
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 22 Nov 2022 11:46:30 GMT
expires: Tue, 29 Nov 2022 11:46:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c/da57dc555e50572d?s1=1018&s2=1053729&s3=719fbd40-273d-47b8-882f-683d1074b172&click_id=wn5s4vg936heeblk2m28kn84&j1=1&j2=1wn5s4vg936heeblk2m28kn84 HTTP/1.1 
Host: ymdxv.palatlaldate.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dipaka-ead.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Tue, 22 Nov 2022 11:46:30 GMT
set-cookie: unique_id=637cb696000bf327; Path=/; Expires=Sat, 21 Jan 2023 11:46:30 GMT; Secure; SameSite=None unique_id2=637bef8a00013229; Path=/; Expires=Mon, 20 Feb 2023 11:46:30 GMT; Secure; SameSite=None 637bef8a00013229_c=1; Path=/; Expires=Mon, 20 Feb 2023 11:46:30 GMT; Secure; SameSite=None ref_token=1018; Path=/; Expires=Thu, 22 Dec 2022 11:46:30 GMT; Secure; SameSite=None impression=; Path=/; Expires=Tue, 22 Nov 2022 11:46:30 GMT; Secure; SameSite=None 637bef8a00013229_sl=[277113]; Path=/; Expires=Tue, 06 Dec 2022 11:46:30 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---